Do driverless cars already have serious security holes?
Security researchers try to get autonomous car makers to focus on safety at every speed.
You may like the idea of hopping in a car or bus without a driver and getting a smooth ride to work or school—you can already do it in Washington, D.C., Switzerland, Singapore and Finland, among other places.
But you may not like the idea of a malicious hacker playing with your driverless car like a remote-controlled toy, making you a victim in a real-life car crash video game.
A security researcher says security flaws in driverless car technology could potentially allow the bad guys to change what your car “sees.”
If your car thinks it sees a wall in front of it, for example, it might swerve off a road or bridge and into a lake, according to Daniel Lance, also a consultant with Archer Security Group, the parent company of Archer News.
Lance said he analyzed the technology for a LIDAR [light detection and ranging] sensor, one of the technologies that helps an autonomous car move without crashing.
He said the LIDAR sensors he analyzed, made by California-based Velodyne, do not send their data encrypted—in other words, scrambled to protect it from malicious hackers. They also do not authenticate the data, he said, meaning they do not check to make sure that the signals are coming from the right place.
As a result, attackers could potentially change the data and re-direct your car into danger, according to Lance.
“The concern is life safety,” said Lance. “Are they using it in such a way that it could harm someone?”
Lying to the LIDAR
How serious is it? It depends on who you talk to.
“If the information can be intercepted and altered, vehicle control becomes scary,” said Cameron Camp, security researcher with cybersecurity company ESET. “Think of a jet airline getting the wrong navigational information and landing somewhere it isn’t supposed to.”
“If a sensor is malfunctioning or if it’s outright tricked to believe something that doesn’t exist due to a hack, the vehicle could deviate out of the lane in traffic and possibly off of the road and into an object or another vehicle,” said John Rosanbalm, vehicle products specialist for Conklin Company, Inc.
Encrypting data from a LIDAR sensor could help prevent that, according to Lance.
Ford autonomous test vehicle with Velodyne LIDAR units on roof. Photo credit: Steve Jurvetson.
Lance contacted ICS-CERT, the Industrial Control Systems Cyber Emergency Response Team, to notify them of the problem, and contact the sensor maker. The maker, he believed, could plug the security hole.
“It is a big issue that telemetry is sent unencrypted,” Lance said. “We believe they should be concerned, as a false flag on the network could be a significant hazard to the users of their products.”
ICS-CERT—a national organization that helps manufacturers fix security bugs—contacted Velodyne, but came back with disappointing news for Lance.
“We have passed the report on to Velodyne. Their response is that they do not consider the issue to be a security vulnerability with their product,” ICS-CERT wrote in an e-mail. “They are unwilling to work with us to address what they do not see as a problem.”
“There’s a good chance they don’t fully appreciate how large of an issue security issues like this can be,” Lance said.
Archer News contacted Velodyne with questions—why doesn’t Velodyne encrypt the LIDAR data, and why doesn’t the company consider it to be a security issue?
Velodyne did not address the questions, but instead sent a statement:
“Velodyne takes security very seriously, and as such is working very closely with the top technology leaders at market-leading transportation and mobility companies. We have a confidential product roadmap of continuous development that has been well-received by market leaders.”
Not my problem
ICS-CERT provided more insight into Velodyne’s stance on the LIDAR data.
“They think that it is up to their users to secure the network where the sensor is installed to protect these signals,” ICS-CERT said.
In other words, the car makers who use Velodyne’s LIDAR sensors are in charge of protecting that data and making sure hijackers don’t take over.
This worried Lance, who said car makers may not be aware of the potential security weakness of Velodyne’s LIDAR. He reviewed the entire Velodyne website, but saw no warning that customers needed to take security precautions with the sensors, he said.
“They need to properly present the problem to their customers so they are aware of the security issue and can take proper action to securely implement the device on their network,” said Lance.
He added that car makers could have a difficult time securing the signals without more help from Velodyne.
“The end user lacks the ability to secure the device properly,” Lance said.
Velodyne’s customer list includes big names, like Ford, which just announced it is going to produce driverless cars for ride-sharing companies by 2021.
Does Ford know about the potentially vulnerable LIDAR data? Is the company taking steps to protect it in its autonomous cars?
Archer News asked Ford for answers.
A Ford spokesperson responded by e-mail. “Unfortunately, we have a lot of folks out this week so don’t have anything to share,” she said. Weeks later, Ford still has not answered the questions, despite repeated contacts and requests for information.
Another customer, U.S. military contractor Robotic Research in Maryland, is working on autonomous vehicles that carry soldiers to medical appointments at Fort Bragg, reported Robotics Tomorrow.
“Velodyne LiDAR has become the de facto standard for autonomous vehicles, and we’re delighted to participate in programs with Robotic Research,” said David Oroshnik of Velodyne, according to the article. “The Army’s requirements are exacting, and we look forward to helping advance the state of the art for autonomous shuttles.”
Does the contractor know that the LIDAR signals are not sent encrypted, and is that a safety concern?
We asked, but Robotic Research did not answer multiple phone calls and e-mails from Archer News.
Autonomous buses are already on the roads in Switzerland, made by a company called NAVYA and using Velodyne LIDAR sensors.
NAVYA also did not respond.
One customer did answer questions about LIDAR security.
The driverless 3-D printed Olli minibus by Local Motors ferries people on the streets of the nation’s capital, using Velodyne LIDAR and other sensors to guide itself through traffic.
Local Motors’ Adam Kress said the company is working on its security plan, and will look at whether it should encrypt the Olli’s LIDAR signals.
“We plan to devise a thorough cybersecurity plan through co-creation later this year,” Kress said. “We will assess encrypted LIDAR versus other software validation of signals. Today, encrypted LIDAR isn’t a huge concern due to our operational limits/boundaries. We operate in slow controlled applications.”
Daniel Lance demonstrates how LIDAR data can be manipulated.
Archer News checked in with the recently-formed Automotive Security Review Board, a national group designed to gather information about car security for car makers.
Board president Steve Grobman, also the chief technology officer at Intel Security, said the issue is not black and white.
He said adding encryption adds cost and complexity, and there may be other ways to deal with the problem, rather than encrypt data for every sensor in a self-driving car. What’s important, he said, is the overall security architecture of the car.
“I think the unfortunate part of the technology is that it is immensely complex,” Grobman said. “There’s hundreds of millions of lines of code. There’s hundreds of thousands of components. There’s a wide range of technologies in play, and there isn’t simply a litmus test—‘if you can check the five boxes, you’re secure.'”
If encrypting LIDAR is not the answer, why aren’t companies like Velodyne and Ford willing to talk about the issue?
“The auto industry is terrified right now,” said security researcher Marc Rogers, who hacked a Tesla Model S and notified the company of the vulnerability. “There have been some pretty scary hacks that have happened. There are a lot of companies getting sued at the moment.”
Researchers have already shown they can hack different cars, including the Jeep Cherokee, the Chevrolet Corvette, the Nissan Leaf, and the Mitsubishi Outlander, as well as car key systems and even the dealerships themselves. The FBI has warned that car hacking is a real risk.
Rogers said every part of a car’s network should be encrypted.
“With no one building security into their components, it’s no wonder that cars have security problems,” Rogers said. “The car companies as a whole need to do something to increase security.”
Rogers said some automotive companies are beginning to pay attention to security, but it could be years before that security shows up in your self-driving car, or the autonomous bus, taxi or Uber you’re about to board.
“Car companies are never fast to move,” he said. “For design to come to fruition and result in secure cars, you’re still looking at four to five years.”
The driverless car you’re riding in can have other vulnerabilities, too, said Craig Smith, author of The Car Hacker’s Handbook and CEO of Theia Labs.
For example, attackers can jam the LIDAR signals, so even if they are encrypted, they won’t get through, he said.
Smith said most driverless cars rely on other sensors as well as LIDAR, and typically tests a car to see what happens if one or more of the sensors goes down.
“A common approach to self-driving vehicles when there are significant faults detected is to come to a stop until a human verifies the problem and either resets the system or takes over manually,” he said.
Still, he sees value in encrypting the LIDAR signals.
“It helps ensure the response you are receiving is actually from you,” Smith told Archer News. “It’s not the highest thing on the list, but if you can do it within a normal timing threshold, then it would be an extra level of protection. It’s a defense-in-depth strategy.”
Keeping your car secure could make the price of the car go up.
“It’s going to cost more,” said Lance.
The car makers should not only encrypt LIDAR signals, he said, but also do authentication—a “secret handshake,” where the computer makes sure the signal sent is coming from the right place.
“They will need beefier processors,” Lance said,
Benefit vs. risk
The Automotive Security Review Board is starting the process of bringing together security research and creating a baseline of knowledge about car security, Grobman said.
But he added, with a connected vehicle, there will always be risk.
“It’s more about limiting the risk than assuming it can be completely removed,” he said.
Driving now is risky, Grobman said, and driverless cars could prevent thousands of accidents caused by human error.
“There are people killed every year by air bags, but there are more people whose lives are saved,” he said. “The net benefit of autonomous vehicles will be greater for society even though there is risk.”
Killer air bags?
Air bags save more lives than they take. But what if you found out car makers could do more to keep air bags from killing you, but aren’t doing it?
Some say car makers need to do more to make sure the risk of hacking crashes and deaths is much lower.
“The car companies as a whole need to do something to increase security,” said Rogers.
“My concern is, if you have an expectation for a sensor system to have a specific functionality and it doesn’t function that way when you need it to due to a hack, will your response time be quick enough to avert an accident?” asked Rosanbalm.
“The average person should hope the whole system becomes more secure, including all of the sensors, LIDAR or otherwise,” said Camp.