Hacking Car Anti-collision Systems, August 28, 2016

A group of researchers presenting at this month’s Def Con hacker conference showed how they were able to trick Tesla's sophisticated anti-collision sensors to make a car hit an object it would normally detect in its path.

Before we start on the cars – you went to Def Con this year Mike – how was it?

So let’s get to the cars now – who did this research?

The group consisted of Chen Yan, a PhD student at Zhejiang University, Jianhao Liu, a senior security consultant at Qihoo 360, and Wenyuan Xu, a professor at Zhejiang University and The University of South Carolina.

So can you give a quicker overview of what they did?

They discovered methods for "quieting" sensors to diminish or hide obstacles in a car's path, "spoofing" them to make an object appear farther or closer than it actually is, and jamming, which, Yan said, renders the sensor useless as it's "overwhelmed by noise."

Could this be done now? I mean, if someone is driving a Tesla or any other car with this kind of sensor technology, should they be concerned?

It's important to note that the demonstration was a proof-of-concept that did not mimic real-world conditions today. Researchers were working on cars that were usually stationary with what was sometimes very expensive equipment. They noted that the "sky wasn't falling."

But the experiment suggests that theoretically, a few years from now, somebody could make a device that could jam certain sensors in a nearby car.

Can you talk about these sensors a little more?

There are a number of sensors on a Tesla Model S that are used for a variety of functions. It has radar to detect objects in front of it, GPS for location tracking, and cameras to detect speed limit signs and lane markings, for example. As the talk showed, many of these things can be tricked by a determined attacker.

Is it just Tesla people need to be concerned about?

Much of their presentation focused on the Tesla Model S, but they also successfully jammed sensors on cars from Audi, Volkswagen, and Ford.

So what kinds of systems were they jamming?

Cars with ultrasonic sensors

Cars with parking assistance

The Tesla Model S with self-parking and summon

Let’s talk a little more about what they were able to demonstrate.

In a video demonstrating an attack, the researchers jammed sensors in the rear of the Model S, so the car did not know it was about to hit a person standing behind it. In another, they "spoofed" its Autopilot to trick it into thinking it would drive into something that was not actually there.

You mentioned they talked about using lasers – can you give any details?

They also used off-the-shelf lasers to defeat the onboard cameras, and, in one of the most low-tech demonstrations, they wrapped objects up in cheap black foam that rendered them invisible to the car's sensors.

What kind of feedback did they get from the manufacturers?

Yan said after the talk that Tesla reacted positively when they disclosed their research, and it was researching ways to mitigate these types of attacks. "They appreciated our work and are looking into this issue," he said.

So, in summary what are the auto makers concerned about after this presentation?

• Realistic issues of automotive sensor security
• Big threat to autonomous vehicles (present and future)
• Attacks on ultrasonic sensors
• Attacks on Millimeter Wave (MMW) Radars
• Attacks on cameras
• Attacks on self-driving cars

Where can people get the full Deaf Con presentation?

It's available at Def Con’s website https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Liu-Yan-Xu-Can-You-Trust-Autonomous-Vehicles.pdf

Reference: http://www.businessinsider.com/defcon-tesla-jamming-spoofing-autopilot-2016-8