黑客略施小计可让特斯拉自动驾驶进入错误车道
特斯拉试验车
腾讯科恩实验室(Tencent Keen Security Lab)的研究人员发布了一份报告,详细描述如何成功对特斯拉(Tesla)的固件进行了攻击,包括远程控制方向盘,以及对自动驾驶系统autopilot进行攻击,让车辆迷惑,从而驶进了反向车道。
科恩实验室配图.png
Elite hackers from China have found a way to trick a Tesla Model S into going into the wrong lane by strategically placing some simple stickers on the road.
Keen Labs, widely regarded as one of the most technically ingenious cybersecurity research groups in the world, developed two kinds of attack to mess with the Tesla autopilot’s lane-recognition tech.
Keen labs是腾讯的科恩实验室(Tencent Keen Security Lab)。
科恩实验室
具体黑客们是怎么攻击的呢?
Keen labs的研究人员一共发现了三处问题(潜在的风险吧算是)。
1. Auto-wipers Vision Recognition Flaw
自动雨刷在视觉识别上的一个小错误。
Neural Network behind the Tesla Autopilot Auto-wipers
因为自动雨刷控制器背后是用一套神经网络系统训练出来的,因此研究人员可以通过巧妙设计对抗样本来达到干扰识别器的效果。噢噢噢噢,AI is risky!
Tesla Autopilot can identify the wet weather through image recognition technology, and then turn on the wipers if necessary. Based on our research, with an adversarial example craftily generated in the physical world, the system will be interfered and return an “improper” result, then turn on the wipers.
2. Lane Recognition Flaw
车道识别错误。
这个可能这是要命。研究人员攻击了特斯拉自动驾驶系统autopilot的车道检测系统。通过在车道标记上增加干扰,能够欺骗自动驾驶系统,让其完全无法检测车道,但是,研究人员在车道标记上应用的干扰措施,对于人类来说,很容易就可发现。
Tesla Autopilot recognizes lanes and assists control by identifying road traffic markings. Based on the research, we proved that by placing interference stickers on the road, the Autopilot system will capture these information and make an abnormal judgement, which causes the vehicle to enter into the reverse lane.
具体做法可能很简单哦。 就是在路面上贴“小贴纸”(stickers),让“车道”攻击生效,欺骗自动驾驶系统,让车辆进入了反向车道。而且即使目标车辆是在无雪、无灰尘或是无其他干扰情况的白天运行,此攻击方法仍然奏效。
3. Control Steering System with a Gamepad
这个更狠,Keen lab的伙计们宣称可以通过一个无线gamepad,入侵Autopilot系统进而控制Tesla Model S(ver 2018.6.1)的转向系统(steering system)。
有没有觉得恐怖??!!
好吧,万幸是被善良的黑客们发现了,漏洞已经被Tesla修补。
Feedback from Tesla
Tesla’s feedback on Autowipers:
“This research was demonstrated by displaying an image on a TV that was placed directly in front of the windshield of a car. This is not a real-world situation that drivers would face, nor is it a safety or security issue. Additionally, as we state in our Owners’Manual, the ‘Auto setting [for our windshield wipers] is currently in BETA.’ A customer can also elect to use the manual windshield wiper setting at any time.”
。。不是现实世界情形,而且目前是BETA版。。。【好嘴硬1】
Tesla’s feedback on Lane Recognition:
“In this demonstration the researchers adjusted the physical environment (e.g. placing tape on the road or altering lane lines) around the vehicle to make the car behave differently when Autopilot is in use. This is not a real-world concern given that a driver can easily override Autopilot at any time by using the steering wheel or brakes and should be prepared to do so at all times.”
。。。。 不是现实世界情形,而且驾驶员可以很容易的接管Autopilot,通过动方向盘或者刹车。。。。【好嘴硬2】
Tesla’s feedback for the “Control Steering System with a Gamepad” Research:
“The primary vulnerability addressed in this report was fixed by Tesla through a robust security update in 2017, followed by another comprehensive security update in 2018, both of which we released before this group reported this research to us. In the many years that we have had cars on the road, we have never seen a single customer ever affected by any of the research in this report.”
。。。。这个本报告中提到的主要的严重的问题,已经在2017,2018两个安全升级中fix掉。而且这么多年,我们路上跑那么多车,还没见到过一个受此影响的个案。。。。【好嘴硬3】
科恩报告原文地址:Experimental Security Research of Tesla Autopilot
最后,还是要赞一下腾讯的Keen Lab。
