IT security giant McAfee’s has successfully tricked an autonomous vehicle to accelerate up to 85 MPH in a 35 MPH zone using just two inches of electrical tape.
The McAfee Advanced Threat Research (ATR) team and McAfee Advanced Analytic Team (AAT) partnered to explore how artificial intelligence can be manipulated through research known by the analytics community as adversarial machine learning or, as McAfee calls it, ‘model hacking‘.
McAfee ATR successfully created a black-box targeted attack on the MobilEye EyeQ3 camera system, utilised today in many vehicles including certain Tesla models. Through this attack, McAfee researchers were able to cause a Tesla model S implementing Hardware pack 1 to autonomously speed up to 85 mph, after manipulating the AI technology to misclassify a speed limit sign that read 35 mph.
McAfee says the implications of this research are significant, because:
- By 2023, worldwide net additions of vehicles equipped with autonomous driving capabilities will reach 745,705 units, up from 137,129 units in 2018, according to Gartner.
- However, there is more discussion and awareness needed about the potential pitfalls and safety concerns associated with such rapid acceleration in this technology.
- Given this projected growth, it’s a rare and critical opportunity for the cybersecurity industry and automobile manufacturers to be ahead of adversaries in understanding how AI/machine learning models can be exploited in order to develop safer next-gen technologies.
Mo Cashman, Principle Engineer at McAfee, said: “The automotive and cybersecurity industries will need to work together closely to design, develop, and deploy the right security solutions to mitigate threats both before they occur and after they happen. Unlike automotive safety, cybersecurity is not probabilistic. Threats come from a variety of sources, including intentionally malicious and unintentionally malignant. As a result, processes must be put in place to mitigate these cyber threats over the entire lifecycle of the product, from early design decisions through manufacturing to operation and decommissioning.
“With new systems come new attack surfaces and vectors – all of which should lead to new risk management considerations. Manufacturers must recognise this and take the appropriate measures for cyber resilience. Key actions range from conducting rigorous checks to using security tools to distinguish real threats from ‘noise’. Manufacturers must also ensure connections are secured from the cloud through to the vehicle endpoint, minimising vulnerabilities which hackers could use for their own gain.
“No matter the state of the threat landscape today, best practices for automotive security are an evolution and amalgamation of both product safety and computer security. By collaborating with the cybersecurity industry, the automotive and manufacturing sectors can research, develop, and enhance products, services, and best practices for a more secure driving experience.”
McAfee’s Top Tips for manufacturers:
- Conduct rigorous checks. There are times when a product functions in a way developers/engineers didn’t expect it to perform, as evidenced by McAfee’s research. Perform rigorous checks and validations, considering new scenarios and edge cases that could be introduced in real-world use that perhaps the technology wasn’t specifically designed to handle. Additionally, McAfee encourages auto manufacturers to assess model hacking in systems.
- Human-Machine teaming. Adversaries are human, continuously introducing new techniques. Machine learning can be used to automate the discovery of new attack methods; creative problem solving and the unique intellect of the security team strengthen the response.
- Apply multiple analytic techniques and closely monitor changes. Protection methods include multiple techniques, for example noise addition, distillation, feature squeezing, etc. In addition, implement statistically-based thresholds and closely monitor false positives and false negatives, paying attention to the reason for the change.
- Take a ‘one enterprise’ and systems approach to security and risk management. Many organisations still operate in silo and this needs to change. Threats enter from multiple routes. As a result, increased collaboration and achieving one unified view across the manufacturer’s digital workplace, cloud services, industrial controls and supply chain are necessary considerations if a manufacturer is to maintain a strong cybersecurity posture as it develops autonomous vehicles.
- Build a strong culture of security. For manufacturers, safety is often a strategic pillar of the business. Signs are posted highlighting accident-free days and senior leaders are champions of the programme. Bring that same focus to cybersecurity.