研究简介
随着人工智能技术的快速发展,高级辅助驾驶相关技术正在汽车领域逐步落地,高级辅助驾驶相关安全也吸引了大众的广泛关注。
腾讯科恩实验室作为国际一流的前沿安全研究团队,也对高级辅助驾驶安全技术保持着高度关注。在2018年Black Hat USA大会上,科恩实验室发表相关议题,面向全球首次公布了针对特斯拉Autopilot[1]系统的远程无接触攻击(相关攻击链已经被特斯拉修复)[2]。
在后续的高级辅助驾驶安全研究中,科恩实验室重点关注在视觉AI模型对抗研究、Autopilot系统架构与网络安全等方面。以特斯拉Model S(软件版本2018.6.1)为对象,针对其搭载的Autopilot系统进行安全研究,科恩实验室取得了以下三个研究成果。
成果介绍
成果一、雨刷的视觉识别缺陷
特斯拉Autopilot系统借助图像识别技术,通过识别外部天气状况实现自动雨刷功能。科恩实验室通过研究发现,利用AI对抗样本生成技术生成特定图像并进行干扰时,该系统输出了“错误”的识别结果,导致车辆雨刷启动。
成果二、车道的视觉识别缺陷
特斯拉Autopilot系统通过识别道路交通标线,实现对车道的识别和辅助控制。科恩实验室通过研究发现,在路面部署干扰信息后,可导致车辆经过时对车道线做出错误判断,致使车辆驶入反向车道。
成果三、遥控器操控车辆行驶
利用已知漏洞在特斯拉Model S(版本2018.6.1)获取Autopilot控制权之后,科恩实验室通过实验证明,即使Autopilot系统没有被车主主动开启,也可以利用Autopilot功能实现通过游戏手柄对车辆行驶方向进行操控。
成果展示
对于此次研究的成果展示,请参考下方视频,或点击此处播放视频。
技术研究白皮书
对于此次研究的技术细节,可以通过访问以下链接获取: Experimental Security Research of Tesla Autopilot.pdf
特斯拉对本次研究成果的回应
特斯拉关于科恩实验室“雨刷的视觉识别缺陷”(成果一)的反馈:
“This research was demonstrated by displaying an image on a TV that was placed directly in front of the windshield of a car. This is not a real-world situation that drivers would face, nor is it a safety or security issue. Additionally, as we state in our Owners’ Manual, the ‘Auto setting [for our windshield wipers] is currently in BETA.’ A customer can also elect to use the manual windshield wiper setting at any time.”
特斯拉关于科恩实验室“车道的视觉识别缺陷”(成果二)的反馈:
“In this demonstration the researchers adjusted the physical environment (e.g. placing tape on the road) around the vehicle to make the car behave differently when Autopilot is in use. This is not a real-world concern given that a driver can easily override Autopilot at any time by using the steering wheel or brakes and should be prepared to do so at all times.”
特斯拉关于科恩实验室“遥控器操控车辆行驶”(成果三)的反馈:
“The primary vulnerability addressed in this report was fixed by Tesla through a robust security update in 2017, followed by another comprehensive security update in 2018, both of which we released before this group reported this research to us. In the many years that we have had cars on the road, we have never seen a single customer ever affected by any of the research in this report.”
腾讯科恩实验室介绍
腾讯科恩实验室作为腾讯集团云与智慧产业事业群旗下一支国际一流的信息安全团队,技术实力和研究成果处于国际领先水平。近年来,更是在IoT安全[3]、网联汽车与自动驾驶安全[4,5,6]、云计算和虚拟化技术安全等领域取得突破性成果。随着更多新技术进入产业互联网,腾讯科恩实验室继续保持领先的前沿技术研究能力,同时向智能网联汽车、安卓应用生态、IoT等行业开放核心技术能力和行业解决方案。护航各行业数字化变革,守护全网用户的信息安全是腾讯科恩实验室的使命。
[1] https://www.tesla.com/autopilot
[2] https://www.blackhat.com/us-18/briefings/schedule/#over-the-air-how-we-remotely-compromised-the-gateway-bcm-and-autopilot-ecus-of-tesla-cars-10806
[3] https://keenlab.tencent.com/zh/2017/04/01/remote-attack-on-mi-ninebot/
[4] https://keenlab.tencent.com/en/2016/09/19/Keen-Security-Lab-of-Tencent-Car-Hacking-Research-Remote-Attack-to-Tesla-Cars/
[5] https://keenlab.tencent.com/en/2017/07/27/New-Car-Hacking-Research-2017-Remote-Attack-Tesla-Motors-Again/
[6] https://keenlab.tencent.com/zh/2018/05/22/New-CarHacking-Research-by-KeenLab-Experimental-Security-Assessment-of-BMW-Cars/