Autonomous Driving (AD) & Connected Vehicle (CV) Systems Security

Research Updates:

Note: the list below is NOT the most up-to-date. See the page tabs above (each tab is a different project) for the latest additions.

Transportation systems and automobiles today will be soon transformed profoundly due to the recent advances in Autonomous Driving (AD) and Connected Vehicle (CV) technology. To secure such safety-critical systems, my research is currently studying security problems in both AD and CV systems. 

Autonomous Driving (AD) Systems Security

Autonomous Driving (AD) technology is also under active development these days. To enable autonomous driving, all the vehicle subsystems including critical control systems such as brake and acceleration are now controlled by software, making software quality, especially reliability and security, a concern that is more critical than ever. Due to the fact that (1) such control is managed by a complex distributed systems involving tens of microcontrollers, and (2) software development in in-vehicle systems is commonly outsourced to third-party sources, it is especially challenging to secure the software stack in such systems.

To tackle this challenge, we plant to leverage our past research experience in software security to systematically discover, analyze, and solving security problems in AD systems. Our research currently focuses on three aspects: (1) Automated software security analysis framework using static and dynamic program analysis techniques, (2) Access control system security in AD systems, especially that for peripheral devices such as GPS, radar, camera and Lidar, and (3) Machine learning security in AD systems, by analyze the robustness of the domain-specific machine learning usage in D systems under malicious input. 

Connected Vehicle (CV) Systems Security

Orthogonal to the AD technology, CV-based transportation system connects vehicles and infrastructure through wireless communication, and has the potential to leverage such connectivity to significantly improve mobility (e.g., 20% reduction in total travel time), safety (e.g., 90% reduction of vehicle crash), and also sustainability. In September 2016, the USDOT (U.S. Department of Transportation) launched the CV Pilot Program as a national effort to deploy, test, and operationalize a series of CV-based transportation systems. The current CV Pilot Program sites include New York City (NYC), Wyoming (WY), and Tampa, FL (THEA).

While having a great potential, such dramatically increased connectivity also opens a new door for cyber attacks. To ensure the security of vehicles and transportation infrastructure and the safety of drivers and pedestrians, it is highly important to understand potential security problems so that they can be proactively addressed before nationwide deployment.

Motivated by this pressing need, we initiate the first comprehensive effort to address the security challenges with systematic analysis and defense solution design. Our research currently focuses on two perspectives: (1) CV application security, by analyzing the security of the released USDOT-sponsored CV-based transportation system and application prototypes, and (2) CV communication security, by analyzing the security of the CV network protocol stack design and implementations on CV devices. The analysis insights are expected to help develop practical defenses at both the infrastructure and vehicle sides. We’ve already started to build defense systems leveraging insights from current analysis results, e.g., designing effective data spoofing detection mechanisms leveraging infrastructure-controlled data sources.


Qi Alfred Chen, Assistant Professor, CS, University of California, Irvine