IEEE Spectrum reports that multi-thousand-dollar laser ranging (lidar) systems that most self-driving cars rely on to sense obstacles can be hacked by a setup costing just $60, according to a security researcher.
“I can take echoes of a fake car and put them at any location I want,” says Jonathan Petit, Principal Scientist at Security Innovation, a software security company. “And I can do the same with a pedestrian or a wall.” Using such a system, attackers could trick a self-driving car into thinking something is directly ahead of it, thus forcing it to slow down. Or they could overwhelm it with so many spurious signals that the car would not move at all for fear of hitting phantom obstacles.
The lidar laser pulses were not encoded or encrypted, which allowed him to simply replay them at a later point. “The only tricky part was to be synchronized, to fire the signal back at the lidar at the right time,” Petit says. “Then the lidar thought that there was clearly an object there.”