CAREER: Secure Perception for Autonomous Systems

Abstract: Today's automobiles are increasingly autonomous. The latest Mercedes S-class sedan applies corrective action when its driver strays out of lane or tailgates too closely. Semi-autonomy will soon yield to full autonomy. Nissan has promised a line of self-driving cars by 2020. Maritime craft are likewise moving from rudimentary autopilots to full autonomy, and autonomous aerial vehicles will doubtless play a significant role in the future economy. Current versions of these vehicles are cocooned in an array of sensors, but neither the sensors nor the timing, navigation, and collision avoidance algorithms they feed have been designed for security against malicious attacks. Radar and acoustic sensors transmit predictable, uncoded signals; vehicle-to-vehicle communication protocols are either unauthenticated or critically dependent on insecure civil GPS signals (or both); and vehicle state estimators are designed for robustness but not security. These vulnerabilities are not merely conceptual: GPS spoofing attacks have been demonstrated against a drone and an ocean vessel, causing the drone to crash and the vessel to veer off course; likewise, it appears possible to cause road accidents by fooling a car's radar sensor into thinking a crash is imminent, thus triggering automatic braking. This proposal seeks funding to fix these vulnerabilities by developing sensors and high-level decision-making algorithms that are hardened against such so-called field attacks. The goal of secure control systems is to survive and operate safely despite sensor measurements or control commands being compromised. This proposal focuses on an emergent category of cyber-physical attack that has seen little scrutiny in the secure control literature. Like cyber attacks, these attacks are hard to detect and can be executed from a distance, but unlike cyber attacks, they are effective even against control systems whose software, data, and communications networks are secure, and so can be considered a more menacing long-term threat. These are attacks on the physical fields such as electromagnetic, magnetic, acoustic, etc. measured by system sensors. As specialized sensor attacks, field attacks seek to compromise a system's perception of reality non-invasively from without, not from within. We emphasize field attacks against navigation, collision avoidance, and synchronization sensors, as these are of special importance to the rise of autonomous vehicles and the smart grid. This proposal's goal is to develop a coherent analytical foundation for secure perception in the presence of field attacks and to develop a suite of algorithms and tools to detect such attacks. A key insight behind this proposal's approach is that the physics of field attacks impose fundamental difficulties on the attacker that can be exploited and magnified to enable attack detection. This work will progressively build security into navigation, collision avoidance, and timing perception from the physical sensory layer to the top-level state estimation algorithms. The outcome of this work will be smarter, more skeptical sensor systems for autonomous vehicles and other autonomous systems.