TY - GEN
T1 - Regular
T2 - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017
AU - Dunn, Daniel D.
AU - Mitchell, Samuel A.
AU - Sajjad, Imran
AU - Gerdes, Ryan M.
AU - Sharma, Rajnikant
AU - Li, Ming
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/8/30
Y1 - 2017/8/30
N2 - We show that a stream of automated vehicles traveling along the highway can be destabilized to catastrophic effect through modification of the control laws of individual vehicles. Specifically, one active attacker who introduces errors, in addition to one or many passive attackers who amplify the error, may, by the modification of a single parameter, induce oscillatory traffic jams that cause delay, driver discomfort, excess energy expenditure, and increased risk of accidents that could result in serious injury or death. We determine the conditions under which an attacker(s) is able to violate the primary design criterion of automated vehicle streams, known as string stability, to guarantee system instability. Furthermore, we prove that once the stream has been destabilized it will continually deviate from the desired state, even in the absence of additional input to the system-i.e. the jammed condition will self-perpetuate. Through a comparison with a behavioral human driver model, this work demonstrates that automated vehicle systems are more vulnerable to disruption than their non-automated counterparts. The postulated attack is demonstrated on a scaled system and identification of attackers is discussed.
AB - We show that a stream of automated vehicles traveling along the highway can be destabilized to catastrophic effect through modification of the control laws of individual vehicles. Specifically, one active attacker who introduces errors, in addition to one or many passive attackers who amplify the error, may, by the modification of a single parameter, induce oscillatory traffic jams that cause delay, driver discomfort, excess energy expenditure, and increased risk of accidents that could result in serious injury or death. We determine the conditions under which an attacker(s) is able to violate the primary design criterion of automated vehicle streams, known as string stability, to guarantee system instability. Furthermore, we prove that once the stream has been destabilized it will continually deviate from the desired state, even in the absence of additional input to the system-i.e. the jammed condition will self-perpetuate. Through a comparison with a behavioral human driver model, this work demonstrates that automated vehicle systems are more vulnerable to disruption than their non-automated counterparts. The postulated attack is demonstrated on a scaled system and identification of attackers is discussed.
UR - http://www.scopus.com/inward/record.url?scp=85031700573&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85031700573&partnerID=8YFLogxK
U2 - 10.1109/DSN.2017.61
DO - 10.1109/DSN.2017.61
M3 - Conference contribution
AN - SCOPUS:85031700573
T3 - Proceedings - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017
SP - 499
EP - 510
BT - Proceedings - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 26 June 2017 through 29 June 2017
ER -