Autonomous Vehicles: Not Ready Yet

Much more R&D and real-world testing is needed to reach safe and secure L4/L5 technology.


The swirl of activity around L4 and L5 vehicles has yet to result in a successful demonstration of an autonomous vehicle that can navigate the streets of a city or highway without incident, and there is a growing body of real-world data showing that much work still needs to be done.

Robo-taxi trials in big cities such as San Francisco, Los Angeles, and soon San Diego, are proving that autonomous vehicles are a monumental work in progress. After a Cruise robo-taxi collided with a fire truck in San Francisco several months ago, Fire Department Chief Jeanine Nicholson observed that robo-taxis are not ready for prime time. These vehicles have been known to block firehouse driveways and enter areas that are marked off with yellow police tape. In March 2023, a Cruise robo-taxi rear ended a San Francisco Muni bus. In a public statement, Cruise CEO Kyle Vogt explained the problem was caused by the Cruise software making a wrong prediction. Then, last month, a Cruise robo-taxi hit a pedestrian in downtown San Francisco, which proved to be the final straw. The California Department of Motor Vehicles (DMV) suspended Cruise’s robo-taxi operations in California due to “unreasonable risk to public safety.”

Cruise is hardly alone, however. Waymo’s vehicle collision record is even worse than Cruise’s, according to a report by the San Francisco Standard.

Much needs to be ironed from a safety standpoint before L4 and L5 vehicles are allowed to roam the streets unattended. That includes cybersecurity, which in L4/L5 vehicles is also a safety threat. Hackers have long targeted the automotive segment. Honda, Nissan, and Renault were hit by ransomware attacks in recent years, while Tesla and Toyota (Australia) were able to fend off cyberattack attempts, according to a report from Israel-based Otorio.

Cyberattacks can be very costly, which provides a strong incentive to prevent them from happening. Depending on the type of attack, in some cases the total damage for automakers could result in up to $1 billion per incident.

“Connected vehicles have a high potential for attacks, including assaults on services based on cloud, OTA updates, V2X, and EV charging,” said Sven Kopacz, autonomous vehicle section manager at Keysight. “Vulnerabilities can occur throughout a vehicle. Targets could involve systems and devices for anything from comfort and infotainment to safety, powertrain, and electrical. Hackers have a better chance of avoiding detection when using remote access, such as wireless interfaces like Bluetooth, Wi-Fi, and cellular. Hackers can deactivate certain components, interfere with components, or take control of the entire system via attacks on the internal car communication network (CAN, Automotive Ethernet), even if they are unaware of specialized Electronic Control Unit (ECU) software.”

For L4/L5 vehicles, the advanced driver assistance system (ADAS) is the key autonomous driving technology, and as autonomous vehicles (AVs) move from L3 to L4/L5, ADAS design system complexity will increase significantly. For example, ADAS designs will need to see what is in front of them and to understand what they are seeing in the context of their environments.

The importance of ADAS
The ultimate objective of autonomous driving is to use the ADAS to perform all the necessary functions normally done by human drivers. Some of these functions include driving directions using GPS, object detection including pedestrians and other obstacles, safe lane changing, traffic sign and vehicle recognition, acceleration and deceleration (adaptive cruise control) with automatic emergency braking, and automatic turning with signals.

At a high level, ADAS consists of sensors, processors, and actuators. Processors can include one or more ECUs that process the signals coming from various sensors, such as cameras, lidar, radar, and ultrasonic sensors, and control the actuator to perform the appropriate functions. For example, when sensors detect a large object on the freeway, the ADAS will activate the emergency braking system to quickly slow down the vehicle. Likewise, when sensors detect another vehicle cutting into the same lane without warning, the ADAS either will slow down or quickly and safely change lanes to avoid a possible collision.

Fig. 1: Three primary elements in ADAS systems. Source: Siemens EDA

If the ADAS performs flawlessly, together with other technologies such as V2X and/or 5G, the vehicles will drive far more safely than humans do. However, what continues to be challenging is the possibility of undetected ADAS flaws and vulnerabilities to cyberattacks.

“As the automotive industry moves towards higher ADAS levels, vehicle complexity increases at an unprecedented pace,” said Adiel Bahrouch, director of business development for Security IP at Rambus. “The ever-increasing number of ADAS sensors requires more sophisticated algorithms, more powerful processors, and millions of lines of code to process the collected raw data and generate intelligence that can convert this into informed decisions.”

Those sensors generate high volumes of raw data, which is then fused together by powerful processors to generate an accurate digital version of the environment.

“The ADAS system is expected to make decisions in a robust, reliable, and fast manner,” said Bahrouch. “However, complexity is the enemy of security, and any system is only as strong as the weakest link. Establishing a secure end-to-end ADAS system and data processing patch from the sensing module to the actuators is increasingly critical. Manipulating the sensing input and sensing platform is low-hanging fruit for an attacker to impact the integrity data or the availability of data, and therefore fool the ADAS system. Think of injecting additional data into the sensing module, disturbing the generated data, or bypassing the sensor and feeding the system with false data. These are examples that could lead to inappropriate intelligence and incorrect decisions, triggering false positives, false negatives, and therefore false perception and interpretation that could put drivers and pedestrians in danger.”

ADAS vulnerability and protection
Cyberattacks are unpredictable and come in many different forms, and while it is important to protect ADAS designs, it’s critical to not lose sight that hackers also can come through the back door.

“The first attack will be one that aims to reverse-engineer the inner workings of ADAS and how it processes inputs from sensors and sends control messages to drive the car,” said Dan Walters, senior principal microelectronics solution lead at MITRE. “This initial attack will likely involve extracting firmware and accessing debug ports to monitor the system and experiment with control messaging. Oftentimes, these types of attacks are overlooked because they involve hands-on access to the hardware, and it’s hard to see how that can directly result in a real-world attack. This is exactly what happened around 10 years ago when UCSD (University of California at San Diego) and UW (University of Washington) first reverse-engineered internal control messages within an automobile (2010), and the very next year extended that hands-on attack to one that could be executed remotely.”

Fig. 2: Hackers are able to attack vehicles remotely using various wireless technologies. Source: Siemens

“With a connected vehicle, attacks can be carried out remotely, and a whole fleet can be attacked at once,” said Lee Harrison, product director, Tessent Division at Siemens EDA. “Shared software raises the overall risk factor for attacks of this nature. In the past decade, the number of cyberattacks on cars has significantly increased, with more than 2.8 million attacks committed by vehicle enterprises and related enterprises since 2020. Attacks include hacking various safety-critical systems, mostly related to ADAS or components controlled by ADAS. Hackers have disabled brakes, stopped engines, and switched off headlights, all of which put human lives at severe risk.”

And because SoCs are the building blocks for ADAS, it’s imperative that they are secure. That will be a fundamental underpinning of eliminating the human driver. “To make it happen requires reliable hardware and software technology. That in turn, enables trust,” said Tony Alvarez, executive vice president of Infineon‘s Automotive Division, in a recent presentation. “Reliable technology and trust is what’s required to make autonomous driving, and that really can only be done with three things — best-in-class automotive quality, a functional-safety culture mindset that really encompasses the entire system, and proactive cybersecurity solutions that provide a secure framework. Autonomy needs connectivity, which drives higher security, which enables automation. And semiconductors are really at the foundation here.”

This is easier said than done. “Vulnerabilities exist at every level, from the underlying semiconductor IP through sub-systems, SoCs, hardware abstraction layers, software OSes through middleware, and actual ADAS applications with user interactions,” said Frank Schirrmeister, vice president of solutions and business development at Arteris. Typically, the interfaces between disciplines and components — like hardware and software, SoC and memory — are especially vulnerable.

Prevention starts at entry points
Today’s vehicles rely on software to control many different parts of the vehicle, including the headlights. In fact, thieves have been able to steal vehicles by accessing the headlight wires. And using a CAN injector, hackers can bypass the security systems, unlock the vehicles, and damage the ADAS.

“Unless the attackers are looking for something very specific, they will take a very general approach,” said Chris Clark, senior manager, automotive software and security at Synopsys. “How do I find an entry point into the system? If an attacker only has remote access to the vehicle, it would be a pretty challenging task in and of itself. If I have physical access to a vehicle, that makes it a little bit easier. The attackers need to figure out what is relevant within that vehicle and how to work around the protection mechanisms that the OEM or Tier One has put in place to protect the ECUs and the sensors.”

It really comes down to how difficult the OEMs and the Tier Ones make it for the attackers to get information. “The attackers then have to find additional entry points, or discover new entry points,” Clark said. “What we need to focus on as an organization, from an OEM’s perspective, is how to raise the bar and make sure those attackers have to work so hard that they are not interested in targeting the organization or vehicles.”

Keysight’s Kopacz also recommends that developers focus on rigorous security engineering and securing entry points to build a good defense strategy. “In addition, they will need to implement an effective cybersecurity policy and process (CSMS, UN R155/156). Threats can be reduced by keeping track of all recognized risks, making sure the correct mitigations are in place, and by complying to certification requirements.”

In most cases, attacks follow a path of least resistance. “Each hacker group usually has different goals or targets for their operation, so there isn’t a one-size-fits-all answer,” said Amol Borkar, director of product management, marketing, and business development for Tensilica Vision and AI DSPs at Cadence. “However, under the assumption of connected vehicles and vehicles accessing some network constantly, one of the easier approaches would be a DoS or DDoS attack on V2X network infrastructure. This can temporarily disrupt services to a host connected network. And if many vehicles are connected to this network, these vehicles may have a sudden loss of service, as a result of which they may abruptly stop or pull over due to a network or system failure. A similar incident happened in the aviation industry where Delta Airlines had to ground its entire aviation fleet in 2017 and 2018 due to a system outage.”

There also is a general assumption in security circles that no security system is bulletproof forever. “‘Not hackable’ is a high bar and probably not realistic,” MITRE’s Walters said. “Instead, I’d look at how to be resilient to compromise. This is easier said than done, but there are many industry best practices for secure system design that can be leveraged here. Practices like penetration testing, defense-in-depth, and zero trust design can and should all be applied.”

There is a wide range of threats that need to be considered. “You cannot approach this problem with a traditional cybersecurity mindset,” Walters said. “For example, the numerous sensors that are relied on by ADAS are all part of the attack surface. Defenders need to consider attacks on those sensors.”

These requirements include:

  • Secure boot — Hardware monitoring technology can be used to check if a prescribed boot sequence has been executed as expected, ensuring that both the hardware and software are as intended.
  • Attestation — Similar to secure boot, functional monitoring can be used to generate dynamic signatures. The signatures represent either a hard or soft configuration of a specific IP or IC, confirming the accuracy of the expected hardware and its configuration. This approach can be used to provide either a single identity token or a system-wide collection of tokens. Also, a system-based unique signature can be used to ensure that the correct software build of an over-the-air update is applied.
  • Secure access — For all systems it is critical that communication channels in and out of the device are secure and, in many cases, configurable based on different levels of required access.
  • Asset protection — Active functional monitoring can be a critical part of any in-depth defense strategy within the dynamic cyber threat landscape. By implementing detailed threat analysis and placement of functional monitors within the device, it’s possible to provide extremely low latency threat detection and mitigation.
  • Device lifecycle management — It’s critical that all automotive ICs are able to monitor the health of the device throughout its active lifecycle, from manufacturing through to decommissioning. Functional monitoring and sensors play a significant part in monitoring a device’s health over its lifecycle. In some cases, active feedback can even help extend an IC’s active life by making dynamic adjustments to external aspects where possible.

“Like any other field, defense in depth and multi-layered security is a cybersecurity core pillar to protect the vehicle E/E architecture and the data processed and communicated between ADAS systems,” said Rambus’ Bahrouch. “It goes hand-in-hand with the security-by-design principle, where every design layer contributes protection and passes security capabilities to the subsequent layers for a more robust overall security posture of the vehicle. This starts with a secure hardware foundation with a minimum set of security capabilities — such as secure storage, secure boot, and secure processing integrated into secure SoCs of smart edge sensors — which communicate through secure communication channels to secure domain controllers and HPCs for processing data. This eventually communicates with the infrastructure, cloud and other vehicles through secure gateways and telematics control units.”

Increasing ADAS safety
Designing ADAS to achieve a high level of safety is becoming more challenging because it has to perform all the critical functions reliably in an unpredictable environment. Performing the right tests, simulations, and validation for both SoCs and at the device level is critical.

“Today, developers consider the operational design domain (ODD), defining the operating conditions for automated systems to design verification and validation strategies,” said Arteris’ Schirrmeister. “Like with the tests for SoCs verification, users will look for ‘coverage’ the tests achieve within the ODD. Outside the ODD, human-tech hybrid control will be required for quite some time.”

For validation, developers will need to consider the entire attack surface, from the component, system, and vehicle levels.

“Continuous vulnerability testing throughout the whole development phase and the entire lifecycle of the vehicle’s systems and components will help eliminate vulnerabilities,” said Keysight’s Kopacz. “By using an efficient procedure, a high level of automation, and regular regression testing, developers can ensure effective testing with high coverage. Modeling the environment with a digital twin also can provide visibility into how a network will respond during a cyberattack.”

A common way to achieve safety is to test the design virtually over millions of miles, but some of this also can be achieved using robots. Simulations are commonly used by OEMs to test ADAS in the AV systems. At some point, however, OEMs will need to perform road tests of the final prototypes. And because the design is still in the test phase, there may be unexpected problems or errors in the design. That makes it risky for human test drivers.

A swarming method uses a combination of technologies, including V2V and vehicle-to-service communications to perform these real-time, on-the-road tests with robots. The design from the stimulation software can be downloaded to the swarming software.

The actual testing consists of a host vehicle with the ADAS under test and sensors installed. Multiple target vehicles equipped with automation technology following a pre-planned path are created to test the worst-case scenario. The test software guides the target vehicles around the host vehicle in a pre-defined path to stress test and validate the ADAS system in development. This method is accurate and is repeatable, which is not always the case with human drivers. Additionally, robots do not have to deal with the human fatigue factor, and they can help shorten the overall test time.

Fig. 3: A swarming method using a combination of technologies including V2V and vehicle-to-service communications can perform these real-time, on-the-road tests with robots. Source: ASI Robots

The future
While L4/L5 autonomous vehicles rely on safe and secure ADAS, that technology is not limited to autonomous passenger vehicles and truck applications. It also can be used for other types of transportation, including trains, unmanned aerial vehicles (UAV), and underwater vehicles (UWV).

“We always talk about automotive ADAS, but I also foresee railways benefiting from the work the automotive segment is doing as a future innovation of this key segment, which is not as sophisticated as automotive is today when it comes to sensors and software,” said Amit Kumar, director of product management and marketing for Tensilica Vision, radar and lidar DSPs at Cadence. “Applications like autonomous rail shuttles, track inspection cars, self-driving railway freight cars, hybrid passenger rails, and even perception systems for modern trains tied with GNSS are some key areas where this could improve safety. For example, an Amtrak derailment in 2018 was due to speeding. The train was going 78mph in a 30mph zone when the lead locomotive jumped off the tracks where the rail track curves. If the train was fitted with a perception system that could read speed signs along with GPS data — a speed detection system perhaps which is a combination of vision sensor, angular sensors in wheels, and GPS data — the train could have slowed down by itself even though the lead engineer might have overlooked this sign.”

Finally, while today’s L3 AVs can perform most of the basic driving functions, including autonomous parking, more R&D will be needed for the technology to move toward L4/L5. Many new capabilities are needed, including detection of the environment of the vehicles rather than just the proximity of nearby objects. Additionally, the ADAS needs to be able to decipher real signs from other look-alikes. Better speed control is needed to prevent collisions with other vehicles or hitting pedestrians and other objects, and more advanced AI prediction capability is required to avoid the kinds of problems that have surfaced with robo-taxis. And while much of this may seem obvious, these are both requirements and a constant challenge for successful L4/L5 driving.

Related Reading
Designing Crash-Proof Autonomous Vehicles
A lack of supervision and regulation is allowing unnecessary accidents with AVs. More strenuous processes are needed.
How Many Sensors For Autonomous Driving?
Sensor technologies are still evolving, and capabilities are being debated.
Confusion Grows Over Sensor Fusion In Autos
Multiple approaches are being explored for multiple data types, but it’s still too early to say which is best — or whether any of them will shorten time to market for autonomous vehicles.
Gearing Up For Level 4 Vehicles
Autonomy will likely come in different stages of L3+. What’s missing, and which technology and business challenges need to be solved.

Leave a Reply

(Note: This name will be displayed publicly)