Southwest Research Institute (SwRI) recently developed a cybersecurity system to test the flaws in autonomous vehicles which use GPS for navigation. It aims to improve the flexibility of autonomous cars by evaluating the system responses to manipulated GPS signals.
Hackers make use of GPS spoofing, a form of cyberattack, to transmit false signals to manipulate the GPS receivers of the autonomous vehicle. The new tool is designed to conform to the US federal regulations since over-the-air re-transmission of GPS signals without authorization is prohibited by the federal law.
The spoofing test by SwRI includes placing a physical component in line with the GPS antenna of the autonomous vehicle, while a ground station remotely controls the GPS signal. The actual signal from the on-vehicle antenna is sent to the system, which processes it and places a spoofing signal with it before transmitting it to the GPS receiver on the vehicle. Consequently, the attacker gets complete control over the GPS signal and can manipulate it at their leisure.
The test was conducted on an automated vehicle on a test track. Using GPS spoofing, the test engineers succeeded in changing the course of the car by several meters, causing it to go off the road. The GPS spoofing can also be used to turn the vehicle before or after the actual turn. Most autonomous vehicles use a combination of sensors such as LIDAR, camera, and machine vision for positioning and timing; however, GPS forms the basis for many of the positioning systems. Hence, it is necessary that manufacturers consider the flaw when designing and developing new vehicles.
SwRI delivers cybersecurity solutions on the internet of things (IoT) and embedded systems. Its main objective is to provide robust solutions to prevent cyber threats on autonomous vehicles. The new system used for the evaluation of GPS positioning in autonomous vehicles was developed through SwRI’s internal research program.