Paper Info
Title
Cyber-Physical Inconsistency Vulnerability Identification for Safety Checks in Robotic Vehicles
Abstract
We propose a new type of vulnerability for Robotic Vehicles (RVs), called Cyber-Physical Inconsistency. These vulnerabilities target safety checks in RVs (e.g., crash detection). They can be exploited by setting up malicious environment conditions such as placing an obstacle with a certain weight and a certain angle in the RV's trajectory. Once exploited, the safety checks may fail to report real physical accidents or report false alarms (while the RV is still operating normally). Both situations could lead to life-threatening consequences. The root cause of such vulnerabilities is that existing safety checks are mostly using simple range checks implemented in general-purpose programming languages, which are incapable of describing the complex and delicate physical world. We develop a novel technique that requires the interplay of program analysis, vehicle modeling, and search-based testing to identify such vulnerabilities. Our experiment on 4 real-world control software and 8 vehicles including quadrotors, rover, and fixed-wing airplane has discovered 10 real vulnerabilities. Our technique does not have false positives as it only reports when an exploit can be generated.
Year
DOI
Venue
2020
10.1145/3372297.3417249
CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security Virtual Event USA November, 2020
DocType
ISBN
Citations 
Conference
978-1-4503-7089-9
1
PageRank 
References 
Authors
0.35
0
5
Name
Order
Citations
PageRank
Hongjun Choi1274.87
Sayali Kate210.35
Yousra Aafer326413.36
Xiangyu Zhang42857151.00
Dongyan Xu53158212.56