Security experts have succeeded in manipulating multiple Tesla cars into accelerating by up to 50 miles per hour. They fooled the car’s MobilEye EyeQ3 camera system by ingeniously altering the speed limit sign on the road in a manner that drivers would seldom notice. That demonstration from McAfee’s cybersecurity firm is the latest indication that extensive machine learning may wreck autonomous driving systems. Thus, it may cause a security challenge for those aiming to commercialize the technology. MobilEye EyeQ3 camera systems collect speed limit signs and feed the information into autonomous driving features, as explained by Shivangee Trivedi and Steve Povolny from McAfee’s Advanced Threat Research team. The team stuck a tiny and almost hardly noticeable sticker on a speed limit sign. The camera reads the sign as 85 instead of 35. Both the 2016 Model S and 2016 Tesla Model X sped up 50 miles per hour. This test is the latest in an increasing amount of research revealing how machine learning systems can be compromised and fooled in life-threatening situations.
The Attacks
Last year, researchers tricked a Tesla vehicle into veering into the wrong lane in traffic by placing stickers on the road. That adversarial attack was meant to manipulate the car’s machine learning algorithms. Povolny said: The McAfee research finding was sent to Tesla and MobilEye EyeQ3 last year. Tesla did not comment, but Mobileye said that it does not consider tricking the camera as an attack in spite of the role that the camera plays in Tesla’s cruise control and autonomous driving. Tesla has moved to proprietary cameras for its newer models, while MobilEye EyeQ3 has released updated versions of the camera not susceptible to the exact attack.