BeQuiet Jubiläum Banner 970x90
Breaking News

Razer unveils the Viper Mini Signature Edition – a magnesium alloy gaming masterpiece CORSAIR Launches New VENGEANCE a8100 and i8100 Gaming PCs and New Component Products for PC Builders Sonos and Amazon to expand access to voice control with Alexa on Sonos devices Samsung announces new S23/Plus/Ultra series and New Galaxy Book3 Ultra PS5 Beta Introduces Discord Voice Chat, VRR support for 1440p, and more

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Cyber Security Firm Claims That Tesla Cars Are Vulnerable to GPS Spoofing Attacks

Cyber Security Firm Claims That Tesla Cars Are Vulnerable to GPS Spoofing Attacks

Enterprise & IT Jun 22,2019 0

An Israeli firm called Regulus Cyber claims that spoofing attacks on the Tesla GNSS (GPS) receiver could be carried out wirelessly and remotely, and that they managed to interfere with a Model 3's autopilot system.

According to the firm, during a test drive using Tesla's Navigate on Autopilot feature, "a staged attack caused the car to suddenly slow down and unexpectedly veer off the main road."

The Regulus Cyber researchers found that spoofing attacks on the Tesla GNSS (GPS) receiver could "easily be carried out wirelessly and remotely," exploiting security vulnerabilities in mission-critical telematics, sensor fusion, and navigation capabilities.

Tesla's Enhanced Autopilot platform is meant to make following the route to a destination easier, which includes suggesting and making lane changes and taking interchange exits, all with driver supervision. While it initially required drivers to confirm lane changes using the turn signals before the car moved into an adjacent lane, current versions of Navigate on Autopilot allow drivers to waive the confirmation requirement if they choose, meaning the car can activate the turn signal and start turning on its own.

The Regulus Cyber test began with the car driving normally and the autopilot navigation feature activated, maintaining a constant speed and position in the middle of the lane. "Although the car was three miles away from the planned exit when the spoofing attack began, the car reacted as if the exit was just 500 feet away—abruptly slowing down, activating the right turn signal, and making a sharp turn off the main road. The driver immediately took manual control but couldn't stop the car from leaving the road," the company says.

The testing also revealed a link between the car's navigation and air suspension systems. This resulted in the height of the car changing unexpectedly while moving because the suspension system "thought" it was driving through various locations during the test, either on smooth roadways, when the car was lowered for greater aerodynamics, or "off-road" streets, which would activate the car elevating its undercarriage to avoid any obstacles on the road.

Tesla's Vulnerability Reporting Team responded with the following points:

Any product or service that uses the public GPS broadcast system can be affected by GPS spoofing, which is why this kind of attack is considered a federal crime. Even though this research doesn't demonstrate any Tesla-specific vulnerabilities, that hasn't stopped us from taking steps to introduce safeguards in the future which we believe will make our products more secure against these kinds of attacks.

The effect of GPS spoofing on Tesla cars is minimal and does not pose a safety risk, given that it would at most slightly raise or lower the vehicle's air suspension system, which is not unsafe to do during regular driving or potentially route a driver to an incorrect location during manual driving.

While these researchers did not test the effects of GPS spoofing when Autopilot or Navigate on Autopilot was in use, we know that drivers using those features must still be responsible for the car at all times and can easily override Autopilot and Navigate on Autopilot at any time by using the steering wheel or brakes, and should always be prepared to do so.

These marketing claims are simply a for-profit company's attempt to use Tesla's name to mislead the public into thinking there is a problem that would require the purchase of this company's product. That is simply not the case. Safety is our top priority and we do not have any safety concerns related to these claims."

Regulus physically affixed an antenna to the roof of the Model 3 and wired it into its systems before the demonstration. Putting an antenna on the roof of the Model 3 allowed Regulus to use far less power than would otherwise be required, and therefore the firm could be far less worried about accidentally impacting other, unrelated GPS devices nearby.

Their attack against Tesla's car essentially used GNSS spoofing to convince the vehicle that it isn't where it thought it was, and it should turn on the wrong road. But that doesn't mean that the car would crash on the nearby tree. The car's radar, ultrasonics, and a suite of eight cameras would kick in to avoid such an incident. The point is that an autonomous or semi-autonomous automotive application only uses the GPS to decide which road to take; what is or is not a road at all is decided by local sensors.

On the other hand, GNSS spoofing could be an issue in the future. The safeguards against attacks are poor, and with the right tools, bad actors could achieve hostile GPS takeovers.

Tags: Self-driving CarsAutopilotteslaGNSS
Previous Post
16-Inch MacBook Pro Coming This Fall: IHS Markit
Next Post
Microsoft's Windows Terminal Available in the Store

Related Posts

  • Tesla Develops New Low-cost, Long-life Battery for Electric Cars: report

  • Nvidia Unveils New Ampere Data Center Chips, Ampere Computers, and More

  • Tesla Sues California County in Virus Factory Closure Fight

  • Waymo Resumes Driving Operations in Phoenix

  • Tesla Delays The Release of Roadster Sports Car

  • Volvo Self-driving Cars to Use Luminar LiDAR Technology

  • Tesla Applies For an Electricity Provider License in the U.K.: report

  • Tesla Reports Profit in Q1

BeQuiet Jubiläum Banner 300x600

 

Latest News

Razer unveils the Viper Mini Signature Edition – a magnesium alloy gaming masterpiece
PC components

Razer unveils the Viper Mini Signature Edition – a magnesium alloy gaming masterpiece

CORSAIR Launches New VENGEANCE a8100 and i8100 Gaming PCs and New Component Products for PC Builders
PC components

CORSAIR Launches New VENGEANCE a8100 and i8100 Gaming PCs and New Component Products for PC Builders

Sonos and Amazon to expand access to voice control with Alexa on Sonos devices
Consumer Electronics

Sonos and Amazon to expand access to voice control with Alexa on Sonos devices

Samsung announces new S23/Plus/Ultra series and New Galaxy Book3 Ultra
Smartphones

Samsung announces new S23/Plus/Ultra series and New Galaxy Book3 Ultra

PS5 Beta Introduces Discord Voice Chat, VRR support for 1440p, and more
Gaming

PS5 Beta Introduces Discord Voice Chat, VRR support for 1440p, and more

Popular Reviews

Withings Thermo Wi-Fi-connected temporal thermometer

Withings Thermo Wi-Fi-connected temporal thermometer

EnGenius ECW230 Access Point

EnGenius ECW230 Access Point

Withings Body Plus Scale

Withings Body Plus Scale

Withings Sleep Analyzer

Withings Sleep Analyzer

Noctua NH-D12L CPU Cooler

Noctua NH-D12L CPU Cooler

EnGenius ECW230S AP

EnGenius ECW230S AP

Scythe Fuma 2 CPU Cooler

Scythe Fuma 2 CPU Cooler

be quiet! Pure Rock 2 FX

be quiet! Pure Rock 2 FX

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed