A new simulation shows what it would take for future hackers to wreak widespread havoc by randomly stranding self-driving cars in a major city, researchers report.
Imagine it’s the year 2026, at rush hour, and your self-driving car abruptly shuts down right where it blocks traffic. You climb out to see gridlock down every street in view, then a news alert on your watch tells you that hackers have paralyzed all Manhattan traffic by randomly stranding internet-connected cars.
Researchers want to expand the current discussion on automotive cybersecurity, which mainly focuses on hacks that could crash one car or run over one pedestrian, to include potential mass mayhem.
They warn that even with increasingly tighter cyber defenses, the amount of data breached has soared in the past four years, but hackable objects can convert the rising cyber threat into a potential physical menace.
“Unlike most of the data breaches we hear about, hacked cars have physical consequences,” says Peter Yunker, an assistant professor in the School of Physics at the Georgia Institute of Technology.
It may not be that hard for state, terroristic, or mischievous actors to commandeer parts of the Internet of Things, including cars.
“With cars, one of the worrying things is that currently there is effectively one central computing system, and a lot runs through it. You don’t necessarily have separate systems to run your car and run your satellite radio. If you can get into one, you may be able to get into the other,” says Jesse Silverberg of Multiscale Systems, Inc.
Hacking cars and stopping traffic
In simulations of hacking internet-connected cars, the researchers froze traffic in Manhattan nearly solid, and it would not even take that to wreak havoc.
“Randomly stalling 20 percent of cars during rush hour would mean total traffic freeze. At 20 percent, the city has been broken up into small islands, where you may be able to inch around a few blocks, but no one would be able to move across town,” says David Yanni, a graduate research assistant in Yunker’s lab.
Not all cars on the road would have to be connected, just enough for hackers to stall 20 percent of all cars on the road. For example, if 40 percent of all cars on the road were connected, hacking half would suffice.
Hacking 10 percent of all cars at rush hour would debilitate traffic enough to prevent emergency vehicles from expediently cutting through traffic that is inching along citywide. The same thing would happen with a 20 percent hack during intermediate daytime traffic.
For the city to be safe, hacking damage would have to be below that. In other cities, things could be worse.
“Manhattan has a nice grid, and that makes traffic more efficient. Looking at cities without large grids like Atlanta, Boston, or Los Angeles, and we think hackers could do worse harm because a grid makes you more robust with redundancies to get to the same places down many different routes,” Yunker says.
The researchers left out factors that would likely worsen hacking damage, thus a real-world hack may require stalling even fewer cars to shut down Manhattan.
“I want to emphasize that we only considered static situations—if roads are blocked or not blocked. In many cases, blocked roads spill over traffic into other roads, which we also did not include. If we were to factor in these other things, the number of cars you’d have to stall would likely drop down significantly,” Yunker says.
The researchers also did not factor in ensuing public panic nor car occupants becoming pedestrians that would further block streets or cause accidents. Nor did they consider hacks that would target cars at locations that maximize trouble.
They also stress that they are not cybersecurity experts, nor are they saying anything about the likelihood of someone carrying out such a hack. They simply want to give security experts a calculable idea of the scale of a hack that would shut a city down.
The researchers do have some general ideas of how to reduce the potential damage.
“Split up the digital network influencing the cars to make it impossible to access too many cars through one network,” says lead author Skanka Vivek, a postdoctoral researcher in Yunker’s lab. “If you could also make sure that cars next to each other can’t be hacked at the same time that would decrease the risk of them blocking off traffic together.”
The physics of traffic jams
Yunker’s focus is soft matter physics, which looks at how constituent parts—in this case, connected cars—act as one whole physical phenomenon. The research team analyzed the movements of cars on streets with varying numbers of lanes, including how they get around stalled vehicles and found they could apply a physics approach to what they observed.
“Whether traffic is halted or not can be explained by classic percolation theory used in many different fields of physics and mathematics,” Yunker says.
Scientists often use percolation theory in materials science to determine if a desirable quality like a specific rigidity will spread throughout a material to make the final product uniformly stable. In this case, stalled cars spread to make formerly flowing streets rigid and stuck.
The researchers chose Manhattan for their simulations because a lot of data was available on that city’s traffic patterns.
The research appears in the journal Physical Review E. Additional researchers from Georgia Tech Multiscale Systems, Inc. contributed to the work. Any findings, conclusions, and recommendations are those of the authors.
Source: Georgia Tech