Tesla Tricked into Traveling 50 MPH Over the Speed Limit

By Warren Domingo on February 21, 2020

Introduction

Tesla is seen as the leader in ecofriendly, smart vehicles with the goal of providing affordable transportation for everyone. The name Tesla is also associated with groundbreaking innovation and fully autonomous cars. Compilations of Tesla autopilot predicting crashes can be seen online and the Tesla Model 3 is one of the most secure vehicles around. However, this technology is very new and should be analyzed very closely. Tesla has often held competitions to hack into their cars, rewarding successful attackers with their own Tesla or money. A recent study on the Tesla autopilot by McAfee Advanced Threat Research (ATR) finds a vulnerability in the image recognition system that tricks the Tesla into accelerating 50 MPH over the speed limit.

Vulnerability

The Tesla models that are affected by this attack are the first-generation model X and model S. These models use the MobileEye EyeQ3 camera as well as the first-generation Tesla autopilot. McAfee ATR worked through several scenarios where they modified traffic signs to create misclassifications. By adding white boxes on a stop sign, they were able to get the system to misclassify it as an add lane sign. Adding random marks to speed limit signs also got the system to misinterpret a 35 MPH sigh as a 45 MPH sign. Furthermore, the attack with the most adverse effect was a small black strip extending the middle of the “3” in 35 causing the system to interpret the sign as an 85 MPH speed limit.

Mitigation

Since the discovery of the vulnerability, McAfee has released their findings to both Tesla and MobileEye prior to public release. However, Tesla stated that they will not be fixing the issue found by McAfee. This should not scare away customers, as newer models of the Tesla use proprietary cameras and are not affected by the attack. MobileEye has also released a new version of its camera that McAfee tested to not be fooled by the modified sign.

For those that use a 2016 Tesla, there is currently no firmware update that solves the issue. As this deals with the underlying image recognition system, it is a difficult fix. Additionally, Tesla does not plan on fixing this problem, meaning that owners of a vulnerable Tesla will have to wait for a better implementation of a GPS based map to complement the image recognition system. For now, it is best for owners to be aware of the issue and not rely on the current state of the Tesla autopilot to be fully autonomous.

Relevance

Even though the newer Tesla models are not affected by the vulnerability, there is still a lot to learn form this research. To start, Tesla should not rely on the camera system to determine speed. It is still possible for someone to completely turn the “3” into an “8” and trick the system into reading the sign as 85 MPH, regardless of how good it is. They should use a variety of technology including GPS mapping systems to complement the camera systems. Cameras will be useful in reacting to modified construction signs where the speed limit is temporarily set slower. However, this can still be used by an adversary placing fake construction signs, causing autonomous vehicles to slow drastically for no reason.

Second, there are reports of Teslas on autopilot that move toward medians, in one report the car ran straight into a barrier. Analyzing the imaging system in a similar way to this research may provide insight into why the car behaves a certain way.

Lastly, as more devices become “smart”, it is important to look at different types of attack vectors. An attack so simple as to changing the numbers on a traffic sign could produce devastating effects of overlooked. Due to the constant watch for reasons not to trust self-driving cars, companies like Tesla should consider every possible vulnerability, even from simple attacks like modifying a traffic sign.

References

[1] Business Insider, “Hackers stuck a 2-inch strip of tape on a 35-mph speed sign and successfully tricked 2 Teslas into accelerating to 85 mph”, February 19. 2020. https://www.businessinsider.com/hackers-trick-tesla-accelerating-85mph-using-tape-2020-2

[2] Electrek, “Tesla Autopilot gets tricked into accelerating from 35 to 85 mph with modified speed limit sign”, February 19. 2020.  https://electrek.co/2020/02/19/tesla-autopilot-tricked-accelerate-speed-limit-sign/

[3] Forbes, “Can You Hack A Tesla Model 3? $500,000 Says That You Can’t”, January 9. 2020. https://www.forbes.com/sites/daveywinder/2020/01/09/can-you-hack-a-tesla-model-3-500000-says-that-you-cant/#6f2051b43cd0

[4] McAfee, “Model Hacking ADAS to Pave Safer Roads for Autonomous Vehicles”, February 19. 2020. https://www.mcafee.com/blogs/other-blogs/mcafee-labs/model-hacking-adas-to-pave-safer-roads-for-autonomous-vehicles/