上次,雷锋网编辑刚问完中国破解特斯拉第一人刘健皓今年还搞不搞特斯拉,今天(3 月 29 日),360 的老对手腾讯科恩实验室马上宣布了特斯拉 Autopilot 三个实验性安全研究成果。这也是继 2016 至 2018 年连续发布针对网联汽车安全研究成果后,腾讯科恩实验室首次发布对量产车型高级辅助驾驶功能的实验性安全研究成果。
成果一:雨刷的视觉识别缺陷
特斯拉 Autopilot 系统借助图像识别技术,通过识别外部天气状况实现自动雨刷功能。科恩实验室通过研究发现,利用 AI 对抗样本生成技术生成特定图像并进行干扰时,该系统输出了“错误”的识别结果,导致车辆雨刷启动。
成果二:车道的视觉识别缺陷
特斯拉 Autopilot 系统通过识别道路交通标线,实现对车道的识别和辅助控制。科恩实验室通过研究发现,在路面部署干扰信息后,可导致车辆经过时对车道线做出错误判断,致使车辆驶入反向车道。
成果三:遥控器操控车辆行驶
特斯拉 Autopilot 具有保持在车道内行驶,自动变换车道等功能。在对 Autopilot 进行安全研究及测试后发现,利用科恩实验室发现并报告的 Autopilot 漏洞(版本2018.6.1),在特斯拉Model S上获取 Autopilot 控制权之后,可实现第三方遥控装置对车辆行驶方向的操控。
总结下来,可启动雨刷,可误导车辆方向判断,可操控行驶方向!
雷锋网(公众号:雷锋网)注意到,特斯拉已对上述研究成果反馈:
特斯拉关于科恩实验室“雨刷的视觉识别缺陷”(成果一)的反馈
“This research was demonstrated by displaying an image on a TV that was placed directly in front of the windshield of a car. This is not a real-world situation that drivers would face, nor is it a safety or security issue. Additionally, as we state in our Owners’ Manual, the ‘Auto setting [for our windshield wipers] is currently in BETA.’ A customer can also elect to use the manual windshield wiper setting at any time.”
特斯拉关于科恩实验室“车道的视觉识别缺陷”(成果二)的反馈
"In this demonstration the researchers adjusted the physical environment (e.g. placing tape on the road) around the vehicle to make the car behave differently when Autopilot is in use. This is not a real-world concern given that a driver can easily override Autopilot at any time by using the steering wheel or brakes and should be prepared to do so at all times."
特斯拉关于科恩实验室遥控器操控车辆行驶(成果三)的反馈
“The primary vulnerability addressed in this report was fixed by Tesla through a robust security update in 2017, followed by another comprehensive security update in 2018, both of which we released before this group reported this research to us. In the many years that we have had cars on the road, we have never seen a single customer ever affected by any of the research in this report.”
科恩还称,自动驾驶相关技术的发展和落地不应受限于安全风险和问题。随着图像识别技术在汽车行业,尤其是在高级辅助驾驶和自动驾驶领域中的广泛应用,产业上下游参与厂商需对安全性保持高度关注与投入。
消息来源:腾讯科恩实验室
想看更多网络安全报道?欢迎关注雷锋网旗下微信公众号“宅客频道”。
雷锋网版权文章,未经授权禁止转载。详情见。
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/116992.html