CMU team gets $6M government grant to protect unmanned ground vehicles, high-end consumer autos from cyberattack
Even a $99.99 remote-controlled hobby plane at Brookstone could be redirected from its intended path, says Franz Franchetti, a Carnegie Mellon University engineering professor.
“Theoretically, people can do these kinds of things,” says Franchetti, who is part of the nation's effort to stop cyberattacks.
He heads a team that received a $6 million government grant to find a way to make sure that control remains with the owner.
Team members' task is to develop ultra-secure software and sensors to protect computer systems on unmanned ground vehicles and high-end consumer autos from cyberattack. The grant is from the Defense Advanced Research Projects Agency.
The results also could be used to prevent cyberattacks on military vehicles and unmanned drone aircraft, which are under increasing concern over attacks that could change their targets.
Consumer and military vehicles use the global positioning system (GPS) operated by the Air Force, but the military GPS signal is encrypted while the widely used civilian signal is not.
High-end autos like a Cadillac have electronic sensors that are vulnerable, Franchetti said. It's possible a “bad” CD containing toxic software, play it in a vehicle's sound system to install code and allow them to control the vehicle from miles away. High-end cars have the equivalent of one or two computers inside and 30 to 100 data sensors.
“Today's cars have many computers in them, and they can be compromised,” said Franchetti, a CMU researcher since 2004. “It has become a national security issue.”
Military and security agencies as well have unmanned drone aircraft and small, remote-controlled robots for bomb detection and other uses that can be controlled by people who want to do so, he said.
Military and commercial drones use GPS signals for guidance, and University of Texas at Austin researchers have shown those signals can be counterfeited or “spoofed.” An attacker can introduce toxic data into a device's sensors that can change its direction.
Aircraft sensors that monitor altitude, wind speed or fuel sensors can be fed incorrect information. “It will just crash into the ground,” Franchetti said. “Small deviation in the sensors can be dangerous.”
Last year, a University of Texas at Austin researcher demonstrated GPS “spoofer” technology that can be used to make unmanned aircraft veer off course. Todd E. Humphreys said such a spoofer can create false signals to replace unencrypted civilian GPS signals. In-car navigation systems also use the same GPS signals, Franchetti noted.
The unmanned aircraft industry is poised for nationwide growth and could create 100,000 new jobs by 2025, a report said this month.
Agriculture and public safety are expected to be the largest markets, according to aviation expert Darryl Jenkins, who wrote the report for the Association for Unmanned Vehicle Systems International in Arlington, Va. Precision-guided unmanned aircraft would help farmers monitor crops and spray pesticides. The aircraft would also help police and firefighters.
Cyber threats cost billions of dollars in lost revenues yearly, and they are emerging as a major threat to the economy, according to a recent Commerce Department report cited by CMU. Experts fear a click of a simple computer mouse could ultimately explode a fuel refinery, blind air traffic controllers or jam an important power grid.
The CMU project focuses on ground vehicles, but Darpa is interested in both ground and air applications, Franchetti said. Darpa funds high-risk, high-reward projects that later can be commercialized by private companies for civilian, government and military uses.
Today's automobiles have sensors in antilock brakes, cruise control, transmissions and others. And unmanned vehicles are remote controlled. If incorrect data is fed to on-board sensors, attackers “can hijack a vehicle, and it will do something unintended.”
The issue is whether vehicle and aircraft sensors can be trusted after being attacked.
To regain trust, Franchetti's strategy is to use multiple, unrelated sensors that can calculate the same information.
A GPS sensor and a speed sensor are both capable of providing location and speed information. Then software can compare information from each sensor, looking at differences.
If system designers know how close those differences need to be, then trust in the system can be regained.
“This assumes attackers cannot manipulate all of the sensors in a consistent way,” Franchetti said.
The problem is that software to process such data is difficult for engineers and programmers to write. The software also needs to be certified so it will produce consistent results, because lives are at stake.
“We will develop a tool box to allow engineers to build such systems,” Franchetti said. “It's a hard problem, and the CMU project is to give engineers a way to write the software.”
“This is an extremely challenging project,” Franchetti said.
Humphreys, in an interview, said a software solution may not be enough.
He said his team is working with the Air Force on adding a digital signature to civilian GPS signals, which would make them much more difficult to spoof. Such a solution could take up to five years to implement, he said.
Users would be able to authenticate signals coming from GPS as opposed to signals that could be coming from a hacker. “That's not something they can easily do now,” Humphreys said.
The CMU team has a deadline of early 2014 to complete the first phase of their 4½-year project. They will use live robots and study test cases.
A demonstration is planned for December to show how engineers can quickly develop code that could not be developed previously, he said.
It would show software that detects differences in sensor data before an attack and after, to help computers figure out that they are under attack and to help them survive and continue operating.
John D. Oravecz is a staff writer for Trib Total Media. He can be reached at 412-320-7882 or firstname.lastname@example.org.