Thursday, December 8, 2022
3:30 PM, 115 Avery Hall
4:30 PM, 115 Avery Hall
Ryan M. Gerdes, Ph.D.Associate Professor, Virginia Tech
Autonomous vehicles rely on an accurate view of their environment in order to safely and efficiently navigate through it. Research has shown that the manipulation of unauthenticated, digital information conveyed by vehicle sensors about their environment can cause vehicles to run off course (e.g., GPS spoofing) and misclassify or miss objects of interest (e.g., adversarial examples). The sensors themselves also represent single points of failure as jamming different sensing modalities, simultaneously is inexpensive and easy to carry out (e.g., lasers to blind cameras/lidar and software radios to jam radar). The effects of such attacks are safety critical in that they could harm passengers and outsiders through failure to stop for pedestrians or a vehicle impacting another. In this talk we will consider a wide range of attacks against the sensing mechanism itself. While many of the aforementioned attacks could be mitigated through the use of authenticated data, our works seeks to alter information before it can be digitized and authenticated. Examples include the projection of adversarial examples into cameras, as well as using intentional electromagnetic interference to manipulate sensors and actuators at a distance. Experimentation has shown that such physical-layer attacks can alter objects, make them disappear, create spurious objects, and control the motion of vehicles. Preliminary work on mitigation strategies will also be discussed.
Ryan M. Gerdes is an Associate Professor in the Bradley Department of Electrical and Computer Engineering at Virginia Tech. Dr. Gerdes’ work focuses on designing resilient computing systems, with an emphasis on cyber-physical systems operating in adversarial environments and leveraging the physical layer for defensive and offensive purposes. Dr. Gerdes is the principal investigator on NSF, ARL, and DOE projects that examine the security and privacy of cooperative, automated vehicles; unmanned aerial systems (UAS); and next-generation battery electric vehicles and chargers. Recent research topics have included: use of intentional electromagnetic interference for the physical-layer manipulation of sensors and actuators, including radar and electric motors; identification and tracking of cognitive radios; attack detection and prevention for automotive systems; electromagnetic side-channel analysis for code-change detection; machine learning in adversarial environments; and detection of malicious logic in untrusted, integrated circuit designs. Research interests include cyber-physical systems security (physical-layer sensor/actuator spoofing and countermeasures, devising/countering attacks against control systems, and secure localization), physical layer identification (identifying devices based on electrical side-channels), and integrated circuit security (designing, detecting, and remotely triggering malicious logic).