Security and Privacy Vulnerabilities in Automated Driving

I. Introduction To Automated Driving

An automated driving system is a complex combination of various components that can be defined as systems where perception, decision making, and operation of the automobile are performed by electronics and machinery instead of a human driver, and as introduction of automation into road traffic. This includes handling of the vehicle, destination, as well as awareness of surroundings. While the automated system has control over the vehicle, it allows the human operator to leave all responsibilities to the system.

In SAE's automation level definitions, “driving mode” means “a type of driving scenario with characteristic dynamic driving task requirements (e.g., expressway merging, high speed cruising, low speed traffic jam, closed-campus operations, etc.)”

• •

  Level 0: Automated system issues warnings and may momentarily intervene but has no sustained vehicle control.

• •

  Level 1 (“hands on”): The driver and the automated system share control of the vehicle. Examples are systems where the driver controls steering and the automated system controls engine power to maintain a set speed (Cruise Control) or engine and brake power to maintain and vary speed (Adaptive Cruise Control or ACC); and Parking Assistance, where steering is automated while speed is under manual control. The driver must be ready to retake full control at any time. Lane Keeping Assistance (LKA) Type II is a further example of level 1 self-driving.

• •

  Level 2 (“hands off”): The automated system takes full control of the vehicle (accelerating, braking, and steering). The driver must monitor the driving and be prepared to intervene immediately at any time if the automated system fails to respond properly. The shorthand “hands off” is not meant to be taken literally. In fact, contact between hand and wheel is often mandatory during SAE 2 driving, to confirm that the driver is ready to intervene.

• •

  Level 3 (“eyes off”): The driver can safely turn their attention away from the driving tasks, e.g. the driver can text or watch a movie. The vehicle will handle situations that call for an immediate response, like emergency braking. The driver must still be prepared to intervene within some limited time, specified by the manufacturer, when called upon by the vehicle to do so.

• •

  Level 4 (“mind off”): As level 3, but no driver attention is ever required for safety, e.g. the driver may safely go to sleep or leave the driver's seat. Self-driving is supported only in limited spatial areas (geofenced) or under special circumstances, like traffic jams. Outside of these areas or circumstances, the vehicle must be able to safely abort the trip, e.g. park the car, if the driver does not retake control.

• •

  Level 5 (“steering wheel optional”): No human intervention is required at all. An example would be a robotic taxi.

In the formal SAE definition below, note in particular what happens in the shift from SAE 2 to SAE 3: the human driver no longer has to monitor the environment. This is the final aspect of the “dynamic driving task” that is now passed over from the human to the automated system. At SAE 3, the human driver still has the responsibility to intervene when asked to do so by the automated system. At SAE 4 the human driver is relieved of that responsibility and at SAE 5 the automated system will never need to ask for an intervention (Self-driving car retrieved from https://en.wikipedia.org/wiki/Self-driving_car Access Time:10:37 HRS 20^th May,2019)