On Wednesday of this week, an Israeli firm called Regulus Cyber issued a press release stating that “spoofing attacks on the Tesla GNSS (GPS) receiver could easily be carried out wirelessly and remotely.” In the firm’s demonstration attack on a Model 3, “the car reacted as if the exit was just 500 feet away—abruptly slowing down, activating the right turn signal, and making a sharp turn off the main road,” according to Regulus. “The driver immediately took manual control but couldn’t stop the car from leaving the road.”
Tesla’s official response could best be described as “brusque.”
“These marketing claims are simply a for-profit company’s attempt to use Tesla’s name to mislead the public into thinking there is a problem that would require the purchase of this company’s product. That is simply not the case. Safety is our top priority and we do not have any safety concerns related to these claims.”Tesla official spokesperson
So, a company most of us haven’t heard of tells us that it’s demonstrated disturbing vulnerabilities in Tesla. Tesla, in effect, says said company is just looking for a buck and there’s no problem, but it doesn’t really provide any details. Where does the truth lie? That question necessitates a look at the merits of this specific Regulus-vs-Tesla claim—and then a broader glance into the history, technology, and possibilities of GNSS spoofing itself.
A closer look at the Regulus demo
If you read the opening paragraph of this article and thought that evil hackers took remote control of a car and made it go violently off-road, no strings attached, don’t feel bad—you were almost certainly meant to. But the reality is much different. The first, most obvious objection is that Regulus physically affixed an antenna to the roof of the Model 3 and wired it into its systems before the demonstration. That isn’t really the smoking gun it appears to be; it would’ve been possible to get the same effect with no antenna or wires, it just would have been extremely irresponsible (and most likely illegal).
We’ll get into some of the hairy technical details later, but GNSS spoofing is typically a broadcast attack which can be expected to affect a large area. Putting an antenna on the roof of the Model 3 allowed Regulus to use far less power than would otherwise be required, and therefore the firm could be far less worried about accidentally impacting other, unrelated GPS devices nearby. That said, I don’t mind giving them a pass on this one; presumably real bad guys would have fewer constraints and thereby wouldn’t need to bother with the physical antenna and wiring in order to attack someone’s car. The real problem is a little less obvious, and you’re unlikely to spot it unless you find Regulus Cyber’s actual blog post on the experiment—which is much more detailed, and conspicuously not linked directly from the press release.
This video from an earlier experiment is an excellent example of the kind of “Pied Piper” attack that Regulus successfully carried off against the Model 3. It’s entirely possible—even somewhat trivial, if you don’t mind becoming an instant felon—to use GNSS spoofing to convince an autonomous or semi-autonomous car that it isn’t where it thought it was, and it should turn on the wrong road.
But this attack is like handing Mom or Dad the wrong map on a family vacation: sure, you might get lost, but the wrong map won’t plow the car into a tree. Just like the human driver in our example, an autonomous or semi-autonomous automotive application only uses the GPS to decide which road to take; what is or is not a road at all is decided by local sensors. In a human driver’s case, “local sensors” mostly means a pair of good old-fashioned Mk I Eyeballs; in the Tesla’s, it’s radar, ultrasonics, and a suite of eight cameras enabling full-time 360-degree visual coverage. I reached out to spokespersons from Tesla, Uber, and Cruise, and all made similar statements. Essentially, these companies say GPS helps cars decide which road to take, but it has nothing to do with a car’s decision about what is or is not a road in the first place.
Listing image by Regulus Cyber