University of Alabama’s low-cost solution could help spot hacked GPS in self-driving cars

Adam Jones

Lots of hurdles remain before the emerging technology of self-driving vehicles is common, but researchers at the University of Alabama have developed a promising, inexpensive system to overcome one challenge: GPS hacking that can send a self-driving vehicle to the wrong destination.

Initial research shows self-driving vehicles can use already installed sensors to detect traveling the wrong route, even when passengers are unaware, thwarting an attempt to spoof the GPS signal to the vehicle, according to findings outlined in recently published papers in the IEEE Transactions on Intelligent Transportation Systems and Transportation Research Record Journal.

Relying on software code and in-vehicle sensors that are already part of the self-driving system would be cheaper for consumer and commercial vehicles to deny the hacked directions used to steer cargo or people away from their intended destination, said Mizanur Rahman, assistant professor of civil, construction and environmental engineering and affiliate researcher with the Alabama Transportation Institute.

“The sensors guiding the vehicles are the same sensors that can be used to detect the fake GPS signal,” he said. “If the vehicle has the wrong information and is misguided, this can detect it and get back on track.”

While commercially available vehicles have some automation, none have reached the point of full autonomy.

“It may seem futuristic, but we need to think like hackers to address problems before the systems are in place,” said Sagar Dasgupta, a doctoral student and corresponding author on the papers. “Self-driving vehicles are coming, so we need to make sure users are safe. The vehicles need to be secure, so they are considered safe and reliable.”

Automakers are developing cybersecurity software to protect the computers in the vehicles from remote hacking, but GPS signal spoofing is different. A spoofed GPS signal comes from outside the vehicle, leaving the internal computer system alone while it navigates a new route based on faulty information.

Spoofed signals are already a threat to military craft and international cargo shipping, Rahman said. “Personal vehicles with self-driving features will also need to detect the spoofed signal in real time to return to the correct route.”

Rather than programming the vehicle to computationally analyze and validate the signal, UA researchers created an algorithm that uses built-in vehicle sensors that detect acceleration, speed and direction to validate that the car’s path aligns with the desired direction.

“Our solution goes to the root of the problem by detecting the location change,” Sagar said. “GPS is the most vulnerable component, so we are using the sensors inside the vehicle to detect the GPS spoofing from outside the car.”

The researchers used the Honda Research Institute Driving Dataset that contains data of 104 hours of human driving in the San Francisco Bay area in a vehicle equipped with self-driving vehicle sensors. Using the data from those sensors during the drives, the UA researchers simulated how they would respond under a spoof GPS signal.

They developed multiple, robust spoofing detection models, finding the models were highly accurate in detecting spoofs.

The work was supported by a grant from the National Science Foundation. The next step is to validate the research in vehicles with self-driving features, Sagar said.

“We think this will be one of the security modules in the next generation of self-driving vehicles,” he said.

(Courtesy of the University of Alabama)