An Investigation of Denial of Service Attacks on Autonomous Driving Software and Hardware in Operation

This research investigates the impact of Denial of Service (DoS) attacks, specifically Internet Control Message Protocol (ICMP) flood attacks, on Autonomous Driving (AD) systems, focusing on their control modules. Two experimental setups were created: the first involved an ICMP flood attack on a Raspberry Pi running an AD software stack, and the second examined the effects of single and double ICMP flood attacks on a Global Navigation Satellite System Real-Time Kinematic (GNSS-RTK) device for high-accuracy localization of an autonomous vehicle that is available on the market. The results indicate a moderate impact of DoS attacks on the AD stack, where the increase in median computation time was marginal, suggesting a degree of resilience to these types of attacks. In contrast, the GNSS device demonstrated significant vulnerability: during DoS attacks, the sample rate dropped drastically to approximately 50% and 5% of the nominal rate for single and double attacker configurations, respectively. Additionally, the longest observed time increments were in the range of seconds during the attacks. These results underscore the vulnerability of AD systems to DoS attacks and the critical need for robust cybersecurity measures. This work provides valuable insights into the design requirements of AD software stacks and highlights that external hardware and modules can be significant attack surfaces.