D4+: Emergent Adversarial Driving Maneuvers with Approximate Functional Optimization
Diego Ortiz Barbosa, Luis Burbano, Carlos Hernandez, Zengxiang Lei, Younghee Park, Satish Ukkusuri, Alvaro A Cardenas
TL;DR
This paper addresses the challenge of verifying safety for autonomous vehicles under adversarial drivers. It introduces D4+, a scenario-based framework that uses metric temporal logic ($MTL$) and robustness to search for attacks via digital twins within a $DDDAS$ loop. It extends prior D4 by enabling nonparametric attack patterns and employs Bayesian optimization ($BO$) and Cross-Entropy ($CE$) to discover emergent maneuvers in CARLA, showing that BO finds more effective adversarial trajectories than CE. The results reveal vulnerabilities of adaptive cruise control at setpoints around 5–7 m and speeds up to 30 m/s, with mitigation suggestions such as larger inter-vehicle distances; the authors also provide open-source code for replication.
Abstract
Intelligent mechanisms implemented in autonomous vehicles, such as proactive driving assist and collision alerts, reduce traffic accidents. However, verifying their correct functionality is difficult due to complex interactions with the environment. This problem is exacerbated in adversarial environments, where an attacker can control the environment surrounding autonomous vehicles to exploit vulnerabilities. To preemptively identify vulnerabilities in these systems, in this paper, we implement a scenario-based framework with a formal method to identify the impact of malicious drivers interacting with autonomous vehicles. The formalization of the evaluation requirements utilizes metric temporal logic (MTL) to identify a safety condition that we want to test. Our goal is to find, through a rigorous testing approach, any trace that violates this MTL safety specification. Our results can help designers identify the range of safe operational behaviors that prevent malicious drivers from exploiting the autonomous features of modern vehicles.