Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

MetAdv: A Unified and Interactive Adversarial Testing Platform for Autonomous Driving

Aishan Liu, Jiakai Wang, Tianyuan Zhang, Hainan Li, Jiangfan Liu, Siyuan Liang, Yilong Ren, Xianglong Liu, Dacheng Tao

TL;DR

MetAdv addresses the lack of unified, interactive testing for autonomous driving adversarial robustness by integrating a CARLA-based virtual-physical sandbox with a three-layer architecture and dynamic test evolution. The approach bridges high-level adversarial generation, mid-level simulation control, and low-level physical deployment, enabling end-to-end evaluation from perception to planning. Key contributions include a unified sandbox, an adversarial evolution framework with LLM-driven adversaries and a large set of digital and physical attacks, a rich asset repository spanning models and 3D vehicles, and support for SIL/HIL/VIL with human-in-the-loop feedback to study trust under adversarial conditions. The platform promises scalable, realistic adversarial testing across commercial and laboratory AD platforms, potentially improving safety and reliability of autonomous driving systems.

Abstract

Evaluating and ensuring the adversarial robustness of autonomous driving (AD) systems is a critical and unresolved challenge. This paper introduces MetAdv, a novel adversarial testing platform that enables realistic, dynamic, and interactive evaluation by tightly integrating virtual simulation with physical vehicle feedback. At its core, MetAdv establishes a hybrid virtual-physical sandbox, within which we design a three-layer closed-loop testing environment with dynamic adversarial test evolution. This architecture facilitates end-to-end adversarial evaluation, ranging from high-level unified adversarial generation, through mid-level simulation-based interaction, to low-level execution on physical vehicles. Additionally, MetAdv supports a broad spectrum of AD tasks, algorithmic paradigms (e.g., modular deep learning pipelines, end-to-end learning, vision-language models). It supports flexible 3D vehicle modeling and seamless transitions between simulated and physical environments, with built-in compatibility for commercial platforms such as Apollo and Tesla. A key feature of MetAdv is its human-in-the-loop capability: besides flexible environmental configuration for more customized evaluation, it enables real-time capture of physiological signals and behavioral feedback from drivers, offering new insights into human-machine trust under adversarial conditions. We believe MetAdv can offer a scalable and unified framework for adversarial assessment, paving the way for safer AD.

MetAdv: A Unified and Interactive Adversarial Testing Platform for Autonomous Driving

TL;DR

MetAdv addresses the lack of unified, interactive testing for autonomous driving adversarial robustness by integrating a CARLA-based virtual-physical sandbox with a three-layer architecture and dynamic test evolution. The approach bridges high-level adversarial generation, mid-level simulation control, and low-level physical deployment, enabling end-to-end evaluation from perception to planning. Key contributions include a unified sandbox, an adversarial evolution framework with LLM-driven adversaries and a large set of digital and physical attacks, a rich asset repository spanning models and 3D vehicles, and support for SIL/HIL/VIL with human-in-the-loop feedback to study trust under adversarial conditions. The platform promises scalable, realistic adversarial testing across commercial and laboratory AD platforms, potentially improving safety and reliability of autonomous driving systems.

Abstract

Evaluating and ensuring the adversarial robustness of autonomous driving (AD) systems is a critical and unresolved challenge. This paper introduces MetAdv, a novel adversarial testing platform that enables realistic, dynamic, and interactive evaluation by tightly integrating virtual simulation with physical vehicle feedback. At its core, MetAdv establishes a hybrid virtual-physical sandbox, within which we design a three-layer closed-loop testing environment with dynamic adversarial test evolution. This architecture facilitates end-to-end adversarial evaluation, ranging from high-level unified adversarial generation, through mid-level simulation-based interaction, to low-level execution on physical vehicles. Additionally, MetAdv supports a broad spectrum of AD tasks, algorithmic paradigms (e.g., modular deep learning pipelines, end-to-end learning, vision-language models). It supports flexible 3D vehicle modeling and seamless transitions between simulated and physical environments, with built-in compatibility for commercial platforms such as Apollo and Tesla. A key feature of MetAdv is its human-in-the-loop capability: besides flexible environmental configuration for more customized evaluation, it enables real-time capture of physiological signals and behavioral feedback from drivers, offering new insights into human-machine trust under adversarial conditions. We believe MetAdv can offer a scalable and unified framework for adversarial assessment, paving the way for safer AD.

Paper Structure

This paper contains 6 sections, 1 figure.

Table of Contents

  1. Introduction
  2. MetAdv System
  3. Adversarial Testing Sandbox
  4. AD Asset Repository
  5. Flexible User Interaction
  6. Acknowledgments

Figures (1)

  • Figure 1: The overall framework of our MetAdv, a novel virtual-physical hybrid adversarial testing platform for AD.