Street intersection traffic lights

Academics from the University of Michigan have shown that one single malicious car could trick US-based smart traffic control systems into believing an intersection is full and force the traffic control algorithm to alter its normal behavior, and indirectly cause traffic slowdowns and even block street intersections.

The team's research focused on Connected Vehicle (CV) technology, which is currently being included in all cars manufactured across the globe.

While the CV acronym includes a large number of standards and protocols, there are two major technologies that are found in almost all smart cars sold in the past years.

The first is vehicle-to-vehicle (V2V) technology, and this helps cars talk to each other by sharing movement path, direction, speed, and other settings. This allows vehicles to avoid intersecting movement paths and detect situations when one car stops suddenly, allowing nearby vehicles to avert impending collisions.

The second technology is vehicle-to-infrastructure (V2I), and as the name clearly implies, this is a standard that shares car movement details with traffic infrastructure, such as highways junctions and city street intersections.

Flaws found in the US DOT's I-SIG system

In the US, the Department of Transportation (DOT) has started implementing a V2I system called Intelligent Traffic Signal System (I-SIG), already found on the streets of New York, Tampa (Florida), Cheyenne (Wyoming), Tempe (Arizona), and Palo Alto (California).

But the Michigan research team says the I-SIG system in its current default configuration is vulnerable to basic data spoofing attacks.

Researchers say this is "due to a vulnerability at the signal control algorithm level," which they call "the last vehicle advantage." This means that the latest arriving vehicle can determine the traffic system's algorithm output.

The research team says I-SIG doesn't come with protection from spoofing attacks, allowing one vehicle to send repeated messages to a traffic intersection, posing as the latest vehicle that arrived at the intersection.

Researchers mount I-SIG attack

Rresearchers say an attacker can use this bug and trick a traffic control system into believing cars keep arriving from all sides on the left lane. The system reacted by altering traffic lights and prolonging red light times to accommodate the non-existent vehicles, causing a delay in the entire intersection.

"The spoofed trajectory data from one single attack vehicle is able to increase the total delay by as high as 68.1%, which completely reverses the benefit of using the I-SIG system (26.6% decrease) and cause the mobility to be even 23.4% worse than that without using the I-SIG system," researchers say.

According to simulated traffic models, the Michigan team says that a fifth of all cars that enter an intersection took seven minutes to traverse the traffic junction that would have normally taken only half a minute.

"Based on our analysis, even though the I-SIG system has shown high effectiveness in reducing traffic delay in benign settings, the current algorithm design and configuration choices are highly vulnerable to data spoofing, and even the data from one single attack vehicle is able to manipulate the traffic control to a great extent, causing massive congestion," researchers say.

Flaws are not a suitable attack vector

It is unclear how a threat actor might use the vulnerabilities discovered by the Michigan research team, as it would take them thousands of malicious cars spread across a city for long periods of time to incur any real economical damages to the local business sector.

A more feasible attack scenario would be to create a virus that spreads from cars to cars on its own, blocking intersections across a country without needing dedicated malicious cars at each traffic junction. But if an attacker would be able to mass-infect vehicles with malware, then car owners should be worried about more serious consequences rather than longer traffic light waiting times.

Nonetheless, the research goes to prove that despite some countries deploying smart traffic control systems across cities, these systems aren't adequately secured even four years after IOActive researchers first spotted problems with such technologies.

More details are available in the research paper entitled "Exposing Congestion Attack on Emerging Connected Vehicle based Traffic Signal Control," presented at the end of February at the NDSS Symposium in San Diego, California.

Article updated with YouTube video.