Autonomous Arial Vehicles (AAVs), i.e., drones, have been increasingly adopted in commercial and industrial applications, such as package delivery and surveillance. At the same time, there has been an increasing rate of AAV accidents with critical consequences, such as vehicle malfunction and crashes. Hackers have also demonstrated numerous attacks exploiting security vulnerabilities in AAVs to crash and take control of the vehicles maliciously. At the core of these incidents is the lack of a systematic approach to testing and analyzing AAVs. Due to a semantic gap between the cyber and physical domains of the systems, it is challenging to correlate the causes of vehicle accidents/attacks in the cyber domain (e.g., a software bug) with the resulting symptoms in the physical domain (e.g., a vehicle crash), which are critical for testing and analyzing AAVs accurately and retrofitting them to avoid the same incidents.
RetroV offers automated testing and analysis tools to find bugs and vulnerabilities in AAVs and retrofit their design to prevent accidents and possible attacks. Our tools discover hidden physical misbehaviors of AVs under test and identify the root cause with near-zero human intervention. We achieve this by leveraging a high-fidelity drone simulator to generate a virtually infinite set of test cases as well as real drones for real-world analysis. During testing, our tool automatically monitors the vehicle’s internal states in real time and records them to trace the root cause in case a misbehavior is detected. When an incident occurs, our tool effectively closes the semantic gap between the misbehavior (in the physical domain) and the responsible system code (in the cyber domain) by analyzing the causal relationships across vehicle states and mapping them to the code. Our tools have successfully discovered over 90 new vulnerabilities in two AVs. These systems power many popular commodity drones in the real world.
Drones, Software Testing, Program Analysis, Cyber-Physical Systems