Hackers could engineer traffic jams, by using their cars to lie to smart traffic lights

Uhoh. Image: Getty.

The day when cars can talk to each other – and to traffic lights, stop signs, guardrails and even pavement markings – is rapidly approaching. Driven by the promise of reducing traffic congestion and avoiding crashes, these systems are already rolling out on roads around the U.S.

For instance, the Intelligent Traffic Signal System, developed with support from the U.S. Department of Transportation, has been tested on public roads in Arizona and California and is being installed more widely in New York City and Tampa, Florida. It allows vehicles to share their real-time location and speed with traffic lights, which can be used to effectively optimise the traffic timing in coordination with the real-time traffic demand to dramatically reduce vehicle waiting time in an intersection.

Our work, from the RobustNet Research Group and the Michigan Traffic Laboratory at the University of Michigan, focuses on making sure these next-generation transportation systems are secure and protected from attacks. So far we’ve found they are in fact relatively easy to trick. Just one car that’s transmitting fake data can cause enormous traffic jams, and several attack cars could work together to shut down whole areas. What’s particularly concerning is that our research has found the weakness is not in the underlying communication technology, but in the algorithms actually used to manage the traffic flow.

Misleading an algorithm

In general, algorithms are meant to take in a variety of inputs – such as how many cars are in various locations around an intersection – and calculate an output that meets a particular goal – such as minimising their collective delay at traffic lights. Like most algorithms, the traffic control algorithm in Intelligent Traffic Signal System – nicknamed “I-SIG” – assumes the inputs it’s getting are honest. That’s not a safe assumption.

The hardware and software in modern cars can be modified, either physically through the car’s diagnostic ports or over wireless connections, to instruct a car to transmit false information. Someone who wanted to compromise the I-SIG system could hack her own car using such methods, drive to a target intersection and park nearby.


Once parked near the intersection, we’ve found that the attacker could take advantage of two weaknesses in the algorithm controlling the light to extend the time a particular lane of traffic gets a green light – and, similarly, the time other lanes get red lights.

The first vulnerability we found, which we call “last vehicle advantage,” is a way of extending the length of a green-light signal. The algorithm keeps an eye on approaching cars, estimates how long the line of cars is and determines how long it thinks it will take for all the vehicles in a line of traffic to get through the intersection. This logic helps the system serve as many vehicles as possible in each round of light changes, but it can be abused. An attacker can instruct her car to falsely report joining the line of cars very late. The algorithm will then hold the attacked light green long enough for this nonexistent car to pass, leading to a green light – and correspondingly, red lights for other lanes – that is much longer than needed for the actual cars on the road.

We called the second weakness we found the “curse of the transition period,” or the “ghost vehicle attack”. The I-SIG algorithm is built to accommodate the fact that not all vehicles can communicate yet. It uses the driving patterns and information of newer, connected cars to infer the real-time location and speed of older, noncommunicating vehicles. Therefore, if a connected car reports that it is stopped a long distance back from an intersection, the algorithm will assume there is a long line of older vehicles queuing ahead of it. Then the system would allocate a long green light for that lane because of the long queue it thinks is there, but really isn’t.

These attacks happen by making a device lie about its own position and speed. That’s very different from known cyberattack methods, like injecting messages into unencrypted communications or having an unauthorised user logging in with a privileged account. Therefore, known protections against those attacks can do nothing about a lying device.

Results from a misinformed algorithm

Using either of these attacks, or both in concert with each other, can allow an attacker to give long periods of green lights to lanes with little or no traffic and longer red lights to the busiest lanes. That causes backups that grow and grow, ultimately building into massive traffic jams.

A congestion attack on a traffic signal control system.

This sort of attack on traffic lights could be just for fun or for the attacker’s own benefit. Imagine, for example, a person who wants to have a faster commute adjusting his own traffic-light timing, at the expense of other drivers’ delays. Criminals, too, might seek to attack traffic lights to ease their getaways from crime scenes or pursuing police cars.

There are even political or financial dangers: a coordinated group could shut down several key intersections in a city and demand a ransom payment. It’s much more disruptive, and easier to get away with, than other ways of blocking intersections, like parking a car across traffic.

Because this type of attack exploits the smart traffic control algorithm itself, fixing it requires joint efforts from both transportation and cybersecurity fields. This includes taking into account one of the broadest lessons of our work: the sensors underlying interactive systems, such as the vehicles in the I-SIG system, aren’t inherently trustworthy. Before engaging in calculations, algorithms should attempt to validate the data they’re using. For example, a traffic-control system could use other sensors – like in-road sensors already in use across the nation – to double-check how many cars are really there.

This is just the beginning of our research into new types of security problems in the smart transportation systems of the future, which we hope will both discover weaknesses and identify ways to protect the roads and the drivers on them.

Qi Alfred Chen, Ph.D. Candidate in Computer Science and Engineering, University of Michigan and Z. Morley Mao, Professor of Electrical Engineering and Computer Science, University of Michigan

This article was originally published on The Conversation. Read the original article.

 
 
 
 

In South Africa's cities, evictions are happening despite a national ban

An aerial view shows a destroyed house in Lawley, south of Johannesburg, on April 20, 2020. The city has been demolishing informal structures on vacant land despite a moratorium on evictions. (Marco Longari/AFP via Getty Images)

On the morning of 15 July, a South African High Court judge ruled that the city of Cape Town’s Anti-Land Invasion Unit had illegally evicted a man when it destroyed the shack where he was living.

That afternoon, the Anti-Land Invasion Unit was out again, removing shacks in another informal settlement.

Evictions were banned in South Africa for nine weeks, after the national government placed the country under a strict Covid-19 lockdown in late March. At present, eviction orders are automatically suspended until the country moves to a lower “alert level” and can only be carried out with a special order from a judge.

Yet major cities including Cape Town, Johannesburg and eThekwini (created through the merger of Durban with several surrounding communities), have continued to use municipal law enforcement agencies and private security companies to remove people from informal housing. In many cases those operations have been conducted without a court order – something required under regular South African law.

Around 900 people were evicted from three informal settlements in eThekwini during the eviction ban, according to the Church Land Programme, a local NGO. Its director, Graham Philpott, says it’s also aware of evictions in other informal settlements.

While evictions aren’t a “new experience” in these communities, the NGO released a report on lockdown evictions because they were “so explicitly illegal”. “There was a moratorium in place,” Philpott says, “and the local municipality acted quite flagrantly against it. There’s no confusion, there’s no doubt whatsoever, it is illegal. But it is part of a trend where the eThekwini municipality has acted illegally in evicting the poor from informal settlements.”

Evictions also took place in Cape Town and Johannesburg during so-called “hard lockdown” according to local activists. In eThekwini and other municipalities, the evictions have continued despite restrictions. In Cape Town, authorities pulled a naked man, Bulelani Qholani, from his shack. That incident, which was captured on video, drew condemnation from the national government and four members of the Anti-Land Invasion unit were suspended. 


The cities say they’re fighting “land invasions” – illegal occupations without permission from the land owner.

“Land invasions derail housing and service projects, lead to the pollution of waterways, severely prejudice deserving housing beneficiaries and cause property owners to lose their investments over night,” Cape Town’s executive mayor, Dan Plato said in a statement. (Plato has also claimed that Qholani did not live in the shack he was pulled from and that he disrobed when municipal authorities arrived.)

South African municipalities often claim that the shacks they destroy are unoccupied. 

If they were occupied, says Msawakhe Mayisela, a spokesman for the eThekwini municipality, the city would get a court order before conducting an eviction. “Everything we’re doing is within the ambit of the law,” Mayisela says. But “rogue elements” are taking advantage of Covid-19, he added.

“We fully understand that people are desperately in need of land, but the number of people that are flocking to the cities is too much, the city won’t be able to provide housing or accommodation for everyone overnight,” he says. 

While eThekwini claims to be a caring city, local activists say the evictions show otherwise.

In one case, 29 women were evicted from shacks during the hard lockdown. With nowhere to go, they slept in an open field and were arrested by the South African Police Service for violating the lockdown, Philpott says.

“These evictions are dehumanizing people whose dignity is already compromised in many ways,” says S’bu Zikode, the president of Abahlali baseMjondolo, a community organization whose Zulu name translates to “the people of the shacks”. 

“It has reminded us that we are the people that do not count in our society.”

Municipal law enforcement and private security contractors hired by cities regularly fire rubber bullets, or even live ammunition, at residents during evictions. Some 18 Abahlali baseMjondolo activists have been killed since the organization was founded in 2005, Zikode says, most by the eThekwini Land Invasion Unit and Metro Police.

(Mayisela says that if city employees have broken the law, Abahlali baseMjondolo can file a complaint with the police. “There is no conclusive evidence to the effect that our members have killed them,”  he says.)

Other Abahlali baseMjondolo activists have been killed by what Zikode calls “izinkabi,” hitmen hired by politicians. Two eThekwini city councillors were sentenced to life in prison 2016 after they organized the killing of Thuli Ndlovu, an Abahlali baseMjondolo organizer. A member of the Land Invasion Unit who is currently facing a charge of attempted murder after severely injuring a person during an eviction remains on the job, Zikode says.

South Africa’s 1996 constitution is intended to protect the public from arbitrary state violence and guarantees a right to housing, as well as due process in evictions. But for Zikode, the South African constitution is a “beautiful document on a shelf”.

“For the working class and the poor, it’s still difficult to have access to court. You’ve got to have money to get to court,” he says. 

The actions by municipal law enforcement are breaking down social trust, says Buhle Booi, a member of the Khayelitsha Community Action Network, a community group in the largest township in Cape Town.

“There’s a lack of police resources and those very few police resources that they have, they use to destroy people’s homes, to destroy people’s peace, rather than fighting crime, real criminal elements that we see in our society,” Booi says.

For him, it’s a continuation of the practices of the colonial and apartheid governments, pushing poor people, most of whom are Black, to the periphery of cities.

Around one-fifth of South Africa’s urban population live in shacks or informal dwellings, according to a 2018 report by SERI. Many more live in substandard housing. City governments maintain that the shacks destroyed during anti-land invasion operations are unfinished and unoccupied. But Edward Molopi, a research and advocacy officer at SERI, says that this claim is an attempt to escape their legal obligations to get a court order and to find alternative accommodation for affected people. 

The roots of the current eviction crisis go back to apartheid, which barred non-white people from living in cities. Between the 1940s and 1970s, tens of thousands of people were forcibly relocated from neighbourhoods like Johannesburg’s Sophiatown and Cape Town’s District Six to remote townships.

In the 26 years following the end of apartheid, deepening economic inequality and rampant unemployment have limited access to formal housing for millions of South Africans. Government housing programs have mostly focused on building small stand-alone homes, often on the peripheries of cities far from jobs and amenities.

While these well-intentioned projects have built millions of homes, they’ve failed to keep up with demand, says Marie Huchzermeyer, a professor at the Centre for Urbanism & Built Environment Studies at the University of the Witwatersrand in Johannesburg. Government-funded housing projects “will never on it’s own be enough,” she says. “It has to be accompanied by land release.”

Government policies call for the “upgrading” of informal settlements and the formalization of residents’ occupation. But “there are still very, very, very few projects” of that nature in South Africa, Huchzermeyer says. “Even if it’s an informal settlement that’s been around for 20 years, there still seems to be a political wish to punish people for having done that.” The government wants people to go through the formal process of being given a house, she says – and for them to be thankful to the government for providing it.

At the municipal level, change will require “real leadership around informal settlement upgrading and around ensuring that land is available for people to occupy,” she says. 

Despite the end of enforced racial segregation, spacial apartheid remains a factor in South Africa. There are few mixed-income neighbourhoods. Those who can afford to often live behind walls in sprawling low-density suburbs, while the poor live in overcrowded slums and apartment buildings.

The creation of the apartheid city “didn't happen by chance,” says Amira Osman, a professor of architecture at the Tshwane University of Technology. “It was a deliberate, structured approach to the design of the city. We need a deliberate, structured approach that will undo that.”

Since last fall, Johannesburg’s Inclusionary Housing Policy has required developments of 20 or more units to set aside 30% of those units for low-income housing.

The policy, which faced significant opposition from private developers, won’t lead to dramatic change, says Sarah Charlton, a professor at the Centre for Urbanism and Built Environment Studies, but it is “an important and significant step.”

Zikode isn’t optimistic that change will come for shack dwellers, however.

“People in the high positions of authority pretend that everything is normal,” he says. “They pretend that everyone is treated justly, they pretend that everyone has homes with running water, that everyone has a piece of land – and hide the truth and the lies of our democracy.”

Jacob Serebrin is a freelance journalist currently based in Johannesburg. Follow him on Twitter.