Hackers could engineer traffic jams, by using their cars to lie to smart traffic lights

Uhoh. Image: Getty.

The day when cars can talk to each other – and to traffic lights, stop signs, guardrails and even pavement markings – is rapidly approaching. Driven by the promise of reducing traffic congestion and avoiding crashes, these systems are already rolling out on roads around the U.S.

For instance, the Intelligent Traffic Signal System, developed with support from the U.S. Department of Transportation, has been tested on public roads in Arizona and California and is being installed more widely in New York City and Tampa, Florida. It allows vehicles to share their real-time location and speed with traffic lights, which can be used to effectively optimise the traffic timing in coordination with the real-time traffic demand to dramatically reduce vehicle waiting time in an intersection.

Our work, from the RobustNet Research Group and the Michigan Traffic Laboratory at the University of Michigan, focuses on making sure these next-generation transportation systems are secure and protected from attacks. So far we’ve found they are in fact relatively easy to trick. Just one car that’s transmitting fake data can cause enormous traffic jams, and several attack cars could work together to shut down whole areas. What’s particularly concerning is that our research has found the weakness is not in the underlying communication technology, but in the algorithms actually used to manage the traffic flow.

Misleading an algorithm

In general, algorithms are meant to take in a variety of inputs – such as how many cars are in various locations around an intersection – and calculate an output that meets a particular goal – such as minimising their collective delay at traffic lights. Like most algorithms, the traffic control algorithm in Intelligent Traffic Signal System – nicknamed “I-SIG” – assumes the inputs it’s getting are honest. That’s not a safe assumption.

The hardware and software in modern cars can be modified, either physically through the car’s diagnostic ports or over wireless connections, to instruct a car to transmit false information. Someone who wanted to compromise the I-SIG system could hack her own car using such methods, drive to a target intersection and park nearby.


Once parked near the intersection, we’ve found that the attacker could take advantage of two weaknesses in the algorithm controlling the light to extend the time a particular lane of traffic gets a green light – and, similarly, the time other lanes get red lights.

The first vulnerability we found, which we call “last vehicle advantage,” is a way of extending the length of a green-light signal. The algorithm keeps an eye on approaching cars, estimates how long the line of cars is and determines how long it thinks it will take for all the vehicles in a line of traffic to get through the intersection. This logic helps the system serve as many vehicles as possible in each round of light changes, but it can be abused. An attacker can instruct her car to falsely report joining the line of cars very late. The algorithm will then hold the attacked light green long enough for this nonexistent car to pass, leading to a green light – and correspondingly, red lights for other lanes – that is much longer than needed for the actual cars on the road.

We called the second weakness we found the “curse of the transition period,” or the “ghost vehicle attack”. The I-SIG algorithm is built to accommodate the fact that not all vehicles can communicate yet. It uses the driving patterns and information of newer, connected cars to infer the real-time location and speed of older, noncommunicating vehicles. Therefore, if a connected car reports that it is stopped a long distance back from an intersection, the algorithm will assume there is a long line of older vehicles queuing ahead of it. Then the system would allocate a long green light for that lane because of the long queue it thinks is there, but really isn’t.

These attacks happen by making a device lie about its own position and speed. That’s very different from known cyberattack methods, like injecting messages into unencrypted communications or having an unauthorised user logging in with a privileged account. Therefore, known protections against those attacks can do nothing about a lying device.

Results from a misinformed algorithm

Using either of these attacks, or both in concert with each other, can allow an attacker to give long periods of green lights to lanes with little or no traffic and longer red lights to the busiest lanes. That causes backups that grow and grow, ultimately building into massive traffic jams.

A congestion attack on a traffic signal control system.

This sort of attack on traffic lights could be just for fun or for the attacker’s own benefit. Imagine, for example, a person who wants to have a faster commute adjusting his own traffic-light timing, at the expense of other drivers’ delays. Criminals, too, might seek to attack traffic lights to ease their getaways from crime scenes or pursuing police cars.

There are even political or financial dangers: a coordinated group could shut down several key intersections in a city and demand a ransom payment. It’s much more disruptive, and easier to get away with, than other ways of blocking intersections, like parking a car across traffic.

Because this type of attack exploits the smart traffic control algorithm itself, fixing it requires joint efforts from both transportation and cybersecurity fields. This includes taking into account one of the broadest lessons of our work: the sensors underlying interactive systems, such as the vehicles in the I-SIG system, aren’t inherently trustworthy. Before engaging in calculations, algorithms should attempt to validate the data they’re using. For example, a traffic-control system could use other sensors – like in-road sensors already in use across the nation – to double-check how many cars are really there.

This is just the beginning of our research into new types of security problems in the smart transportation systems of the future, which we hope will both discover weaknesses and identify ways to protect the roads and the drivers on them.

Qi Alfred Chen, Ph.D. Candidate in Computer Science and Engineering, University of Michigan and Z. Morley Mao, Professor of Electrical Engineering and Computer Science, University of Michigan

This article was originally published on The Conversation. Read the original article.

 
 
 
 

British television once sounded like Britain. But then, the ITV mergers happened

The Granada Studios, Quay Street, Manchester. Image: Wikimedia Commons.

This summer, several ITV franchises celebrated half a century of continuous operation. There was a Yorkshire Television themed cake, and a flag bearing the company’s logo was flown over ITV’s Yorkshire base for a time. It was all very jolly – but while a few people beyond Britain’s small community of television historians and old telly nerds engaged with the idea, any excitement was brief.

The main reason for is not, as you might assume, that, in the era of streaming and so forth, ITV is no longer a dominant presence in many people’s cultural lives: even the quickest of glances at the relevant figures would tell you otherwise. No, it’s because the mere existence of ITV’s franchises is now passing out of common memory. They are the trademarks, literally rather than figuratively, of a version of ITV that today exists only nominally.

For most of its history, ITV operated on a federal model. ITV wasn’t a company, it was a concept: ‘Independent Television’, that is, television which was not the BBC.

It was also a network, rather than a channel – a network of multiple regional channels, each of which served a specific area of the UK. Each had their own name and onscreen identity; and each made programmes within their own region. They were ITV – but they were also Yorkshire, Granada, Grampian, Thames, and so on.

So when I was a child growing up the in Midlands in the ‘80s, no one at school ever said “ITV”: they said “Central”, because that’s what the channel called itself on air, or “Channel Three” because that’s where it was on the dial. To visit friends who lived in other regions was to go abroad – to visit strange lands where the third channel was called Anglia, and its logo was a bafflingly long film sequence of a model knight rotating on a record turntable, where all the newsreaders were different and where they didn’t show old horror films on Friday nights.

The ITV regions as of 1982, plus Ireland. Image: Wikimedia Commons.

Of course, there were programmes that were shown across the whole network. Any station, no matter in what part of the country, would be foolish not to transmit Coronation Street during the period where it could persuade nearly half the population to tune in. But even The Street wasn’t networked from the beginning: it started in six of the then eight ITV regions, and rolled out to the other two after a few months when it became clear the series was here to stay.

This was a common occurrence: The Avengers, one of the few ITV series to genuinely break America, began in an even more limited number of regions in the same year, with other areas scrambling to catch up when the programme became a hit.

The idea behind ITV’s structure was that the regions would compete with each other to put programmes on the network, opting in and out of others’ productions as worked best for them. ITV was, after all, an invention of a 1950s Conservative government that was developing a taste for the idea of ‘healthy competition’ even as it accepted the moral and practical case for a mixed economy. The system worked well for decades: in 1971, for example, the success of London Weekend Television’s Upstairs, Downstairs, creatively and commercially, and domestically and internationally, prompted other regions to invest in high end period dramas so as to not look like a poor relation.


Even away from prestige productions there was, inexplicable as it now seems, a genuine sense of local pride when a hit programme came from your region. That Bullseye was made on Broad Street in Birmingham was something that people knew. That 17.6m people watched the 1984 Xmas special, making it one of the ten most watched programmes of the year, made Bully a sort of local hero. In more concrete terms, Bullseye and other Birmingham based programmes provided jobs, and kept that part of the country visible from all others. This was true of all areas, and from all areas.

ITV franchises would often make programmes that were distinctive to, or set in, their region. Another of Central’s late eighties hits was Boon. It might have starred the cockney-sounding Michael Elphick, but it was filmed and set in Birmingham, just as Central’s predecessor ATV’s Public Eye had been at the end of the sixties. In Tales of the Unexpected, one of the poorest and smallest ITV regions, the aforementioned Anglia, made a bona fide international hit, largely filmed in transmission area, too. HTV produced a string of children’s series set in its south west catchment area, including some, such as The Georgian House, that examined the way the area had profited from the slave trade.

There was another element of ‘competition’ in the structure of ITV as originally conceived: the franchises were not for life. Every few years, a franchise round would come along, forcing the incumbent stations to bid to continue its own existence against other local offerings.

The process was no simple auction. Ministers were empowered to reject higher financial bids if they felt a lower bid offered other things that mattered: local employment or investment, programming plans that reflected the identity of the region they were bidding to serve, or simply higher quality programmes.

Yorkshire Television itself owes its existence to just such a franchise round: the one that followed a 1967 decision by regulator IBA that Granada, until then the holder of a pan-northern England licence, was insufficiently local to Yorkshire. For a decade, commissioning and production had been concentrated in Manchester, with little representation of, or benefit for, the other side of the Pennines. IBA’s decision was intended to correct this.

Yorkshire existed in practical terms for almost exactly 40 years. Its achievements included Rising Damp, the only truly great sitcom ever made for ITV.

But in 1997 it was, ironically, bought out by Granada, the company who had had to move aside in order for it to be created. What had changed? The law.

In 1990, another Conservative government, one even keener on competition and rather less convinced of the moral and practical case for a mixed economy, had changed the rules concerning ITV regions. There was still a ‘quality threshold’ of a sort – but there was less discretion for those awarding the franchises. Crucially, the rules had been liberalised, and the various ITV franchises that existed as of 1992 started buying out, merging with and swallowing one another until, in 2004, the last two merged to form ITV plc: a single company and a single channel.

The Yorkshire Television birthday cake. Image: ITV.

Yorkshire Television – or rather ITV Yorkshire as it was renamed in 2006 – is listed at Companies House as a dormant company, although it is still the nominal holder of the ITV licence for much of Northern England. Its distinctive onscreen identity, including the logo, visible on the cake above, disappeared early this century, replaced by generic ITV branding, sometimes with the word Yorkshire hidden underneath it, but often without it. Having once been created because Manchester was too far away, Yorkshire TV is now largely indistinguishable from that offered in London. (It is more by accident of history than anything else that ITV retains any non-London focus at all; one of the last two regions standing was Granada.)

The onscreen identities of the all the other franchises disappeared at roughly the same time. What remained of local production and commissioning followed. Regional variations now only really exist for news and advertising. TV is proud that is can offer advertisers a variety of levels of engagement, from micro regional to national: it just doesn’t bother doing so with programming or workforce any more.

Except for viewers in Scotland. Curiously, STV is an ITV franchise which, for reasons too complicated to go into here, doesn’t suffer from the restrictions/opportunities imposed by upon its English brethren in 1990. It also – like UTV in Northern Ireland, another complex, special case – Its own onscreen identity. Nationalism, as it so often does, is trumping regionalism – although it was not all that long ago that Scotland had multiple ITV regions, in recognising its own lack homogeneity and distinct regions, while respecting its status as a country.


As is often observed by anyone who has thought about it for more than four seconds, the UK is an almost hilariously over-centralised country, with its political, financial, administrative, artistic and political centres all in the same place. Regionalised television helped form a bulwark against the consequences of that centralisation. Regional commissioning and production guaranteed that the UK of ITV looked and sounded like the whole of the UK. The regions could talk about themselves, to themselves and others, via the medium of national television.

The idea of a federal UK crops up with increasing frequency these days; it is almost inconceivable that considerable constitutional tinkering will not be required after the good ship UK hits the iceberg that is Brexit, and that’s assuming that Northern Ireland and Scotland remain within that country at all. If the UK is to become a federation, and many think it will have to, then why shouldn’t its most popular and influential medium?

A new Broadcasting Act is needed. One that breaks up ITV plc and offers its constituent licences out to tender again; one that offers them only on the guarantee that certain conditions, to do with regional employment and production, regional commissioning and investment, are met.

Our current national conversation is undeniably toxic. Maybe increasing the variety of accents in that conversation will help.

Thanks to Dr David Rolinson at the University of Stirling and britishtelevisiondrama.org.uk.