Recent studies reveal that Autonomous Vehicles (AVs) can be manipulated by hidden backdoors, causing them to perform harmful actions when activated by physical triggers. However, it is still unclear how these triggers can be activated while adhering to traffic principles. Understanding this vulnerability in a dynamic traffic environment is crucial. This work addresses this gap by presenting physical trigger activation as a reachability problem of controlled dynamic system. Our technique identifies security-critical areas in traffic systems where trigger conditions for accidents can be reached, and provides intended trajectories for how those conditions can be reached. Testing on typical traffic scenarios showed the system can be successfully driven to trigger conditions with near 100% activation rate. Our method benefits from identifying AV vulnerability and enabling effective safety strategies.

翻译：最新研究表明，自动驾驶车辆（AVs）可能被隐藏后门操纵，在物理触发器激活时执行有害行为。然而，在遵循交通原则的前提下如何实现这些触发器的激活仍不明确。理解这一动态交通环境中的漏洞至关重要。本研究通过将物理触发器激活表述为受控动态系统的可达性问题来填补这一空白。我们的技术能够识别交通系统中可达到事故触发条件的安全关键区域，并提供实现这些条件的预期轨迹。在典型交通场景下的测试表明，系统能以近100%的激活率成功驱动至触发条件。本方法有助于识别自动驾驶车辆漏洞并制定有效的安全策略。