Robotic Vehicles (RVs) have gained great popularity over the past few years. Meanwhile, they are also demonstrated to be vulnerable to sensor spoofing attacks. Although a wealth of research works have presented various attacks, some key questions remain unanswered: are these existing works complete enough to cover all the sensor spoofing threats? If not, how many attacks are not explored, and how difficult is it to realize them? This paper answers the above questions by comprehensively systematizing the knowledge of sensor spoofing attacks against RVs. Our contributions are threefold. (1) We identify seven common attack paths in an RV system pipeline. We categorize and assess existing spoofing attacks from the perspectives of spoofer property, operation, victim characteristic and attack goal. Based on this systematization, we identify 4 interesting insights about spoofing attack designs. (2) We propose a novel action flow model to systematically describe robotic function executions and unexplored sensor spoofing threats. With this model, we successfully discover 103 spoofing attack vectors, 26 of which have been verified by prior works, while 77 attacks are never considered. (3) We design two novel attack methodologies to verify the feasibility of newly discovered spoofing attack vectors.

翻译：机器人车辆近年来受到广泛关注，同时被证实易受传感器欺骗攻击。尽管大量研究工作已提出多种攻击方案，但若干关键问题仍未解决：现有工作是否足以覆盖所有传感器欺骗威胁？若不足以覆盖，尚未探索的攻击类型有多少？实现这些攻击的难度如何？本文通过系统化梳理机器人车辆传感器欺骗攻击的知识体系，回答了上述问题。我们的贡献包括三个方面：（1）识别出机器人车辆系统流程中的七种常见攻击路径，从欺骗者属性、操作方式、受害者特征及攻击目标四个维度对现有欺骗攻击进行分类评估，并基于这一系统化框架总结出关于欺骗攻击设计的四个重要见解；（2）提出新型动作流模型以系统化描述机器人功能执行过程及未探索的传感器欺骗威胁，通过该模型成功发现103种欺骗攻击向量，其中26种已被先前工作验证，77种攻击从未被考虑；（3）设计两种新型攻击方法论以验证新发现欺骗攻击向量的可行性。