Saved in:
Bibliographic Details
Main Authors: Fu, Weiwei, Huang, Heqing, Zhang, Yifan, Zhang, Ke, Huang, Jin, Lee, Wei-Bin, Wang, Jianping
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2408.05694
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909284466425856
author Fu, Weiwei
Huang, Heqing
Zhang, Yifan
Zhang, Ke
Huang, Jin
Lee, Wei-Bin
Wang, Jianping
author_facet Fu, Weiwei
Huang, Heqing
Zhang, Yifan
Zhang, Ke
Huang, Jin
Lee, Wei-Bin
Wang, Jianping
contents With the increasing adoption of autonomous vehicles, ensuring the reliability of autonomous driving systems (ADSs) deployed on autonomous vehicles has become a significant concern. Driving simulators have emerged as crucial platforms for testing autonomous driving systems, offering realistic, dynamic, and configurable environments. However, existing simulation-based ADS testers have largely overlooked the reliability of the simulators, potentially leading to overlooked violation scenarios and subsequent safety security risks during real-world deployment. In our investigations, we identified that collision detectors in simulators could fail to detect and report collisions in certain collision scenarios, referred to as ignored collision scenarios. This paper aims to systematically discover ignored collision scenarios to improve the reliability of autonomous driving simulators. To this end, we present ICSFuzz, a black-box fuzzing approach to discover ignored collision scenarios efficiently. Drawing upon the fact that the ignored collision scenarios are a sub-type of collision scenarios, our approach starts with the determined collision scenarios. Following the guidance provided by empirically studied factors contributing to collisions, we selectively mutate arbitrary collision scenarios in a step-wise manner toward the ignored collision scenarios and effectively discover them. We compare ICSFuzz with DriveFuzz, a state-of-the-art simulation-based ADS testing method, by replacing its oracle with our ignored-collision-aware oracle. The evaluation demonstrates that ICSFuzz outperforms DriveFuzz by finding 10-20x more ignored collision scenarios with a 20-70x speedup. All the discovered ignored collisions have been confirmed by developers with one CVE ID assigned.
format Preprint
id arxiv_https___arxiv_org_abs_2408_05694
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle ICSFuzz: Collision Detector Bug Discovery in Autonomous Driving Simulators
Fu, Weiwei
Huang, Heqing
Zhang, Yifan
Zhang, Ke
Huang, Jin
Lee, Wei-Bin
Wang, Jianping
Cryptography and Security
With the increasing adoption of autonomous vehicles, ensuring the reliability of autonomous driving systems (ADSs) deployed on autonomous vehicles has become a significant concern. Driving simulators have emerged as crucial platforms for testing autonomous driving systems, offering realistic, dynamic, and configurable environments. However, existing simulation-based ADS testers have largely overlooked the reliability of the simulators, potentially leading to overlooked violation scenarios and subsequent safety security risks during real-world deployment. In our investigations, we identified that collision detectors in simulators could fail to detect and report collisions in certain collision scenarios, referred to as ignored collision scenarios. This paper aims to systematically discover ignored collision scenarios to improve the reliability of autonomous driving simulators. To this end, we present ICSFuzz, a black-box fuzzing approach to discover ignored collision scenarios efficiently. Drawing upon the fact that the ignored collision scenarios are a sub-type of collision scenarios, our approach starts with the determined collision scenarios. Following the guidance provided by empirically studied factors contributing to collisions, we selectively mutate arbitrary collision scenarios in a step-wise manner toward the ignored collision scenarios and effectively discover them. We compare ICSFuzz with DriveFuzz, a state-of-the-art simulation-based ADS testing method, by replacing its oracle with our ignored-collision-aware oracle. The evaluation demonstrates that ICSFuzz outperforms DriveFuzz by finding 10-20x more ignored collision scenarios with a 20-70x speedup. All the discovered ignored collisions have been confirmed by developers with one CVE ID assigned.
title ICSFuzz: Collision Detector Bug Discovery in Autonomous Driving Simulators
topic Cryptography and Security
url https://arxiv.org/abs/2408.05694