Autonomous vehicles are believed to be the next disruptive technology, but there is evidence that their marriage with AI may be complicated since the current intelligent systems are not robust to adversarial attacks. Such attacks manipulate the environments used for Reinforcement Learning systems and cause the resulting controllers to embed backdoors that produce target (malicious) actions when a visual trigger is present. This study is the basis for exploring the vulnerability of existing deep RL systems, and a necessity for counterfactual reasoning to achieve robust AI
The objective of this research is to identify the presence of a specific, but potentially catastrophic, mathematical characteristic within a key machine learning aspect of the control system of autonomous vehicles. The conclusions of the study point to the presence of a mechanism in which a malicious adversary could include a seemingly undetectable backdoor into the controller of the autonomous car, enabling them to hack it at a strategic time. The identification of this threat enables autonomous car makers to hold off on the deployment of their fleet until a solution is identified. Future work entails optimizing the mechanism for injecting the backdoor, as well as developing a solution.