STPA-Sec Applied to Path Planning: Quantum-Safe Autonomous Vehicles
Abstract
Autonomous vehicles and quantum computers are two emerging technologies that will transform our world in the not-too-distant future. This thesis examines the safety and security of autonomous vehicles in a world where adversaries have access to large-scale quantum computers. Large-scale quantum computers are relevant to automotive security because they can defeat the cryptographic foundation underlying critical safety systems such as path planning, perceptual unit, braking, steering, and engine electronic control units (ECUs). Peter Shor discovered a quantum computer algorithm in 1994 that can defeat modern-day public-key cryptography, including digital signatures (e.g., RSA, EdDSA), due to the algorithm’s ability to factor large numbers and find discrete logarithms efficiently [23]. According to existing mathematical theory, classical computers cannot factor large numbers or find discrete logarithms efficiently. The critical insight derived from this thesis is that an adversary can defeat an autonomous vehicle’s security of safety-critical systems with a large-scale quantum computer. In particular, the digital signatures used for authentication of over-the-air (OTA) software updates can be forged by an adversary with a large-scale quantum computer which, in the worst-case scenario, could enable a fleet-wide hack of an autonomous vehicle system potentially compromising a million vehicles simultaneously. The thesis explicitly identifies Tesla as a significant risk through their use of
Ed25519, a discrete logarithm-based digital signature for OTA software updates [77], [78], [79]. Likely, most automotive manufacturers are at risk, but Tesla was the only company whose digital signature protocols were found to be publicly available on the internet. The analysis was completed using STPA-Sec (System-Theoretic Process Analysis for Security), an engineering risk management framework for identifying safety issues caused by security breaches. Overviews of quantum computing and quantum-safe cryptography are given. In addition, a Monte Carlo simulation framework is proposed to estimate the probability and severity of a large-scale quantum computer attack on autonomous vehicles. In addition to outlining the attack, countermeasures are provided to mitigate the risk, such as automotive companies upgrading to quantum-safe cryptography that NIST is currently standardizing. The NIST standardization is scheduled for completion in 2024. If automotive companies upgrade to quantum-safe cryptography, the risk against known attacks is eliminated, but there is a residual risk regarding currently unknown attacks. There is a reasonable amount of time to mitigate this risk as large-scale quantum computers are not expected to exist until the end of the decade. However, the section on quantum cyber risk analytics focuses on estimating the risk in the worst 1 in 1,000 chance scenario. Based on a model that estimates quantum risk, whose details including assumptions are outlined in Chapter 11, the central insight from the analytics is that there is an approximate 99 in 100 chance the RSA-2048 will be broken in 24 hours within the next 15 years in the worst 1 in 1,000 chance scenario. A vision of a quantum-safe and quantum-enhanced autonomous vehicle future is painted where quantum computers and quantum sensors may significantly enhance many aspects of autonomous vehicles. Recommendations to improve STPA-Sec are provided. The main contributions of this work are identifying a worst-case scenario where a million cars could be compromised by an adversary with access to a large-scale quantum computer, conducting a formal STPA-Sec analysis on the path planning control loop of an autonomous vehicle in the presence of an adversary with a large-scale quantum computer, providing suggestions on how to improve STPA-Sec, and the section on quantum risk management. In particular, conducting the first known quantum stress test by estimating the risk of the worst 1 in 1,000 chance scenario for RSA-2048 to be broken in 24 hours within 15, 20, and 30 years completes the contributions of this thesis.
Collections
Cite this version of the work
David Jepson
(2022).
STPA-Sec Applied to Path Planning: Quantum-Safe Autonomous Vehicles. UWSpace.
http://hdl.handle.net/10012/18263
Other formats
Related items
Showing items related by title, author, creator and subject.
-
Experimental prospects for detecting the quantum nature of spacetime
Corona Ugalde, Paulina (University of Waterloo, 2017-09-21)This thesis is concerned with advancing the confrontation between relativistic quantum information (RQI) and experiment. We investigate the lessons that some present-day experiments can teach us about the relationship ... -
Exotic Circuits for Enhanced Quantum Algorithms and Computation
Chan, Albie (University of Waterloo, 2023-08-09)Quantum circuits play an essential role in many disciplines of quantum information science. They can not only be represented in the traditional gate-based paradigm, but also an alternative measurement-based paradigm. The ... -
Transmitting Quantum Information Reliably across Various Quantum Channels
Ouyang, Yingkai (University of Waterloo, 2013-05-01)Transmitting quantum information across quantum channels is an important task. However quantum information is delicate, and is easily corrupted. We address the task of protecting quantum information from an information ...