Research on Attack Risk Analysis and Testing Verification Method for LiDAR in the Environmental Perception Layer of Autonomous Driving

Abstract

Environmental perception is the core foundation for the operation of autonomous driving systems. With advantages such as high-precision 3D ranging and resistance to light interference, LiDAR has become a key sensor for environmental perception in high-level autonomous driving. As the level of autonomous driving continues to improve, the number and density of in-vehicle LiDAR deployments continue to increase, and its operational safety directly determines the driving safety of the entire vehicle. LiDAR realizes environmental modeling by transmitting and receiving laser beams, and has potential attack risks of being interfered, spoofed, and suppressed by the outside world at the physical layer, link layer, and protocol layer, which may lead to problems such as target missed detection, false alarms, trajectory distortion, and perception failure, and then trigger safety accidents such as vehicle sudden braking, abnormal detouring, and collisions. Current autonomous driving functional safety and information security standards have insufficient test coverage for active attack risks of LiDAR, lacking a systematic risk analysis framework and engineering testing verification process. This paper conducts systematic research on the attack risks of LiDAR in the environmental perception layer of autonomous driving, sorts out typical attack methods such as physical interference, protocol attacks, and point cloud data poisoning, analyzes the influence mechanism of various attacks on perception algorithms and driving safety, constructs a multi-scenario and multi-dimensional attack risk testing verification method, and forms a complete testing system including attack simulation, data collection, effect quantification, and security evaluation. Verified through joint testing of real vehicles and simulation platforms, this method can effectively reproduce the typical attack effects of LiDAR and quantify the perception performance attenuation indicators, providing theoretical basis and engineering practice reference for the safety design, risk evaluation, and protection hardening of autonomous driving LiDAR.