Agreed that this seems like the bigger problem. Do you guys have video from inside the car of the intervention? I'm confused about why you could not stop the car from leaving the road! It seems like it would be straightforward with extremely fast reactions (which presumably you would have if you were expecting the car to veer off the road).
The car deviation occurred instantly as soon as the spoofing signal was picked up by the Tesla's GNSS receiver, the right turn, slow down and wheel spinning was a matter of 1-2 seconds because the Model 3 assumed it is a just about to miss the exit. This combined with the fact there was a 'dotted' white line to the right of the car in that exact moment (the turn to the pit stop) meant the car was instantly turning, and that it was too late to grab the wheel and attempt to turn left back to the highway. It was all really fast and by the time the car did the small right turn it already passed the dotted line and it was no longer possible to return to the highway lane at that point. - I hope that makes sense, the wording in the media has some dramatization and that creates confusion. (This
blog post makes it a lot clearer)
And to be honest we did not expect it to happen so fast, any spoofing attempt we did on Model S, for example, wasn't instant and there was some delay between signal transmission and navigation effect. So despite being alert, it would take most Tesla drivers by surprise.
As you would probably agree, many veteran Tesla drivers that use AP often, tend to be less alert since they trust the system to perform properly. This is true to all lvl 2+ autonomy drivers. You can't expect people to be 100% alert at all times, at some point, road attention gives away to fatigue, mobile phone usage or just drifting in thoughts... we can't count on the human factor for the long run if we want the AV revolution to succeed.
And remember the main issue here is not the current Tesla AP systems, which require driver attention at all times. The main concern is this provides ALL automotive companies with an idea of how dangerous it is to utilize GNSS for navigation decisions. It might not jeopardize the driver safety directly, but it means an attacker could externally and remotely force a car to take a turn it is not supposed to take. (And accelerate\decelerate as well). And that is the good case scenario, some cars we tested use GNSS for speed limit information and this can cause them driving 100 MPH on a 30 MPH road which means that by the time they reach that unexpected little town intersection they won't be able to break in time.
This is something both Regulation and the automotive industry should prepare for and plan to protect against. Either by findings mitigation methods by relying upon other sensors or by using anti-spoofing technologies on the GNSS receiver.
P.S. Cameras, Radar and LiDAR can also be spoofed, some quite easily. So sensor cybersecurity, in general, is a crucial aspect for AV safety.