You Can Trick Self-Driving Cars By Defacing Street Signs

An anonymous reader quotes a report from Bleeping Computer: A team of eight researchers has discovered that by altering street signs, an adversary could confuse self-driving cars and cause their machine-learning systems to misclassify signs and take wrong decisions, potentially putting the lives of passengers in danger. The idea behind this research is that an attacker could (1) print an entirely new poster and overlay it over an existing sign, or (2) attach smaller stickers on a legitimate sign in order to fool the self-driving car into thinking it's looking at another type of street sign. While scenario (1) will trick even human observers and there's little chance of stopping it, scenario (2) looks like an ordinary street sign defacement and will likely affect only self-driving vehicles. Experiments showed that simple stickers posted on top of a Stop sign fooled a self-driving car's machine learning system into misclassifying it as a Speed Limit 45 sign from 67% to 100% of all cases. Similarly, gray graffiti stickers on a Right Turn sign tricked the self-driving car into thinking it was looking at a Stop sign. Researchers say that authorities can fight such potential threats to self-driving car passengers by using an anti-stick material for street signs. In addition, car vendors should also take into account contextual information for their machine learning systems. For example, there's no reason to have a certain sign on certain roads (Stop sign on an interstate highway).

Stop sign on interstate highway

Bwahahaa!

Re:Stop sign on interstate highway

[WillgasM]

Imagine a mugger leaving a trail of "one way" and no right turn signs leading you to a stop sign in some dark alley.

dumb machines

It should be the easiest thing in the world to classify street signs using an *algorithm*. They are a specific size, specific shape, specific color, and have writing on them. More than that, the writing is limited to a set of a few dozen variations. Given so many different ways to identify and cross-check identification, it should be nearly impossible to misclassify.

This just proves their "machine learning" is total shit.

Re:dumb machines

[Rick+Schumann]

My point exactly. So-called 'machine learning' doesn't actually think. Your dog has better cognitive capability. This 'technology' is being rushed way too quickly to market.

Re:dumb machines

signs vary from state to state, and even city to city in many cases,there are more signs than just the handful people think of off hand.. and all of them are relevant.

Re:dumb machines

[epyT-R]

TFS makes this point.. Deface a sign enough and it fails inspection as a sign. Now the intersection has no stop sign as far as the computer's concerned.

Things like this are exactly the kind of corner cases their 'AI' will never be able to deal with, at least not with current solutions.

Re: dumb machines

[fluffernutter]

Compound that by the number of various markers that any construction company may use at a site. There must be a thousand different markers that guide traffic, placed on only losely standard ways.

Re:dumb machines

[mikael]

It's not just street signs. I've seen double decker buses decorated with advertising in the style of street signs and other vehicles:
http://l450v.alamy.com/450v/cb...

http://www.atmediaoutdoor.com/...
http://l7.alamy.com/zooms/42e4...
http://www.edinphoto.org.uk/0_...
Some countries actually hire artists to decorate roads and buildings with optical illusion style art:

http://www.dailymail.co.uk/tra...

Re: dumb machines

Will humans?

Re: dumb machines

[arth1]

Will humans?

Human drivers deal with it every day, and mostly successfully.
There's a diner nearby that has a stop sign Humans know it's not real because of the store logo above it and the "for a cup of coffee" below it. A bit down the road, someone placed a route sign in front of a speed sign, so it looks like the speed limit is 212. Then there's the sign that's been shotgunned regularly.

Re: dumb machines

That post was clearly written by a machine learning system.

Re:dumb machines

[ShanghaiBill]

Except that deep ANNs have way better accuracy for OCR and image recognition than hard coded algorithms.

You can also trick humans by defacing and modifying signs.

Re:dumb machines

[ShanghaiBill]

Deface a sign enough and it fails inspection as a sign. Now the intersection has no stop sign as far as the computer's concerned.

Nonsense. SDCs are not designed with a single point of failure. When approaching an intersection they do all of the following:

1. Look for a sign or light.
2. Access map data, which shows it is an intersection ... and also says it requires a stop.
3. Access historical data for the intersection that shows other SDCs recently stopped there.
4. Look at the road markings and tire markings that indicate cross traffic.
If these data contradict each other, the SDC will do the safe thing and stop. It will also report the missing and defaced sign.
A human is more likely to drive through the intersection than an SDC.

The actual paper is here: https://arxiv.org/abs/1707.08945v3
They did NOT "trick" any SDCs, nor did they even try. They just defeated an algorithm that they assumed is similar to what SDCs use for #1 in the list above.

Re: dumb machines

did anyone think to teach the machine that a stop sign on a highway or in thebmiddle of a parking lot doeznt make sense?

Re:dumb machines

[Kaenneth]

And that'll fool radar and IR sensors?

Re:dumb machines

If an SDC has to access the mothership in order to drive then it isn't an SDC.

Re:dumb machines

Given that a truck apparently fooled a Tesla into thinking it was an overbridge, then yes potentially these things would fool the holistic system by being enough of one thing and not enough of another...

Re:dumb machines

[swillden]

This 'technology' is being rushed way too quickly to market.

I'd like to agree with you, particularly with respect to the semi-autonomous systems presently deployed. I argued for years that having a system that worked most of the time but expected the user to take over when necessary was extremely dangerous. But the thing is that human drivers are extremely dangerous. Tesla has very compelling data showing that, as half-baked as their system is, it's actually better than the human drivers that it's replacing. The same will be even more true of the first fully-autonomous vehicles.

The systems don't have to be perfect, they just have to be better, and the bar is not very high.

Re: dumb machines

My grandfather died at an intersection where a stop sign had been stolen.

People have trouble with bad signage, too. Is anybody surprised?

Re:dumb machines

[HornWumpus]

Dad: What idiot changed a 35 mph sign to 85?

Me thinking...not going to grin, not going to grin...

Re:dumb machines

[HornWumpus]

That's not what their data shows, that is their press release. Their data shows that autodrive is safer per car mile than humans in all driving situations, apples to oranges. It's twice as dangerous as human drivers on divided highways, there isn't direct data on 'autodrive' comparable human driving.

Re:dumb machines

[Z00L00K]

A human can often figure out when a sign is out of place and either ignore the faulty sign or even figure out the correct sign that should have been in place.

Re:dumb machines

[Z00L00K]

So if you cause interference to the GPS system and repaint a few signs and lines then you can cause one heck of a confusion.

Re:dumb machines

A human can often figure out when a sign is out of place and either ignore the faulty sign or even figure out the correct sign that should have been in place.

You'd think. Someone changed a couple of 80 signs on Mt Glorious Rd to 180 a while back. Weekend motorbike riders weren't smart enough to figure out they were defaced. Police were making a tidy sum and confiscating motorbikes there until DoT got around to replacing the signs.

Re:dumb machines

[Altrag]

Not if its done well. There was a 30 sign someone scratched out to be an 80 near my old house. You couldn't actually see the difference until you were maybe 20-30 feet away and the light started reflecting off the scratched part.

Missing a stop sign is a bit silly though. The shape and color of those is (intentionally) universal in pretty much all of the world, even when the actual text is written in the local language. That said, the stop sign symbol is used for many other things as well as actual stop signs (think of say a "Stop! We ID if you look under 100!" type things in liquor stores, for example.) So even with the red octagon being so universal, the algos probably still have to do some deduction to rules out cases where its been used a bit too universally. And any time there's an exception, someone will be able to figure it out and abuse it.

But you know what? The people who design these systems know what they're doing and whenever someone comes up with a new abuse, they tweak the algorithm (or train it a bit more or whatever) to avoid it in future. Self-driving cars are still (even with current incomplete development) significantly safer than human drivers. Software at least has to be tricked -- people do stupid things of their own volition.

Re:dumb machines

The systems don't have to be perfect, they just have to be better, and the bar is not very high.

The bar is very high.

a) Every individual is way better than the average driver. So beating the average driver isn't anything that makes autonomous ones really better.
b) Everyone has to pay their own insurance for their own perfect driving. For the autonomous one there's a kind globally centralized guilt.

Proof: Tesla accidents: A few dozens (something like that? at least more than none); my accidents: 0.

Re: dumb machines

Lake wobegon is calling.

Re:dumb machines

[TheRaven64]

Not sure about the US, but in the UK there are standard speed limits for different types of roads. Most of the time, the speed limit signs are simply a reminder that you're on a road of a particular kind. Occasionally, they override the default, but typically only by moving it up or down one standard increment on the scale (e.g. 30 to 20 or 50). I'm not surprised that it's easy to fool the computer vision algorithm that determines what the sign said (have a look some time at how bad computer vision is at detecting bicycles), but I would be very surprised if this isn't cross-referenced with a road-type database (Google Maps is pretty hit and miss here, but OpenStreetMap has correct classifications for all of the roads that I've seen in its database) for sanity checking. If the sign is significantly different from the road classification, disregard it entirely. If it's one step away, it's probably correct, but if you see another sign with a lower limit, choose that in preference).

Re:dumb machines

[TheRaven64]

signs vary from state to state, and even city to city in many cases

What kind of moronic system is that? The Vienna Convention on Road Signs and Signals was signed in 1968 and standardised road signs and is implemented by 68 countries (actually, a few more, as some implement it as a de-facto standard without ratifying the treaty).

Re:dumb machines

[Stuarticus]

Humans are so smart they frequently ignore signs altogether!

Re: dumb machines

[William+Baric]

Humans are so bad with signs that cities can make millions with tickets.

Re:dumb machines

[fisted]

Every individual is way better than the average driver.

Averages -- I don't think you understand them.

Re:dumb machines

[BasilBrush]

But he does understand psychology.

Re:dumb machines

[Calydor]

If you're causing interference to the GPS system the black helicopters are already on their way to check out what's going on.

Re:dumb machines

And for a few weeks, there was "very compelling data" showing that Aaron Judge is the greatest baseball player of all time and Tim Tebow is sure to become a baseball star. A few more weeks of data has done away with that. Funny how that works.

Re:dumb machines

[rkordmaa]

The "researchers" didn't use actual self driving car software, they used the most generic possible software you can set up yourself in half an hour. And they didn't even do proper setup of the system, let alone set up any basic sanity checking. All this paper demonstrates is that badly set up generic classifier is not good enough to control self driving cars. Duh, no shit Sherlock.

Re:dumb machines

[Sivaraj]

Humans can only depend on traffic signs on unfamiliar roads. But self-driving cars can access the road database and check the normal speed on that road, and may be able to guess possible issues with the street sign.

Re:dumb machines

[Cro+Magnon]

I've seen that! One of the signs in my area says 85. I don't think any human actually thinks that road IS 85, even if some of them try to drive that.

Re: dumb machines

[Cro+Magnon]

A missing stop sign can be a problem for humans. OTOH, a speed sign that appears to say 85, isn't a problem for any sane human (nobody would think 85 was an acceptable speed for a city street with businesses, pedestrians, and traffic lights).

Re:dumb machines

[Cederic]

How the fuck does that help when someone changes a sign with a 30 limit on it to read 80 in a pedestrian zone?
When someone sticks a cover over a Give Way sign causing the car to think it has right of way?
When a No Entry sign gets changed to look like a One Way sign?

All of those are a specific size, shape, colour and have writing or images on them. It wouldn't be misclassification, it would still be wrong.

Re:dumb machines

[Z00L00K]

Depends on where and how large the coverage is. There's one case already in Moscow.

Re:dumb machines

[swillden]

Bad use of statistics on one area does not imply that they're applied incorrectly everywhere.

Re:dumb machines

The Vienna Convention

Is that the one where they decided the signs should be made from cake?

Disclaimer: I am not sponsored by an Ice Cream manufacturer at all

but my wife is called Ola.

Re:dumb machines

[swillden]

Everyone has to pay their own insurance for their own perfect driving

The maker of a fully-autonomous self-driving system should be liable for any accidents caused by the system. It's not collective guilt, it should be built into the cost of the vehicle, and you should not have to pay for your own insurance to cover the manufacturer's liability.

Re:dumb machines

[Rick+Schumann]

The systems don't have to be perfect, they just have to be better, and the bar is not very high.

I keep hearing this 'argument', but let me tell you why it's irrelevant: self driving cars, especially ones with no controls for a human, take away our right to CHOICE. This is ALL ABOUT CHOICE. When you CANNOT control the vehicle you're travelling in, YOU NO LONGER HAVE ANY CHOICE. That is UNACCEPTABLE. I -- and most people, whether they have realized it yet or not -- will NOT TOLERATE having their choices taken away. IT IS HUMAN NATURE. Let me give you some examples of groups of people who have NO CHOICES in their lives: Convicts in prison. Small children. Mental institution patients. Kidnap victims. Hostages. Are you getting the idea?

No one will go for a box on wheels that has NO CONTROLS for a human driver. IT MUST HAVE THEM. There MUST BE a way to control the vehicle yourself. Voice control is not enough. A big red "STOP" button is not enough. Even if you ignore the FACT that so-called 'self driving cars' will NEVER be able to handle 100% of situations it encounters (and therefore, again, there MUST BE CONTROLS FOR A HUMAN DRIVER!) people will NOT TOLERATE something they can't control, that if it goes haywire can KILL THEM. Never. Ever. Anyone that says otherwise either doesn't understand, or has something wrong with them, that they LIKE having no control over their destiny.

Re:dumb machines

Lies, damned lies, and statistics.

I don't give a damn what someone's 'study' says. There is an obvious skew towards taking away people's driving privilege, and their CHOICES along with it, and giving it to half-assed 'self driving cars', because some dumbass politicians and beaurocrats are convinced it's 'better', when they don't even understand the technology.

Re:dumb machines

[swillden]

Sorry, lives trump feelings.

Re: dumb machines

[KGIII]

The octagon is the most common. It is not universal. Most counties use one of a few choices.

https://en.m.wikipedia.org/wik...

Some fun reading.

Re: dumb machines

[KGIII]

Nobody would think so?

Challenge accepted.

Re: dumb machines

[KGIII]

If that were true, we'd not be driving already.

Re:dumb machines

[vivian]

And yet you'll quite happily get into a plane driven by some guy you have never met before and probably won't eve see for the whole flight.

Re: dumb machines

[swillden]

Nonsense. Necessity trumps risk, as long as the risk is sufficiently small to be acceptable.

Re:dumb machines

[Rick+Schumann]

I'd rather trust trained, tested, experienced human pilots, who can and are held accountable for their actions, than JUST some half-assed so-called improperly named 'artificial intelligence' that doesn't even have the reasoning ability of a dog, and since it's not self-aware and has no sense of self preservation or any emotions whatsoever, by definition doesn't even have the capability to give a damn whether it -- and the human passengers -- live or die. Their so-called 'AI' has no 'skin in the game', as the saying goes, and neither does the programmer who wrote it. The plane goes down and everyone dies, *he* gets to live.

Re:dumb machines

[Rick+Schumann]

Pry the steering wheel from my cold, dead fingers. You will NOT take away MY CHOICES. Go be a slave if you like, I'll have none of it -- and neither will the majority of people.

Re:dumb machines

[swillden]

You will NOT take away MY CHOICES.

I have no interest in taking away your choices. You may not be allowed to exercise them on public roads, where they endanger other people, though.

neither will the majority of people

There you're dead wrong. There will be a sizable minority of middle-aged people who will want to drive themselves, but the new generation will come up seeing transportation as a utility. They'll start getting rides to school, to soccer practice, etc., in self-driving cars, without needing the assistance of their parents, and they'll grow up with no interest in driving themselves. I have a 16 year-old son who is already thinking that way; he's questioning whether or not it makes any sense for him to go to the effort of getting a driver's license, since he figures in a few years it won't be needed any more. The elderly, who have lost the reflexes and coordination for driving, will also appreciate it tremendously and adopt it immediately, as will people going home from bars, etc.

It'll take a generation or so after we have good self-driving systems, but within your lifetime (unless you're already in your 60s), manual driving will be rare, and soon after it will be outlawed on public roads as a threat to public safety. Because computers don't get tired, don't get distracted, don't get angry, can remain perfectly aware at all times of everything going on around them in every direction, and can communicate at light speed with all of the other nearby vehicles, and not with crude signals like "I'm probably going to turn", but with detailed information.

Protest all you like, SHOUT all you like, it's going to happen because it makes way too much sense. People who like driving will do it for fun in areas set aside for it, not for transportation.

Exactly like horses today, actually. They're ridden for pleasure and for very narrow, specialized purposes. Manually-driven automobiles will be the same.

Re:dumb machines

[Rick+Schumann]

You have no idea what you're talking about. The technology is being rushed to market by companies more interested in profit than safety, and politicians, beaurocrats, and the general public, none of which understand the technology in question, all think they're going to get "K.I.T.T." from the 80's TV series Knight Rider, not some half-assed piece of software with less cognitive capability than the family dog.

No matter. You're clearly and objectively wrong, I am right, and there will not be any 'self driving cars' with ZERO controls for a human driver, not in our lifetime, and not until there is fully human-level, REAL AI, not the half-assed thing they have now -- and that's the way it needs to be whether you like it or not. This is not TV, this is not the movies, your robotic English butler ain't driving you to work while you sip your Earl Grey. You'll be driving yourself the rest of your life, deal with it.

Easy

[SCVonSteroids]

You set up snipers in strategic locations across town to cover every and all traffic sign; and you shoot the fucker who dares get even close to it.

Re:Easy

[im_thatoneguy]

Yeah, in other shocking news, removing stop signs and shooting out stop lights can cause accidents!

Re:Easy

[PopeRatzo]

You set up snipers in strategic locations across town to cover every and all traffic sign; and you shoot the fucker who dares get even close to it.

Here in Texas, they just shoot the traffic sign and skip the middleman. Because freedom has to be irrigated by the blood of patriotic drivers in self-driving cars. Or something. I don't remember the exact quote, but it's in the Second Amendment or the Bible, I'm pretty sure.

https://s-media-cache-ak0.pini...

Re:Easy

[PopeRatzo]

Yeah, in other shocking news, removing stop signs and shooting out stop lights can cause accidents!

But what if the stop light draws first?

Re:Easy

[epyT-R]

Then you can label the traffic light a gun nut and ignore it.

Re:Easy

[fahrbot-bot]

Yeah, in other shocking news, removing stop signs and shooting out stop lights can cause accidents!

But what if the stop light draws first?

George Lucas will make new ones that don't.

Re:Easy

[fahrbot-bot]

Here in Texas, they just shoot the traffic sign and skip the middleman.

Way back in 1982 or so I drove from Tampa to Miami and went across the southern, west to east segment of Highway 75 in Florida -- I think it's known as Alligator Alley. Anyway, the road is basically straight all the way across Florida. Along the way were signs that said "Unlawful to discharge firearms within 1/2 mile of road". The signs had all been shot several times.

Re:Easy

[93+Escort+Wagon]

My wife and I drove from Seattle to Anchorage back in the late 1980s - her sister had gotten married, and we went up to meet her husband and his family. Not long after we crossed from Canada into Alaska, we started noticing that pretty much every road sign had been shot multiple times. It got worse, the further into Alaska we travelled. Along the stretch of highway that heads down the peninsula towards Anchorage, many of the signs had so many bullet holes that they were unreadable.

After meeting my (now ex-) brother-in-law and his friends, I ceased to be surprised at the state of the road signs - instead, I wondered why none of them had thought of destroying the signposts using automatic weapons.

Re:Easy

[HornWumpus]

10 years federal for unlicensed possession of one 'automatic' weapon. Intentionally bend the firing pin, so it slam fires, 10 years federal. It's no joke.

Besides it's just not sporting shooting signs with a machine gun. Might as well stop the truck and do it while sober. Where's the challenge in that?

Gotta be a trick shot, drunk as shit, lying in the bed of a truck doing 100 down a gravel road, over your shoulder, aiming with a mirror.

Re:Easy

Well, technically speaking, Greedo *drew* first, while everyone knows Han actually pulled the trigger first.

Re:Easy

[SCVonSteroids]

"Hold my beer, watch this!"

Re:Easy

After meeting my (now ex-) brother-in-law and his friends, I ceased to be surprised at the state of the road signs - instead, I wondered why none of them had thought of destroying the signposts using automatic weapons.

Let me guess, they also thought that taxes were too high and that the government had too high maintenance costs for roadsigns.

Re:Easy

BATFE takes that stuff seriously. There are a lot of dumb people who post on FB videos of what they were able to do by doing an oddball trigger job on their 1911 or some sear modifications. Then, there is a note about them getting hauled off for weapons violation charges. Fully auto weapons are easy to do, but 10 years in a PMITA prison (at medium security or higher, because it is a firearms related offense, so no "Club Fed") is no laughing matter. Plus, Federal prosecutors have pretty much a 100% conviction ratio, as they have an unlimited budget.

Re:Easy

A few years ago here in Finland somebody blew up a traffic enforcement camera. With dynamite.

Re:Easy

You set up snipers in strategic locations across town to cover every and all traffic sign; and you shoot the fucker who dares get even close to it.

Here in Texas, they just shoot the traffic sign and skip the middleman. Because freedom has to be irrigated by the blood of patriotic drivers in self-driving cars. Or something. I don't remember the exact quote, but it's in the Second Amendment or the Bible, I'm pretty sure.

https://s-media-cache-ak0.pini...

Let's hope they have good aim

Re:Easy

[HornWumpus]

The only way any prosecutor gets near 100% convictions is by only prosecuting the slam dunks. You'll note they don't generally prosecute pot charges anymore. They can't find juries and know it.

But yeah, you'd have to be a fool to make a gun 'rock and roll' in the USA. Bumpfireing, on the other hand, is legal.

Same rule applies to making a weapon out of a RC plane or quad, that's a guided missile, 10 years. Potentially for putting one fire cracker on the aircraft.

Re:Easy

Drawing first don't matter. It's who hits first that counts.

You couldn't just post mine, could you?

[Rick+Schumann]

https://slashdot.org/submissio...

Re:You couldn't just post mine, could you?

[Luthair]

I pointed it out on yours, but both cover a topic we looked at 5-months ago.

I'm not sure why bleepingcomputers is posted at all - every single story is submitted by an anonymous user, pretty hard to accept its not someone from the site spamming Slashdot.

Re:You couldn't just post mine, could you?

the formatting is so beautiful compared to the current submission is just beau...

Better solution

[cunina]

Why not just have a geospatial database of signs that self-driving cars access? Then it won't matter what's on the sign, or if the sign even physically exists. Why is anti-stick coating the solution that "researchers" suggest?

Re:Better solution

Why not just have a geospatial database of signs that self-driving cars access? Then it won't matter what's on the sign, or if the sign even physically exists. Why is anti-stick coating the solution that "researchers" suggest?

Then, GPS jamming becomes the ultimate DoS attack...

Re:Better solution

[SCVonSteroids]

Your idea is awesome.

On a practical basis however, it sounds like a cluster-fuck. Just think about that for a little while.

Re:Better solution

[arth1]

Why not just have a geospatial database of signs that self-driving cars access? Then it won't matter what's on the sign, or if the sign even physically exists. Why is anti-stick coating the solution that "researchers" suggest?

For one thing, there's a need for temporary signs.
And the sign has to physically exist for everything that isn't a self-driving car.

Re:Better solution

[Cili]

That is indeed the solution. Probably every producer will populate and maintain their own database with live data from the cars. The live data could be double-checked by humans and used to notify the road authorities that they need to replace or fix the broken signs.

Even better, when signs are no longer visible or recognizable the car would still know and follow them.

Re:Better solution

[kwbauer]

And how frequently will this database be updated? And how frequently are downloads of the updates required? Have you noticed that work crews generally erect signs during the day? And that drivers are generally required to follow the sign once it is in place? That means that the database must be updated as soon as the workers declare the sign to have been installed and all cars must download the update immediately because more than one crew could exist in a city and cars are everywhere.

Or perhaps the download notice is prioritized to go to the cars in the immediate vicinity first and then to those approaching and it spreads out from there like the infection graphs in a disaster movie.

Re:Better solution

[Moof123]

So every sign will have to be accurate and up to date with the database, at all times, across the entire country? Further, you'll have two masters now. What should a car do if/when it encounters a conflict? Should it stop and hand back control, use the database and ignore all signs, or use the signs as posted? All options are messy, other than making sure HAL is as good as a human at reading damaged and defaced signs.

Once you ask these dumb things to navigate back roads, or poorly maintained hellscapes that are our cities there will be numerous cases of ambiguous, changed, damaged, or vandalized signage. Humans can usually slow down and figure things out, or at least mostly know to proceed with caution despite awful signage.

My general prediction is that once these systems are run through the regulatory process needed before public release they will be programmed to be timid to the point of frustration. Drivers will be annoyed and frustrated that HAL will drive like their grandma on Sunday. If HAL takes 10-20% longer to get you to work and occasionally gives up you'll shut it off in short order. Also, if HAL can't be trusted to go on the interstate while I nap or zone out I'll never turn it on. I can't wait to read the disclaimer (and you think the itunes TOS is bad...), or to hear the howls when HAL refuses to engage until you change the oil, rotate the tires, clean the cameras, and pay a monthly service fee.

Basically this self driving frenzy is likely to go the way of the VR hype. It will be awesome tech that only a few will shell out money for, and even fewer will make use of.

Re:Better solution

GPS signal is already pretty poor in urban canyons, so one would assume that self-driving cars already complement GPS with dead reckoning (using wheel rotations and steering direction, or integrating the output of accelerometers).

Re: Better solution

[fluffernutter]

There is no way that would work in my city. They can't even keep their own gis map up to date, no way a map like that would be current.

Re:Better solution

[bobbied]

Dead Reckoning? Yea, that's a self fulfilling prophecy, dead.... Eventually the error between where you THINK you are and where you ACTUALLY are gets too big, you crash and die.

You use "Dead Reckoning" for as short of a distance as possible and use pilotage to correct your position often. That's why, when I fly I always carry a map with the expected course marked on it with check points about every 5-10 min of flying time. Then, as I fly, I verify where I am, update my course on the map as necessary. As a pilot you need to always know where you are. It's called pilotage.

Re:Better solution

Obviously he meant a database for the "install-and-forget" signs that can stay unreadable for weeks before the city bothers to fix the problem. Signs erected by work crews are attended so the vision system will work on them. These signs don't need to be in a database.

Re:Better solution

[RhettLivingston]

And that is exactly what good location algorithms working in conjunction with a system that can see do. You can improve the location knowledge with every bend or bump in the road and many landmarks. Buildings, hydrants, etc. rarely move. You just have to make sure to use a consensus view and never let any one system rule.

Re:Better solution

[mikael]

Roadworks are always putting up crazy signs, traffic cones, and all sorts of obstructions:

http://www.inspirational-quote...

https://s-media-cache-ak0.pini...

Re:Better solution

[Qzukk]

And the sign has to physically exist for everything that isn't a self-driving car

And the humans driving won't be fooled at all by fake signs put up by trolls (mostly because humans ignore most of the signs anyway).

Re:Better solution

Keeping the database accurate is probably best done by making it part of the procedure for changing signs.

If city officials decide to change the speed limit on a street, then the only way for them to communicate with the work crew would be through the database. Changes would initially be labeled "pending". Work crews would choose a pending change from the database, and change its label to "assigned to work crew 123", and then to "performed" when the work is completed.

Re:Better solution

[RhettLivingston]

And, as a human driver, you always look at every sign that you see every day? You don't ever become blind to the stop sign at the end of the street you live on? Or perhaps you do use an internal database for the vast majority of your travels?

Self-driving cars will synthesize situation awareness from many sources including their previous experiences and the experiences of all the other vehicles on the road contributing to the database.

The physical stop sign won't rule. When it becomes obscured by the bush growing beside it or anyone messing with it using stickers, they will still stop.

Re:Better solution

Why not just have a geospatial database of signs that self-driving cars access? Then it won't matter what's on the sign, or if the sign even physically exists. Why is anti-stick coating the solution that "researchers" suggest?

For one thing, there's a need for temporary signs.
And the sign has to physically exist for everything that isn't a self-driving car.

Like motorcycles, bicycles and pedestrians.

I had a coworker ask a while back why we bother with street signs anymore when pretty much everyone has GPS. I knew he was a cyclist and asked if he had GPS on his bicycle. When he said know I told him to think about his previous statement a bit more.

Re:Better solution

[jenningsthecat]

Self-driving cars will synthesize situation awareness from many sources including their previous experiences and the experiences of all the other vehicles on the road contributing to the database.

Self-driving cars will need to synthesize situation awareness from many sources including their previous experiences at least as well as a reasonably good human driver, but I doubt the current algorithms are anywhere close, and getting them there is going to take a lot of time and money.

Re:Better solution

[jenningsthecat]

...Basically this self driving frenzy is likely to go the way of the VR hype. It will be awesome tech that only a few will shell out money for, and even fewer will make use of.

I hope you're right, but I think at some point it's going to be mandated. Government, especially in the US, is rapidly accelerating both the degree and the granularity of the control it has over its own citizens. And since Joe Average is a sucker for the 'because safety' and 'because security' BS arguments, once the tech is mature and reliable, self-driving cars will be embraced with open arms. Then law enforcement, along with the rest of the authoritarian power-trippers, will have their most compelling wet dream made real: they will be able to spy upon and control the passage of all drivers and passengers. Unless AGW and/or big rocks hitting the Earth kill off a big chunk of humanity, I think the future will be very dystopian indeed. Self-driving cars are at the thin edge of the wedge.

Re: Better solution

kind of how map databases operate now, except their will an order of magnitude more items to track like signals, signs, road markings, etc.
Plus dynamic elements like traffic congestion is mapped now.

Re:Better solution

[ShanghaiBill]

SDCs do use a database. They also look for signs. If they don't see a stop sign where one is expected, or see one where it is not expected, they will stop. They will also report the discrepancy.

Re:Better solution

[ShanghaiBill]

getting them there is going to take a lot of time and money.

Traffic accidents cost $870 BILLION per year in America alone, so this is certainly something worth spending a lot of time and money on.

Re:Better solution

worst case, your car comes to a stop at an intersection where the sign was removed.

Re:Better solution

[Gussington]

Why not just have a geospatial database of signs that self-driving cars access? Then it won't matter what's on the sign, or if the sign even physically exists.

Like Electronic voting, it then becomes a whole lot easier to attack the entire system at once then just one tiny part.
So no, don't do that...

Re:Better solution

Yeah, if you were to put a stop sign on the interstate, someone would come to a stop, sooner or later.

Re:Better solution

[houghi]

If the sign does not exist, one car might think it has right of way, because it 'knows' what the sign would be. Another car will think it has right of way, because there is no signs. Right of way when you come from the right (left in some countries).

For people it very much matters if a sign exists. There are also situations where things change. Updating the GPS systems is a pain as it is now, even where cities ask to do so and you want to do it with signs?

Re:Better solution

[AmiMoJo]

That would be a great idea if the data were available.

Local government authorities know where most of their signs are, and could provide updates when things change. Mapping companies would love to get hold of that data stream, but it's damn near impossible. The local government authorities want them to pay for the data, and they all negotiate separately. Even if they agree, there is no legal requirement for the data to be accurate or timely so at best you might notice they suck and sue them for breech of contract after your fleet of self-driving cars picks up a few thousand speeding tickets.

Local governments know all sorts of useful stuff. They know where road works are gong to be long before they appear, for example.

What we need is a national level data feed for this stuff, and a legal mandate for organizations involved to keep it up to date.

What will likely happen is some mapping company decides it's worth paying people to drive around surveying roads all day.

Re:Better solution

[jittles]

Why is anti-stick coating the solution that "researchers" suggest?

They just opened up a Teflon factory, duh.

Re:Better solution

[apoc.famine]

What we need is a national level data feed for this stuff, and a legal mandate for organizations involved to keep it up to date.

What will likely happen is some mapping company decides it's worth paying people to drive around surveying roads all day.

In regards to the second, that already happens regularly. States are required to report roadway conditions to the feds to demonstrate a need for federal funding. They outsource their road surveys to private companies that run automated vehicles down the road, doing 3D Lidar scans, measuring bridge heights, cracks, potholes, guardrail issues, and sign reflectivity. That data is then sent to the feds to get money to fix the issues that are found. It wouldn't be hard to also use this data to identify signs that need to be replaced, although these surveys are generally constrained to major roads and not minor ones.
 
In regard to the first, I think what's more likely is that the car companies will outsource this to the drivers. Refuse to do self-driving mode until enough people have manually driven the route, so that they have the data to push out to the rest of the fleet. And when things change, if enough oddities arise, again stop the self-driving mode for that stretch until enough data is gathered to get back to an appropriate level of confidence for the route.

Re:Better solution

Why not just have a geospatial database of signs that self-driving cars access? Then it won't matter what's on the sign, or if the sign even physically exists. Why is anti-stick coating the solution that "researchers" suggest?

That is a partial solution. Generally the car should be able to determine from map data what the speed limit is and who has right of way at any intersection, from a combination of map data and the same algorithms that are taught in drivers ed.

However they still need to improve the image recognition, as one function of signs is to comunicate temporary changes in the road, and ignoring signs is illegal so the car will have to be capable of obeying them.

Most likely they just need to expand their training set to include more examples of damaged or defaced signs.

Re:Better solution

[Obfiscator]

No, worst case the database was improperly updated and your car doesn't come to a stop where a sign is posted, plowing into a driver coming from a different direction with right-of-way.

In other news

You can trick human drivers by defacing street signs

Re:In other news

[kwbauer]

But not as easily. That was the claim in the article, anyway.

Re:In other news

[bobbied]

You can trick human drivers by defacing street signs

Yea, not always. Try to change the signs on a road that I drive every day and you won't trick me. I'm not likely to even look at the things. Robots? Totally different story. They cannot think or reason and have to be programed to look at ALL signs, defaced, false or not. The guy flying the bird next to the sign isn't going to register as anything but a pedestrian to avoid hitting.

Re:In other news

You can trick human drivers by defacing street signs

Yea, not always. Try to change the signs on a road that I drive every day and you won't trick me. I'm not likely to even look at the things. Robots? Totally different story. ...

So? You could have autonomous vehicles do the same thing.

Recognize every traffic sign and upload it to the cloud for other autonomous vehicles. If the sign changes (added, modified or missing), flag it as suspicious. A human or AI could later verify the change.

Based on the type of change, the autonomous vehicle could ignore it.

Ok, not perfect, but that's basically what a human would do.

Re:In other news

[Kkloe]

So you mean if they changed all the signs to a lower speed you will go a higher speed?, or if they closed down a road and altered a sign from going forward-right to just forward and you would still turn right because it has always been possible?

Re:In other news

[bobbied]

If YOU change the signs, I'm not paying attention to them.. All your examples are GOVERNMENT changing the signs... That I would notice because I'd likely see the road crews out in the official government vehicles and read the news story about the regulatory changes in the press releases.

But my point is, I know the route, false signs are not likely to mislead me. A computer isn't so thoughtful about this kind of thing because it cannot consider the wider context...

For instance, I know where a bridge is under construction on my daily commute route. Last week, I was driving over the old bridge, this week the new one, though the road and signs still are up as before on the old road, only a route change has been made with some orange barrels. Next week that old bridge may be gone. I know the context of the construction effort, so I know that I will need to pay closer attention at various locations because I'm expecting the route to change. A computer doesn't have this contextual information nor does it have the reason required to think though the implications of it. I do. So if you remove those barrels, I'm not going to blindly drive the old route now, a computer likely would.

Re:In other news

[Kkloe]

The thing is in this case or other cases is that people can change the sign to look like government signs.

And as you say, "not likely to mislead me", meaning it might.

Re:In other news

[bobbied]

Not likely to mislead me, but very likely will be taken as gospel by a computer. (which is my point) Automation is more subject to this risk than I am.

Autonomous vehicles get it right most of the time

[MpVpRb]

But, the edge cases will become increasingly troublesome as they move from prototype into widespread use

Road signs are commonly missing, rotated, shot, stolen or defaced

I love the idea of autonomous vehicles. I wrote autonomous vehicle software for a major auto manufacturer. This shit is hard

Just put toy cars in the road

[WillAffleckUW]

Make a circle of them and the self-driving car stops moving.

If you time it right, you can do it right in front of an oncoming truck.

Re:Just put toy cars in the road

[WillAffleckUW]

note these are the ones with tiny flags on top. It's the motion of the flags that increases their avoidance value. They're cheap, you can get tiny remote controlled ones anywhere.

Emergency vehicles

[John+Jorsett]

It just occurred to me today: will self-driving cars be smart enough to pull over for cops and fire trucks? If so, does that mean all you have to do to get them out of your way is flash some lights for a bit?

Re:Emergency vehicles

[The+MAZZTer]

AFIAK some emergency vehicles already have equipment to switch traffic lights. So it's not much of a jump they can signal autonomous vehicles to pull over.

Re:Emergency vehicles

[DontBeAMoran]

If you honk with the right timing, the car will even send bitcoins to your wallet.

Re:Emergency vehicles

[kwbauer]

That switch is a pulsing light that triggers the traffic signal to change the cycle in the same manner as a pedestrian push button or in ground sensor loop might. It just forces the priority of the change so that the normal green-to-yellow-to-red change starts now instead of a bit later. They are not exactly difficult to fake out. Putting them on every car on the road would be a terrible idea, or not. As long as I am in my manual operated vehicle, having one of those would be quite enjoyable at times. "Hey look, all the 'autonomous' cars pulled over for no apparent reason! Everybody should run down to the dealer and have the software diagnosed."

Re:Emergency vehicles

[hackel]

Once we've eliminated idiot human drivers, cars will no longer need to pull over for emergency vehicles, unless it's a single-lane road. They will simply talk to each other and coordinate priority access. They will be able to clear a space in real-time, like a bubble surrounding the emergency vehicle.

In the meantime, if emergency vehicles aren't already transmitting some kind of signal that can be picked up by autonomous vehicles, that would make me worried. They certainly shouldn't be relying on visual feedback.

Re:Emergency vehicles

[Qzukk]

If so, does that mean all you have to do to get them out of your way is flash some lights for a bit?

Works on human drivers too. I guess that means humans aren't ready to be driving yet.

Re:Emergency vehicles

It just occurred to me today: will self-driving cars be smart enough to pull over for cops and fire trucks? If so, does that mean all you have to do to get them out of your way is flash some lights for a bit?

As the same attack works on humans, probably.

It is however illegal to impersonate a police officer, and I would be hard pressed to come up with a worse target for such a "hack" than a car that I know is visually recording the encounter.

No need for a stop sign on a highway

[Ebsolas]

Unless you live where I do and they put one up for the construction that's currently going on. Every rule has exceptions and being able to adapt past common sense rules like this one is why self driving cars won't be fit for the road for probably another 10-20 years IMO.

Growing pains

Self-driving cars will only be reading signs during a transitional period. Google can easily generate, and probably has generated, a database of street sign locations extracted from StreetView data.

There will be services that track all signs along with GPS coordinates and which are updated by planning authorities.

Eventually self-driving vehicles will only rely on visual input for corroboration on permanent signage and to identify temporary signage. As with everything else in the self-driving world this will be more reliable than the current system.

Re:Growing pains

[arth1]

There will be services that track all signs along with GPS coordinates and which are updated by planning authorities.

All well and fine, but it's the unplanned authorities that is a worry. Like when road crews have to use ad-hoc stop signs, or police have to make a detour around an accident or flooding.

Re:Growing pains

[kwbauer]

How frequently does StreetView get updated?

Re: Growing pains

[fluffernutter]

So when they built a roundabout by my house, automated cars would just continue to drive over the middle of it for months until streetview comes around again?

Re:Growing pains

[hackel]

Hopefully soon all signage will be eliminated entirely, forcing vehicles to rely on standardised digital data provided by local authorities. There will simply be no reason for any driving-related signs to exist. They are unreliable and expensive to maintain. Only signs for pedestrians and bikers should remain in designated areas.

Re:Growing pains

[dugancent]

My parents built their house and moved in over five years ago. Streetview shows a backhoe in the front yard getting ready to dig the foundation.

Re:Growing pains

[Moof123]

Bikers share the road you insensitive clod. I need almost all the same signs when I am biking as when I am driving. Pretty much only the speed limits become mostly ignorable.

Also, "soon" will be at least 25+ years. Cars readily last 20 years these days, and you will not have 100% autonomous cars being sold within 5 years (not even close!). You will have a long tail that will include classic car drivers, and those pesky libertarian types who want the right to choose to drive for themselves, or the right to repair or modify their vehicles beyond what HAL will allow.

Re:Growing pains

[RhettLivingston]

Now, not so often. Once Google deploys self-driving software, every time a connected car with their software goes down your street.

I don't agree that the system will evolve to give up the databases. Rather, the databases will become real-time and include much more than signs. There will be warnings about icy spots that are derived from earlier drivers hitting them, puddles, new potholes, a home that frequently has kids running into the street, etc. Every little thing you can imagine will be communicated. But the system won't rely on it, it's just one input of many.

Re:Growing pains

[Carnildo]

The newest StreetView data around here is ten months old, the oldest ten years. Most small towns have coverage of exactly one road; some don't even have that. Even in cities, there are gaps in coverage, and not just minor dead-ends: I'm aware of a three-block gap in a major arterial.

Re:Growing pains

No, not even close to 5 years away. Tesla is already shipping them.

Yes, there will be human drivers sharing the road with self-driving cars for 25+ years. But let's not be stupid and pretend that self-driving cars aren't already on the road driving themselves in beta test mode now.

At this point, I'd expect the software patch that turns on that 100% self driving hardware in hundreds of thousands of Teslas is maybe a year out.

Re:Growing pains

[reboot246]

Get in your self-driving car and tell it to follow me all day. If you survive, I'll admit you're right.

I guess you live in a place where all the roads are in perfect condition, very wide, with perfect signs. I live in the real world where some streets and roads are barely adequate for one vehicle, and some are so bad that if you go a bit too fast (aka the speed limit), you'll ruin your car.

Do you have any one-lane bridges or one-lane tunnels in your world? "Honk before entering." Can your self-driving car handle that?

Re: Growing pains

"Google can easily generate, and probably has generated, a database of street sign locations extracted from StreetView data."

You're joking, right? The StreetView images of the house I sold 2 years ago still have pictures of the camper I sold 1 year prior to selling the house...

Re:Growing pains

Psh, that's only a problem for Dave.

For the rest of us, the Computer is our friend.

There's always an exception to the rule

[Cerlyn]

"...there's no reason to have a certain sign on certain roads (Stop sign on an interstate highway)."

What about here? (Cross Island Parkway, New York USA, Exit 31)

Stop signs often do appear on highway entry ramps, especially where they are short. This is true in construction areas, as well as on some older entrance ramps around New York City.

Technically this is a 50 MPH (~80 km/h) Parkway and not an Interstate, but rather than randomly searching the area this was the first that came to mind.

Re:There's always an exception to the rule

[thegarbz]

Can someone please tell me what I'm supposed to do at this intersection?

Seeing this sign it looks like it wants me to take the onramp and then come to a stop and give way before going? But looking at the road markings it appears to be a giveway-merge where I just match the speed of the traffic and then join in.

Forget driversless cars, let's start by making it clear for drivers first. I mean went back and forward along that road, none of the cars appeared to stop for anything.

Re:There's always an exception to the rule

[Cerlyn]

There is not enough aligned ramp space there for you to see if there is any oncoming traffic on the main road before you have to collide with it. Extending the ramp would require expanding the bridge at its terminus.

So they expect you to stop, look backwards for a gap, and accelerate hard to get into it. Which can get quite tricky at hours when there is a lot of traffic.

At other intersections you may have to quickly get on before the on-/off-ramp gets you off again, or slow down prior to sharp curves on an exit ramp.

If you are not used to this (or anything about New York City/Long Island traffic for that matter) it can take some getting used to. Many roads were originally designed when speed limits and cars were slower, and there is not much room for expansion.

Re:There's always an exception to the rule

Yeah, that sign goes against everything I know about onramps. My instinct would be to do the right thing and ignore it completely, because it's obviously not supposed to be there.

Re:There's always an exception to the rule

Looks to me like there is plenty enough space under that bridge for a decent on-ramp. Just a footpath in the way. And if the map is current, there's even a fair amount of undeveloped land off to the side that could be used to route a much safer footpath through.

Re:There's always an exception to the rule

[thegarbz]

So because there's not enough space for a decent run up the intent is to stop the cars to ruin whatever built up speed they already have? That is pure genius.

Re:There's always an exception to the rule

[istartedi]

I have been places where they put up a sign that says "no merge area", but it's still a yield not a full stop. That sign is shite, unless they've actually got a study showing that it reduced accidents or something. Are they actually stopping? Maybe it's a revenue generation sign.

Re:There's always an exception to the rule

[ElizabethGreene]

This is a fantastic discovery. It tells us that these systems need to dramatically increase their training sets for sign recognition to include signs that have stickers, bullet holes, dirt, dents, etc. It also tells us that we need to teach the AI to sanity check when it sees a sign. If a stop sign appears on a 70mph highway, then that is suspicious.

Related to this, I quietly hold the opinion that one piece that's missing from AI is a "sheep" behavior. More specifically, when road markings and/or signs are unclear, evaluate the behaviors of other drivers. If the car in front of me followed a specific path and didn't experience sudden deceleration or erratic movement then consider that path as more safe than the unknown. In considering my own driving, I find I use this a great deal.

Octagon?

[im_thatoneguy]

What horrifically terrible machine learning algorithm sees a red octagon and thinks it's a black and white rectangular speed limit sign? How is the visual machine learning matrix so bad that a triangular yellow sign would be registered as a stop sign?

Do they not train the machine learning algorithms with color images? Considering you can rely on 1-2 seconds of latency for a sign there is no reason to use the same sort of low latency machine learning algorithms used for pedestrian identification or road lines.

Re:Octagon?

[markdavis]

>"What horrifically terrible machine learning algorithm sees a red octagon and thinks it's a black and white rectangular speed limit sign?"

+1 THANK YOU!
I was wondering the same thing. I mean, I know visual AI is complicated, but it is a FREAKING RED OCTAGON!!! What freaking chance does freaking self-driving technology have if it can't freaking deal with something that freaking simple???

Freak!!

Re:Octagon?

[Tablizer]

"Cheapo" AI image training leaves what may be called artifacts or gaps that can be exploited with carefully crafted decoys.

They should probably use multi-factor and multi-technique AI to plug such gaps.

I wonder what would happen if the words on the sign, as perceived by the bot, contradicted the shape and color of the sign. If a human saw a sign with the shape and color of a stop-sign but with garbled or unexpected lettering, generally they will slow way down as a precaution, and assume it's probably a stop sign. Hopefully bot cars do the same when they encounter conflicting signs, but not so often as to cause pile-ups.

A benefit of such processing is that bot-cars can easily report suspicious signs to authorities, if the car co offers reports to local authorities. If multiple bot cars report the same problem, then likely there's something odd going on. Kids or slimebag promoters often stick music concert ads on signs around here, sometimes obscuring the text.

Re:Octagon?

[Moof123]

The current state of "AI" is pretty damn crude, and the resulting "trained" system cannot be debugged as such. As best I can tell it is akin to shoving in data, desired behavior, and pressing "optimize". So while we would like to think there is thought and reasoning going on, there is not. If the algorithm has been poorly designed or trained there is no telling how it will react to data that is dissimilar to the training data. Graffiti is pretty random, which is easy to figure out for a human, apparently not so much for HAL.

A couple years back I read a good article on simple image recognition (simple in the sense that it was just images, not video from a moving car) with example images. Scrambled yellow random garbage would come back as a school bus with >99% probability, and so on. Basically false positives occur easily if there is not great effort made to train HAL to prevent it. My guess is that these systems are obscenely hard to get working well on good signage and without anything nefarious going on, and adding intentional counter-measures will make that job an order of magnitude harder.

Re:Octagon?

Well, when you strip out the color data and pixelate the thing to a 32x32 matrix, I'm sure it doesn't look anything like a stop sign to a human either.

They're not testing real self-driving car algorithms. They're screwing around to get the Luddites riled up.

Re:Octagon?

Visual recognition is done in large part using infrared, because that's the only way to effectively illuminate something at night unless you want to literally light up the roadway and potentially blind oncoming traffic. Infrared signature allows the visual system to identify signs regardless of lighting or weather conditions, both of which can easily screw up a color recognition system.

Humans can guess from pattern recognition 'oh yeah that sign must be red' but that's not an easy thing for a computer to do. Easier and generally surer for them to recognize patterns of light and dark. Unfortunately this leaves them vulnerable to spoofing using stickers that couldn't possibly fool a human, making the visual recognition system look like an idiot. Which, to be fair, it is.

Re:Octagon?

[Solandri]

Do they not train the machine learning algorithms with color images?

Color is extremely subjective. Remember the dress color photo that went viral? Your brain basically takes an average of all the colors it sees, guesses what the color of the light is, and does an automatic white balance. It's really good at this, so a stop sign appears consistently red to the eye.*

Totally different for a machine. The auto white balance in cameras has gotten good, but it's still easy to fool in extreme lighting conditions. Especially if there are multiple color light sources, some pointed at the camera, some away. I carry a grey card so I can prop it up near the subject location and snap a picture. That way I have a calibrated color reference for subsequent photos I can use for a manual white balance. Unfortunately, an automatic car traversing an area for the first (and only) time doesn't have that luxury.

* (There's actually an experiment which demonstrates your brain's auto white balance. You take a patchwork quilt with a bunch of different color patches. Then in a darkened room, you take a black cloth with a hole cut in it and cover all but one color patch. Say it's a green patch. You then shine a light on it, but put color filters in front of the light until the light reflecting off the patch is objectively red (predominantly 650-700 nm). When you look at the one patch, it will appear red. But if you remove the black cloth and reveal all the other colored patches under the same filtered light, your brain now has enough information to do a white balance and suddenly the patch which looked red just a moment ago will look green. Because it is green relative to all the other colors.)

Re:Octagon?

It's not that crude as we could get weightless neural networks to recognise such signs over twenty years ago when I was working in the area.

Re:Octagon?

Your point about false positives is valid. In decent papers no one quotes a simple % accuracy but plots rates of false positives against false negatives for various parameterisations. It then basically invites you to trade one against the other for a particular use case. For example, if fusing multiple sensor inputs into individual recognisers. Multiplicity, if fused appropriately, is preferable.

Re:Octagon?

> What horrifically terrible machine learning algorithm sees a red octagon and thinks it's a black and white rectangular speed limit sign?

Why, the same horrifically terrible machine learning algorithms you'll soon be paying an insurance penalty for not using, of course.

Re:Octagon?

[AmiMoJo]

The machine probably discards colour information, so that it can work at night when colour is either not available or inaccurate.

Re:Octagon?

That would be accurate because our brain has an amazing color correction algorithm built in to it (remember is the dress blue or gold?), and shadows can quite significantly change the apparent color. There's also the good ol' curse of dimensionality which states in machine learning you need to figure out which data to throw out because as the number of features you look at increase, the memory needed increases exponentially. Thus with image recognition you almost always drop it to gray scale.

Re:Octagon?

[tlhIngan]

Color is extremely subjective. Remember the dress color photo that went viral? Your brain basically takes an average of all the colors it sees, guesses what the color of the light is, and does an automatic white balance. It's really good at this, so a stop sign appears consistently red to the eye.*

Totally different for a machine. The auto white balance in cameras has gotten good, but it's still easy to fool in extreme lighting conditions. Especially if there are multiple color light sources, some pointed at the camera, some away. I carry a grey card so I can prop it up near the subject location and snap a picture. That way I have a calibrated color reference for subsequent photos I can use for a manual white balance. Unfortunately, an automatic car traversing an area for the first (and only) time doesn't have that luxury.

Luckily, road signs are of a very limited palette. Intentionally.

Stop signs are always a red octagon. Don't rely on words because you'll get messed up in Quebec whose stop signs say Arret instead of Stop (they say Stop in France). Same in Northern Canada where they will say Stop and Stop in the native language.

Construction signs are orange (which may be confused with red, but they are never octagonal). These are temporary road signs put up by a construction crew. You need to read the sign since the contents can be of any category.

Informational signs are white - these tell you about the road ahead - speed limits, merges, lane endings, etc.

Green signs are directional and point you to locations.

The last sign is the road divider, which is angled such that the the down slope points to the valid direction of travel. If there's a median, it will be sloping down from left to right, indicating you need to keep to the right of the sign. If it's an inverted chevron, it means you may travel to the left or right of the sign.

The system is designed to be quite redundant - you don't need to see color to read signs - an octagon will always be a stop sign, a road divider sign will always point out which lanes are safe for travel as long as you can see the stripes, and the others require interpreting the contents of the sign. You don't really need to know if the lane ending sign is permanent or temporary construction - as far as you're concerned, right now the lane is ending.

Re:Octagon?

[omnichad]

They only fed it perfect images, you have to assume. It doesn't "think" in terms of shapes directly - it's a lot to do with correlation of a vast data set.

If they had fed in hundreds of old, worn, defaced signs during the training phase, this probably wouldn't happen.

SNOW

Snow accumulates on street signs. Add 30 mph wind that's common here in the upper Midwest and these automated systems are a failure before they leave the garage

Re:SNOW

Well, that's why they suggested anti-stick signs. That snow ain't gonna stay stuck.

Or, have heated street signs. That snow will be gone in no time. (Expect a property tax hike)

Re: SNOW

Don't live where it snows. Humans are not supposed to live where the weather is extreme. Move to California. Unless you voted for Trump.

Re:SNOW

[bobbied]

I got to think that keeping a sign ice free when it's -20F is going to be some kind of expensive...

Re: SNOW

[xxxJonBoyxxx]

>> Well, that's why they suggested anti-stick signs. That snow ain't gonna stay stuck

Thanks - I needed the laugh. But in case you're serious, Google "ice storm" and prepare to be amazed as to what a little frozen water will stick to.

Re: SNOW

There's nothing a little heating built into the sign can't melt...

Re: SNOW

[pahles]

But nobody with a sane mind will drive in those conditions...

Re: SNOW

[Cro+Magnon]

But nobody with a sane mind will drive in those conditions...

I can imagine some pretty heavy traffic around here. :P

Re:Autonomous vehicles get it right most of the ti

[im_thatoneguy]

Road signs are commonly missing,

I feel like a missing stop sign is a problem regardless if your brain is squishy or silicon. In fact there is an unmarked 4 way stop near my office. There is a crash there about once every 2-3 months.

Snow?

Forget stickers and graffiti, just add some winter weather.

Re:Snow?

[bobbied]

You got that right... Black Ice is NOT much fun to drive on and very hard to see... I've driven on it in the past and lived to tell the tale. It was no fun waiting for the car to slow down from 55MPH without using the brakes, hoping it stayed on the two lane road...

I don't think automation would deal kindly with that....

Re:Snow?

You got that right... Black Ice is NOT much fun to drive on and very hard to see... I've driven on it in the past and lived to tell the tale. It was no fun waiting for the car to slow down from 55MPH without using the brakes, hoping it stayed on the two lane road...

I don't think automation would deal kindly with that....

Yes it does and it is called ESP and works pretty well..

Re:Snow?

It can get the friction coefficient from ABS and run the necessary equations with much higher precision and speed than you will ever be able.

Re:Snow?

Not on black ice. If you even touch the brake, you're toast.

In other other news

[DontBeAMoran]

You can deface human drivers by tricking street signs.

Sign of the times

[arth1]

For example, there's no reason to have a certain sign on certain roads (Stop sign on an interstate highway).

Except when you do, like when there's construction or accidents, and a guy stands there with a stop sign.

What about weather?

I nearly ran through a stop sign last winter... ...because it was covered with blowing snow. The octagonal shape was barely visible, but it definitely wasn't red. At night it may have been altogether different.

If we can't get signs with stickers right, then what chance do we have against snow?

Re:What about weather?

[arth1]

I nearly ran through a stop sign last winter... ...because it was covered with blowing snow.

I got stopped by the police once, and asked whether I hadn't seen the speed limit sign. I told him that I hadn't seen the sign at all, because it was hidden behind a tree...

Re:What about weather?

[kwbauer]

Google and Tesla are headquarted in Silicon Valley. What is this thing you call snow? Those people that live where that stuff is just need to move to a climate more appropriate to the use of electric, self-driving cars. It isn't like progress requires massive changes in the way we live.

Re:What about weather?

what chance do we have against snow?

What about it? Are you suggesting you're not fit to drive because you couldn't see a stop sign while it was snowing? Or is it only robots who aren't allowed to drive?

Re:What about weather?

That's why Blackberry is doing their research in Ottawa for their software

Future Revealed

[dohzer]

I can see it now: a company puts up a billboard with a red octagon containing their brand of motor oil, and the car gets thirsty.
It has begun!

Re:Autonomous vehicles get it right most of the ti

[arth1]

In fact there is an unmarked 4 way stop near my office. There is a crash there about once every 2-3 months.

If it's unmarked, it's not a 4-way stop. No marking means "yield to the right". Too many people have become accustomed to all intersections being marked to remember the basic rules.

There can be stop signs on freeways

[hawguy]

For example, there's no reason to have a certain sign on certain roads (Stop sign on an interstate highway).

Except during road construction when a signman holds up a "stop" sign and the self-driving car says "You're not fooling me! There are no stop signs on freeways, and even your 15mph speed limit sign is fake, my database says the speed limit here is 75mph. See ya!"

Re:There can be stop signs on freeways

[hackel]

In these situations, obviously the workers would need to be using a transmitter to broadcast updated road speed information in a standardised format to all vehicles. Isn't this just common sense?

Re:There can be stop signs on freeways

Common sense would be for the cars to not run things over regardless of any street signs or traffic laws. But no. Instead of creating a car which refuses to crash into anything (in which case following traffic laws doesn't matter a whole lot because you won't hit everyone even if you do blow through that red light) most of the companies are spending all their time trying to figure out how to detect and identify every rule and sign. There are always exceptions, there are always 'pranksters', and a car which refuses to crash no matter what is the only one that'll make it through 99% of the cases (bumping into the car in front of you is probably better than being smashed by a train).

Re:There can be stop signs on freeways

[hawguy]

In these situations, obviously the workers would need to be using a transmitter to broadcast updated road speed information in a standardised format to all vehicles. Isn't this just common sense?

If you're going to standardize every construction site in america and give them transmitters that every car listens to, why not just put long distance RFID tags on every street sign and avoid the need to use faulty image recognition in the first place? Just because humans need to use vision to read signs doesn't mean cars should.

They could even be cryptographically signed with the sign's meaning and location/direction to prevent a prankster from moving a 70mph freeway speed limit sign to a residential street.

Re:There can be stop signs on freeways

[fluffernutter]

I laughed out loud at this one. People keep mowing down the markers at a construction site near me and the workers can't even be bothered to set them back up. No way in hell are they going to be fiddling with a device putting these markers into a virtual database.

Re:There can be stop signs on freeways

[Roger+W+Moore]

Except during road construction when a signman holds up a "stop" sign...

If you have people standing in the middle of motorways holding signs the largest safety concern is not how a driverless car algorithm will handle it.

Re:There can be stop signs on freeways

[Gussington]

In these situations, obviously the workers would need to be using a transmitter to broadcast updated road speed information in a standardised format to all vehicles. Isn't this just common sense?

Right so now we need wireless networks to every square cm of roadway on earth. Common sense isn't really as common as you think...

Re:There can be stop signs on freeways

[sbrown7792]

How I wish I had mod points. I absolutely lost it at "standardised format". Too bad the sarcasm was lost on others...

Re:There can be stop signs on freeways

[Luthair]

Its common sense until you realize the number of construction sites both public and private that will need one. The number of people who will have access to them would make them impossible to secure so you'd have people toggling them on the middle of a busy highway for shits & giggles, putting them in their neighbourhood to force cars to go slow, etc.

Re:There can be stop signs on freeways

[Luthair]

The trouble is that this is also abuse-able, if an automated car will aggressively stop in unexpected situations then an attacker can use it to cause accidents.

You can trick humans by defacing street signs...

[pubwvj]

You can trick humans by defacing street signs... So... What else is new? This is a "no-duh!"

Re:Autonomous vehicles get it right most of the ti

[hawguy]

In fact there is an unmarked 4 way stop near my office. There is a crash there about once every 2-3 months.

If it's unmarked, it's not a 4-way stop. No marking means "yield to the right". Too many people have become accustomed to all intersections being marked to remember the basic rules.

It's not just "yield to the right", it's yield to oncoming traffic, yield to the car that gets there first, and then (maybe) yield to the right.

Some states (like Arizona) treat an uncontrolled intersection as a 4 way stop, which is the only sensible thing to do.

Car says," I'm lost."

[DatbeDank]

Instead of a car making horrific errors in judgment, why not have it safely pull over and say, "I'm lost, please ask for directions."

Better yet, set it up so the female voice pulls over and asks for help and the male voice just keeps going until it thinks it reached the destination.

Re:Car says," I'm lost."

[epyT-R]

Better yet, just remove the damn computer and let the human drive it himself.

Re: Car says," I'm lost."

This requires the algorithm to know that it is confused. Knowing that one knows something is not the same as knowing something, and is not really part of the current state of the art

Re:Car says," I'm lost."

[93+Escort+Wagon]

Better yet, set it up so the female voice pulls over and asks for help and the male voice just keeps going until it thinks it reached the destination.

No, the male voice would keep driving around in circles while insisting it wasn't lost.

Huh

[fluffernutter]

I like how this is written like it is a surprise. Did people really think that autonomous vehicles actually thought about the signs?

And they will the do that 55 on I-294 when all oth

[Joe_Dragon]

And they will the do that 55 on I-294 when all others are doing 75+.

reliable braking + teenagers

[bussdriver]

my 1st thought years ago was pranking cars by jumping out in front of them. Crazy to risk it; however, when it becomes predictably safe...

Next thought was some radio nerds experimenting with broadcasting signals towards cars.

Should be map info with signs

[WindBourne]

Seriously, these machines should be using signs to augment mapping info.
In addition, the feds should come up with a SINGULAR approach on how to put up secured temporary local notifications.
Perhaps a digital form of NOTAMs.

Re:Should be map info with signs

No, the other way round. What the cameras tell the car has to win over whatever the map says. Otherwise a road that has changed and is not yet in the current map will cause trouble.

The system has to be as good as a human at reading signs and has to be able to correctly identify defaced signs. If it can't do that, it can't be used. If a few simple stickers will make it disregard a STOP sign accidents will happen.

Re: Should be map info with signs

[WindBourne]

Wrong idea. Right now, SOME of the cars are using signs. By switching to maps, AND allowing for local digital 'NOTAMs', then most signs would simply be used to confirm. Stop and yield signs should always override data. Others should be questioned and turned over to driver.

Re: Should be map info with signs

If you have to ask the driver for confirmation, it's not an autonomous car.

The car can use the map for navigation, but it cannot use it for 'GPS and map says there is a road here with the following signs...', that is has to determine by image processing.

You cannot rely on a central database, it might be out of date regarding the location where you are or you might be in an area without a cell tower in range. You cannot rely on communication with other cars, there might be none at this moment and hackers will have a field day with that idea anyway. You cannot rely on beacons set up to mark, for example, construction zones. They might be forgotten to set up, run out of battery, get stolen, used somewhere else.

It boils down to this: An autonomous car has to be able to orient itself by image processing with some help from a map and GPS. It has to be able to improvise if the map proves inaccurate (detour, construction zone, road block). It needs to be able to read traffic signs correctly. You can use other sensors, but if they and the image from the camera disagree, the camera wins.

Re:Autonomous vehicles get it right most of the ti

But, the edge cases will become increasingly troublesome as they move from prototype into widespread use

Road signs are commonly missing, rotated, shot, stolen or defaced

I love the idea of autonomous vehicles. I wrote autonomous vehicle software for a major auto manufacturer. This shit is hard

It is really hard to imagine a future of autonomous vehicles without the supporting infrastructure of digital markers in the road, but that is a really cool gig you had there. Is it in the phoenix area by chance?

Why are they reading signs in the first place?

[hackel]

Why are self-driving cars reading signs in the first place? Seriously, don't we have all of this information available digitally? It makes no sense for them to even be attempting to read the signs. If the car needs to travel into an area where we don't have digital information available, it should require manual control. This is just silly.

Re:Why are they reading signs in the first place?

[viperidaenz]

temporary signs for roadworks?

Re:Why are they reading signs in the first place?

[Luthair]

So how do you add a new sign? Do you need to publish it 6-months in advance to ensure all the self-driving cars have updated in time?

Re:Why are they reading signs in the first place?

[Green+Mountain+Bot]

Why are self-driving cars reading signs in the first place?

Because they need to be able to adapt to the current situation on the ground, which frequently varies from the database. And the database won't always be available.

If the car needs to travel into an area where we don't have digital information available, it should require manual control.

In which case it is no longer a self-driving car. Who's going to pay the premium on a self-driving car if they can't rely on it to drive itself wherever they want to go?

Re:Why are they reading signs in the first place?

[omnichad]

Because construction. Temporary restrictions. Car wrecks to route around. And on top of all that, really bad documentation of existing signs.

Re:You can trick humans by defacing street signs..

[epyT-R]

It's a LOT harder to trick a human than it is to trick a computer.

Secure digital signs are a Requirement for UAVs

Cameras alone aren't effective in all situations.

The state needs to control the signage, and keep it updated, digitally, for FSD vehicles.

My friend started a company to solve this problem, and I invested in it. Posting as AC for obvious reasons.

Check out SinWaves at http://www.sinwaves.com.

Do you REALLY want to play whack-a-mole?

[Tyrannosaur]

Researchers say that authorities can fight such potential threats to self-driving car passengers by using an anti-stick material for street signs

Spend tons of money covering signs with sticker-proof material and you are again defeated by spray paint and stencils. Or by magnetic graffiti! This is not the most efficient way of thinking to remedy this problem.

Re:Do you REALLY want to play whack-a-mole?

[PPH]

Or by magnetic graffiti!

Signs are aluminum.

Re:Do you REALLY want to play whack-a-mole?

[Tyrannosaur]

magnet on the front + magnet on the back = sign can be made out of plastic for all that matters

Re:Autonomous vehicles get it right most of the ti

[bobbied]

Road signs are commonly missing, rotated, shot, stolen or defaced

Or, like around here, just plain wrong because it costs money to change them and the government doesn't have the cash.

Re:Autonomous vehicles get it right most of the ti

[arth1]

It's not just "yield to the right", it's yield to oncoming traffic

No, it's not. Oncoming traffic won't cross your path unless they turn left, in which case they have you on their right, and must yield.

yield to the car that gets there first

At least imprecise. If a car has entered the intersection and cannot reasonably be expected to stop before entering your projected path, you have to yield to it, but for a different reason - you're not allowed to cause an accident by intent or negligence. But that doesn't mean the other driver hasn't broken the rules by not yielding to you.

Some states (like Arizona) treat an uncontrolled intersection as a 4 way stop, which is the only sensible thing to do.

Many countries have mainly unmarked intersections, and have drivers follow the yield-to-right rules, and it works fine. Americans not being able to handle unmarked intersections appears to be an American phenomenon.

Easy to F with humans too

[Tablizer]

Have a very attractive lady(s) walk on the side of the road. I guarantee there will eventually be a smashup. Most men are suckers that way. I've had multiple close calls due to such "distractions". Plus, it's not illegal to arrange such, unlike sign tampering.

Hmmm, let's see if bot-cars are distracted by R2D2 in lingerie.

Re:Easy to F with humans too

Have a very attractive lady(s) walk on the side of the road. I guarantee there will eventually be a smashup. Most men are suckers that way. I've had multiple close calls due to such "distractions". Plus, it's not illegal to arrange such, unlike sign tampering.

Some countries require women in public to be fully covered in fabric. Much safer roads.

Re:Easy to F with humans too

[Tablizer]

but then get repressed and take out the place out of pent up hormones.

Misleading title

[Dutch+Gun]

A better title would be, "Researchers fool Google's TensorFlow library in laboratory tests".

As it turns out, they did NOT test this against actual self-driving vehicle image recognition, but a generic deep neural network library. This seemed obvious, as there are still no commercially available fully autonomous vehicles, but I skimmed the paper to confirm it.

There was another issue I noticed as well. They resized all their training images down to 32x32 pixels. I admit I'm no expert in neural networks, but this seems like it would greatly favor the ability to fool classification algorithms. Maybe someone more knowledgeable can correct me if I'm off base here. Still, my suspicion seems to be confirmed by this little gem:

"Our final classifier accuracy was 91% on the test dataset."

So, their baseline algorithm only worked properly slightly better than 9/10 times. Should we believe that this represents the state of the art that will be applied in actual self-driving vehicles? It seems like the researchers didn't even have a highly robust classifier from the start.

I believe the merits of the paper lie in demonstrating this as a theoretical concern, but this should in no way be construed to represent a definitive threat against actual vehicle systems. You can't necessarily blame the researchers for the crappy headline, of course, as the title is "Robust Physical-World Attacks on Machine Learning Models". But I wouldn't necessarily rate this as the most robust research I've ever seen either.

Re:Misleading title

[ShanghaiBill]

I believe the merits of the paper lie in demonstrating this as a theoretical concern

But that is important, because without this research, the teams of professional engineers designing SDCs would have never even considered that a traffic sign could be smudged or obscured by a tree branch.

Re:Misleading title

Not quite. TensorFlow is just a library for building networks. They fooled a neural network that they designed and trained themselves, which happened to be implemented using TensorFlow. Not even a particularly complex neural network, either.

Re:Misleading title

[nukenerd]

But that is important, because without this research, the teams of professional engineers designing SDCs would have never even considered that a traffic sign could be smudged or obscured by a tree branch.

They probably did not if they are anything like the professionals in charge of road signage around where I live (rurally). At this time of year many of the signs are totally obscured by foliage and no-one does anything about it. If I lived near one such I'd go out and clear it.

Re:Misleading title

THANKS for your explanation. (This is /. at its best, IMO)

Re:You can trick humans by defacing street signs..

[Qzukk]

Yeah, the first step is to get the human to look at the sign in the first place.

News flash

[Trogre]

AI is stupid.

News at 11.

Re:You can trick humans by defacing street signs..

Have you met any actual people lately?

    Are you aware of the fake news epidemic?

It's exceedingly easy to trick a human.

and location

[viperidaenz]

Signs vary widely between countries.

Here in New Zealand a stop sign is alway accompanied by a yellow line and the word "STOP" painted on the road at the intersection. Give Way signs are either unmarked or have white lines with a triangle on the road.

I assume that means if the sign is damaged, you always know the difference between a stop sign controlled intersection and a regular give way intersection.

Re:You can trick humans by defacing street signs..

[Riceballsan]

Eh... computers will learn the tricks, future generations of machines tend to become immune to the tricks the first generation fell for, heck it is very quick and easy to educate an entire generation of systems to the specific trick that the first generation fell for. Meanwhile there are still new generation humans, vulnerable to the "nigerian prince" exploit.

Stop sign on the interstate

[SeattleLawGuy]

Why not just have a geospatial database of signs that self-driving cars access? Then it won't matter what's on the sign, or if the sign even physically exists. Why is anti-stick coating the solution that "researchers" suggest?

For one thing, there's a need for temporary signs.
And the sign has to physically exist for everything that isn't a self-driving car.

This.

You have to be really carefully how you design this. The self-driving car that refuses to see a stop sign on an interstate is going to absolutely love construction zones.

Re:Stop sign on the interstate

[arth1]

The self-driving car that refuses to see a stop sign on an interstate is going to absolutely love construction zones.

if it can't take directions from road crew and police officers, it doesn't belong on a road.
My prediction: Within days of the first fully autonomous cars, one will fail to obey a police officer, and that will be the end of that.

If we're not ready for driverless trains yet, despite how many accidents are attributed to the operators, I don't think we're even close to being ready for unleashing driverless vehicles on roads.

Re:Stop sign on the interstate

[rickb928]

"stop sign on an interstate"

Citations, please. Not a lot of these where I live.

Re:Stop sign on the interstate

"stop sign on an interstate"

Citations, please. Not a lot of these where I live.

Maybe not, but in other parts of the country, where roads constantly undergo construction, yes, you will see that. There will be a guy standing there holding a double-sided sign on a pole. One side says "Yield", and the other side says "Stop". For letting traffic get by on a singe lane.

Re: Stop sign on the interstate

[rickb928]

And on the Interstate you'll see a long train of warnings, lane restrictions, reduced speed limits, culminating in the flagger(s).

A bare stop sign on the Interstate is rare. Very rare.

Tesla is already building their driving DB

[steveha]

Every new Tesla car (including Model 3) has the full "Hardware 2" platform for self-driving, and even when it's not being used for self-driving it's on and watching the world. Tesla has said that it is already using "fleet learning" to map out roads. This blog post is talking about how radar has problems but is still useful for self-driving, and they are working around the problems:

When the car is approaching an overhead highway road sign positioned on a rise in the road or a bridge where the road dips underneath, this often looks like a collision course. The navigation data and height accuracy of the GPS are not enough to know whether the car will pass under the object or not. By the time the car is close and the road pitch changes, it is too late to brake.

This is where fleet learning comes in handy. Initially, the vehicle fleet will take no action except to note the position of road signs, bridges and other stationary objects, mapping the world according to radar. The car computer will then silently compare when it would have braked to the driver action and upload that to the Tesla database. If several cars drive safely past a given radar object, whether Autopilot is turned on or off, then that object is added to the geocoded whitelist.

https://www.tesla.com/blog/upgrading-autopilot-seeing-world-radar

In a world with fleet learning this hack will be of very limited effectiveness. The first cars to reach the hacked signs will learn about them and then other cars will know. In the early days of self-driving cars the car can make the human take over and the fleet can learn what the human did.

Sooner or later I imagine there will be an interoperative standard for fleet learning, where all the cars will cooperate instead of only Tesla cars learning from other Tesla cars and so on. All cars would share learning over the Internet. This then suggests an attack where false learning data is injected into the system!

Once the world has "Level 5 self-driving" cars built with no steering wheel or other human controls, this sort of attack could be a bit of a problem and will need to be solved. One idea: if there is an interoperative standard then the Department of Transportation would publish learning data about temporary stop signs or whatever. A new stop sign appearing right where the learning data said it would would be trusted a lot.

I don't think this will be a huge issue though. Self-driving cars will already have to deal with the unexpected, such as a pedestrian jumping out into the road. If you want to get a self-driving car to stop suddenly, just throw a realistic dummy out into the road when it's coming.

These people must not drive on interstates

[Khyber]

"For example, there's no reason to have a certain sign on certain roads (Stop sign on an interstate highway)."

I can think of at least two places on I-15 which have a stop sign directly on the interstate, and one on I-40.

Stencil + paint means I can trick YOU

[gurps_npc]

Give me a stencil and some paint, and I can trick YOU by defacing street signs.

The only difference here is that idiots don't need the stencils.

To quote a famous idiot, FAKE NEWS.

Which signs do self-driving cars actually need?

[Applehu+Akbar]

On the kind of mapped terrain where self-driving cars currently mix with manual traffic, most of the information on traffic signs can be coded into the cars' database, such as speed limits on each stretch of road and the location of no-passing zones and crosswalks. Self-drivers must be able to recognize sudden and temporary control changes, such as for construction, weather damage, and police operations. If someone tries to spoof signs in one of these areas or do something like cover up a Stop sign with a picture of the scenery behind it, it will be just as immediately apparent to human drivers, and be just as likely to cause accidents (scenario 1 in the summary).

When self-drivers replace manual traffic, road signs will eventually disappear. Special short-term alterations to mapped traffic flow will be triggered by radio beacons on construction barricades, traffic cones, police cars, and crime scene boundaries.

Next, digital billboards will mimic street signs

Just like the commercials which said "Alexa, order me a [thing]" we will see shameless billboard ads and perhaps even graffiti intended to trick navigation systems.

Seriously, some advertisers will do anything to drive traffic. Imagine a billboard ad including a mock street sign in the graphics that says, "CHICAGO NEXT RIGHT" knowing that 1% of the traffic will get diverted, half of which will then pull in to your truck stop just to figure out what happened.

What about when someone defaces the sign that says "BRIDGE OUT" not quite enough to alarm humans, but enough to defeat character recognition.

These things will definitely happen, and not at all because I foresee them, but merely because they CAN happen, and you know Murphy's Law.

Re:You can trick humans by defacing street signs..

Trump fooled 40% of America. Even my computer wasn't stupid enough to fall for his baloney.

Not enough factors in the network then

[SuperKendall]

I have done some experimenting with neural nets, including traffic sign detection and was not surprised when I read this...

However I feel a large part of this vulnerability comes from an awful lot of the neural networks being trained mostly considering shapes, not color. If you factor in color at all, none of that tape nonsense is going to confuse a stop sign for a street sign.

Also I feel like this attack is probably based on well-known public traffic sign recognizers and would not work on hardier commercial systems of today, much less tomorrow - I didn't see they even tested it with a Tesla which I think recognizes such things (perhaps it's just street lights, can't remember).

Re:You can trick humans by defacing street signs..

[pubwvj]

The question wasn't is it harder, the posited issue was can you. Stick to the topic.

and who will pay that data bill? much less roaming

[Joe_Dragon]

and who will pay that data bill? much less roaming fees.

And what about LAG feeding in dated info?

What about ...

Snow? Dirt? Heavy rain?

who's classification did they test?

[prefec2]

Many companies use a multi layered neural network to classify street signs. As it highly depends on the learning data how such system classifies, it is relevant to note which implementation was tested.

Furthermore, being able to also classify signs with stickers just requires more learning data.

Highway robbery opportunity

Since the car has to stop for a construction worker holding a STOP-sign, I guess this opens up a nice opportunity for highway robbery. Perhaps the car could automatically lock the car doors when stopping?

Sense of place

Human: Some idiot knocked over the stop sign and put a band sticker over our street name.

Self driving car: I don't know why I just slammed on the brakes and swerved. I'm being put in manual mode now...

Better self driving car: Data says there should be a stop here. This is an intersection with a major street. I will stop. Dave's street is indicated at these GPS coordinates.

Best self-driving car: The police officer is swerving back and forth in front of us, but not flashing lights or sounding sirens. I have never seen this before. This is my first time in California. There must be a purpose. I will slow down and not pass the police car.

That last one actually happened to me. It's called a "traffic break" and CHP will do it sometimes because of debris or other things going on ahead. I'd like to see a self-driving algo that can handle things like that.

Re:Autonomous vehicles get it right most of the ti

[dmesg0]

4-way stops is US/Canada only phenomenon, and it's really inefficient and stupid. Most sane countries use roundabouts instead

Hacking self driving car behavior

I thought about how it might become a thing, once self driving cars are prevalent, to trick self driving cars into reacting a certain way to your actions. For example, as a pedestrian pretending to run into the street but stopping at the last second, as a driver braking a particular way or feinting into a lane, or in this case, defacing or modifying a sign to confuse the computer. These actions might result in the self driving car moving over a lane or giving you some sort of "advantage" on the road. Or it might just result in a laugh because all of the cars react a certain way to specific actions. Kind of hacking/influencing the behavior of the self driving cars using your own behavior.

I do still think this might happen on occasion but ultimately I don't think it will last long. Eventually almost everything that confuses a self driving car will confuse at least some human drivers. There is nothing preventing people from pulling these same stunts on human drivers, but as far as I know, it does not happen very often (maybe road rage is an exception). Maybe the prevalence of self driving cars will start to lessen people trying to fuck with other drivers. Why would you bother trying to prove a point to a self driving car?

wasn't this obvious?

[sad_]

i mean, what is stopping anybody of making fake signs and putting them up and misleading self driving cars.
you could lure people to a certain place by making fake 'turn here' signs, or make them stop suddenly with a fake stop sign.
who could tell the difference (human or AI)? might as well be some temporary sign because of road works up ahead, etc.

Or we can

make a worldwide database of streets and signs and make that available on the internet... oh wait dont we already have google maps... just add the real sign to this and no matter what people do on the street the database will have the correct answer...

Re:Autonomous vehicles get it right most of the ti

No, it's not. Oncoming traffic won't cross your path unless they turn left, in which case they have you on their right, and must yield.

Your way of thinking of it doesn't take the case where you are about to turn left into consideration.

Re:You can trick humans by defacing street signs..

It's a LOT harder to trick a human than it is to trick a computer.

Not really. As teenagers, we would just remove, move, or swap signs around. It fooled a lot of humans.

Try this: find an intersection with a traffic signal. Place a stop sign on each road. Drivers won't know whether to obey the signal or the sign.

Randomly placed ONE WAY and DO NOT ENTER signs are especially confusing to humans.

Stop sign recognizable even if covered by poster

[ArsenneLupin]

The idea behind this research is that an attacker could (1) print an entirely new poster and overlay it over an existing sign, or [...]While scenario (1) will trick even human observers and there's little chance of stopping it

Nope, it won't in the case of the stop sign. It's octogonal, the only street sign that has this shape. So it will be recognizable whether clear, covered in a weird poster, or in snow. Btw, possibility of snow cover was the reason why the street sign design committee decided to give it this shape. The importance of the stop sign is so that it must not be confused with something else, even if for whatever reason it becomes unreadable.

No difference from humans in this respect

[seniorcoder]

If someone alters a sign, it might trick a robot. Then again, it might trick a human too. So what's the difference?

Easy fix

[ctilsie242]

Easy fix... some type of transponder on the sign that is cryptographically signed and is GPS locked to a small area, so if the sign is moved beyond a few feet, it gets ignored by the vehicle. That way, a 30 changed to an 80 will be ignored. Not 100% secure, as someone can hack the private key, but it will stop mischief like this.

Re:Easy fix

Yeah right... One on every traffic sign? it will still get stolen, run out of battery (or do you want to run mains power to every signpost?) or plain fail. Traffic signs sometimes last decades. How long will a transponder last?

Can't be this hard to figure out

[rickb928]

The Federal Government decided we needed new fonts for street signs.

Again.

Federal DB

[kfh227]

This basically means that tere needs to be a federal DB of all signage in the USA. Along with requirements that any removals, additions and modifications to such signs be made in real time. Then toss on a manual auditing system to inspect areas for correctness. You could even have cars report any conflicting data to authorities.

This is fixable but it needs to be done governmentally.

Now for hands free driving, please advance the development of robot sex workers.

Bottom line...

[sbaker]

Self driving cars will undoubtedly have many problems - that's not the question. The question is: Will they have more problems than humans? If you deface a sign enough - then a human can't recognize it either. The car, however, can be equipped with a database of where the signs are - it can compare the picture it sees with the database and with the pictures other cars have seen at that same location.

A car has MUCH more information than a person.

I would also bet that it could use the fact that signs are retro-reflective and return more energy from LIDAR than a sticker or spray paint can.

There are MANY ways to make this tiny problem "go away" for cars - but none to make it "go away" for humans.

Re:Bottom line...

The database could be out of date because the sign got changed before the database got updated.

You might be in a dead zone without cell reception, so you can't ask other cars.

You can get retroreflective stickers without too much trouble.

There are no ways to make this problem go away except teach the computer better image processing. It actually needs to not only see the road, but understand it in it's entirety. And that's the hard problem.

Re:Bottom line...

[Agent0013]

Right, just compare it to another image. That sounds so easy. Almost as easy as putting the image into a category of what the image is of. And it could tell you the confidence of what the image is of, and if it isn't confident, then we know it might be a problem.

Oh, yeah! The system is very confident that it has the image recognized correctly. And comparing it to another image is just more image processing. Which will be subject to more failures of a similar nature to what you are trying to fix. Perhaps we need a human to read the signs and touch the screen where the correct sign is displayed. That aught to do it!

Make a public traffic signal databse by the police

[stormhalplus]

That way cars can use it better than having to read the actual traffic signal. Better yet, have cars report to police if there is some inconsistency to the police. That way after several reports they will know the signal has a problem.

Backwards

Researchers say that authorities can fight such potential threats to self-driving car passengers by using an anti-stick material for street signs.

Yes, replacing every street sign in the nation in order to accommodate your shitty computer vision sounds like an appropriate solution. (Are the self-driving car manufacturers volunteering to pay for this?)

Stop signs on interstates happen

[Baloo+Uriza]

Ones I've personally encountered are pretty much every 50 or so miles on Interstate 44 from Wichita Falls, TX to Joplin, MO; pretty much any interstate entering California; and the occasional outdated, extremely short onramp that hasn't been updated since the freeway opened last century all over the country.

Except in the onramp case, all of these occur on the freeway itself.

Then there's Interstate 5, which, in addition to having stop signs at either end of it because DUH, the two busiest border crossings in the world at opposite ends of it, it also has traffic lights in the Portland area thanks to the drawbridge, since Clark County is so spiteful it can't be arsed to accept light rail to Oregon.

Re:Autonomous vehicles get it right most of the ti

[omnichad]

Bad data in, bad data out. This is what you get when you train your neural network with only "perfect" examples. It has no context for any variation whatsoever.