{"title":"不断发展的自动驾驶软件的连续附带隐私风险审计","authors":"Chang Liu, Krerkkiat Chusap, Zhongen Li, Zhaojie Chen, Dylan Rogers, Fanghao Song","doi":"10.1109/ICSME.2019.00055","DOIUrl":null,"url":null,"abstract":"Autonomous driving systems have a rich and diverse set of sensors and collect a tremendous amount of data during their operations. This has significant implications for individual privacy and induces a new type of potential privacy risks - collateral privacy risks. It is important for the public and the developer community to be aware of the collateral privacy risk posed by current autonomous driving software systems. We performed data privacy analysis for the Apollo project, an open-source autonomous driving software system. We applied source code-based privacy auditing techniques tailored for this particular problem and produced preliminary results, although there were unresolved open issues remaining. As we performed auditing, Apollo was upgraded from version 3.0 to 3.5 with significant under-the-hood technology changes. It was a challenge to perform the analysis as the underlying software evolves and maintain a result that is up-to-date. To address this challenge, we developed and deployed a continuous source code privacy risk analysis tool to assist in the process. In this paper, we discuss our experience and lessons learned from this industrial case study.","PeriodicalId":106748,"journal":{"name":"2019 IEEE International Conference on Software Maintenance and Evolution (ICSME)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Continuous Collateral Privacy Risk Auditing of Evolving Autonomous Driving Software\",\"authors\":\"Chang Liu, Krerkkiat Chusap, Zhongen Li, Zhaojie Chen, Dylan Rogers, Fanghao Song\",\"doi\":\"10.1109/ICSME.2019.00055\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Autonomous driving systems have a rich and diverse set of sensors and collect a tremendous amount of data during their operations. This has significant implications for individual privacy and induces a new type of potential privacy risks - collateral privacy risks. It is important for the public and the developer community to be aware of the collateral privacy risk posed by current autonomous driving software systems. We performed data privacy analysis for the Apollo project, an open-source autonomous driving software system. We applied source code-based privacy auditing techniques tailored for this particular problem and produced preliminary results, although there were unresolved open issues remaining. As we performed auditing, Apollo was upgraded from version 3.0 to 3.5 with significant under-the-hood technology changes. It was a challenge to perform the analysis as the underlying software evolves and maintain a result that is up-to-date. To address this challenge, we developed and deployed a continuous source code privacy risk analysis tool to assist in the process. In this paper, we discuss our experience and lessons learned from this industrial case study.\",\"PeriodicalId\":106748,\"journal\":{\"name\":\"2019 IEEE International Conference on Software Maintenance and Evolution (ICSME)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE International Conference on Software Maintenance and Evolution (ICSME)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSME.2019.00055\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Conference on Software Maintenance and Evolution (ICSME)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSME.2019.00055","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Continuous Collateral Privacy Risk Auditing of Evolving Autonomous Driving Software
Autonomous driving systems have a rich and diverse set of sensors and collect a tremendous amount of data during their operations. This has significant implications for individual privacy and induces a new type of potential privacy risks - collateral privacy risks. It is important for the public and the developer community to be aware of the collateral privacy risk posed by current autonomous driving software systems. We performed data privacy analysis for the Apollo project, an open-source autonomous driving software system. We applied source code-based privacy auditing techniques tailored for this particular problem and produced preliminary results, although there were unresolved open issues remaining. As we performed auditing, Apollo was upgraded from version 3.0 to 3.5 with significant under-the-hood technology changes. It was a challenge to perform the analysis as the underlying software evolves and maintain a result that is up-to-date. To address this challenge, we developed and deployed a continuous source code privacy risk analysis tool to assist in the process. In this paper, we discuss our experience and lessons learned from this industrial case study.