ReasonBreak: Probing Vulnerabilities in Reasoning-Enabled Vision-Language-Action Models for Autonomous Driving
arXiv:2605.29114v1 Announce Type: cross Abstract: Vision-Language-Action (VLA) models with integrated reasoning have been proposed for end-to-end autonomous driving, assuming a tight coupling between reasoning and trajectory generation. However, the robustness of such systems under realistic input perturbations remains largely unexplored. We show that these models are highly vulnerable to realistic input perturbations, achieving up to 89% attack success rate (ASR) on reasoning and up to 72% on trajectory manipulation in closed-loop simulation, leading to increased collision rates and degraded
The increasing deployment of reasoning-enabled Vision-Language-Action models in critical domains like autonomous driving necessitates immediate investigation into their robustness and vulnerabilities before widespread adoption.
This research reveals significant security vulnerabilities in advanced AI models for autonomous driving, highlighting critical risks that could undermine public trust and safety in AI-driven transportation systems.
The understanding of AI model robustness, particularly in safety-critical applications like autonomous driving, is now informed by empirical evidence of substantial attack surfaces and potential for manipulation.
- · AI safety researchers
- · Cybersecurity firms
- · Regulatory bodies
- · Simulation and testing platforms
- · VLA model developers
- · Autonomous vehicle manufacturers
- · Early adopters of unverified AI
Automotive manufacturers will prioritize more robust AI security measures, potentially delaying deployment of advanced autonomous features.
Increased investment in adversarial AI research and red-teaming for safety-critical AI systems will become standard across industries.
New certification standards and regulatory frameworks for AI model robustness in autonomous systems may emerge, impacting development cycles and costs.
This signal links to a primary source. Continuum Brief monitors and indexes it as part of the live intelligence stream — we do not republish source content.
Read at arXiv cs.LG