Verifying the safety of autonomous driving systems under adversarial environments—such as those involving hostile human drivers manipulating surrounding traffic—remains a significant challenge. Method: This paper proposes a scenario-based formal adversarial testing framework. It employs Metric Temporal Logic (MTL) to precisely specify dynamic safety requirements; introduces approximate function optimization for generating adversarial driving trajectories, enabling emergent modeling of malicious behaviors; and establishes an MTL-driven closed-loop verification paradigm capable of identifying provably safe operational boundaries. Contribution/Results: The framework successfully discovers multiple novel classes of adversarial driving strategies. It provides the first quantitative characterization of the safe operational boundary for autonomous vehicles in interactive traffic scenarios. By enabling rigorous, proof-based safety analysis, it substantially enhances the verifiability and trustworthiness of autonomous systems under adversarial conditions.

Intelligent mechanisms implemented in autonomous vehicles, such as proactive driving assist and collision alerts, reduce traffic accidents. However, verifying their correct functionality is difficult due to complex interactions with the environment. This problem is exacerbated in adversarial environments, where an attacker can control the environment surrounding autonomous vehicles to exploit vulnerabilities. To preemptively identify vulnerabilities in these systems, in this paper, we implement a scenario-based framework with a formal method to identify the impact of malicious drivers interacting with autonomous vehicles. The formalization of the evaluation requirements utilizes metric temporal logic (MTL) to identify a safety condition that we want to test. Our goal is to find, through a rigorous testing approach, any trace that violates this MTL safety specification. Our results can help designers identify the range of safe operational behaviors that prevent malicious drivers from exploiting the autonomous features of modern vehicles.