research-article

Securing the Electric Vehicle Charging Infrastructure: An In-Depth Analysis of Vulnerabilities and Countermeasures

Authors:

Gerald Vailoces,

Alexander Keith,

Abdulaziz Almehmadi,

Khalil El-KhatibAuthors Info & Claims

DIVANet '23: Proceedings of the Int'l ACM Symposium on Design and Analysis of Intelligent Vehicular Networks and Applications

Pages 31 - 38

https://doi.org/10.1145/3616392.3623424

Published: 30 October 2023 Publication History

Abstract

The growth of electric vehicle (EV) adoption is bringing an increased demand for electric vehicle supply equipment (EVSE) infrastructure. With this growth, however, it is inevitable that vulnerabilities are discovered, which motivates an in-depth analysis of the security posture of EVSE infrastructure and development of a strong cybersecurity program to ensure its security and resiliency. In this research paper, we will analyze and highlight various vulnerabilities in EVSE systems, including weak authentication mechanisms, and end-to-end communications. We will identify as well potential attack scenarios that can create vulnerabilities that have consequences that range from physical damage to major service disruptions, and identify various solutions and countermeasures to mitigate these vulnerabilities.

References

[1]

Albouq, S. S., and Fredericks, E. M. Detection and avoidance of wormhole attacks in connected vehicles. In Proceedings of the 6th ACM Symposium on Development and Analysis of Intelligent Vehicular Networks and Applications (New York, NY, USA, 2017), DIVANet '17, Association for Computing Machinery, p. 107--116.

Digital Library

[2]

Alcaraz, C., Lopez, J., and Wolthusen, S. Ocpp protocol: Security threats and challenges. IEEE Transactions on Smart Grid PP (02 2017), 1--1.

[3]

Baker, R., and Martinovic, I. Losing the car keys: Wireless PHY-Layer insecurity in EV charging. In 28th USENIX Security Symposium (USENIX Security 19) (Santa Clara, CA, Aug. 2019), USENIX Association, pp. 407--424.

[4]

Bao, K., Valev, H., Wagner, M., and Schmeck, H. A threat analysis of the vehicle-to-grid charging protocol iso 15118. Computer Science - Research and Development 33 (02 2018), 1--10.

[5]

Basnet, M., and Hasan Ali, M. Deep learning-based intrusion detection system for electric vehicle charging station. In 2020 2nd International Conference on Smart Power & Internet Energy Systems (SPIES) (2020), pp. 408--413.

[6]

ChargePoint, Inc. https://www.chargepoint.com/about/news/chargepointstatement- iso-15118-white-paper. ChargePoint News, 2023. Retrieved February 20, 2023 from https://www.chargepoint.com/about/news/chargepoint-statementiso- 15118-white-paper.

[7]

Gottumukkala, R., Merchant, R., Tauzin, A., Leon, K., Roche, A., and Darby, P. Cyber-physical system security of vehicle charging stations. In 2019 IEEE Green Technologies Conference(GreenTech) (2019), pp. 1--5.

[8]

GreenFlux Assets B.V. Open protocols. Retrieved February 15, 2023 from https://www.greenflux.com/spotlights/open-protocols/.

[9]

Haaf, P. Plug and charge - an essential step towards seamless e-mobility, 2020. Retrieved January 23, 2023 from https://www.capgemini.com/insights/expertperspectives/ plug-and-charge-an-essential-step-towards-seamless-e-mobility/.

[10]

Hille, C., and Allhoff, M. Ev charging: Mapping out the cyber security threats and solutions for grids and charging infrastructure. UtiliNet Europe (2018).

[11]

Jaisingh, K., El-Khatib, K., and Akalu, R. Paving the way for intelligent transport systems (its) privacy implications of vehicle infotainment and telematics systems. In Proceedings of the 6th ACM Symposium on Development and Analysis of Intelligent Vehicular Networks and Applications (2016), pp. 25--31.

Digital Library

[12]

Johnson, J., Berg, T., Anderson, B., and Wright, B. Review of electric vehicle charger cybersecurity vulnerabilities, potential impacts, and defenses. Energies 15, 11 (2022).

[13]

Kaspersky. Remotely controlled ev home chargers - the threats and vulnerabilities, 2018. Retrieved February 20, 2023 from https://securelist.com/remotelycontrolled- ev-home-chargers-the-threats-and-vulnerabilities/89251/.

[14]

Köhler, S., Baker, R., Strohmeier, M., and Martinovic, I. Demo: End-to-end wireless disruption of ccs ev charging. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (New York, NY, USA, 2022), CCS '22, Association for Computing Machinery, p. 3515--3517.

[15]

Lacroix, J., El-Khatib, K., and Akalu, R. Vehicular digital forensics: What does my vehicle know about me? In Proceedings of the 6th ACM Symposium on Development and Analysis of Intelligent Vehicular Networks and Applications (2016), pp. 59--66.

Digital Library

[16]

Ma, Z., Yu, F. R., Jiang, X., and Boukerche, A. Trustworthy traffic information sharing secured via blockchain in vanets. In Proceedings of the 10th ACM Symposium on Design and Analysis of Intelligent Vehicular Networks and Applications (New York, NY, USA, 2020), DIVANet '20, Association for Computing Machinery, p. 33--40.

Digital Library

[17]

Maglaras, L., Ayres, N., Moschoyiannis, S., and Tassiulas, L. The end of eavesdropping attacks through the use of advanced end to end encryption mechanisms. In IEEE INFOCOM 2022 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) (2022), pp. 1--2.

[18]

Morosan, A. G., and Pop, F. Ocpp security - neural network for detecting malicious traffic. In Proceedings of the International Conference on Research in Adaptive and Convergent Systems (New York, NY, USA, 2017), RACS '17, Association for Computing Machinery, p. 190--195.

Digital Library

[19]

Multin, M. The basics of plug & charge, 2020. Retrieved February 3, 2023 from https://www.switch-ev.com/blog/basics-of-plug-and-charge.

[20]

Multin, M. What is iso 15118, 2021. Retrieved February 1, 2023 from https://www.switch-ev.com/blog/what-is-iso-15118.

[21]

Open Charge Alliance. Open charge point protocol 2.0.1. Retrieved February 8, 2023 from https://www.openchargealliance.org/protocols/ocpp-201/.

[22]

Priambodo, D. F., Ajie, G. S., Rahman, H. A., Nugraha, A. C. F., Rachmawati, A., and Avianti, M. R. Mobile health application security assesment based on owasp top 10 mobile vulnerabilities. In 2022 International Conference on Information Technology Systems and Innovation (ICITSI) (2022), pp. 25--29.

[23]

Research and Markets. Electric vehicle charging station global market report 2022: Demand for quicker and more efficient charging drives growth, Jan. 2022. Retrieved January 25, 2023 from https://www.businesswire.com/news/home/20230123005419/en/Electric- Vehicle-Charging-Station-Global-Market-Report-2022-Demand-for-Quickerand- More-Efficient-Charging-Drives-Growth-ResearchAndMarkets.com.

[24]

Sibanda, I. Security weaknesses exposed in ev systems. Retrieved March 28, 2023 from https://www.rsaconference.com/library/Blog/security-weaknessesexposed- in-ev-systems.

[25]

Sklyar, D. Chargepoint home security research. Kaspersky, 2018. Retrieved February 20, 2023 from https://media.kasperskycontenthub.com/wpcontent/ uploads/sites/43/2018/12/13084354/ChargePoint-Home-securityresearch_ final.pdf.

[26]

Stykas, V. Smart car chargers, 2021. Retrieved February 15, 2023 from https://www.pentestpartners.com/security-blog/smart-car-chargers-plugn- play-for-hackers/.

[27]

Vaidya, B., Makrakis, D., and Mouftah, H. Effective public key infrastructure for vehicle-to-grid network. In Proceedings of the fourth ACM international symposium on Development and analysis of intelligent vehicular networks and applications (2014), pp. 95--101.

Digital Library

[28]

Vaidya, B., and Mouftah, H. T. Multimodal and multi-pass authentication mechanisms for electric vehicle charging networks. In 2020 International Wireless Communications and Mobile Computing (IWCMC) (2020), pp. 371--376.

[29]

Varriale, R., Crawford, R., and Jaynes, M. Risks of Electric Vehicle Supply Equipment Integration Within Building Energy Management System Environments: A Look at Remote Attack Surface and Implications. Springer International Publishing, 01 2022, pp. 163--173.

[30]

Wei, Z., Yu, F. R., and Boukerche, A. Trust based security enhancements for vehicular ad hocnetworks. In Proceedings of the fourth ACM international symposium on Development and analysis of intelligent vehicular networks and applications (2014), pp. 103--109.

Digital Library

[31]

Wood, J. Electric vehicles: The 3 main factors holding back sales, October 2022. Retrieved January 15, 2023 from https://www.weforum.org/agenda/2022/10/evsales- charging-infrastructure-transport-sector-sustainable.

[32]

Zhang, D., Yu, F. R., Wei, Z., and Boukerche, A. Software-defined vehicular ad hoc networks with trust management. In Proceedings of the 6th ACM Symposium on Development and Analysis of Intelligent Vehicular Networks and Applications (New York, NY, USA, 2016), DIVANet '16, Association for Computing Machinery, p. 41--49.

Digital Library

Cited By

Sholihul Hadi MArgeshwara DSendari SMizar MSanjaya EIrvan M(2024)Off-Grid Electric Vehicle Charging Station with Integrated Local Server OCPP Protocol as a Management SystemTransport and Telecommunication Journal10.2478/ttj-2024-002425:3(321-334)Online publication date: 26-Jun-2024
https://doi.org/10.2478/ttj-2024-0024

Index Terms

Securing the Electric Vehicle Charging Infrastructure: An In-Depth Analysis of Vulnerabilities and Countermeasures

Recommendations

MiniV2G: An Electric Vehicle Charging Emulator
CPSS '21: Proceedings of the 7th ACM on Cyber-Physical System Security Workshop

The impact of global warming and the imperative to limit climate change have stimulated the need to develop new solutions based on renewable energy sources. One of the emerging trends in this endeavor are Electric Vehicles (EVs), which use electricity ...
Uncovering Covert Attacks on EV Charging Infrastructure: How OCPP Backend Vulnerabilities Could Compromise Your System
ASIA CCS '24: Proceedings of the 19th ACM Asia Conference on Computer and Communications Security

The Electric Vehicle (EV) charging infrastructure has been rapidly expanding to keep up with the increased demands of EV consumers. This government-backed infrastructure expansion resulted in the rushed integration of a significant number of insecure EV ...
Vulnerability Analysis of an Electric Vehicle Charging Ecosystem
Critical Information Infrastructures Security
Abstract
The increase of electric vehicles has exacerbated the need for adequate security measures in the electric vehicle charging ecosystem (EVCE). Integrating IT services into the electric vehicle charging infrastructure exposes it to several new attack ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

DIVANet '23: Proceedings of the Int'l ACM Symposium on Design and Analysis of Intelligent Vehicular Networks and Applications

October 2023

129 pages

ISBN:9798400703690

DOI:10.1145/3616392

General Chair:
Rodolfo Coutinho
Concordia University, Canada
,
Program Chair:
Maram Bani Younes
Philadelphia University, Amman, Jordan

Copyright © 2023 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSIM: ACM Special Interest Group on Simulation and Modeling

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

MSWiM '23

Sponsor:

SIGSIM

MSWiM '23: Int'l ACM Conference on Modeling Analysis and Simulation of Wireless and Mobile Systems

October 30 - November 3, 2023

Quebec, Montreal, Canada

Acceptance Rates

Overall Acceptance Rate 70 of 308 submissions, 23%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
186
Total Downloads

Downloads (Last 12 months)178
Downloads (Last 6 weeks)8

Reflects downloads up to 24 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Sholihul Hadi MArgeshwara DSendari SMizar MSanjaya EIrvan M(2024)Off-Grid Electric Vehicle Charging Station with Integrated Local Server OCPP Protocol as a Management SystemTransport and Telecommunication Journal10.2478/ttj-2024-002425:3(321-334)Online publication date: 26-Jun-2024
https://doi.org/10.2478/ttj-2024-0024

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents