Securing electric vehicle charging stations from cyber attacks

Introduction

Electric vehicles (EVs) are critical for achieving carbon neutrality and mitigating global warming. It is self-evident that the rising demand for EVs directly correlates with the increase in EV charging infrastructure. Although EVs can be charged at home and offices using slow chargers, fast charging is mainly confined to public charging stations. A public charging station involves considerable economic investment where there is a deep interaction between EVs, the charging station, and the grid. The station also bills the customer the energy supplied to the EV at the end of the transaction. There is thus a two-way communication of information exchange between the EV and the charging station. Such bi-directional communication makes charging stations vulnerable to disruptive and deadly cyberattacks that may discontinue the normal operations of the power grid or steal users’ personal information. This article explores the growing concern over the security of charging an EV at any charging station and possible prevention methods.

EV charging ecosystem

The EV charging ecosystem is a cyber-physical system incorporating multiple entities that collaborate and interact to provide vital services to customers. A multi-layer cyber-physical system with various communication routes is depicted in Figure 1.

Electric Vehicle Charging Ecosystem
Figure 1: Electric vehicle charging ecosystem
  • Physical layer: The physical layer of an EV ecosystem consists of EV charging stations (EVCS), battery packs, power conditioning units, motors, filters, protection systems, power connectors, etc. These physical devices offer different functions to the EV ecosystem. These devices use the cyber layer for mutual communication.
  • Cyber layer: The Cyber Layer is a composite entity of various software components intricately linked with their hardware or physical counterparts. This layer includes in-vehicle elements and external EV-X layers (where 'X' can denote EVCS, Distribution system operator, road infrastructure, etc.). Generally, modern EVs can engage in external cyber interactions with entities such as EVCSs, internet service portals, road infrastructure, other vehicles, radio stations, and original equipment manufacturers (OEMs) responsible for producing components used in EVs, as illustrated in Fig. 1. The interaction of in-vehicular network with the external networks and infrastructures systems makes these layers susceptible to cyber-attacks.
  1. In-vehicle layer:New-generation EVs have several electronic control modules (ECMs) for different vehicle operations, such as steering, HVAC, infotainment, etc. These MCUs have a microcontroller and input/output(I/O) interfaces and use protocols like controller area network (CAN), local interconnected networks (LINs), media-oriented systems transport (MOST), and FlexRay for communication. The CAN is a critical component of these networks as it communicates with critical ECUs, including the charge control unit. So, any breach in its security may affect the EV charging process.
  2. EV-EVCS:The EV and EVSE communicate over Power Line Communication (PLC) or CAN communication. In this system, the data stream is modulated onto the PWM signal. The commands transmitted include the readiness of the EV to accept charging power and the EVCS to supply the charging power, the charging current requirement, the State of Charge (SoC) of the battery, and ground fault detection. A TCP/IP stack is used for communication in the vehicle's charge control module.
  3. EV-OEMs:The EVs also regularly communicate with the OEMs for regular software updates and security patches of their ECMs. This task is performed online or offline using USB or Ethernet ports because of fast delivery and cost-effectiveness.
  4. EVCS-onsite HMI:EVCSs are equipped with HMI that comprises a touchscreen display, a card reader, and an authentication and maintenance terminal. The EV users can use the touchscreen display to customize their charging experience. It allows them to select preferred charging parameters such as charging level, connector type, payment method, and duration. Additionally, it provides real-time information on the EVCS operating status, charging costs, and energy consumption. Authentication and payment for charging sessions are facilitated through the card reader, with widely adopted methods including proprietary RFID cards and smartphone applications. Accepted payment modes encompass credit or debit cards and/or cash. EVCSs also have USB, serial, and Ethernet ports for maintenance and software updates.
  5. EVCS-building energy management system (BEMS), power grid interface:Electric power grid and distribution system operators have actively promoted the involvement of high-power demand-side appliances like EVCS in their Demand response (DR) programs. From a cybersecurity standpoint, the primary objective of DR programs is to mitigate the adverse impacts of high wattage loads, such as EV charging, on the power grid and other consumers. This includes avoiding additional losses, excessive demand peaks, and fluctuations in current and voltage. To facilitate DR programs, some power grid operators use third-party aggregators that manage small-scale producers and demand-side resources, acting as intermediaries between customers and the grid. In the case of EVCS, like other small-scale electricity producers and demand-side resources, participation involves two-way communication. The grid or aggregator collects real-time energy usage data and disseminates DR scheduling and pricing signals. This communication occurs directly with the EVCS or, in integrated large real-estate EVCS developments, indirectly through a BEMS. Communication between the BEMS and EVCSs follows a non-standard protocol. Smart appliances under the BEMS's control include inverter-interfaced energy sources (such as rooftop solar panels), energy data loggers, and infotainment systems. The complexity of their supply chains and connectivity introduces vulnerabilities, potentially allowing attacks on their supply chain and unauthorized access to the BEMS network premises.

The vulnerability of EV charging stations to cyber attacks

From a cybersecurity perspective, attackers can commit security breaches using physical access points in EV charging stations and quasi-physical RFID technologies.

The susceptibility of EV charging stations to cyber-attacks provides a means for attackers to seize control and gain unauthorized access. Cyberattacks on these stations include data tampering, denial of services, and information disclosure. Similarly, web and smartphone applications play a crucial role, serving as potential points of compromise, allowing hackers to access stored usernames and critical data of EV users.

  • Web-based vulnerabilities: EVCSs typically feature a communication module having a wireless (Bluetooth, Wi-Fi, cellular, etc.) or wired interface. This module enables authorized drivers to initiate a charging session and relay the session's status back to the station operator. Communication occurs through vehicle modules, a smartphone, or an RFID card. If, for any reason, the security of any of these network endpoints (including the controller server and station operation interface) is compromised due to weak authentication or lack of encryption, then such a vulnerability will spread to all connected charging stations. Such a breach could compromise the confidentiality and integrity of data and control commands, ultimately affecting the workings of the charging station, the controller, and the power grid. Some of the web-based vulnerabilities are:
    1. Spoofing attacks:Communication protocols that rely on wireless technologies, such as RFID, Bluetooth, and Wi-Fi, are susceptible to spoofing attacks. One prevalent form of this attack involves compromising the device's unique identifier, like a MAC address, to masquerade as a legitimate user. This usually occurs before the establishment of encryption and key generation. Spoofing attacks can compromise a user's identity, threatening their privacy, mainly concerning personal information. These attacks can also manipulate transmitted data, undermining the integrity of the exchanged information.
    2. Man-in-the-middle attack:This attack in an EVCS involves an unauthorized third party intercepting and potentially altering the communication between two entities within the charging system. The attackers position themselves between the communication flow, allowing them to spy on the data exchanged between the EV, charging station, and possibly other components. Most radio-based communications are also prone to man-in-the-middle attacks. In an EVCS, a man-in-the-middle attack can compromise the security of the communication link between the EV and the charging station. For example, an attacker might intercept data exchanged during the initiation of a charging session, potentially gaining unauthorized access or manipulating the charging process. This could lead to various security and privacy issues, such as unauthorized usage, data manipulation, or even disruption of the charging process.
    3. Denial of service (DoS) attack:This type of attack involves malicious attempts to disrupt or turn off the normal functioning of the charging infrastructure, making it unavailable to legitimate users. It aims to overwhelm the system with excessive requests, depleting its resources or causing it to crash, thereby preventing electric vehicles from accessing charging services. In executing the DoS attack, an invalid MAC address not employed in the network is embedded in the neighbor solicitation message. Consequently, this message possesses either an invalid destination or no destination within the network, leading to a scenario where messages from EVs fail to reach the charging station.
  • Human-machine interface vulnerabilities:EVCS exhibits limited resilience against physical disruptions as various components, such as serial, USB, Ethernet ports, magnetic card readers, and touchscreens, are externally mounted on EVCS panels, making them vulnerable to physical intrusions. USB ports are convenient entry points for potential cyberattacks, enabling unauthorized access to copy, modify, or erase the stored data in the EVCS. This includes accessing the EVCS server authentication credentials and identifiers of previously charged EVs. Additionally, attackers may manipulate copied data and re-upload it to the EVCS as updated firmware. Beyond USB ports, physical attacks extend to remotely skimming magnetic card readers, similar to methods employed in gas station attacks. Public EVCSs commonly use RFID cards and QR codes to authenticate EV users, with cards shown at the initiation and conclusion of each charging session. Phishing an RFID card reader installed at the EVCS allows attackers to eavesdrop and collect login credentials. Subsequently, duplicating the EV user login credentials stored in the RFID card enables attackers to mimic EV charging. Unauthorized charging may persist undetected for an extended period, given that EVCSs typically bill users monthly.
  • EVCS server vulnerabilities:There is a distinct absence of global standards for communication between distributed EVCSs and the EVCS server. However, several EVCS vendors have adopted and recognized the open charge point protocol (OCPP). This protocol operates on a client/server architecture, allowing both parties to initiate a communication session. However, the OCPP is susceptible to man-in-the-middle cyberattacks that compromise data privacy, message authenticity, integrity, and non-repudiation. This vulnerability stems from the absence of server/client certificates and end-to-end message encryption. Consequently, unauthorized access may result in the theft, alteration, and spoofing of EV charging data, including unique EV and EVCS identifiers and charging settings.
  • Smartphone vulnerabilities:Smartphone and web-based applications play a crucial role in commercial EVCS functionality, with a growing number of offerings from EVCS operators and third-party aggregators. These applications serve various purposes, including locating public EVCSs, authenticating EVs for charging, remotely managing charging sessions, and facilitating payment for the charging service. However, malicious smartphone applications or undiscovered software bugs potentially threaten the integrity of EV charging processes. These vulnerabilities can be exploited as entry points for disseminating worms in EVs and EVCSs. An insecure smartphone application could allow for user impersonation, circumvention of user authentication, and manipulation of EV charging data and settings. Such attacks have the potential to cause damage to both the EVCSs and the connected EVs. Therefore, securing these applications is paramount to safeguarding the reliability and safety of EV charging operations.
  • OEM vulnerabilities:EVs frequently communicate with OEMs to receive routine software updates and patches using expansive networks like cellular networks. OEMs favor wireless patching methods over USB or Ethernet ports due to their rapid delivery and cost-effectiveness. These updates are transmitted as code or data images alongside metadata that includes authentication information. However, wireless software updates are susceptible to man-in-the-middle cyberattacks, allowing attackers to remotely eavesdrop on, deny, or alter the updates during transmission.
  • Power grid interface vulnerabilities:Cyber-attacks targeting EVCS can also threaten the power grid's stability. EVCS is susceptible to Denial of Service (DoS) attacks and data tampering. Such an attack aims to induce voltage or frequency instability events within the grid, potentially triggering protective relays and setting off a chain of failures. In the case of DoS attacks, the assailant may strategically disable a significant portion of the EVCS, causing a substantial reduction in the overall system load and generating over-frequency events. To achieve this, the attacker must establish an EVCS botnet (a network of compromised equipment) or compromise an EVCS server. A sufficient number of EVCS must be compromised to impact system load during their peak operating times. In tampering attacks, the attacker manipulates information displayed on EVCS webpages or smartphone apps, presenting false unavailability or high charging prices. This can divert EV charging to a different location, potentially stressing the power system due to increased demand. The attacker aims to overload grid equipment in the chosen area, causing voltage failures and initiating cascading events.

Methods to safeguard EVCSs from cyber thefts

The implementation of comprehensive cybersecurity measures is necessary to safeguard EVCSs from cyber thefts. Fundamental principles such as secure-by-design must be applied throughout the entire product development process and during deployment. This approach incorporates secure maintenance practices, such as updating EV charging firmware before implementing the technology and consistently applying updates and software patches. The following methods, if applied, can mitigate cybersecurity risks for EV charging stations:

  • Encryption and secure communication protocols: Implementing robust encryption mechanisms between EVs and central servers can ensure consistent communication within EVCS. Secure communication protocols like HTTPS safeguard data during transmission and thwart unauthorized access. Network segmentation practices are carefully employed, with traffic between segments restricted to explicitly permitted data and communications limited to defined host-to-host paths. Only the ports needed for operations are opened, and network communication security is safeguarded with protection and intrusion detection systems. Additionally, all logs are diligently saved, retained (for a reasonable time), and regularly reviewed for proactive threat management.
  • Regular software updates and patching: Cyber-attacks can be prevented if EVCS software, firmware, and applications keep up to date with the latest security patches. This helps eliminate vulnerabilities and strengthens the system's resilience against emerging cyber threats. Also, It is vital to establish a responsive process for addressing newly discovered vulnerabilities. This ensures that patches can be promptly and efficiently rolled out to mitigate potential security risks.
  • Network segmentation: You can use network segmentation to prevent unauthorized access to sensitive systems. Segmentation isolates critical components of the EVCS infrastructure and limits the potential impact of a security breach. The network communication should be protected using intrusion detection systems, and work restricted to operation-related ports. Furthermore, saving and retaining all logs for a reasonable duration is vital while conducting regular reviews, and there should be continuous scanning for vulnerabilities. It is crucial to prioritize the remediation of any known critical or high-severity vulnerabilities in third-party component libraries. Deploying sufficient malware defenses is essential to safeguard EVCSs and associated software applications.
  • Physical Security Measures: Physical security is an essential aspect of overall cybersecurity. An attacker with unauthorized physical access can tamper or do unauthorized manipulation. EVCSs are placed in publicly accessible areas, and service providers must account for this factor in their enclosure designs. Installers should make provisions for CCTV monitoring of the stations. EVCSs should allow only those removable media whose origin is known and trusted to be connected. Before connecting any portable device through a USB port or SD card slot, the device should also be scanned for malware and viruses.
  • Collaboration with Cybersecurity Experts: Engaging with cybersecurity experts to conduct regular audits and assessments of EVCS security is a good practice. This will ensure that best practices will be followed for secure system development,. This external perspective can help identify potential vulnerabilities and recommend effective countermeasures. An understanding of the significance of a cybersecurity program following the NIST Cybersecurity Framework or holding third-party certification, such as UL 2900, IEC 62443, ISO/SAE 21434, or other widely recognized industry standards, is essential for selected suppliers.
  • User Education and Training: Educating EVCS users, operators, and administrators about cybersecurity best practices is the first step in securing EV charging stations. This includes raising awareness about phishing attacks, the importance of strong passwords, and the risks associated with unauthorized access.

Conclusion

The increasing presence of EVs in commerce underscores the criticality of securing EVCSs to shield them from cyberattacks. These attacks may derail the entire EV infrastructure, extend to the power grid, and compromise the charging process's safety and security. Consequently, it is essential to prioritize hardware and software security for smart charging within the broader cyber-physical system. Farnell offers hardware associated with resilient EVCSs, making them less susceptible to potential attacks and exploitation.

SharePostPost

Stay informed

Keep up to date on the latest information and exclusive offers!

Subscribe now

Data Protection & Privacy Policy

Thanks for subscribing

Well done! You are now part of an elite group who receive the latest info on products, technologies and applications straight to your inbox.

Technical Resources

Articles, eBooks, Webinars, and more.
Keeping you on top of innovations.

Technologies

power management

Power Management

Wireless

Wireless

Motor Control

Motor Control

Lighting

Lighting

Sensing

Sensing

Displays

Displays

Applications

Internet of Things

Internet of Things

Industrial Automation

Industrial Automation

Automotive

Transportation

Alternative Energy

Alternative Energy

Medical

Medical

Robotics

Robotics

Maintenance & Safety

Maintenance & Safety