Phone

    00852-6915 1330

Securing the Future of Electric Vehicles - Addressing Cybersecurity Threats

  • Contents

Overview: This article discusses cybersecurity's importance for electric vehicles and their charging infrastructure, highlighting vulnerabilities and protective measures against cyberattacks.

 

Electric vehicles (EVs) have developed into one of the key technologies to help society meet challenging clean energy and decarbonization goals over the past ten years. The electric vehicle market has expanded by 60% annually on average. In the near future, this growth is anticipated to continue with even higher adoption rates.

Electric Vehicle Advantages

Many nations have implemented policies to promote the use of clean-fuel vehicles. The main obstacle to the adoption of electric vehicles is frequently identified as range anxiety. Recent advancements in battery and charging technology are reducing this range anxiety. For instance, the 100 kWh battery in the Tesla Model S is enough for a trip of up to 402 miles. 

 

Similarly, electric vehicle charging stations and the infrastructure that supports them have grown significantly in size and number. At the end of the year, there were 7.3 million electric vehicle charging stations implemented worldwide, an increase of 60% from the previous year. Additionally, the electric vehicle charging stations now have a higher charging capacity and can provide faster charging services. These electric vehicle charging stations with a rated charging power of up to 350 kW have been recently developed. An electric vehicle can be charged using these chargers in under 15 minutes.

 

Smart electric vehicle charging features like remote control through smartphone apps are not only making electric vehicle charging faster but also more approachable and, therefore, more available to broader customer audiences.

 

Cyberattacks in Electric Vehicles

Although significant and well-publicized cyberattacks have not yet targeted smart electric vehicle charging stations, threats and reasonable ways of attack have been reported. According to Kaspersky Lab, ChargePoint Home's smartphone electric vehicle charging app has security flaws. Through the charging device's WiFi connection, this flaw would allow a remote attacker to break into the charger and interfere with electric vehicle charging. 

 

Cyberattacks might also target electric vehicle charging station web applications, such as those from Circontrol, an electric vehicle charging station vendor with over 80,000 electric vehicle charging stations in 60 nations. This flaw would make use of the poor login information for electric vehicle charging. These well-known vulnerabilities highlight the cyber risks associated with electric vehicles and electric vehicle charging stations.

Protective Measures Against these Cyberattacks

Because of these attacks and the social costs they produce, efforts are being made to standardize cyber-physical interfaces for both residential and commercial electric vehicle charging. 

 

Electric vehicles and electric vehicle charging stations are vulnerable to attacks that could harm equipment due to non-standard cyber-physical interfaces. For a number of electric vehicle charging architectures, the European Network on Cybersecurity suggested security standards. These standards provide security for both electric vehicle charging stations and their possessions. It also secures communications between charging station operators and power grid operators. 

 

The standard specifies access control, future security compatibility of charging stations, monitoring and controlling system security, and message encryption for secure communication. Additionally, due to flaws in these interfaces, it is possible to weaponize electric vehicles and use them to launch extensive demand-side cyberattacks against the power grid. 

 

Demand-side cyberattacks on electricity grids involve manipulating appliances like electric vehicles, distributed energy resources, and heating, ventilation, and air conditioning (HVAC) loads. These appliances are internet-connected and have high power. Although such attacks on power grids have not occurred in the past, there is growing awareness among electric vehicle owners that they could be carried out using vulnerabilities that already exist. Power grid operators won't be able to handle them. 

Smart Grids Cybersecurity

A cyber-physical overview of the smart electric power grid is shown in Fig. 1. Resources that are IoT-enabled are still being used in all four power sectors, including generation, transmission, distribution, and customer service. However, by utilizing IoT-enabled devices, it also introduces new cyber threats to the power grid. An overview of these threats as they relate to smart grid cybersecurity can be found below.

figure 1

Fig. 1: A cyber-physical overview of the smart electric power grid Source: IEEE Access

Stride Threat Model

The STRIDE threat model, originally created by Microsoft to assess software threats, can be used to categorize cyberattacks. It is a categorical risk assessment model for spoofing, tampering, repudiation, integrity, denial-of-service (DoS), and elevation of privilege threats to a given cyber-physical system.

Smart Grid Threats

SCADA Threats

SCADA is a centralized monitoring and control system that is frequently used in real-world power grids. It has four main parts: a central master terminal unit, a human-machine interface (HMI), field units like power line communications (PLC), remote terminal units (RTU), and communication channels. Despite having industry-standard defenses, the SCADA network is still susceptible to insider attacks.

 

SCADA Field Unit Threats

Intelligent electronic devices (IEDs), PLCs, RTUs, and phasor measurement units (PMUs) are examples of SCADA field units. Relays, sensors, and breakers are examples of microprocessor-based IEDs. IEDs are monitored by RTUs, which send measurements to PLCs, SCADAs, or both. PLCs and SCADAs, in turn, use RTUs to communicate control signals to IEDs. This control capability of PLCs enables some control actions to be performed decentralized without involving SCADA.

 

The field units communicate with one another by using protocols. Additionally, these protocols are open to online threats. The system can become unstable if erroneous data is introduced into it.

 

Advanced Metering Infrastructure (AMI) Threats

To allow interaction between the utility, consumers, and distributed energy resources (DERs), power grids are increasingly deploying AMI, such as smart meters. Residential consumers or prosumers may have IoT-enabled devices like smartphones linked to the exact same network as their smart meter, while commercial DER operators plan to protect their smart meter-connected network with a VPN. Smart meters and their communication channels are vulnerable to all types of cyberattacks because of this attack surface.

 

Demand Response Threats

Demand response resources make use of AMIs and Smart meters, making them equally susceptible to threats. The data input and output of these devices can be manipulated causing problems to the grid operators.

 

Threats from Devices With IoT

Intruders can get into high-wattage devices and appliances with IoT interfaces by taking advantage of weak passwords on local networks and the fact that they can connect to remote devices like smartphones and smart TVs, which are vulnerable to supply chain threats. 

 

Electric Vehicle Charging Threats

Cyberattacks on charging electric vehicles and the power grid pose greater social and economic risks. The charging methods can be wired charging or wireless charging, but the risks possessed are the same.

 

Summarizing the Key Points

  • Cybersecurity is crucial for the growing electric vehicle industry and its charging infrastructure to prevent potential cyberattacks.
  • Standardizing cyber-physical interfaces and implementing security measures are essential to protect electric vehicles and charging stations.
  • Vulnerabilities in electric vehicle charging systems can be exploited, posing risks to equipment and potentially impacting power grids.
  • The European Network on Cybersecurity has suggested security standards to safeguard communication between charging station operators and power grid operators.
  • The rapid growth of electric vehicles and charging infrastructure necessitates a proactive approach to address cybersecurity challenges and ensure a secure and sustainable future.

References

[1] Acharya Samrat, Yury Dvorkin, Hrvoje Pandzic, and Ramesh Karri. “Cybersecurity of Smart Electric Vehicle Charging: A Power Grid Perspective.” IEEE Access 8 (2020): 214434–53. https://doi.org/10.1109/access.2020.3041074.

Rakesh Kumar, Ph.D.

Rakesh Kumar holds a Ph.D. in electrical engineering, specializing in power electronics. He is a Senior Member of the IEEE Power Electronics Society, Class of 2021. He writes high-quality, long-form technical articles for global B2B semiconductor brands. Feel free to reach out to him at rakesh.a@ieee.org! Checkout his complete portfolio @muckrack.com/rakesh-kumar-phd | @linkedin.com/in/rakesh-kumar-phd

Join our mailing list!

Be the first to know about new products, special offers, and more.

Leave a Reply

We'd love to hear from you! Feel free to share your thoughts and comments below. Rest assured, your email address will remain private.

Name *
Email *
Captcha *
Rating:

Kynix

  • How to purchase

  • Order
  • Search & Inquiry
  • Shipping & Tracking
  • Payment Methods
  • Contact Us

  • Tel: 00852-6915 1330
  • Email: info@kynix.com
  • Follow Us

authentication

Kynix

© 2008-2026 kynix.com all rights reserved.