As electric vehicles (EVs) become increasingly mainstream, the infrastructure supporting them, particularly EV chargers, is rapidly expanding. A recent article on charging network growth shows a 33% increase in 12 months. With this growth, comes the need for increased attention to ensuring a secure end-to-end experience for drivers and site hosts alike. EV chargers, much like any connected device, are vulnerable to a range of cyber threats that could compromise user safety, data integrity, and even the broader electrical grid.
In this first part of a 2-part series, we’ll take a look at an overview of the charging landscape and the challenges posed by the data that must be secured in a connected environment.
Why EV charger security matters
EV chargers are more than just power outlets. They are sophisticated devices that communicate with vehicles, centralized Charging Station Management Systems (CSMS), and payment processors. This interconnectedness means that any vulnerability in the charging ecosystem can be exploited to cause significant harm, highlighting the importance of securing these devices.
Ensuring the security of these devices is crucial for several reasons:
- Data protection: The International Association of Privacy Professionals (IAPP) highlighted risks to data privacy posed by EV charging networks. EV chargers handle sensitive information such as Vehicle Identification Numbers (VINs), payment details, and in some instances, user credentials and certificates. Protecting this data from unauthorized access is essential to prevent fraud and identity theft.
- Vehicle safety: Considering that most auto manufacturers provide some level of autonomy in their EV offerings, it isn’t outside the realm of reality to envision a malicious attacker compromising an EV and taking over its driver assist features. A compromised charger could very well become the delivery system for installing malicious software on a connected vehicle.
- Grid stability: Outside of acts of nature, our electrical grids have been highly resilient for many years. Now, with the introduction of EVs and the necessary connected charging infrastructure to support them, the Institute of Electrical and Electronics Engineers have begun raising the alarm about the risks posed by improperly secured chargers. As EV charging networks grow, they will become a key part of a larger smart grid and a coordinated attack on multiple chargers could trigger catastrophic disruption of the grid.
- User trust: Though sales of EVs have cooled down recently, the growth in the adoption of battery electric vehicles continues its upward trajectory. Range anxiety is becoming less of an issue, but a recent Forbes article points out that Cybersecurity could be the next blocker to more widespread adoption. Trust in the charging infrastructure is critical, and security breaches could potentially undermine confidence in the technology, further slowing down adoption rates and harming the industry’s growth.
Potential security risks
EV Chargers are connected devices that handle sensitive data and because of this, there is an inherent risk of attack and compromise if not properly secured. Some of the potential risks posed by improperly configured or protected chargers include:
- Man-in-the-middle attacks: If the communication between the charger, the car and the CSMS is intercepted, a hacker could steal the VIN, login credentials or payment information. This could lead to energy theft, unauthorized billing, credit card fraud, or even worse, malicious network, vehicle or electrical grid compromise.
- Malicious firmware: Without secure firmware update processes, attackers could install malicious code on the charger, potentially spreading it to connected vehicles or taking it a step further, to the broader network that the chargers are connected to.
- Physical tampering: Unauthorized access to the physical components of a charger could lead to energy theft, damage to connected vehicles, or even broader grid disruptions.
Common attack vectors
Bad actors with malicious intent have a number of tactics they can use to steal information and compromise systems. By protecting against the following common attack vectors, EV charger security can be maximized, reducing the risk of compromise:
- Unsafe devices: Devices using consumer or enthusiast components like the Raspberry Pi, may not meet enterprise security standards, and are more vulnerable to attacks. These devices can be susceptible to data extraction with relatively easy access to stored data, including credentials and Wi-Fi keys. They can also present an increased attack surface due to extra, unnecessary code that can introduce vulnerabilities that attackers can exploit such as the embedded web server used to configure the charger.
- Port scans: Attackers often use port scans to find vulnerabilities in devices. Unpatched devices with open ports are particularly susceptible.
- Unpatched security issues: Connected devices are often left in the field for years without updates, making them easy targets for attacks. Without regular security patches, these chargers pose a long-term risk.
- Application and ecosystem vulnerabilities: Even if a charger is secure, vulnerabilities in associated web applications can still expose the system to attacks. Issues like insecure APIs and unauthenticated endpoints can lead to:
- Account takeovers: Unauthorized access to user accounts.
- Data breaches: Exposure of sensitive user data.
- Charger manipulation: Unauthorized control over charger operations such as stopping and starting charge sessions or using it as part of a botnet in a Distributed Denial of Service (DDoS) attack.
Secure charging infrastructure
A secure EV charger must meet high standards for both physical and digital security. Some ways to achieve this ideal state include:
- Tamper-proof design: EV chargers should be designed to prevent physical tampering. Tamper-detection capabilities are critical for immediate response to unauthorized access.
- Energy theft detection: Chargers should detect unauthorized energy usage and take appropriate action.
- Firmware signing: Secure Boot ensures that only authorized firmware is installed on the charger, preventing malicious updates.
- Input validation and API security: Ensuring that any inputs to the CSMS are within expected ranges and securing APIs against unauthorized access is crucial for maintaining system integrity.
- Over-the-air (OTA) updates: OTA updates allow manufacturers to push security patches and software updates securely and efficiently, without relying on users or technicians to perform manual updates.
- Robust certificate management: Implementing strong certificate-based authentication to establish trust between devices and systems.
- Secure firmware practices: Ensuring firmware updates are securely signed and delivered, preventing unauthorized firmware from being distributed.
- Secure boot: Ensure a device’s firmware and operating system are authenticated against a known secure key, placed on the device at the time of manufacture, each time the charger is rebooted.
- Enterprise-grade connectivity modules: Using secure, industrial-grade connectivity solutions (wifi, mobile networks, and Bluetooth) rather than consumer-grade or hobbyist components.
- Regular security assessments: Conducting ongoing security testing and code reviews to identify and address vulnerabilities promptly.
The future of EV charger security
As the adoption of EVs continues to grow, the importance of secure charging infrastructure is critical. Future developments in EV charger security will likely include more advanced encryption techniques, AI-driven threat detection, and stricter regulatory standards. Manufacturers and operators who prioritize security will not only protect their users, but also play a key role in the continued growth of the electric vehicle market.
In part 2, we’ll take a look at The Open Charge Point Protocol (OCPP) to see how it can be leveraged to address the issues highlighted in this article and lay the foundation for a secure EV charging environment.
About ChargeLab
At ChargeLab, we take security seriously, and this is why we align with industry standard security practices, such as the NIST Cybersecurity framework, and continuously monitor and audit our internal controls and processes against these standards. ChargeLab also submits to an annual SOC2 audit with independent 3rd party auditors to attest to our high standards and deliver a secure charging environment for all.
About the author
Glynn Barnard is the Security Architect at ChargeLab and a seasoned information security professional who takes a pragmatic approach to cybersecurity program development and management. Adhering to industry-standard cybersecurity frameworks, Glynn has held security roles in various industries including biotechnology, enterprise cybersecurity, telecom and cloud backups.