Cybersecurity of Smart Electric Vehicle Charging: A Power Grid Perspective

With the roll-out of electric vehicles (EVs), the automobile industry is transitioning away from conventional gasoline-fueled vehicles. As a result, the EV charging demand is continuously growing and to meet this growing demand, various types of electric vehicle charging stations (EVCSs) are being deployed for commercial and residential use. This nexus of EVs, EVCSs, and power grids creates complex cyber-physical interdependencies that can be maliciously exploited to damage each of these components. This paper describes and analyzes cyber vulnerabilities that arise at this nexus and points to the current and emerging gaps in the security of the EV charging ecosystem. These vulnerabilities must be addressed as the number of EVs continue to grow worldwide and their impact on the power grid becomes more viable. The purpose of this paper is to list and characterize all backdoors that can be exploited to seriously harm either EV and EVCS equipments, or power grid, or both. The presented issues and challenges intend to ignite research efforts on cybersecurity of smart EV charging and enhancing power grid resiliency against such demand-side cyberattacks in general.

[1]  M. B. Mollah,et al.  Blockchain for Future Smart Grid: A Comprehensive Survey , 2019, IEEE Internet of Things Journal.

[2]  Mustafa Bagriyanik,et al.  The Effect of SMiShing Attack on Security of Demand Response Programs , 2020, Energies.

[3]  H. Pandžić,et al.  Review of challenges and assessment of electric vehicles integration policy goals: Integrated risk analysis approach , 2020 .

[4]  Ali Ghrayeb,et al.  Blockchain, AI and Smart Grids: The Three Musketeers to a Decentralized EV Charging Infrastructure , 2020, IEEE Internet of Things Magazine.

[5]  Tanya L. Brewer,et al.  Symposium on federally funded research on cybersecurity of Electric Vehicle Supply Equipment (EVSE) , 2020 .

[6]  Resul Das,et al.  Cyber-security on smart grid: Threats and potential solutions , 2020, Comput. Networks.

[7]  Xiaodong Lin,et al.  The Security of Autonomous Driving: Threats, Defenses, and Future Directions , 2020, Proceedings of the IEEE.

[8]  Ramesh Karri,et al.  Public Plug-in Electric Vehicles + Grid Data: Is a New Cyberattack Vector Viable? , 2019, IEEE Transactions on Smart Grid.

[9]  Roderick Currie Hacking the CAN Bus: Basic Manipulation of a Modern Automobile Through CAN Bus Reverse Engineering , 2020 .

[10]  Kevin Harnett,et al.  Government Fleet and Public Sector Electric Vehicle Supply Equipment (EVSE) Cybersecurity Best Practices and Procurement Language Report , 2019 .

[11]  Amr Youssef,et al.  Impact of Electric Vehicles Botnets on the Power Grid , 2019, 2019 IEEE Electrical Power and Energy Conference (EPEC).

[12]  Md Zakirul Alam Bhuiyan,et al.  A survey on security attacks in VANETs: Communication, applications and challenges , 2019, Veh. Commun..

[13]  Erik Poll,et al.  Non-Repudiation and End-to-End Security for Electric-Vehicle Charging , 2019, 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe).

[14]  Nils Ole Tippenhauer,et al.  The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR , 2019, USENIX Security Symposium.

[15]  Agostino Cortesi,et al.  Static analysis of Android Auto infotainment and on‐board diagnostics II apps , 2019, Softw. Pract. Exp..

[16]  Sanjeev Kumar,et al.  Security Integrity of Data Collection from Smart Electric Meter under a Cyber Attack , 2019, 2019 2nd International Conference on Data Intelligence and Security (ICDIS).

[17]  Ning Zhang,et al.  A Secure Charging Scheme for Electric Vehicles With Smart Communities in Energy Blockchain , 2019, IEEE Internet of Things Journal.

[18]  Hao Liang,et al.  False Data Injection Attacks Against State Estimation in Power Distribution Systems , 2019, IEEE Transactions on Smart Grid.

[19]  Jian Weng,et al.  False Load Attack to Smart Meters by Synchronously Switching Power Circuits , 2019, IEEE Transactions on Smart Grid.

[20]  François Gagnon,et al.  An Efficient Blockchain-Based Hierarchical Authentication Mechanism for Energy Trading in V2G Environment , 2019, 2019 IEEE International Conference on Communications Workshops (ICC Workshops).

[21]  Talal Rahwan,et al.  Manipulating Residents’ Behavior to Attack the Urban Power Distribution System , 2019, IEEE Transactions on Industrial Informatics.

[22]  Ross Baldick,et al.  Not Everything is Dark and Gloomy: Power Grid Protections Against IoT Demand Attacks , 2019, USENIX Security Symposium.

[23]  Ivan Martinovic,et al.  Losing the Car Keys: Wireless PHY-Layer Insecurity in EV Charging , 2019, USENIX Security Symposium.

[24]  Richard M. Pratt,et al.  Vehicle Charging Infrastructure Security , 2019, 2019 IEEE International Conference on Consumer Electronics (ICCE).

[25]  Aaron Schulman,et al.  Please Pay Inside: Evaluating Bluetooth-based Detection of Gas Pump Skimmers , 2019, USENIX Security Symposium.

[26]  Mohd Wazir Mustafa,et al.  Smart grids security challenges: Classification by sources of threats , 2018, Journal of Electrical Systems and Information Technology.

[27]  A. Nordlund,et al.  Acceptability of electric vehicle aimed measures: Effects of norm activation, perceived justice and effectiveness , 2018, Transportation Research Part A: Policy and Practice.

[28]  Balasubramaniam Natarajan,et al.  Impact of Real-Time Pricing Attack on Demand Dynamics in Smart Distribution Systems , 2018, 2018 North American Power Symposium (NAPS).

[29]  Gang Wang,et al.  All Your GPS Are Belong To Us: Towards Stealthy Manipulation of Road Navigation Systems , 2018, USENIX Security Symposium.

[30]  Mohamed Shawky El Moursi,et al.  Hill Climbing Power Flow Algorithm for Hybrid DC/AC Microgrids , 2018, IEEE Transactions on Power Electronics.

[31]  Leon M. Tolbert,et al.  Review of Electrical Architectures and Power Requirements for Automated Vehicles , 2018, 2018 IEEE Transportation Electrification Conference and Expo (ITEC).

[32]  John J. Meyer,et al.  Range Extension Opportunities While Heating a Battery Electric Vehicle , 2018 .

[33]  Lamia Ben Azzouz,et al.  Cyber security issues of Internet of electric vehicles , 2018, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[34]  Naima Kaabouch,et al.  Cyber-security in smart grid: Survey and challenges , 2018, Comput. Electr. Eng..

[35]  Graham Watson,et al.  DOE/DHS/DOT Volpe Technical Meeting on Electric Vehicle and Charging Station Cybersecurity Report , 2018 .

[36]  Qian Luo,et al.  Wireless Telematics Systems in Emerging Intelligent and Connected Vehicles: Threats and Solutions , 2018, IEEE Wireless Communications.

[37]  Hafiz Malik,et al.  State-of-the-Art Survey on In-Vehicle Network Communication (CAN-Bus) Security and Vulnerabilities , 2018, ArXiv.

[38]  Cristina Alcaraz,et al.  Addressing Security in OCPP: Protection Against Man-in-the-Middle Attacks , 2018, 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS).

[39]  Justin Cappos,et al.  Uptane: Security and Customizability of Software Updates for Vehicles , 2018, IEEE Vehicular Technology Magazine.

[40]  Golshan Madraki,et al.  Cyber-Physical Resilience of Electrical Power Systems Against Malicious Attacks: a Review , 2018 .

[41]  Hamed Mohsenian-Rad,et al.  Dynamic Load Altering Attacks Against Power System Stability: Attack Models and Protection Schemes , 2017, IEEE Transactions on Smart Grid.

[42]  J. Eichman,et al.  Electricity cost for electric vehicle fast charging , 2018 .

[43]  Xun Gong,et al.  Taking charge of electric vehicles – both in the vehicle and on the grid (Rev. A) , 2018 .

[44]  Glenn Sean Morrison,et al.  Threats and Mitigation of DDoS Cyberattacks Against the U.S. Power Grid via EV Charging , 2018 .

[45]  H. Vincent Poor,et al.  BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid , 2018, USENIX Security Symposium.

[46]  Hartmut Schmeck,et al.  A threat analysis of the vehicle-to-grid charging protocol ISO 15118 , 2017, Computer Science - Research and Development.

[47]  Jiajia Liu,et al.  In-Vehicle Network Attacks and Countermeasures: Challenges and Future Directions , 2017, IEEE Network.

[48]  S. Gourisetti,et al.  Blockchain for smart grid resilience: Exchanging distributed energy at speed, scale and security , 2017, 2017 Resilience Week (RWS).

[49]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[50]  Siddharth Garg,et al.  IoT-enabled distributed cyber-attacks on transmission and distribution grids , 2017, 2017 North American Power Symposium (NAPS).

[51]  Miguel Seijo Simó,et al.  Cybersecurity Vulnerability Analysis of the PLC PRIME Standard , 2017, Secur. Commun. Networks.

[52]  Cristina Alcaraz,et al.  OCPP Protocol: Security Threats and Challenges , 2017, IEEE Transactions on Smart Grid.

[53]  Martin Lukasiewycz,et al.  Automotive Electrical and Electronic Architecture Security via Distributed In-Vehicle Traffic Monitoring , 2017, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[54]  Richard R. Brooks,et al.  Security and Data Privacy of Modern Automobiles , 2017 .

[55]  Junwei Lu,et al.  EV charging in a commercial hybrid AC/DC microgrid: Configuration, control and impact analysis , 2016, 2016 Australasian Universities Power Engineering Conference (AUPEC).

[56]  Flavio D. Garcia,et al.  Lock It and Still Lose It - on the (In)Security of Automotive Remote Keyless Entry Systems , 2016, USENIX Security Symposium.

[57]  Aaron Hunter,et al.  A Security Analysis of an In-Vehicle Infotainment and App Platform , 2016, WOOT.

[58]  Juan C. Vasquez,et al.  DC Microgrids—Part II: A Review of Power Architectures, Applications, and Standardization Issues , 2016, IEEE Transactions on Power Electronics.

[59]  Craig A. Smith,et al.  The Car Hacker's Handbook: A Guide for the Penetration Tester , 2016 .

[60]  Sazzadur Chowdhury,et al.  In-Vehicle Networks Outlook: Achievements and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[61]  Damon McCoy,et al.  Uptane : Securing Software Updates for Automobiles , 2016 .

[62]  Thomas Engel,et al.  A Car Hacking Experiment: When Connectivity Meets Vulnerability , 2015, 2015 IEEE Globecom Workshops (GC Wkshps).

[63]  Florin Mariasiu,et al.  Electric vehicle battery technologies: From present state to future systems , 2015 .

[64]  Margaret Smith,et al.  Costs Associated With Non-Residential Electric Vehicle Supply Equipment: Factors to consider in the implementation of electric vehicle charging stations , 2015 .

[65]  Elisa Bertino,et al.  Scalable end-to-end security for advanced metering infrastructures , 2015, Inf. Syst..

[66]  Stefan Savage,et al.  Fast and Vulnerable: A Story of Telematic Failures , 2015, WOOT.

[67]  Dong Hoon Lee,et al.  A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN , 2015, IEEE Transactions on Intelligent Transportation Systems.

[68]  Alejandro Quintero,et al.  VANET security surveys , 2014, Comput. Commun..

[69]  Kwangjo Kim,et al.  Simulated Attack on DNP3 Protocol in SCADA System , 2014, SCIS 2014.

[70]  Naohiko Uramoto,et al.  Advanced security and privacy in connected vehicles , 2014, IBM J. Res. Dev..

[71]  Mauro Conti,et al.  FM 99.9, Radio Virus: Exploiting FM Radio Broadcasts for Malware Deployment , 2013, IEEE Transactions on Information Forensics and Security.

[72]  Kai Strunz,et al.  Electric Vehicle Battery Technologies , 2013 .

[73]  João Peças Lopes,et al.  Electric vehicle integration into modern power networks , 2013 .

[74]  Todd E. Humphreys,et al.  Evaluation of the vulnerability of phasor measurement units to GPS spoofing attacks , 2012, Int. J. Crit. Infrastructure Prot..

[75]  Anas AlMajali,et al.  Analyzing Resiliency of the Smart Grid Communication Architectures under Cyber Attack , 2012, CSET.

[76]  Karthik Pattabiraman,et al.  A model for security analysis of smart meters , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN 2012).

[77]  Helge Janicke,et al.  SCADA security in the light of Cyber-Warfare , 2012, Comput. Secur..

[78]  Hamid Sharif,et al.  A Survey on Cyber Security for Smart Grid Communications , 2012, IEEE Communications Surveys & Tutorials.

[79]  Yang Xiao,et al.  Cyber Security and Privacy Issues in Smart Grids , 2012, IEEE Communications Surveys & Tutorials.

[80]  Ulrich Greveler,et al.  Multimedia Content Identification Through Smart Meter Power Usage Profiles , 2012 .

[81]  Nei Kato,et al.  A Lightweight Message Authentication Scheme for Smart Grid Communications , 2011, IEEE Transactions on Smart Grid.

[82]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[83]  Hamid Sharif,et al.  A secure and reliable in-network collaborative communication scheme for advanced metering infrastructure in smart grid , 2011, 2011 IEEE Wireless Communications and Networking Conference.

[84]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[85]  G. Manimaran,et al.  Data integrity attacks and their impacts on SCADA control system , 2010, IEEE PES General Meeting.

[86]  Benjamin A Carreras,et al.  Complex systems analysis of series of blackouts: cascading failure, critical points, and self-organization. , 2007, Chaos.

[87]  Ali Emadi,et al.  Modeling and Simulation of Electric and Hybrid Vehicles , 2007, Proceedings of the IEEE.

[88]  Christof Paar,et al.  Security in Automotive Bus Systems , 2004 .