EV Charging Stations Security
29 Apr 2023
Amelia Nikles-Ralph
The cyber landscape has evolved immensely in the past two decades, from the early 2000s to now.
In the mid-2010s, high profile data breaches began to make headlines, which elevated cybersecurity to be a board level concern for organisations. We saw machine learning and artificial intelligence introduced to improve detection and prevention.
Cybersecurity is a common conversation in the current media in relation to the electric vehicle (EV) ecosystem, with discussions around the vulnerabilities of both web-based communication and application services.
How do Cyberattacks Occur?
Recent peer-reviewed research articles have outlined the main ways that cyberattacks typically happen on electric vehicle charging systems.
False data injection occurs when an attacker achieves unauthorized access to the communication channels within the system, intercepting data between the vehicle and the charging software. They are then able to manipulate or inject false data related to PEV charging and discharging, which could alter charging rates and battery status.
An unauthorized attacker floods charging system’s normal functioning with excessive traffic or requests in a Denial-of-Service Attack by targeting the software management system. In a Man-in-the-Middle attack, the hacker intercepts the data transmission between the Electric Vehicle Supply System Equipment, the Plug-in Electric Vehicles, and the Smart Charging Management System. Again, the attacker can tamper with the exchanged data, exploiting sensitive information exchanges between the PEVs and the SCMS.MS.
Preventing Cyberattacks
Preventative measures such as secure communication protocols, encryption, and authentication mechanisms are necessary to mitigate the attacks discussed above and ensure the integrity of charging data.
Here at EVOS, we are committed to protecting all customer data to the highest standard and have heavily invested in preventative technology.
“EVOS not only utilizes a VPN to provide customers protection, but we also implement additional steps to secure data, which include private cloud networks and other technologies to provide maximum protection,” reports Co-founder Seshan Weeratunga.
A VPN in a secure, encrypted connection that enables safe and private internet access by creating a secure “tunnel” between a device and the internet. This protects the online privacy of the user, keeping their identity confidential.
Further, VPNs protect against data breaches by encrypting the data between the station and the cloud-based platform, making it unusable without the encryption key. The station is blocked from transmitting sensitive data like credit card information over unsecured networks. Only authorised users can access the charging station, and the data transmitted.
Our VPNs use the strong encryption software AES 256-bit, which is also used by governments and military. This virtually impenetrable symmetric encryption algorithm uses a 256-bit key to convert data to a cipher.
With a multi-faceted approach that effectively combats cyber-attack methods, EVOS is confident that our energy management solution is a safe, secure option in the changing cyber landscape.
If you have any questions about our cybersecurity measures, reach out to our friendly sales team at sayhi@evos.com.au
