Due to the growing issue involving sustainability in transportation, electric vehicles (E.V.s) have become popular in recent years. Major automotive companies have announced their plans to phase out the manufacture of gas-powered vehicles by 2040 completely. As more people buy electric vehicles, hackers are taking advantage of them, too.
New Target of Cyber Threat
During the 2023 IEEE 97th Vehicular Technology Conference, researcher Marco De Vincenzi from the Istituto di Informatica e Telematica (IIT) in Pisa, Italy, led a discussion on E.V. security and privacy vulnerabilities. He presented the study he conducted with his colleagues regarding the comparative analysis of E.V. charging methods and their role in vehicle security and privacy.
When people plug their EVs into charging stations, it is not only power that flows through the cables, according to De Vincenzi. Hackers could install malicious software at public charging stations and obtain lots of data from the E.V.s, from the user's I.D., their payment method, the amount of battery power left, and their exact location. It could even end up in worrisome situations, such as accessing the connection between the charging station and the car and using it as an entry point to meddle with the vehicle's internal software system. As a result, the car is at risk of unauthorized access and control.
Although hackers can reach more people at public charging stations, private ones in people's homes can even allow them to obtain more personal information. Using the right strategy, hackers can use the private charging station to access the home systems of the owner.
De Vincenzi warned that the negative impacts of security attacks can extend beyond individuals. Since E.V. charging stations are usually linked to the broader energy grid, connections can be formed, which can be a gateway for trouble if not appropriately secured.
To create a more secure charging environment, it is important to secure confidentiality when establishing connections between cars and charging stations. Although this has been highlighted as a key guideline by the U.N. Regulation No.155 on cybersecurity, De Vincenzi emphasized the need to lay out practical ways in which the guidelines can be achieved regarding E.V.s.
IIT researcher Ilaria Matteucci described the importance of incorporating more tangible approaches. This includes developing standard protocols to protect sensitive data while charging an E.V., designing mechanisms to monitor and avoid unauthorized access, and creating frameworks for secure communication between E.V.s and charging stations.
Vulnerability of Charging Methods
There are three main ways to charge an electric vehicle. In conductive charging, there is a direct cable with A.C. or D.C. current, while inductive charging is a wireless method that uses electromagnetic waves. There is also battery swapping, where a used battery is exchanged for a fully charged one.
The charging methods are not equally vulnerable to attacks. Among these options, conductive charging is the most vulnerable to security attacks since it carries the weaknesses of the communication protocols and applied standards. Meanwhile, security protocols are already in place for wireless charging as the battery connects to a charging station.
According to Matteucci, the time needed to charge a battery also influences security and privacy. Longer charging time allows more opportunities for launching an attack. In this case, D.C. charging is considered the fastest between the conductive and inductive methods, although nothing still beats a quick battery swap.
Check out more news and information on Electric Vehicles in Science Times.