Engineers at Southwest Analysis Institute (SwRI) have recognized cybersecurity vulnerabilities in DC quick charging EVSE.
In a laboratory, the SwRI group exploited vulnerabilities within the energy line communication (PLC) layer that transmits smart-grid knowledge between automobiles and charging tools, having access to community keys and digital addresses on each the charger and the automobile. The SwRI group developed an adversary-in-the-middle (AitM) machine with specialised software program and a modified mixed charging system interface. The machine let testers intercept site visitors between EVs and electrical automobile provide tools (EVSE) for knowledge assortment, evaluation and assault. The group discovered unsecure key technology current on older chips when testing, which was confirmed by way of on-line analysis to be a recognized concern.
SwRI has additionally developed a zero-trust structure that may tackle interruptions in a automobile’s performance or efficiency. It connects a number of embedded techniques utilizing a single cybersecurity protocol.
“Via our penetration testing, we discovered that the PLC layer was poorly secured and lacked encryption between the automobile and the chargers,” stated Lead Challenge Engineer Katherine Kozan.
Supply: Southwest Analysis Institute
