OCPP in the spotlight: threats and countermeasures for electric vehicle charging infrastructures 4.0

Undoubtedly, Industry 4.0 in the energy sector improves the conditions for automation, generation and distribution of energy, increasing the rate of electric vehicle manufacturing in recent years. As a result, more grid-connected charging infrastructures are being installed, whose charging stations (CSs) can follow standardized architectures, such as the one proposed by the open charge point protocol (OCPP). The most recent version of this protocol is v.2.0.1, which includes new security measures at device and communication level to cover those security issues identified in previous versions. Therefore, this paper analyzes OCPP-v2.0.1 to determine whether the new functions may still be susceptible to specific cyber and physical threats, and especially when CSs may be connected to microgrids. To formalize the study, we first adapted the well-known threat analysis methodology, STRIDE, to identify and classify threats in terms of control and energy, and subsequently we combine it with DREAD for risk assessment. The analyses indicate that, although OCPP-v2.0.1 has evolved, potential security risks still remain, requiring greater protection in the future.Funding for open access publishing: Universidad Málaga/CBUA

Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

ABRIS: Anonymous blockchain based revocable and integrity preservation scheme for vehicle to grid network

The upcoming development in vehicle to grid network (V2G) allows for the flow of energy from battery powered Electric Vehicle (EV) to grid as well as the exchange of information between them. However, during the information exchange, the EV's confidential information should be transferred from one charging station to another in a secure manner. Furthermore, the anonymity of the EV and charging station should be preserved. Despite the fact that many works on anonymous authentication and privacy preservation exist, there is an increase in computational cost in existing surveys. In this work, the new charging station authenticates the EV using blockchain technology without the involvement of a trusted entity, resulting in a reduction in computational time. Moreover, an efficient revoking mechanism is suggested to block the misbehaving charging station from the V2G network. In addition, security analysis section proves the resistant of our work against several possible well known attacks. Finally, to evaluate the performance of the work, the simulation is performed using CYGWIN platform and the results are proved to be noteworthy

Secure Large Scale Penetration of Electric Vehicles in the Power Grid

As part of the approaches used to meet climate goals set by international environmental agreements, policies are being applied worldwide for promoting the uptake of Electric Vehicles (EV)s. The resulting increase in EV sales and the accompanying expansion in the EV charging infrastructure carry along many challenges, mostly infrastructure-related. A pressing need arises to strengthen the power grid to handle and better manage the electricity demand by this mobile and geo-distributed load. Because the levels of penetration of EVs in the power grid have recently started increasing with the increase in EV sales, the real-time management of en-route EVs, before they connect to the grid, is quite recent and not many research works can be found in the literature covering this topic comprehensively. In this dissertation, advances and novel ideas are developed and presented, seizing the opportunities lying in this mobile load and addressing various challenges that arise in the application of public charging for EVs. A Bilateral Decision Support System (BDSS) is developed here for the management of en-route EVs. The BDSS is a middleware-based MAS that achieves a win-win situation for the EVs and the power grid. In this framework, the two are complementary in a way that the desired benefit of one cannot be achieved without attaining that of the other. A Fuzzy Logic based on-board module is developed for supporting the decision of the EV as to which charging station to charge at. GPU computing is used in the higher-end agents to handle the big amount of data resulting in such a large scale system with mobile and geo-distributed nodes. Cyber security risks that threaten the BDSS are assessed and measures are applied to revoke possible attacks. Furthermore, the Collective Distribution of Mobile Loads (CDML), a service with ancillary potential to the power system, is developed. It comprises a system-level optimization. In this service, the EVs requesting a public charging session are collectively redistributed onto charging stations with the objective of achieving the optimal and secure operation of the power system by reducing active power losses in normal conditions and mitigating line congestions in contingency conditions. The CDML uses the BDSS as an industrially viable tool to achieve the outcomes of the optimization in real time. By participating in this service, the EV is considered as an interacting node in the system-wide communication platform, providing both enhanced self-convenience in terms of access to public chargers, and contribution to the collective effort of providing benefit to the power system under the large scale uptake of EVs. On the EV charger level, several advantages have been reported favoring wireless charging of EVs over wired charging. Given that, new techniques are presented that facilitate the optimization of the magnetic link of wireless EV chargers while considering international EMC standards. The original techniques and developments presented in this dissertation were experimentally verified at the Energy Systems Research Laboratory at FIU

Modelling of the Electric Vehicle Charging Infrastructure as Cyber Physical Power Systems: A Review on Components, Standards, Vulnerabilities and Attacks

The increasing number of electric vehicles (EVs) has led to the growing need to establish EV charging infrastructures (EVCIs) with fast charging capabilities to reduce congestion at the EV charging stations (EVCS) and also provide alternative solutions for EV owners without residential charging facilities. The EV charging stations are broadly classified based on i) where the charging equipment is located - on-board and off-board charging stations, and ii) the type of current and power levels - AC and DC charging stations. The DC charging stations are further classified into fast and extreme fast charging stations. This article focuses mainly on several components that model the EVCI as a cyberphysical system (CPS)

Smart meter: Applications, security issues and challenges

The smart meter is an important intelligent device on the Smart Grid that has the capability to report information related to power consumption, billing and other significant readings.The protection of smart meter communications against attacks is essential to ensure reliable operations of the Smart Grid.In this paper, we give an overview of smart meter applications, and we discuss the security issues and attacks that can be performed on the smart meter and that may have severe impacts on the global Smart Grid network

Smart Grid Communications: Overview of Research Challenges, Solutions, and Standardization Activities

Optimization of energy consumption in future intelligent energy networks (or Smart Grids) will be based on grid-integrated near-real-time communications between various grid elements in generation, transmission, distribution and loads. This paper discusses some of the challenges and opportunities of communications research in the areas of smart grid and smart metering. In particular, we focus on some of the key communications challenges for realizing interoperable and future-proof smart grid/metering networks, smart grid security and privacy, and how some of the existing networking technologies can be applied to energy management. Finally, we also discuss the coordinated standardization efforts in Europe to harmonize communications standards and protocols.Comment: To be published in IEEE Communications Surveys and Tutorial

A Privacy-Preserving Method with Flexible Charging Schedules for Electric Vehicles in the Smart Grid

The Smart Grid (SG) is an emerging modernized electrical power system with advanced monitoring and control mechanism, and improved faulttolerance. The SG converges traditional power grid with a bidirectional communication and information system into the same infrastructure. Electric Vehicles (EVs), with their energy storage capacity and bidirectional communication capability, are envisioned to be an essential component of the SG. EVs can play the role of distributed energy resources by storing energy in off-peak hours and providing energy to the grid during peak hours or system contingencies. The energy stored by an EV is equivalent to the average energy drawn by multiple residential houses. As a result, simultaneous charging by a large number of EVs can create sudden energy imbalance in the grid. The mismatch between the energy generation and demand can create cascading faults resulting in load shedding. To prevent such situation, EVs are required to pre-schedule charging events at a Charging Station (CS). To efficiently manage a scheduled event, an EV is required to transmit information such as a valid ID, state-of-charge, distance from a CS, location, speed, etc. However, the data transmitted by an EV can be used to reveal information such as the movement of the vehicle, visits to a hospital, time to arrive at office, etc. The transmitted information can be used to create profiles of the owners of the EVs, breaching their location privacy. In the existing literature, it is recommended to use pseudonyms for different transactions by an EV to achieve location privacy. The majority of the works in the literature are based on anonymous authentication mechanism, where missing a charging event by an EV is considered as malicious and the corresponding EV is penalized (e.g., blacklisted). However, missing a charging event may happen due to many valid reasons and flexibility of scheduling can encourage consumer participation. On the other hand, missing charging events results in monetary loss to the CSs. In this thesis, an authentication method is developed to provide anonymity to EVs. The proposed method also addresses the cost-effectiveness of flexibility in charging events for the EVs and the CSs. A network setup that sub-divides a regional area into smaller zones to achieve better privacy, is proposed. A MATLAB simulation is designed to demonstrate the Degree of Anonymity (DoA) achieved in different stages of the proposed method and the optimal number of missed charging events. Additionally, a method to determine sub-division of zones from the simulation results, is studied