Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions

In recent years, low-carbon transportation has become an indispensable part as sustainable development strategies of various countries, and plays a very important responsibility in promoting low-carbon cities. However, the security of low-carbon transportation has been threatened from various ways. For example, denial of service attacks pose a great threat to the electric vehicles and vehicle-to-grid networks. To minimize these threats, several methods have been proposed to defense against them. Yet, these methods are only for certain types of scenarios or attacks. Therefore, this review addresses security aspect from holistic view, provides the overview, challenges and future directions of cyber security technologies in low-carbon transportation. Firstly, based on the concept and importance of low-carbon transportation, this review positions the low-carbon transportation services. Then, with the perspective of network architecture and communication mode, this review classifies its typical attack risks. The corresponding defense technologies and relevant security suggestions are further reviewed from perspective of data security, network management security and network application security. Finally, in view of the long term development of low-carbon transportation, future research directions have been concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable Energy Review

Modelling of the Electric Vehicle Charging Infrastructure as Cyber Physical Power Systems: A Review on Components, Standards, Vulnerabilities and Attacks

The increasing number of electric vehicles (EVs) has led to the growing need to establish EV charging infrastructures (EVCIs) with fast charging capabilities to reduce congestion at the EV charging stations (EVCS) and also provide alternative solutions for EV owners without residential charging facilities. The EV charging stations are broadly classified based on i) where the charging equipment is located - on-board and off-board charging stations, and ii) the type of current and power levels - AC and DC charging stations. The DC charging stations are further classified into fast and extreme fast charging stations. This article focuses mainly on several components that model the EVCI as a cyberphysical system (CPS)

EV Smart Charging with Advance Reservation Extension to the OCPP Standard

none2openOrcioni, Simone; Conti, MassimoOrcioni, Simone; Conti, Massim

The Count of EV Charging: Attacking, Mitigating and Re-envisioning the Infrastructure

For a genuinely connected smart world, the overlapping of the Internet of Things (IoT) services from different sectors becomes inevitable. One of the rather interesting collaborations is that between Intelligent Transportation Systems (ITS) and Smart Grids. Particularly, a perfect manifestation of such integration of services is the rise of Electric Vehicles (EVs) and their charging infrastructure. Although the full integration of ITS and smart grid services would alleviate the development of self-driving intelligent vehicles, there are major challenges that are yet to be resolved, one of crucial importance is their security. To contextualize such security issues, it is essential to have a clear understanding of the status-quo of EVs and charging ecosystem. In that regard, we survey the entities, protocols, deployment types and major manufacturers of Electric Vehicles Charging Stations (EVCS) and identify the key weaknesses causing security issues. Moreover, we propose a novel attack that exploit the vulnerabilities in the EVCS to create a botnet of them, tamper their schedules and cause frequency disturbances to the power grid. In order to mitigate such an attack, we explore the role of Artificial Intelligence (AI) and Blockchain individually and collaborate in both securing the EV charging ecosystem and efficiently manage the energy trading among EVs, EVCS and power grid. Consequently, we expand on the collaboration of AI and Blockchain and propose an anomaly detection engine to detect the proposed attack demonstrating is effectiveness in flagging anomalous charging behavior. Finally, we re-envision the EV charging ecosystem by integrating both AI and Blockchain to secure both public and private EVCS from the proposed attack

Investigating the Security of EV Charging Mobile Applications As an Attack Surface

The adoption rate of EVs has witnessed a significant increase in recent years driven by multiple factors, chief among which is the increased flexibility and ease of access to charging infrastructure. To improve user experience, increase system flexibility and commercialize the charging process, mobile applications have been incorporated into the EV charging ecosystem. EV charging mobile applications allow consumers to remotely trigger actions on charging stations and use functionalities such as start/stop charging sessions, pay for usage, and locate charging stations, to name a few. In this paper, we study the security posture of the EV charging ecosystem against remote attacks, which exploit the insecurity of the EV charging mobile applications as an attack surface. We leverage a combination of static and dynamic analysis techniques to analyze the security of widely used EV charging mobile applications. Our analysis of 31 widely used mobile applications and their interactions with various components such as the cloud management systems indicate the lack of user/vehicle verification and improper authorization for critical functions, which lead to remote (dis)charging session hijacking and Denial of Service (DoS) attacks against the EV charging station. Indeed, we discuss specific remote attack scenarios and their impact on the EV users. More importantly, our analysis results demonstrate the feasibility of leveraging existing vulnerabilities across various EV charging mobile applications to perform wide-scale coordinated remote charging/discharging attacks against the connected critical infrastructure (e.g., power grid), with significant undesired economical and operational implications. Finally, we propose counter measures to secure the infrastructure and impede adversaries from performing reconnaissance and launching remote attacks using compromised accounts

Artificial Intelligence-based Cybersecurity for Connected and Automated Vehicles

The damaging effects of cyberattacks to an industry like the Cooperative Connected and Automated Mobility (CCAM) can be tremendous. From the least important to the worst ones, one can mention for example the damage in the reputation of vehicle manufacturers, the increased denial of customers to adopt CCAM, the loss of working hours (having direct impact on the European GDP), material damages, increased environmental pollution due e.g., to traffic jams or malicious modifications in sensors’ firmware, and ultimately, the great danger for human lives, either they are drivers, passengers or pedestrians. Connected vehicles will soon become a reality on our roads, bringing along new services and capabilities, but also technical challenges and security threats. To overcome these risks, the CARAMEL project has developed several anti-hacking solutions for the new generation of vehicles. CARAMEL (Artificial Intelligence-based Cybersecurity for Connected and Automated Vehicles), a research project co-funded by the European Union under the Horizon 2020 framework programme, is a project consortium with 15 organizations from 8 European countries together with 3 Korean partners. The project applies a proactive approach based on Artificial Intelligence and Machine Learning techniques to detect and prevent potential cybersecurity threats to autonomous and connected vehicles. This approach has been addressed based on four fundamental pillars, namely: Autonomous Mobility, Connected Mobility, Electromobility, and Remote Control Vehicle. This book presents theory and results from each of these technical directions

Planning and Design for Intelligent and Secure Integration of Electric Vehicles into the Smart Grid

The transition to electric vehicles (EVs) is gaining momentum around the world and government initiatives to accelerate this transition range from major tax exemptions, lower insurance payments to convenient parking incentives at shopping malls. The major drivers for this acceleration are the rising awareness by the public for maintaining a clean environment, reducing pollutant emissions, breaking dependencies on oil, as well as tapping into cleaner sources of energies. EVs acceptance however is hindered by several challenges; among them is their shorter driving range, slower charging rates, and the ubiquitous availability of charging locations, collectively contributing to higher anxieties for EVs drivers. Governments of developed countries as well as major car manufacturers are taking solid steps to address these challenges and set ambitious goals to make EVs the major transportation mode within few years. Consequently, a significant number of EVs is going to connect to the existing smart grid and hence, the load pattern is expecting a paradigm shift. This immense load will challenge the generation, transmission and distribution sector of the grid along with being a potential cyber-physical attack platform. To attain a graceful EV penetration for curtailing GHG emission, along with the socioeconomic initiatives, an extensive research is required, especially to mitigate the range anxiety and ameliorate the load congestion on the grid. As a consequence, to reduce the range anxiety, we present a two-stage solution to provision and dimension a DC fast charging station (CS) network for the anticipated energy demand and that minimizes the deployment cost while ensuring a certain quality of experience for charging e.g., acceptable waiting times and shorter travel distances to charge. This solution also maintains the voltage stability by considering the distribution grid capacity, determining transformers’ rating to support peak demand of EV charging and adding a minimum number of voltage regulators based on the impact over the power distribution network. We propose, evaluate and compare two CS network expansion models to determine a cost-effective and adaptive CSs provisioning solution that can efficiently expand the CS network to accommodate future EV charging and conventional load demands. Though an adequate fast charging network may assist to reduce the range anxiety and propel the EV market, catering this large number of EVs using fuel based conventional grid actually shifts the carbon footprint from the transportation sector to the power generation sector. As a consequence, green energy needs to be promoted for EV charging. However, the intermittent behavior of renewable energy (RE) generation challenges to maintain a RE based stand alone CS. In order to address this issue, we consider a photovoltaic(PV) powered station equipped with an energy storage system (ESS), which is assumed to be capable of assigning variable charging rates to different EVs to fulfill their demands inside their declared deadlines at minimum price. To ensure fairness, a charging rate dependent pricing mechanism is proposed to assure a higher price for enjoying a higher charging rate. The PV generation profile and future load request are forecasted at each time slot, to handle the respective uncertainties. Whatever, the energy source is green or not of a CS, a static CS cannot offer the flexibility to charge an EV at any place at any time especially for an emergency case. Fortunately, the bidirectional energy transferring capability between vehicles (i.e., vehicle to vehicle (V2V)) might be a solution to charge an EV at any place and at any time without leaning on a stationary CS. Hence, we assume a market where charging providers each has a number of charging trucks equipped with a larger battery and a fast charger to charge a number of EVs at some particular parking lots. We formulate an integer linear program (ILP) to maximize the number of served EVs by determining the optimal trajectory and schedule of each truck. Owing to its complexity, we implement Dantzig-Wolfe decomposition approach to solve this. However, to build a prolific EV charging ecosystem, all its entities (e.g., EVs, CSs and grid) have to be connected through a communication link and that unveils a new cyber physical attack surface. As a consequence, we exploit the abundance of Electric Vehicles (EVs) to target the stability of the power grid by presenting a realistic coordinated switching attack that initiates inter-area oscillations between different areas of the power grid and assess the dire consequences over the power system. Finally, a back propagation neural network (BPNN) technique is used in a proposed framework to detect such switching attacks before being executed

Artificial Intelligence-based Cybersecurity for Connected and Automated Vehicles

The damaging effects of cyberattacks to an industry like the Cooperative Connected and Automated Mobility (CCAM) can be tremendous. From the least important to the worst ones, one can mention for example the damage in the reputation of vehicle manufacturers, the increased denial of customers to adopt CCAM, the loss of working hours (having direct impact on the European GDP), material damages, increased environmental pollution due e.g., to traffic jams or malicious modifications in sensors’ firmware, and ultimately, the great danger for human lives, either they are drivers, passengers or pedestrians. Connected vehicles will soon become a reality on our roads, bringing along new services and capabilities, but also technical challenges and security threats. To overcome these risks, the CARAMEL project has developed several anti-hacking solutions for the new generation of vehicles. CARAMEL (Artificial Intelligence-based Cybersecurity for Connected and Automated Vehicles), a research project co-funded by the European Union under the Horizon 2020 framework programme, is a project consortium with 15 organizations from 8 European countries together with 3 Korean partners. The project applies a proactive approach based on Artificial Intelligence and Machine Learning techniques to detect and prevent potential cybersecurity threats to autonomous and connected vehicles. This approach has been addressed based on four fundamental pillars, namely: Autonomous Mobility, Connected Mobility, Electromobility, and Remote Control Vehicle. This book presents theory and results from each of these technical directions

Security and Trust in Safety Critical Infrastructures

Critical infrastructures such as road vehicles and railways are undergoing a major change, which increases the dependency of their operation and control on Information Technology (IT) and makes them more vulnerable to malicious intent. New complex communication infrastructures emerge using the increased connectivity of these safety-critical systems to enable efficient management of operational processes, service provisioning, and information exchange for various (third-party) actors. Railway Command and Control Systems (CCSs) turn with the introduction of digital interlocking into an “Internet of Railway Things”, where safety-critical railway signaling components are deployed on common-purpose platforms and connected via standard IP-based networks. Similarly, the mass adoption of Electric Vehicles (EVs) and the need to supply their batteries with energy for charging has given rise to a Vehicle-to-Grid (V2G) infrastructure, which connects vehicles to power grids and multiple service providers to coordinate charging and discharging processes and maintain grid stability under varying power demands. The Plug-and-Charge feature brought in by the V2G communication standard ISO 15118 allows an EV to access charging and value-added services, negotiate charging schedules, and support the grid as a distributed energy resource in a largely automated way, by leveraging identity credentials installed in the vehicle for authentication and payment. The fast deployment of this advanced functionality is driven by economical and political decisions including the EU Green Deal for climate neutrality. Due to the complex requirements and long standardization and development cycles, the standards and regulations, which play the key role in operating and protecting critical infrastructures, are under pressure to enable the timely and cost-effective adoption. In this thesis, we investigate security and safety of future V2G and railway command and control systems with respect to secure communication, platform assurance as well as safety and security co-engineering. One of the major goals in this context is the continuous collaboration and establishment of the proposed security solutions in upcoming domain-specific standards, thus ensuring their practical applicability and prompt implementation in real-world products. We first analyze the security of V2G communication protocols and requirements for secure service provisioning via charging connections. We propose a new Plug-and-Patch protocol that enables secure update of EVs as a value-added service integrated into the V2G charging loop. Since EVs can also participate in energy trading by storing and feeding previously stored energy to grid, home, or other vehicles, we then investigate fraud detection methods that can be employed to identify manipulations and misbehaving users. In order to provide a strong security foundation for V2G communications, we propose and analyze three security architectures employing a hardware trust anchor to enable trust establishment in V2G communications. We integrate these architectures into standard V2G protocols for load management, e-mobility services and value-added services in the V2G infrastructure, and evaluate the associated performance and security trade-offs. The final aspect of this work is safety and security co-engineering, i.e., integration of safety and security processes vital for the adequate protection of connected safety-critical systems. We consider two application scenarios, Electric Vehicle Charging System (EVCS) and Object Controller (OC) in railway CCS, and investigate how security methods like trusted computing can be applied to provide both required safety and security properties. In the case of EVCS, we bind the trust boundary for safety functionality (certified configuration) to the trust boundary in the security domain and design a new security architecture that enforces safety properties via security assertions. For the railway use case, we focus on ensuring non-interference (separation) between these two domains and develop a security architecture that allows secure co-existence of applications with different criticality on the same hardware platform. The proposed solutions have been presented to the committee ISO/TC 22/SC 31/JWG 1 that develops the ISO 15118 standard series and to the DKE working group “Informationssicherheit für Elektromobilität” responsible for the respective application guidelines. Our security extension has been integrated in the newest edition ISO 15118-20 released in April 2022. Several manufacturers have already started concept validation for their future products using our results. In this way, the presented analyses and techniques are fundamental contributions in improving the state of security for e-mobility and railway applications, and the overall resilience of safety-critical infrastructures to malicious attacks

Deep Learning -Powered Computational Intelligence for Cyber-Attacks Detection and Mitigation in 5G-Enabled Electric Vehicle Charging Station

An electric vehicle charging station (EVCS) infrastructure is the backbone of transportation electrification. However, the EVCS has various cyber-attack vulnerabilities in software, hardware, supply chain, and incumbent legacy technologies such as network, communication, and control. Therefore, proactively monitoring, detecting, and defending against these attacks is very important. The state-of-the-art approaches are not agile and intelligent enough to detect, mitigate, and defend against various cyber-physical attacks in the EVCS system. To overcome these limitations, this dissertation primarily designs, develops, implements, and tests the data-driven deep learning-powered computational intelligence to detect and mitigate cyber-physical attacks at the network and physical layers of 5G-enabled EVCS infrastructure. Also, the 5G slicing application to ensure the security and service level agreement (SLA) in the EVCS ecosystem has been studied. Various cyber-attacks such as distributed denial of services (DDoS), False data injection (FDI), advanced persistent threats (APT), and ransomware attacks on the network in a standalone 5G-enabled EVCS environment have been considered. Mathematical models for the mentioned cyber-attacks have been developed. The impact of cyber-attacks on the EVCS operation has been analyzed. Various deep learning-powered intrusion detection systems have been proposed to detect attacks using local electrical and network fingerprints. Furthermore, a novel detection framework has been designed and developed to deal with ransomware threats in high-speed, high-dimensional, multimodal data and assets from eccentric stakeholders of the connected automated vehicle (CAV) ecosystem. To mitigate the adverse effects of cyber-attacks on EVCS controllers, novel data-driven digital clones based on Twin Delayed Deep Deterministic Policy Gradient (TD3) Deep Reinforcement Learning (DRL) has been developed. Also, various Bruteforce, Controller clones-based methods have been devised and tested to aid the defense and mitigation of the impact of the attacks of the EVCS operation. The performance of the proposed mitigation method has been compared with that of a benchmark Deep Deterministic Policy Gradient (DDPG)-based digital clones approach. Simulation results obtained from the Python, Matlab/Simulink, and NetSim software demonstrate that the cyber-attacks are disruptive and detrimental to the operation of EVCS. The proposed detection and mitigation methods are effective and perform better than the conventional and benchmark techniques for the 5G-enabled EVCS