Who Can Hack a Plug? The Infosec Risks of Charging Electric Cars

No ratings

Presented at HITBSecConf Amsterdam 2013 by

Ofer Shezaf

What could be insecure about charging an electric car? Just plug in to a power outlet and off you go… Nothing can be further from the truth. The vision of electric cars call for charge stations to perform smart charging as part of a global smart grid. As a result, a charge station is a sophisticated computer that communicates with the electric grid on one side and the car on the other. To make matters worse, it’s installed outside on street corners and in parking lots. Electric vehicle charging stations bring with them new security challenges that show similar issues as found in SCADA systems, even if they use different technologies. In this presentation, we will understand what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety. We will discuss charge station architecture and functionality to identify potential weak spots. and will explore theoretical and real world vulnerabilities in these systems. In addition subsystems such as the car to charge station protocol, the embedded RFID reader, the electrical circuits and maintenance back doors will also be discussed. Lastly we will talk about potential solutions such as new key provisioning algorithms and limited authorization schemes.