§ DOE/DHS/DOT Volpe Technical Meeting on Electric Vehicle and Charging Station Cybersecurity Report

This is the mobile-friendly web version of the original article.

DOE/DHS/DOT Volpe Technical Meeting on Electric Vehicle and Charging Station Cybersecurity Report

Prepared by:

United States Department of Transportation Volpe Center and United States Department of Energy Office of Policy

Final Report—March 2018

DOT-VNTSC-DOE-18-01

Prepared for: U.S. Department of Energy. 1000 Independence Ave., S.W. Washington, DC 20585-1615

U.S. Department of Transportation, Volpe Center

Disclaimer
Acknowledgments
Contents
List of Figures
List of Tables
List of Abbreviations
Executive Summary

Disclaimer

This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or any agency thereof. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or any agency thereof.

REPORT DOCUMENTATION PAGE				Form Approved OMB No. 0704-0188
Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188), Washington, DC 20503.
1. AGENCY USE ONLY (Leave blank)		2. REPORT DATE: March 2018		3. REPORT TYPE AND DATES COVERED Technical Meeting Report
4. TITLE AND SUBTITLE DOE/DHS/DOT Volpe Technical Meeting on Electric Vehicle and Charging Station Cybersecurity Report					5a. FUNDING NUMBERS VXU6A1/RE572
6. AUTHOR(S) Kevin Harnett, Brendan Harris, Daniel Chin, Graham Watson					5b. CONTRACT NUMBER
7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) U.S. Department of Transportation John A. Volpe National Transportation Systems Center 55 Broadway Cambridge, MA 02142-1093					8. PERFORMING ORGANIZATION REPORT NUMBER DOT-VNTSC-DOE-18-01
9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES) U.S. Department of Energy 1000 Independence Ave., S.W. Washington, DC 20585-1615					10. SPONSORING/MONITORING AGENCY REPORT NUMBER
11. SUPPLEMENTARY NOTES
12a. DISTRIBUTION/AVAILABILITY STATEMENT 12b. DISTRIBUTION CODE This document is available to the public on the National Transportation Library (NTL) Repository and Open Science Access Portal (ROSA P) website at: https://rosap.ntl.bts.gov/view/dot/34991
13. ABSTRACT (Maximum 200 words) On November 29-30, 2017, the U.S. Department of Energy’s (DOE) Office of Policy (OP), in collaboration with DOE’s Vehicle Technology Office (VTO), the U.S. Department of Homeland Security’s (DHS) Science and Technology Directorate (S&T) Cyber Security Division (CSD), and the U.S. Department of Transportation’s (DOT) John A. Volpe National Transportation Systems Center (Volpe), held a technical meeting on key aspects of electric vehicle (EV) and electric vehicle supply equipment (EVSE) cybersecurity. This report summarizes key takeaways and discussion points.
14. SUBJECT TERMS Electric Vehicle (EV), Electric Vehicle Supply Equipment (EVSE), Cybersecurity, Charging Station, Smart Grid, Utility, Building Energy Management Systems (BEMS), Vehicle Technology Office (VTO)						15. NUMBER OF PAGES 28
						16. PRICE CODE
17. SECURITY CLASSIFICATION OF REPORT UNCLASS	18. SECURITY CLASSIFICATION OF THIS PAGE UNCLASS		19. SECURITY CLASSIFICATION OF ABSTRACT UNCLASS			20. LIMITATION OF ABSTRACT Unlimited

Acknowledgments

The Department of Energy (DOE) and U.S. DOT Volpe Center would like to thank subject matter experts (SMEs) from the California Public Utilities Commission’s (CPUC) Vehicle-Grid Integration Communications Protocol Working Group, Idaho National Laboratory (INL), Lear Corporation, Fiat Chrysler Automotive (FCA), and Daimler AG for their insight on topics in this report. In addition, we would like to acknowledge and give thanks to all the organizations who participated in the DOE/DHS/DOT Volpe Center Technical Meeting on Electric Vehicle and Charging Station Cybersecurity on November 29-30, 2017, in Arlington, VA, and for providing their insights and expertise.

List of Figures
List of Tables
List of Abbreviations
Executive Summary
Background/Introduction
- 1.1 Structure of the Report
- 1.2 General Vehicle Cybersecurity Concerns Background
  - 1.2.1 Telematics
  - 1.2.2 Controller Area Network (CAN) Bus
- 1.3 Cybersecurity Considerations for the Electric Vehicle
  - 1.3.1 Stakeholders
2 Organizational Structure
3 Incorporating Cybersecurity into Design
- 3.1 Segmentation
- 3.2 Chipsets
- 3.3 Penetration Testing
- 3.4 Vulnerability Assessment
- 3.5 EVSE Cybersecurity Procurement Guidelines
4 Trust
5 Ownership and Maintenance
6 Coordination
- 6.1 Standards Coordination
- 6.2 Public Sector Coordination
- 6.3 Private Sector Coordination
- 6.4 Public-Private Coordination
7 Gaps and Conclusions
- 7.1 Identified Gaps
  - 7.1.1 EV Charging Infrastructure Lacks Cybersecurity Best Practices
  - 7.1.2 End-to-end EV and Charging Infrastructure Lacks a Trust Model
  - 7.1.3 EV/Charging Infrastructure Lacks Cybersecurity Testing
  - 7.1.4 Wireless Chargers Lack Common Cybersecurity Guidelines
  - 7.1.5 Security of EV Over-the-Air (OTA) Infrastructure Update Capability
  - 7.1.6 Commercial EVSE Lack of Common Physical Security Guidelines
- 7.2 Conclusions and Critical Gaps
Appendix A - Electric Vehicle Technical Standards Overview

List of Figures

Figure 1. Typical Telematics System

List of Tables

Table 1. Typical Data Elements Exchanged Between an EV and Charging Station
Table 2. EV and Charging Infrastructure Stakeholders

List of Abbreviations

Abbreviation	Term
ADR	Automated Demand Response
AMI	Advanced Metering Infrastructure
BEMS	Building Energy Management System
CAN	Controller Area Network
CCC	Chaos Communications Conference
CCS	Combined Charging System
CD	Compact Disk
CDMA	Code Division Multiple Access
CEMS	Central Energy Management Systems
CharlN e.V.	The Charging Interface Initiative
DC	Direct Current
DCFC	DC Fast Charger
DHS S&T CSD	Department of Homeland Security Science and Technology Cybersecurity Division
DIN	Deutsches Institut für Normung e.V. (the German Institute for Standardization)
DOE	Department of Energy
DOS	Denial of Service
DOT	Department of Transportation
DSO	Distribution System Operator
ECU	Electronic Control Unit
EESA	Electrical Energy Storage Assemblies
ENCS	European Network for Cyber Security
ESCC	Electricity Subsector Coordinating Council
ESCSWG	Energy Sector Control Systems Working Group
EV	Electric Vehicle
EVSE	Electric Vehicle Supply Equipment
FISMA	Federal Information Security Management Act
GPS	Global Positioning System
GSM	Global System for Mobile Communications
HAN	Home Area Network
HITB	Hack-in-the-Box
ICT	Information and Communications Technologies
IDS	Intrusion Detection System
IEEE	Institute of Electrical and Electronics Engineers
IETF	Internet Engineering Task Force
INL	Idaho National Laboratory
IoT	Internet of Things
ISO	International Organization of Standardization
ISO	Independent System Operator
Abbreviation	Term
LEV	Light Electric Vehicle
MITM	Man In The Middle
NEC	National Electrical Code
NERC	North American Electric Reliability Corporation
NESCOR	National Electric Sector Cybersecurity Organization Resource
NFC	Near Field Communications
NHTSA	National Highway Traffic Safety Administration
NIST	National Institute of Standards and Technology
NSTC	National Science and Technology Council
OBD	On-Board Diagnostic
OCA	Open Charge Alliance
OEM	Original Equipment Manufacturer
OP	Office of Policy
OTA	Over The Air
PEV	Plug-In Electric Vehicle
PHEV	Plug-In Hybrid Electric Vehicle
PIN	Personal Identification Number
RF	Radio Frequency
RTO	Regional Transmission Organization
SAE	Society of Automotive Engineers
SD	Secure Digital
SME	Subject Matter Expert
SMS	Short Message Service
TLS	Transportation Layer Security
TPMS	Tire Pressure Monitoring System
UMTS	Universal Mobile Telecommunications System
USB	Universal Serial Bus
V2G	Vehicle to Grid
V2I	Vehicle to Infrastructure
V2V	Vehicle to Vehicle
VTO	Vehicle Technology Office
W3C	World Wide Web Consortium
WPT	Wireless Power Transfer
XSS	Cross-site scripting

Executive Summary

On November 29-30, 2017, the U.S. Department of Energy’s (DOE) Office of Policy (OP), in collaboration with DOE’s Vehicle Technology Office (VTO), the U.S. Department of Homeland Security’s (DHS) Science and Technology Directorate (S&T) Cyber Security Division (CSD), and the U.S. Department of Transportation’s (U.S. DOT) John A. Volpe National Transportation Systems Center (Volpe) held a technical meeting on key aspects of electric vehicle (EV) and electric vehicle supply equipment (EVSE) cybersecurity. This report summarizes key takeaways and discussion points.

Electric vehicles are becoming a part of the transportation and mobility industry in the United States. It is during this initial development and deployment period for the EV environment that the opportunity exists to mitigate cybersecurity issues before they become widespread, ingrained, difficult, and expensive to remedy. The EV environment is a mix of multiple stakeholders, domains, hardware, and software. As the communication, electricity, and transportation systems become more integrated, cybersecurity vulnerabilities that would normally be localized, now have the ability to cause disruptions across these multiple sectors.

Modern day automobiles have cybersecurity vulnerabilities that the industry and government are working on addressing.¹ This report, and the preceding technical meeting, focuses on the cybersecurity vulnerabilities that are unique to electric vehicles and electric vehicle supply equipment:

The two-way communication between the EVSE and the vehicle
The connection between EVs, EVSE, and other systems (e.g., grid, telecommunications, buildings, etc.)

These differences could potentially lead to three main types of issues:

1) Public safety hazard to the vehicle operators and/or those in the immediate vicinity
2) Mobile, highly connected malware vectors
3) Initiating and/or exacerbating electric grid disruption

As a result of discussions during the Electric Vehicle and Charging Infrastructure Cybersecurity Technical Meeting, participants identified gaps and vulnerabilities in this threat space (see Chapter 7: Gaps and Conclusions for more detail on the gaps). The table below is a prioritized list of the gaps identified and provides a short description of each:

¹https://www.nhtsa.gov/technology-innovation/vehicle-cybersecurity

Identified Gap	Gap Description
EVSE Charging Infrastructure Lacks Cybersecurity Best Practices	The EV industry does not have secure software design and development methodology guidance to design and build “secure” EVSE capabilities. Purchasing agents who buy EVSEs do not typically specify cybersecurity protections (e.g. secure OTA firmware update capability, authentication) for their EVSE products due to lack of EVSE cybersecurity guidelines for the EVSE acquisitions.
End-to-End EV and Charging Infrastructure Lacks a Trust Model	There is no consensus on end-to-end trusted communication standards for securing communications between the electric vehicle and the charging infrastructure.
EV/Charging Infrastructure Lacks Cybersecurity Testing	There is a lack of formal cybersecurity testing and assessment applied to the entire EV charging infrastructure.
Wireless Chargers Lack Common Cybersecurity Guidelines	Light passenger EVs, electric buses and electric trucks have similar wireless charging communications paths, and none of them have guidance on the unique cybersecurity requirements specifically for wireless charging.
EV Over-the-Air (OTA) Infrastructure Update Capability Is Immature	Current EV infrastructure (i.e. EVSEs, Smart Meters, Advanced Metering Infrastructure-AMI, Demand Energy Response equipment, etc). OTA update capability is immature and insecure and vulnerable to cyberattacks. Insecure legacy equipment will need to be addressed at the same time as new EV equipment is designed to have better and more secure OTA capabilities.
Commercial EVSE Lack of Common Physical Security Guidelines	Physical damage to commercial EVSEs can result in nonoperational units which could have an adverse effect on consumer confidence in EVs in general. Some types of physical damage whether intentional or not, may expose the public to harmful electric current levels. There is a lack of common Physical Security Guidelines for Commercial EVSE Physical Security.

Throughout the technical meeting, participants particularly focused on two of these gaps as critical for government and industry to address:

1.The lack of security best practices for EVSE charging infrastructure
2.The lack of an end-to-end trust model for validating communications

Addressing these critical gaps should help focus and frame coordination between the relevant stakeholders in the energy, transportation, and communication sectors.