Exploring the Cyber Landscape of EV Infrastructure and Secure by Design Software Solutions

Modern electric vehicles and charging stations are equipped with advanced software and Internet of Things (IoT) systems that allow for efficient management and monitoring. However, these same features create multiple entry points for cyber attackers.  For the EV industry to successfully grow and scale, it is imperative to adopt more standardized and integrated technology solutions that are secure by design.  

The Cyber Landscape of EV Infrastructure 

There have already been several notable instances of cyberattacks on EV infrastructure. For example, Russian hackers compromised public charging stations to display anti-Putin messages. And in the UK, cybersecurity risks to national security prompted the removal of an EV charger from the market. These incidents highlight the real and present danger posed by inadequate cybersecurity measures in the EV sector.  

Currently, there are no universally accepted guidelines to ensure the security of charging stations. Many energy systems, including those used in EVs and broader energy management, rely on non-secure software and systems. These systems often lack essential security features such as encryption, authentication at the edge and in the cloud, and secure communication channels.  

The Department of Energy (DOE) has initiated efforts to address this risk. In 2023, the DOE's Grid Modernization Initiative allocated $39 million to fund projects aimed at identifying cybersecurity gaps and developing standardized testing and certification programs for EV charging equipment.  

But because there are already millions of EVs on the road, any program to standardize cybersecurity is already playing from behind. Therefore, the best path forward is to introduce highly integrated software that is secure by design.  

Mitigating Cyber Threats with Secure by Design Software Solutions

Software, such as the Keyfive Strata Energy Operating System, provides secure interoperability, data access, and control across energy systems. It is developed on security principles and maintains safeguards at each level, minimizing vulnerabilities. 

1. Edge Security and Mutual Authentication: The system employs secure hardware elements such as TPM (Trusted Platform Module) to authenticate devices at the edge before they connect to the network. This mutual authentication ensures that communications are secure and only between trusted devices, mitigating the risk of disruptions and reducing the need to exclusively rely on physical security. 

2. Multiple Layers of Encryption: Data is encrypted at multiple stages — on the device, during transmission, and at rest. This ensures that even if one layer is compromised, others remain intact to protect the data. The use of secure protocols like TLS (Transport Layer Security) further secures data in transit. 

3. Data Segmentation: Data is segmented into different domains, with each client’s data living within its own domain in the broader ecosystem. This segmentation minimizes the risk of unauthorized access and limits the potential impact of any security breach. 

4. Auditing and Monitoring: The system tracks every command and change made to its configuration and will automatically alert administrators of suspicious activities. This helps in auditing and ensures non-repudiation, meaning every action can be traced back to its source, while also making certain that inappropriate activities can be addressed swiftly before escalating into more significant issues. 

5. Secure Integration with Third-Party Systems: The software securely integrates with third-party systems like Building Management Systems (BMS) and microgrid controllers. This integration is achieved through secure APIs and continuous monitoring of data exchanges to prevent vulnerabilities from being introduced through third-party connections. 

Collectively, these comprehensive security measures ensure that security is not an afterthought but an integral part of the system’s architecture.  

Securing the Future of EVs

By standardizing security protocols and practices, such as using TPMs for hardware-based authentication and implementing multiple layers of encryption, secure by design technology ensures consistent and comprehensive protection across all components of the EV infrastructure. This standardization is essential for integrating various energy systems securely, enabling seamless communication between EVs, charging stations, and the broader energy grid without compromising security. 

Cyber threats pose significant risks to the reliability and safety of EV systems, which are critical to the broader adoption of electric vehicles. By adopting a secure by design approach, stakeholders can mitigate these risks, ensuring that the infrastructure is resilient against attacks, and pave a path forward for the EV revolution.  

Subscribe below for monthly updates from The Current: