- EV chargers are as vulnerable to cyber-threats any other connected devices. Insecure communications leave the door open to threats ranging from petty theft (fraudulent billing) to major data breaches (theft of vehicle data or customer credit card info) to disaster-movie scenarios (sabotage of electrical grids).
- Communications between vehicles and EVSE are secured by means of public key infrastructure (PKI). Certificates that include the information that the car and the charging station need in order to deliver and pay for a charge are stored in a secure format based on asymmetric key cryptography.
- Irdeto has been a major player in the cybersecurity realm for many years, and has recently established an important role in the EV infrastructure ecosystem—its customers include vehicle OEMs, charge point operators and other e-mobility providers. Irdeto is a key player in managing the V2G root Certificate Authority (CA) in North America, and recently took over the CharIN public key infrastructure in Europe.
- The ISO 15118 series of standards governs the interface between the vehicle and the charge point. Secure implementation of these standards enables things like roaming, Plug & Charge and V2G.
Q&A with Irdeto’s Senior Vice President of New Markets and Senior Director of Electric Vehicles.
Execs and experts across the EV infrastructure ecosystem agree on the importance of connectivity. Connecting EV charging stations to the cloud helps companies maintain reliability, provides valuable usage statistics, and enables cutting-edge features such as roaming, Plug & Charge and V2X applications. However, connectivity also means opportunity for hackers, crackers and other online evil-doers.
EV chargers are as vulnerable to cyber-threats any other connected devices—maybe even more so, for a couple of reasons. For one, EV infrastructure represents a new technology, and industry standards and best practices are still being worked out. Companies are entering (and exiting) the business on seemingly a daily basis—a sort of Wild West ethos still prevails.
Furthermore, some EVSE installations, especially in the public charging realm, involve a complex web of different companies and organizations, and by no means all of these are as security-conscious as they should be.
Irdeto has been a major player in the cybersecurity realm for many years, and has recently established an important role in the EV infrastructure ecosystem—its customers include vehicle OEMs, charge point operators and other e-mobility providers. Irdeto is a key player in managing the Vehicle-to-Grid (V2G) root Certificate Authority (CA) in North America, and recently expanded its influence by taking on the CharIN public key infrastructure in Europe.
Charged spoke with Irdeto’s Niels Haverkorn, Senior Vice President of New Markets, and Juha Hytönen, Senior Director, Electric Vehicles.
Charged: Irdeto specializes in cryptographic keys and certificates for communication security. Is that something like the certificates we’re used to seeing on web sites?
Juha Hytönen: The solution is much more than just certificates. We like to talk about key lifecycle management, which is an all-encompassing topic that deals with the issuance of secure material from creation all the way to revocation and renewal. The public key infrastructure (PKI) is in many ways analogous to the certificate that you see in a web browser. Of course, in the context of EV charging, the certificate itself carries information that is specific to the domain—for example, charging contract information, identity of the vehicle, etc.
Charged: So, the certificate includes the information that the car and the charging station need in order to deliver and pay for a charge, and it includes all that information in a secure format.
Juha Hytönen: Correct. A secure format that is based on asymmetric key cryptography.
Niels Haverkorn: PKI technology is based on a public key and a private key—which is why they call it asymmetric—and then a certificate infrastructure behind it that allows for authentication and security.
Charged: Your company provides PKI for a lot of different fields. How long have you been in the EV charging realm?
Niels Haverkorn: We go back a long, long time in PKI, and we are one of the world’s largest players in the field. We have been in existence since 1969. Our initial business, and still one of our key focal points, is the video entertainment space, where public key infrastructure in a hostile domain is one of our key deliverables.
Juha Hytönen: We had a number of customers in the automotive domain starting in 2019, including Ford Otosan (the truck manufacturing side of Ford) and Knorr-Bremse (a manufacturer of brakes and other things). These engagements led us into discussions with entities in the automotive space who are of course also active in the EV charging space. That’s how we became familiar with CharIN—our first engagement in the EV space was actually with CharIN, in 2021, when we became the PKI provider for CharIN’s European V2G root.
Charged: Your web site lists three different types of customers: vehicle OEMs, charge point providers and e-mobility service providers. Tell me about the needs of these kinds of companies as far as the security certificates.
Juha Hytönen: There are lot of use cases, but for a charging session these three entities need to talk to one another, and they need to do it in a secure way. And the state of play today is that not all charging sessions are cyber-secure. The communication between the vehicle and the charge point, for example, may still be in plain text in some cases.
The cybersecurity of the charge points themselves is also an issue. It can be that the same set of keys is used for an entire network of charge points, which means that if you are able to get hold of that key, then you are suddenly in control of all the charge points. This was understood by the industry and that’s why they started developing standards like ISO 15118 and OCPP 2.0.1. In all these standards, the underpinning security technology is PKI.
“The state of play today is that not all charging sessions are cyber-secure. The communication between the vehicle and the charge point, for example, may still be in plain text in some cases.”
For example, a charge point and a vehicle need to be able to trust one another even though they belong to different companies. The PKI is a mechanism that enables this fundamental trust. The certificate is essentially a piece of text that ends up in the charge point, and when the plug is connected to the charge point, then it’s the public key and the certificate that gets sent from the charge point to the vehicle. And with that, all of these entities are able to verify that the charge point is who they claim to be and that the vehicle is who they claim to be, and they’re able to use that same information to encrypt the communications between them. Our role here is to play the very topmost entity, and in some cases also that of a Tier 1 issuer, to make sure that those verifications can pass, and that these companies actually follow the necessary security requirements—for example, to keep their private keys safe.
Charged: Tell me a couple of horror stories. If a charger sent information in plain text, without encryption, what could happen?
Niels Haverkorn: One of the simplest ones could be that, instead of a CPO giving notice to your vehicle that a charging session is done, it’s a hacker on the side of the road who says, “I have just charged this car for $50, here is the bill.” That’s something simple that can go wrong. But of course, there’s lots of personal data in vehicles and in charging contracts.
Juha Hytönen: The impacts may not be that large if a few people are able to charge for free or if the charging session doesn’t happen. But I think that the main sort of horror scenarios, there are two. The first one impacts the business of these companies. If your communications are unencrypted and you have these open doors into your infrastructure, whether it’s the charge points or the vehicles, then this makes you susceptible to a very basic type of attack, such as ransomware. That’s something that we have seen happening in many industries, and if this is not fixed, then it’s also going to happen in charging infrastructure.
Then there is another scenario, which is that if you’re actually able to take control over charge points, and you can suddenly stop or start the charging sessions of 100,000 vehicles in the city of Seattle, for example, then that is going to create such a huge spike on the electricity grid that the grid is most likely going to go down, and then you have a problem.
Charged: And a great plot for a disaster movie.
Juha Hytönen: Absolutely!
“If you’re able to take control over charge points, and you can suddenly stop or start the charging sessions of 100,000 vehicles in the city of Seattle, for example, then that is going to create such a huge spike on the electricity grid that the grid is most likely going to go down.”
Charged: Tell me more about ISO 15118.
Juha Hytönen: ISO 15118 is a series of standards that governs the interface between the vehicle and the charge point. And the two specific parts that we are interested in are parts 2 and 20, which govern the communication interface.
Charged: These standards enable things like roaming, Plug & Charge and V2G. I guess roaming is fairly well established, but Plug & Charge and V2G are new up-and-coming technologies.
Niels Haverkorn: Roaming is available today, but it’s actually not free roaming in the sense of being standardized. It requires a third party that aggregates services and signs on companies. With that comes, of course, cost inefficiencies, monopolies, etc. It’s not true free roaming as we would have for example, in a standardized cellular network. And that is where Plug & Charge capability comes in. So, this neutrality and industry-wide setup is what we’re also doing in taking on, for example, the business from CharIN, where we want to make sure that our customers have a say in how policies are set.
Charged: Hubject is an example of one of those aggregators—as I understand it, it’s kind of a closed system that’s only open to the companies that participate. Your goal is to have an open roaming system that anyone can participate in, based on open standards. Would that put companies like Hubject out of business?
Juha Hytönen: Well, I think it would significantly reduce their business. Hubject has done a lot of good groundbreaking work in the sense that they enabled roaming in the first place, so you have to give them that. And they have certainly fixed some of the early issues in the industry. However, they are not based on open standards at the moment.
Also, Hubject is not solving the entire problem. The problems that they are trying to solve are interoperability and roaming. We are trying to solve the cybersecurity problem, of which interoperability is just one aspect, and our aim is to do that in an open manner. One of the key differences between us and some of the other industry players is that we have an open governance model, meaning that for our ecosystem, we will have an external governance board, comprised of representatives of customers, that has the final say in how that ecosystem is governed. Also that, insofar as available, we will base our technology on open standards such as ISO 15118, OCPP, Open Plug & Charge Protocol, and others.
Charged: Of course, Tesla has its own proprietary system that does basically the same thing as Plug & Charge, and there’s another system called AutoCharge. Can those all coexist and work together?
Juha Hytönen: Tesla’s system is also based on the ISO 15118-2 standard. The communication protocol is the same, it is just the connector that is different. Their connector is the NACS connector, whereas others, especially in Europe, prefer the CCS connector, which is defined in the ISO standard as well. The Tesla infrastructure also relies on a public key infrastructure, so some of the fundamental building blocks are the same.
AutoCharge, however, is something totally different. AutoCharge was developed to address one very narrow use case, which is a seamless charging session, and it comes with some limitations. It doesn’t work on all vehicle models because there is no native support from the vehicle manufacturers. It is a very clever technology, and as an EV driver, I think it’s great they came up with AutoCharge because it showcases how simple charging an EV can be, and it has proven the potential for Plug & Charge. However, what AutoCharge doesn’t provide is the security foundation. I do think that there is a place for AutoCharge for a few years until ISO 15118 is fully deployed, but think that eventually Plug & Charge is going to replace it as the primary use case.
“Tesla’s system is also based on the ISO 15118-2 standard. The communication protocol is the same, it is just the connector that is different. AutoCharge, however, is something totally different.”
Charged: I’ve heard that a lot of the back-end stuff—security and so on—with Tesla’s system is not very different from the CCS system. Will the Tesla and Plug & Charge systems merge, or will they continue to coexist?
Juha Hytönen: There will certainly be some kind of an interoperability arrangement. And since they are both based on the same foundational technology, it is not as big a problem as people may think.
Charged: On your web site you list OEMs, CPOs and e-mobility service providers as your customers. Would fleet operators also be potential customers?
Juha Hytönen: Yeah, they would. If we look at the deployment of the ISO 15118-based technology, then it seems that the first adopters will actually be fleets. A lot of the concrete customer cases that we are talking about have to do with an OEM and a CPO providing a private charging experience for a fleet operator. The use case is that the CPO will install charging infrastructure at a depot, for example, and then the OEM will sell fleet vehicles that are able to use Plug & Charge at that particular depot and enable a seamless charging transaction. There’s also talk about V2G, because the potential for V2G is of course much larger in fleet environments where you have a number of EVs co-located.
Charged: Where does your company fit into the overall charging ecosystem? You provide the security piece of the puzzle. Do you have competitors that provide similar services, or do some of the EVSE providers offer the same sort of services?
Juha Hytönen: We are an independent trust platform provider in the sense that we are one of the few players in this space who are independent of all the CPOs and all the OEMs. When our customers choose to work with us, they are not funding the technology of their competition, and they see us as a neutral entity. That’s one thing.
The second thing is that we provide a full end-to-end solution. We talked previously about the roaming hubs—they are definitely one group of competition that we have. Then we have the traditional PKI providers. To give an example, DigiCert is a big name, especially in the US market. Their background is in the internet space, where they are a well-known provider of certificates. But in comparison to those kinds of operators, we are a true end-to-end service provider in the sense that we provide all the services for key lifecycle management, from getting that key from when it’s generated to the manufacturing line of that charging station to provisioning it for the first time, to the creation of a contract certificate and getting that into a contract certificate pool, which is a public service where anybody can find that. And as far as we know at the moment, this kind of full service does not exist with any of our competitors.
The fact that we are a neutral outsider is a key element here. We are not a CPO, we’re not an EV company, and we don’t have those investors in our company. That creates neutrality, which is important for these types of systems to go broader. And this is also why us starting to take over the PKI infrastructure from CharIN is significant. That open governance, where the market and customers have a say in PKI policy and deployment, is a key element. Because it has to be neutral and trusted by the entire industry and all the players.
“The fact that we are a neutral outsider is a key element here. We are not a CPO, we’re not an EV company, and we don’t have those investors in our company. That creates neutrality, which is important for these types of systems to go broader.“
Charged: Tell us more about your takeover of the public key structure from CharIN. Is this just for Europe?
Juha Hytönen: We are going to take over the CharIN PKI, and it was only launched in Europe. We have our own operation in North America, which we launched late last year. The challenge that CharIN had was the operational effort to run a PKI where the participants are Fortune 500 companies with quite high requirements for cybersecurity process compliance. It was maybe a bit too much for an association, whereas that has been our bread and butter for decades and it is something where we really have developed quite an operational excellence.
Niels Haverkorn: That initial PKI of CharIN was actually developed in cooperation with us as well, so we’ve been working closely together over those years. The idea was for CharIN to manage and operate this key lifecycle management system. And clearly the operational requirements of doing so is our specialty. Of course, what we want to maintain is this element of neutrality that CharIN very much had.
Charged: I suppose that opens up some new opportunities for you as a company. What’s next for the PKI project?
Juha Hytönen: Yeah, it is a huge opportunity. This will be one of the most important global platforms going forward—we hope that we will have most of world’s EV drivers on our platform in one way or another. That’s a huge opportunity for us as and of course to the competitors who will eventually follow, as there will be a few of these platforms for sure.
This article first appeared in Issue 68: April-June 2024 – Subscribe now.
