DCFC EVSE Security

The rapid spread of electric vehicles (EVs) and EV charging stations requires an urgent focus on the security of the entire charging infrastructure. As EV charging stations are a major interface in the charging infrastructure, ensuring cybersecurity of the personal and private data transmitted to and from chargers is a key component to the overall security. To evaluate the security of a part of the EV charging ecosystem, researchers from Southwest Research Institute® (SwRI®) assessed the vulnerability of a DC Fast Charging (DCFC) EV Supply Equipment (EVSE)’s communication protocol and system. The researchers established an undetected Adversary in the Middle (AitM) between the EV and EVSE to examine the communication used between the two. They identified vulnerabilities that exposed critical data—such as the MAC address of both the EV and EVSE—either sent in plaintext or encrypted with a known algorithm. These values allowed for reprogramming of the non-volatile memory of Power-Line Communication (PLC) devices as well as the EV’s parameter information block (PIB). Discovering these values allowed the researchers to access the IPv6 layer on the connection between the EV and EVSE and use traditional ethernet penetration testing methods, including port scanning. Port scanning exposed open SSH and HTTP services, the latter of which was vulnerable and allowed unauthenticated retrieval of proprietary information. These findings lay the groundwork for strengthening the cybersecurity of our critical EV charging infrastructure. Improving the cybersecurity of DCFC EVSE is essential for this industry to develop resilient charging systems that can be safely used by the public and protects both the grid and EV users.