The Wall Street Journal’s Joanna Stern surfaced three key issues impeding the mass adoption of electric vehicles on a recent Tech Things episode, driving around LA in a Rivian R1T truck. The issues Stern uncovered point to larger cybersecurity issues within the electric vehicle ecosystem.
Joanna uncovered alarming reliability issues with DC fast charging stations across Los Angeles County, as 40% of them had problems that prevented drivers from charging their electric vehicles. The three key issues were:
- Chargers being out of service
- Failures with payment systems
- Difficulties connecting to chargers.
In this post, we’ll highlight the cybersecurity concerns that must be addressed as the proliferation of EVs across the US is growing.
EV Chargers Out of Service
It’s fair to say that charging stations are often out of service due to physical damage, insufficient maintenance, or software issues. However, cyber attacks on EV charging systems pose a real threat, as demonstrated by the recent hacking of Electrify America stations in Indiana. Incidents like this reveal the vulnerabilities that arise from the different vendors involved in this industry.
Each vendor follows their own security processes, which may not fully integrate with others, leaving the overall broader system susceptible to cyber threats. Having numerous vendors and systems that do not seamlessly communicate can introduce risks of security gaps for hackers to exploit potentially.
Failures with Payment Systems
Another issue stems from the complex payment systems implemented across EV charging networks. The hardware, payment apps, and network services are often provided by separate companies. This fragmentation can lead to supply chain security risks. For example, you may have one vendor supplying the payment terminal hardware, a different company creating the payment app, a third-party payment processor, and the charging network provider all involved in just the payment portion.
In some regard, a compromised payment system from one entity could potentially disable an entire charging service because of the interconnections within these systems. The lack of standardized communication protocols across payment systems compounds these risks by making it easier for vulnerabilities to be introduced.
Connection problems, while seemingly just operational annoyances on the surface, could also signal underlying cybersecurity concerns related to the communication protocols used. Secure communication standards like ISO 15118 allow the protected exchange of data between electric vehicles and charging stations, ensuring efficient and secure charging.
However, achieving a strong cybersecurity posture is complicated by the large range of standards across regions. Conflicting regulations and an evolving technological landscape create a complex compliance environment. This increases the challenges of implementing secure systems.
The issues uncovered in the investigation reveal that although the operational challenges with DC fast charging may not seem directly linked to cybersecurity, there are deeper connections that cannot be ignored. As this infrastructure scales up to meet rising EV adoption, the reliability problems will only grow worse if cybersecurity is not prioritized.
There also needs to be a more comprehensive approach towards standards and regulations, as the energy, automotive, and finance industries converge at the EV charging station. Otherwise, the lack of a single regulatory ‘owner’ coupled with the flux of standards and vendors, will further expose consumers to potentially devastating cyber threats.
Take Your Next Steps With C2A Security
C2A Security provides the only mobility-centric DevSecOps platform. Our advanced approach to automotive cybersecurity empowers companies to deliver secure products and create new software-based revenue streams while staying compliant and adhering to regulations and standards. Schedule a meeting to see how we can help your team.