Uncovering Covert Attacks on EV Charging Infrastructure: How OCPP Backend Vulnerabilities Could Compromise Your System
Authors: 
Khaled Sarieddine, Mohammad Ali Sayed, Sadegh Torabi, Ribal Attallah, Danial Jafarigiv, Chadi Assi, Mourad DebbabiAuthors Info & Claims
Khaled Sarieddine, Mohammad Ali Sayed, Sadegh Torabi, Ribal Attallah, Danial Jafarigiv, Chadi Assi, Mourad DebbabiAuthors Info & ClaimsPages 977 - 989
Abstract
The Electric Vehicle (EV) charging infrastructure has been rapidly expanding to keep up with the increased demands of EV consumers. This government-backed infrastructure expansion resulted in the rushed integration of a significant number of insecure EV Charging Stations (EVCS), which are vulnerable to cyber-attacks. Motivated by the uncovered vulnerabilities in different components of the EV charging infrastructure, in this paper, we study the security of the EVCS Cloud Management System (CMS). Specifically, we focus on the (in)security of the Open Charge Point Protocol (OCPP) backend communication with the EVCS. We verified the prevalence of such security weaknesses by discovering 6 zero-day vulnerabilities in each of the 16 representative live EV charging management systems. Our findings highlight the insecurity of the OCPP backend, which is widely deployed on existing EVCSs in the wild. Indeed, we discuss various attack scenarios that lead to man-in-the-middle, denial of service, firmware theft, and data poisoning, to name a few. We also leverage the developed testbed to demonstrate the feasibility of launching switching attacks against the power grid using compromised EVCSs. Finally, we contribute to the security of the EV charging ecosystem by also recommending countermeasures to mitigate/prevent future cyber-attacks.
References
[1]
2021. Building a green economy: Government of Canada to require 100% of car and passenger truck sales be zero-emission by 2035 in Canada. Transport Canada (Jun 2021). https://www.canada.ca/en/transport-canada
[2]
2022. Attack Surface Management and Data Solutions. https://censys.io/
[3]
2022. Chinese province plans to ban the sale of gasoline-powered cars. https://shorturl.at/nswIV
[4]
2022. Cyberspace search engine. https://www.zoomeye.org/
[5]
2022. Isle of wight: Council's Electric Vehicle Chargers hacked to show porn site. https://www.bbc.com/news/uk-england-hampshire-61006816
[6]
2022. Search Engine for the Internet of Everything. https://www.shodan.io/
[7]
2023. Splunk (Mar 2023). https://www.splunk.com/en_us/blog/learn/zero-day.html
[8]
2023. Biden-Harris Administration Opens Applications for First Round of $2.5 Billion Program to Build EV Charging in Communities & Neighborhoods Nationwide. https://shorturl.at/jxAC4.
[9]
1N3. [n. d.]. 1N3/intruderpayloads: A collection of burpsuite intruder payloads, Burpbounty payloads, Fuzz Lists, malicious file uploads and web pentesting methodologies and checklists. https://github.com/1N3/IntruderPayloads
[10]
Michael Akuchie. 2023. Hacked Electrify America Charger exposes major cyber-security risk. ScreenRant (Jan 2023). https://screenrant.com/electrify-america-hacked-charger-cybersecurity-risk/
[11]
Amer S Al-Hinai. 2000. Voltage collapse prediction for interconnected power systems. West Virginia University.
[12]
Cristina Alcaraz, Jesus Cumplido, and Alicia Trivino. 2023. OCPP in the spotlight: threats and countermeasures for electric vehicle charging infrastructures 4.0. International Journal of Information Security (2023), 1--27.
[13]
Cristina Alcaraz, Javier Lopez, and Stephen Wolthusen. 2017. OCPP protocol: Security threats and challenges. IEEE Transactions on Smart Grid 8, 5 (2017), 2452--2459.
[14]
Joseph Antoun, Mohammad Ekramul Kabir, Ribal F Atallah, and Chadi Assi. 2021. A Data Driven Performance Analysis Approach for Enhancing the QoS of Public Charging Stations. IEEE Transactions on Intelligent Transportation Systems 23, 8 (2021), 11116--11125.
[15]
Joseph Antoun, Mohammad Ekramul Kabir, Bassam Moussa, Ribal Atallah, and Chadi Assi. 2020. A detailed security assessment of the EV charging ecosystem. IEEE Network 34, 3 (2020), 200--207.
[16]
Richard Baker and Ivan Martinovic. 2019. Losing the Car Keys: Wireless PHY-Layer Insecurity in EV Charging. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 407-424. https://www.usenix.org/conference/usenixsecurity19/presentation/baker
[17]
Kaibin Bao, Hristo Valev, Manuela Wagner, and Hartmut Schmeck. 2018. A threat analysis of the vehicle-to-grid charging protocol ISO 15118. Computer Science-Research and Development 33, 1--2 (2018), 3--12.
[18]
Natural Resources Canada. 2023. Government of Canada. https://natural-resources.canada.ca/energy-efficiency/transportation-alternative-fuels/zero-emission-vehicle-infrastructure-program/21876
[19]
Natural Resources Canada and U.S. Department of Energy. [n. d.]. Final Report on the Implementation of the Task Force Recommendations. https://www.ieso.ca/en/Corporate-IESO/Media/Also-of-Interest/Blackout-2003
[20]
Mauro Conti, Denis Donadel, Radha Poovendran, and Federico Turrin. 2022. EVExchange: A Relay Attack on Electric Vehicle Charging System. In Computer Security - ESORICS 2022. Springer International Publishing, Cham, 488--508.
[21]
Jesus Cumplido, Cristina Alcaraz, and Javier Lopez. 2022. Collaborative anomaly detection system for charging stations. In Computer Security-ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26--30, 2022, Proceedings, Part II. Springer, 716--736.
[22]
Hossam ElHussini, Chadi Assi, Bassam Moussa, Ribal Atallah, and Ali Ghrayeb. 2021. A tale of two entities: Contextualizing the security of electric vehicle charging stations on the power grid. ACM Transactions on Internet of Things 2, 2 (2021), 1--21.
[23]
OWASP Foundation. [n. d.]. Owasp Top Ten. https://owasp.org/www-project-top-ten/
[24]
Zacharenia Garofalaki, Dimitrios Kosmanos, Sotiris Moschoyiannis, Dimitrios Kallergis, and Christos Douligeris. 2022. Electric Vehicle Charging: A Survey on the Security Issues and Challenges of the Open Charge Point Protocol (OCPP). IEEE Communications Surveys & Tutorials 24, 3 (2022), 1504--1533.
[25]
Micah Goldblum, Dimitris Tsipras, Chulin Xie, Xinyun Chen, Avi Schwarzschild, Dawn Song, Aleksander Madry, Bo Li, and Tom Goldstein. 2022. Dataset security for machine learning: Data poisoning, backdoor attacks, and defenses. IEEE Transactions on Pattern Analysis and Machine Intelligence (2022).
[26]
Raju Gottumukkala, Rizwan Merchant, Adam Tauzin, Kaleb Leon, Andrew Roche, and Paul Darby. 2019. Cyber-physical System Security of Vehicle Charging Stations. In 2019 IEEE Green Technologies Conference(GreenTech). 1--5.
[27]
Bing Huang, Alvaro A. Cardenas, and Ross Baldick. 2019. Not Everything is Dark and Gloomy: Power Grid Protections Against IoT Demand Attacks. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1115--1132. https://www.usenix.org/conference/usenixsecurity19/presentation/huang
[28]
IEA. [n. d.]. Global EV Outlook 2022 - analysis. https://www.iea.org/reports/global-ev-outlook-2022
[29]
Mohammad Ekramul Kabir, Mohsen Ghafouri, Bassam Moussa, and Chadi Assi. 2021. A two-stage protection method for detection and mitigation of coordinated EVSE switching attacks. IEEE Transactions on Smart Grid 12, 5 (2021), 4377--4388.
[30]
Maya Kaczorowski. 2021. Using CWE and CVSS scores to get more context on a security advisory. The GitHub Blog (Feb 2021). https://github.blog/2021-02-09-using-cwe-and-cvss-scores-to-get-more-context-on-a-security-advisory/
[31]
Sebastian Köhler, Richard Baker, Martin Strohmeier, and Ivan Martinovic. 2022. Demo: End-to-End Wireless Disruption of CCS EV Charging. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (Los Angeles, CA, USA) (CCS '22). Association for Computing Machinery, New York, NY, USA, 3515--3517.
[32]
Chris Jewers For Mailonline. 2022. Russian motorway's electric vehicle chargers are hacked to display message supporting Ukraine. https://shorturl.at/irvAX
[33]
Nick Marshall, Mike Brown, G Blair Fritz, and Ryan Johnson. 2018. Mastering VMware VSphere 6.7. John Wiley & Sons.
[34]
MITRE. 2023. Common Weakness Enumeration (CWE). https://cwe.mitre.org.
[35]
Mobilityhouse. [n. d.]. Mobilityhouse/OCPP: Python implementation of The open charge point protocol (OCPP). https://github.com/mobilityhouse/ocpp
[36]
Adrian Gabriel Morosan and Florin Pop. 2017. Ocpp security-neural network for detecting malicious traffic. In Proceedings of the International Conference on Research in Adaptive and Convergent Systems. 190--195.
[37]
Tony Nasr, Sadegh Torabi, Elias Bou-Harb, Claude Fachkha, and Chadi Assi. 2022. Power jacking your station: In-depth security analysis of electric vehicle charging station management systems. Computers & Security 112 (2022), 102511.
[38]
Tony Nasr, Sadegh Torabi, Elias Bou-Harb, Claude Fachkha, and Chadi Assi. 2023. ChargePrint: A Framework for Internet-Scale Discovery and Security Analysis of EV Charging Management Systems. In In Proceedings of the Network and Distributed System Security (NDSS) Symposium.
[39]
OPAL-RT. [n. d.]. Hypersim. https://www.opal-rt.com/systems-hypersim/
[40]
Alvin Powell. 2022. What to expect from California gas-powered car ban. https://news.harvard.edu/gazette/story/2022/09/what-to-expect-from-california-gas-powered-car-ban/
[41]
Khaled Sarieddine, Mohammad Ali Sayed, Danial Jafarigiv, Ribal Atallah, Mourad Debbabi, and Chadi Assi. 2023. A Real-Time Cosimulation Testbed for Electric Vehicle Charging and Smart Grid Security. IEEE Security & Privacy (2023).
[42]
Khaled Sarieddine, Mohammad Ali Sayed, Sadegh Torabi, Ribal Atallah, and Chadi Assi. 2022. Investigating the security of ev charging mobile applications as an attack surface. ACM Transactions on Cyber-Physical Systems (2022).
[43]
Khaled Sarieddine, Mohammad Ali Sayed, Sadegh Torabi, Ribal Atallah, and Chadi Assi. 2023. Edge-Based Detection and Localization of Adversarial Oscillatory Load Attacks Orchestrated By Compromised EV Charging Stations. arXiv preprint arXiv:2302.12890 (2023).
[44]
Mohammad Ali Sayed, Ribal Atallah, Chadi Assi, and Mourad Debbabi. 2022. Electric vehicle attack impact on power grid operation. International Journal of Electrical Power & Energy Systems 137 (2022), 107784.
[45]
Burp Suite. [n. d.]. BURP suite - application security testing software. https://portswigger.net/burp
[46]
Texas A&M University. 2023. Electric Grid Test Case Repository. Texas A&M University College of Engineering (2023). https://electricgrids.engr.tamu.edu/electric-grid-test-cases/wscc-9-bus-system/
[47]
Wei Zhou, Yan Jia, Yao Yao, Lipeng Zhu, Le Guan, Yuhang Mao, Peng Liu, and Yuqing Zhang. 2019. Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1133--1150. https://www.usenix.org/conference/usenixsecurity19/presentation/zhou
Index Terms
- Uncovering Covert Attacks on EV Charging Infrastructure: How OCPP Backend Vulnerabilities Could Compromise Your System
Recommendations
Local Power Grids at Risk – An Experimental and Simulation-based Analysis of Attacks on Vehicle-To-Grid Communication
ACSAC '22: Proceedings of the 38th Annual Computer Security Applications ConferenceWith Electric Vehicles (EVs) becoming more prevalent, their battery recharge creates significant loads on power grids. Especially in local grids with a high share of households that own an EV, this additional energy demand can stress existing power ...
Securing the Electric Vehicle Charging Infrastructure: An In-Depth Analysis of Vulnerabilities and Countermeasures
DIVANet '23: Proceedings of the Int'l ACM Symposium on Design and Analysis of Intelligent Vehicular Networks and ApplicationsThe growth of electric vehicle (EV) adoption is bringing an increased demand for electric vehicle supply equipment (EVSE) infrastructure. With this growth, however, it is inevitable that vulnerabilities are discovered, which motivates an in-depth ...
OCPP in the spotlight: threats and countermeasures for electric vehicle charging infrastructures 4.0
AbstractUndoubtedly, Industry 4.0 in the energy sector improves the conditions for automation, generation and distribution of energy, increasing the rate of electric vehicle manufacturing in recent years. As a result, more grid-connected charging ...
Comments
Information & Contributors
Information
Published In
July 2024
1987 pages
ISBN:9798400704826
DOI:10.1145/3634737
- Chair:
- Jianying Zhou,
- Co-chair:
- Tony Q. S. Quek,
- Program Chairs:
- Debin Gao,
- Alvaro Cardenas
Copyright © 2024 Copyright is held by the owner/author(s). Publication rights licensed to ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 01 July 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ASIA CCS '24
Sponsor:
ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security
July 1 - 5, 2024
Singapore, Singapore
Acceptance Rates
Overall Acceptance Rate 418 of 2,322 submissions, 18%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 160Total Downloads
- Downloads (Last 12 months)160
- Downloads (Last 6 weeks)52
Reflects downloads up to 13 Nov 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in