The Advantages of a Secure EV Charging Infrastructure for Everyone

The Advantages of a Secure EV Charging Infrastructure for Everyone

AFP

As government ⁤agencies large ⁢and small ​work ‌to meet the White House’s call to modernize our ‌cybersecurity ‍infrastructure, others⁣ are ​creating the infrastructure needed for ‍our⁤ move ⁢toward clean energy.⁢ The ​nexus of these efforts is cybersecurity for electric vehicle (EV) ‍charging ‍stations.

Hackers rarely‍ target ‌only the point where they gain ‍access to ⁤a system. A hospital ransomware attack, for example, may⁤ begin with‍ a single compromised ⁣terminal ​at ⁣a nurse’s station, but the end goal is ⁣to hold the entire network hostage.

In the same vein, an ⁣attack on‌ a vulnerable ​EV charging ⁣station may ‍not⁤ hold much attraction for ‍a hacker. But‍ accessing ⁣someone’s private data via ​their​ EV’s system⁣ might‍ be more ‌interesting,​ and‍ getting ‍into the whole electric ⁣grid would be quite‍ the coup for most hackers.‌ Could that‌ really⁣ happen?

Take a‌ look at‌ the recent Colonial Pipeline⁤ attack. A single stolen password⁤ allowed ‌cybercriminals‌ to shut down⁤ fuel supplies to the entire southeastern U.S.⁤ Our ‍electric ⁣grid is similarly vulnerable because of⁣ our aging infrastructure — more ​than 70% of the grid ‍is⁤ 30 ⁢years old.

This⁤ kind of⁢ security simply wasn’t ⁣thought about when these systems were​ built. Now we’re adding new components — EV charging ⁤stations — to⁤ this ​aging ‌network ‌and thinking ‌of⁣ it all ⁣as ⁤the ⁣electric grid, which doesn’t seem ⁣that vulnerable to‍ cyber attacks. ‍But because​ of the technology at the heart of electric vehicles, there‍ is definitely ⁢vulnerability.

The connections between‍ the⁢ vehicle, charger, processor and grid are all electronic and, therefore, hackable. In​ cybersecurity, we talk about attack surfaces, the points of ⁢entry that a hacker might exploit, in the same way that‌ a burglar might ‍see‍ the windows and‌ doors of ​your home ⁣as potential points of⁣ entry. Adding EV⁣ charging stations to the grid increases ‌the attack‍ surface, ⁢and ‌each car⁢ that ​connects widens the attack‌ surface‌ more.

The⁣ most ‌up-to-date ⁣approach to⁤ limit the attack ⁢surface⁣ of software and hardware, in general,⁢ is ⁣the concept​ of security by design, where security isn’t the responsibility ⁣of⁢ one entity at‌ the end of the production ‍process⁤ but‌ built into​ all aspects ‍of a product, ‍from ⁤conception to delivery. This⁤ is what’s ‌needed for the⁤ EV charging infrastructure.

That ⁣means ‍state ⁢and​ local ​governments must ‌think⁣ about‍ security from ‌the⁤ beginning. They must require vendors​ to ‌show ⁣that they use ‍sophisticated​ security measures ⁤to protect their ​product from attackers.

It may seem​ like ⁣a tall​ task‌ as states and⁣ municipalities rush to ‌meet ⁣the ⁣federal‍ government’s requirements for ‍clean energy and claim a ⁣portion of available ⁤charging ⁣station⁢ funding administered through the ‍Federal ‌Highway Administration’s​ National Electric Vehicle Infrastructure⁢ (NEVI)‍ program. But the administration has shown a strong commitment to cybersecurity and states ⁣that receive NEVI ⁢funds‌ must⁣ “protect consumer data​ and protect⁤ against​ the risk of ‍harm to, ‌or disruption of, charging infrastructure ⁢and the ⁣grid.”

Local governments don’t have to‌ go through ​it alone, though. There are partners available to⁤ help. Homeland ‌Security’s Cybersecurity & Infrastructure⁤ Security Agency (CISA) ⁢is one ​example. ‌The ‍agency offers free tools — technical ‌assistance, assessments, ⁤training⁤ and more — ​to ⁢help organizations‌ reduce cyber and‍ infrastructure‌ risk. Collaboration is part of their mandate so they stand ready to assist.

The​ Department of Energy‍ (DOE) is‍ another example.‌ The agency’s Alternative Fuels⁤ Data ⁣Center has⁣ already created a ‍framework for developing EV charging ⁣infrastructure. In⁤ addition to comprehensive information specifically for‌ local and regional leaders, guides to setting‍ up ⁣charging ‌stations ⁤and a ⁣dozen ‍real-world case⁣ studies, ⁢DOE’s Vehicle Technologies​ Office offers project assistance ‍to⁣ public and ​private stakeholders.

Local businesses, ⁤trade or ⁤technical ​schools and ⁢other government ⁢entities may also be‌ available to help municipalities practice‍ security ⁢by design as they develop EV‌ charging infrastructure.

Aside from the​ federal‌ government’s mandate, providing​ the strongest‌ possible cybersecurity of charging assets just makes sense. If you knew that ⁢a‌ gas ⁤pump was likely ⁣to leak your‌ credit‍ card information to ⁤thieves, would‍ you use that pump?

If consumers ⁤doubt the​ security of EV​ charging infrastructure,⁤ purchases of ‌EVs could⁣ stall, harming the​ environment and putting government and‌ company commitments to electric vehicles⁢ in jeopardy.

From a‌ rural and ​small-town standpoint, it​ makes a lot of ⁢business sense⁤ to offer ‌travelers ⁤a ‍safe, secure ‍option for charging ⁣vehicles⁤ on long trips. ⁢Charging an EV⁣ takes‌ longer than filling a ‍gas tank, which gives charging station operators an​ opportunity ‌to provide additional⁤ products and ​services ‌to⁤ consumers ‍with⁢ time​ on their⁤ hands.

That glistening‌ future ⁢of happy patrons pumping money ⁤into the⁢ local⁣ economy as their EVs ‍fuel ​up is only possible⁢ through trust. Local ⁤businesses, and ​therefore ‍governments, prosper ‍when consumers⁣ choose ⁢their location to‍ charge ⁢up because⁤ they know ⁤charging stations are secure. ‌Think ⁤about the popularity of clean, secure⁣ roadside gas stations with an interesting⁢ local flavor.

Protecting the EV​ charging infrastructure from attack isn’t only​ for EV drivers. We‍ all benefit ⁤when our personal data and the entire electric grid are ​protected from cybercriminals.

Brian Gant ⁣is an ‍assistant ‍professor of ‍cybersecurity⁤ at Maryville University.

(Opinions expressed​ in this article are⁣ the author’s own.)

2023-07-20 08:48:03
Article⁢ from www.ibtimes.com
rnrn

Exit mobile version