Defending EV Infrastructure from Cyberattacks
Ransomware, brute force, DDoS and the like. It’s a dangerous collection of cybercriminal pests, and hardly anyone is interested until the exterminator has to move in. But be careful: Like a bio-virus, the proliferation of cyber malware can affect anyone.
According to Techjury, 30,000 websites are hacked daily and 22 billion records were breached in 2021. Even more, there is a new cyberattack perpetrated every 39 seconds.
In these data breaches, even if no data is stolen and productive operations are not primarily affected, every attack still ties up resources and slows down productivity – often for months. The risk of cyberattacks are increasing massively worldwide and causing damage in the billions. In fact, an international survey conducted this year showed that on average every second company has been the victim of a cyberattack at least once in the course of a year.
EVs and the Software Network Risk
Software forms the backbone of the modern world. Everything is becoming smarter and more connected. This includes vehicle mobility – and software is the core thread that runs through it all.
Consider the growing network that supports the infrastructure for electric vehicles (EVs). The ever-increasing networking between cars, charging stations, network operators and energy management systems is inevitably increasing risk, since faults in electronic systems can spread beyond individual subsystems.
In the face of horrifying scenarios like a blackout, the best way to reduce cyber risk is with good prevention. A safety-oriented way of thinking is fundamental to this. In other words, a focus on safety must be firmly anchored in the conception and development of any EV network. Although this should be self-evident, it is far from being a common practice.
Security Standards Deliver Protection
As a software-based company, we take this need for precaution to heart. We find that it is important, even critical, to not only to talk about cyber security, but also to be a role model for the industry.
We are committed to taking cybercrime seriously, with a continuous focus on implementing corresponding measures for protection. For example, we believe that charging stations must meet the highest standards of the automotive industry, such as the provisions placed in the ISO/SAE 21434 certification.
Adhering to this means that all electronic systems, components, software and all external connections are protected from a cybersecurity perspective. The policy also covers cybersecurity management throughout the supply chain. While the standard was created for vehicles, it also reflects a commitment to a “Security by Design” approach, where charging stations, for example, are protected from unwanted access and manipulation from the outside to ensure that the connection between the infrastructure and the vehicle is secure.
Overall, the growing network of intelligently controlled charging infrastructure plays a key role in electromobility. This is a trend that is emerging throughout the U.S. as a new critical infrastructure platform that must be secured. With the increasing networking of vehicles, home control systems and the connection to energy suppliers, the charging station is becoming an important hub. Smart charging stations should not only offer convenience for EV-drivers, but also be a stabilizing element in the power grid. The crux of the matter is the software. Connectivity, security and thus the future viability of the individual devices that connect to them must ultimately support reliable protection for the entire smart network.
Collective Security for the EV Ecosystem
Smart networking must not only take place on a technical level, but should also take place between industry, energy suppliers and authorities. Everyone involved must realize that each additional player connected to the network, that communicates with the others, is part of an infrastructure that has collective vulnerability. Thus, effective protection against cyberattacks can only be achieved if electromobility is understood by all sides of the overall networked ecosystem.
Dedicated focus on EV infrastructure should be considered among the critical infrastructure categories that require regulated security protections. After all, as EVs become the new reliable option for transportation, they will require the same dedication to cyberthreat protections as other critical infrastructure platforms demand so that we can all ensure the peace of mind our communities expect in today’s modern world.