Cyber–physical security in EV charging infrastructure: Components, vulnerabilities, and defense strategies

IF 7 2区工程技术 Q1 ENERGY & FUELS

Sustainable Energy Technologies and Assessments Pub Date : 2025-07-16 DOI:10.1016/j.seta.2025.104435

Sagar Babu Mitikiri , K. Victor Sam Moses Babu , Divyanshi Dwivedi , Vedantham Lakshmi Srinivas , Pratyush Chakraborty , Pradeep Kumar Yemula , Mayukha Pal

{"title":"Cyber–physical security in EV charging infrastructure: Components, vulnerabilities, and defense strategies","authors":"Sagar Babu Mitikiri , K. Victor Sam Moses Babu , Divyanshi Dwivedi , Vedantham Lakshmi Srinivas , Pratyush Chakraborty , Pradeep Kumar Yemula , Mayukha Pal","doi":"10.1016/j.seta.2025.104435","DOIUrl":null,"url":null,"abstract":"<div><div>The increasing number of electric vehicles (EVs) has led to a growing need to establish EV charging infrastructures (EVCIs) with fast charging capabilities to reduce congestion at EV charging stations (EVCS) and also provide alternative solutions for EV owners without residential charging facilities. This article presents a study of several components that model the EVCI as a cyber physical system (CPS). Various components of EVCI include energy storage systems, EV supply equipment, human–machine interfaces, communication systems, etc. These components are interconnected with real time processing units, communication networks, and sensors, making EVCI a CPS enabling a structured vulnerability and data flow analysis. It uniquely maps out the bi-directional interactions between electric vehicles, supply equipment, energy management systems, and communication/control networks. A detailed classification of EV charging technologies covering both onboard and offboard topologies and their communication dependencies revealing cybersecurity implications specific to each category. The study further examines a wide range of internationally adopted standards and protocols (e.g., ISO 15118, IEC 61851, SAE J2931, OCPP, IEEE 2030.5) and categorizes them by functionality, including charging interface, cybersecurity, and interoperability. It identifies critical vulnerabilities of EVCI that lead to various cyberattacks, such as spoofing, false data injection, man-in-the-middle, and denial-of-service attacks, by analyzing both cyber and physical layers. Real-world cyber incidents in the EVCI ecosystem are also reviewed to underscore the severity of these threats. For detection and mitigation, the paper introduces a comprehensive taxonomy of cyberattack defense mechanisms, extending across statistical analysis, machine learning (ML), signature-based, and hybrid intrusion detection systems (IDS). Novel approaches including HMM-based anomaly detection, event correlation frameworks, and optimization-driven defense strategies, are explored. The study highlights the socio-technical impacts of cyber incidents on power grid stability and public safety, making a strong case for proactive, intelligent cybersecurity solutions in modern EVCI systems.</div></div>","PeriodicalId":56019,"journal":{"name":"Sustainable Energy Technologies and Assessments","volume":"81 ","pages":"Article 104435"},"PeriodicalIF":7.0000,"publicationDate":"2025-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Sustainable Energy Technologies and Assessments","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2213138825002668","RegionNum":2,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENERGY & FUELS","Score":null,"Total":0}

引用次数: 0

Abstract

The increasing number of electric vehicles (EVs) has led to a growing need to establish EV charging infrastructures (EVCIs) with fast charging capabilities to reduce congestion at EV charging stations (EVCS) and also provide alternative solutions for EV owners without residential charging facilities. This article presents a study of several components that model the EVCI as a cyber physical system (CPS). Various components of EVCI include energy storage systems, EV supply equipment, human–machine interfaces, communication systems, etc. These components are interconnected with real time processing units, communication networks, and sensors, making EVCI a CPS enabling a structured vulnerability and data flow analysis. It uniquely maps out the bi-directional interactions between electric vehicles, supply equipment, energy management systems, and communication/control networks. A detailed classification of EV charging technologies covering both onboard and offboard topologies and their communication dependencies revealing cybersecurity implications specific to each category. The study further examines a wide range of internationally adopted standards and protocols (e.g., ISO 15118, IEC 61851, SAE J2931, OCPP, IEEE 2030.5) and categorizes them by functionality, including charging interface, cybersecurity, and interoperability. It identifies critical vulnerabilities of EVCI that lead to various cyberattacks, such as spoofing, false data injection, man-in-the-middle, and denial-of-service attacks, by analyzing both cyber and physical layers. Real-world cyber incidents in the EVCI ecosystem are also reviewed to underscore the severity of these threats. For detection and mitigation, the paper introduces a comprehensive taxonomy of cyberattack defense mechanisms, extending across statistical analysis, machine learning (ML), signature-based, and hybrid intrusion detection systems (IDS). Novel approaches including HMM-based anomaly detection, event correlation frameworks, and optimization-driven defense strategies, are explored. The study highlights the socio-technical impacts of cyber incidents on power grid stability and public safety, making a strong case for proactive, intelligent cybersecurity solutions in modern EVCI systems.

查看原文本刊更多论文

电动汽车充电基础设施的网络物理安全：组件、漏洞和防御策略

随着电动汽车（EV）数量的不断增加，人们越来越需要建立具有快速充电功能的电动汽车充电基础设施（evci），以减少电动汽车充电站（EVCS）的拥堵，并为没有住宅充电设施的电动汽车车主提供替代解决方案。本文介绍了将EVCI建模为网络物理系统（CPS）的几个组件的研究。EVCI的各个组成部分包括储能系统、电动汽车供电设备、人机界面、通信系统等。这些组件与实时处理单元、通信网络和传感器相互连接，使EVCI成为能够进行结构化漏洞和数据流分析的CPS。它独特地描绘了电动汽车、供电设备、能源管理系统和通信/控制网络之间的双向交互。电动汽车充电技术的详细分类，包括车载和车载拓扑结构及其通信依赖关系，揭示了每个类别特定的网络安全影响。该研究进一步研究了广泛的国际采用的标准和协议（例如ISO 15118、IEC 61851、SAE J2931、OCPP、IEEE 2030.5），并根据功能对它们进行了分类，包括充电接口、网络安全和互操作性。它通过分析网络和物理层，识别出EVCI的关键漏洞，这些漏洞会导致各种网络攻击，如欺骗、虚假数据注入、中间人攻击和拒绝服务攻击。本文还回顾了EVCI生态系统中的现实网络事件，以强调这些威胁的严重性。对于检测和缓解，本文介绍了网络攻击防御机制的综合分类，扩展到统计分析，机器学习（ML），基于签名和混合入侵检测系统（IDS）。探索了基于hmm的异常检测、事件关联框架和优化驱动的防御策略等新方法。该研究强调了网络事件对电网稳定性和公共安全的社会技术影响，为现代EVCI系统中的主动智能网络安全解决方案提供了强有力的案例。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Sustainable Energy Technologies and Assessments Energy-Renewable Energy, Sustainability and the Environment

CiteScore

12.70

自引率

12.50%

发文量

1091

期刊介绍： Encouraging a transition to a sustainable energy future is imperative for our world. Technologies that enable this shift in various sectors like transportation, heating, and power systems are of utmost importance. Sustainable Energy Technologies and Assessments welcomes papers focusing on a range of aspects and levels of technological advancements in energy generation and utilization. The aim is to reduce the negative environmental impact associated with energy production and consumption, spanning from laboratory experiments to real-world applications in the commercial sector.