Page 39 - 23_EETE_03
P. 39

EE|Times EUROPE   39

                                                                    The Thin Ice of Green Energy Infrastructure


































        the device operator must always remain at least one step ahead of the   denied. EV chargers must therefore avoid persistent changes in all
        adversaries. As demonstrated by Pen Test Partners and in numerous   circumstances.
        real-world instances, however, staying ahead of the threats is not   As EVs and the associated infrastructure become ever more critical
        achievable. There is nothing to suggest that EV charge-point vulnera-  to our mobility, it is necessary to ensure that the worst-case scenario
        bility will not continue.                             is eliminated. Without on-device protection blocking all attempts to
                                                              modify any change to the critical code and configuration, the EV charge
        EXISTING SECURITY MEASURES ARE MOSTLY REACTIONARY     points will retain an inherent and possibly fatal vulnerability. The
        We must assume that there will always be a vulnerability and that new   importance of preventing misuse or tampering to preserve the oper-
        ones will emerge over time as more EV chargers are deployed. Patches,   ational integrity of EV chargers is crucial for safe use, for preventing
        by their nature, are either retrospective or anticipatory, meaning that   power network overload and for safeguarding the operator’s business
        until successfully deployed, there is a vulnerability available to adver-  continuity and reputation.
        saries. Patching is a problematic approach: It is both reactionary, as the
        intruder is already inside, and inefficient, as it is practically impossible   NEXT STEPS TO ENSURING EV CHARGING-UNIT SECURITY
        to patch all existing EVs in the field.               More should be done to let consumers and legislators know about the
          Patching is also non-comprehensive, as it does nothing to stop   dangers presented by vulnerable EV charging stations. Manufacturers
        intruders who gain access through legitimate means. There is no   are unlikely to act on their own unless they feel economic or regula-
        sustainable defense against cyber events originated by access-privilege   tory pressure, so raising awareness should become a priority. As that
        misuse by insiders and service providers or through credential theft, as   happens, an enforceable security standard for EV charging stations
        the proposed security measures described above do not provide protec-  needs to be created, and manufacturers must be incentivized, and even
        tion against bad actors with legitimate access rights.  mandated, to adhere to it. While it will be nearly impossible to prevent
          Secure boot provides strong device-level protection but fatally does   attacks on stations from happening given their physical location, it is
        not prevent either device bricking or a mass-scale attack. An adversary   possible to ensure these attacks are unsuccessful in gaining persistency.
        who manages to circumvent secure boot on one device is then able to   There is no way to know where the next attack will come from or
        attack and compromise all devices.                    from whom. We must move away from detection to prevention to
          True device-level protection requires prevention of attack per-  ensure security of these devices and the people who use them. The lofty
        sistency within the device. Persistent attack scenarios—typically   green energy goals coming will not be met if the necessary infrastruc-
        called advanced persistent threats (APTs)—are one of the biggest   ture endpoints are left vulnerable, so if we are to take energy efficiency
        cyberthreats and thus a source of experts’ concern. Persistent attacks   seriously, we must take the security implications seriously, too. ■
        attempt to gain an unauthorized persistent presence inside a device,
        allowing the attacker to cause greater damage over a longer period   REFERENCES
        of time. Once the attack is persistent, a restart operation will not be   1  U.K. Department for Transport and Office for Zero Emission Vehicles. (July 14,
        able to get rid of the malicious code ingrained in the device. There   2021). “Transitioning to zero emission cars and vans: 2035 delivery plan.”
        are many ways in which APT attacks typically manifest themselves,   bit.ly/3vo21LK
        including fraud and theft, ransomware, state-level attacks to critical   2  Stykas, V. (July 30, 2021). “Smart car chargers: Plug-n-play for hackers?”
        infrastructure, personal data theft, distributed denial of service and   bit.ly/3I8wlBn
        more.                                                 3  Nasr et al. (January 2022). “Power jacking your station: In-depth security analysis
          While adversaries may be able to breach any EV charge station, their   of electric vehicle charging station management systems.” Computers and
        actions can be nullified through a reboot. If they are able to write their   Security, Vol. 12, Issue C. bit.ly/3PW8xmg
        malicious code successfully on the device’s flash (nonvolatile memory),
        however, the attack can become persistent, potentially taking control   David Stroud is chief revenue officer of NanoLock, overseeing strategic
        of the device, and the operator’s ability to operate the device may be   partnerships in Europe and APAC.

                                                                                      www.eetimes.eu | MARCH 2023
   34   35   36   37   38   39   40   41   42   43   44