Can IoE become the new cyber sheriff for EVs or will EVs bring new threats for IoE?
The global fractions of cyber-attacks on the energy sector have always been significantly higher than those for other sectors. Oddly, most of the research focused mainly on energy efficiency than the security issues in this sector. With electric vehicles (EVs) in the energy ecosystem dynamics, there are new threats and challenges imposed on the whole energy infrastructure. For instance, attackers can now use their expertise to cause erroneous decisions, concealment of failures, alter billing in smart meter, and power outages, and blackouts. Most importantly, an EV is also a part of a more significant distributed storage resource when plugged in the charging stations that need proper management. These new vulnerabilities show a growing demand for extensive security analysis of EV charging services considering physical, cybernetics, human behavior, and regulatory policies. But how can this be done?
The Internet of Energy (IoE) is the new term for upgrading and automating electric infrastructures over the Internet, including embedded systems, ubiquitous charging, smart communication grid, and energy storage systems to provide more security control, privacy, safety, and dependability. A whole security layer in the IoE architecture is dedicated to secure network elements and components for different IoE security applications. The possibilities are immense, mainly in the era of machine learning/artificial intelligence. For example, an activity-based mobility model can be generated over time and communicated on the IoE network to detect anomalies. IoE can also forward security instructions over the Internet to defend against possible threats. To sum up, more control and automated security may become a reality for EVs soon by adopting the IoE potentials.
Conversely, cyberattacks on the EVs can pose new threats and challenges for the IoE itself. For example, a group of compromised EVs can be leveraged to cause sudden IT infrastructure failures. If the attackers gain root access, they can tamper with the system status display and create a commotion in the energy market. Consequently, consumer devices can also be damaged, which can jeopardize human security and safety. As stated by Professor Gabriel Díaz Orueta in a recent webinar [1], ‘The good news is that we have a solution method, but the bad news is we have a solution method.’ There is currently only one solution method called the Security-Oriented Cyber-Physical State Estimation (SCPSE) that identifies the compromised set of hosts in the network and the maliciously modified set of measurements obtained for power system sensors. However, the question still remains if this existing solution method will suffice for new evolving attack types and scale to identify those.
Written by Nishat Mowla
Related Articles
Related
Data Spaces Symposium 2024
Data Spaces Symposium (DSS) 2024 took place at Darmstadtium, Frankfurt between March 12-14. Some key highlights from the event: - Strategic Insights from European Commission Speakers:European Commission speakers provided strategic insights into the Data Act and the...
Foundation Models and Cybersecurity
ChatGPT got quite much attention in the last months. The release of GPT4 demonstrated once more the potential of foundation models. There have been many discussions and proposals on how natural language processing (NLP) can be used, e.g., the chat-bot functionality in...
Concerns Over the Cybersecurity Of Electric Vehicle Charging Infrastructure
Last summer a technical report from a project that intended to provide the power, security, and automotive industry a strong technical basis for securing the EV charging infrastructure by developing threat models, determining technology gaps, and identifying or...