Of course, the introduction of EVs involves both possibilities and challenges, where one disadvantage often mentioned is the amount of time it takes to charge an EV compared to the amount of time it takes to refuel a vehicle with an internal combustion engine. Hence, for a successful transition to all-electric vehicles a comprehensive and harmonized charging infrastructure is required, that enables EVs to be charged in a short period of time. One way to meet this is to increase the charging capabilities of the Electric Vehicle Supply Equipment (EVSE) i.e., the charging stations. To enable so-called rapid charging, Direct Current (DC) charging has become the de-facto standard for EVSEs of Europe and North America. For the usage of Alternative Current (AC) the EV requires to be equipped with a so-called a rectifier which converts the alternating current to direct current. However, the capacity of such a rectifier is most often limited which hence puts a threshold on the maximum charging power for AC charging (to around 22 kW). DC charging on the other hand, enables high-power charging, (i.e., rapid charging) with up to 350 kW.
The fastest growing, and already dominant, (DC) rapid charging standard across North America and Europe, is the so-called Combined Charging System (CCS). For the communication between the EV and EVSE the CCS also provides a high bandwidth IP link via power-line communication (PLC). This is important for safety and efficiency reasons, as the high-power DC charging stations must exchange vital information, such as maximum voltage, required current, and the State of Charge (SoC), in order to (in an application-layer protocol) control the charging. This communication must be maintained throughout the charging session, and if it is lost the ISO 15118 standard requires the CCS charging session to halt immediately and cease power transfer. Therefore, the availability of the communication link is crucial for the charging session and any disruption of the communication, intentional or unintentional, will result in the charging process being aborted for safety reasons.
BROKENWIRE exploits the combination of the susceptibility of PLC to intentional electromagnetic interference and the use of unshielded charging cables. According to the researchers the attack can be mounted by anyone with off-the-shelf radio hardware and minimal technical knowledge. The researchers manage to successfully disrupt the charging for seven different types of vehicles and 18 different chargers in their experiment with their BROKENWIRE attack, at distances of up to 47 m. They also demonstrated that the attack works between the floors of a building (e.g. parking garage), through perimeter fences, and from drive-by attacks.
Once an attack has been launched, the targeted vehicle will not charge until the attack stops and the vehicle is manually reconnected to the charging station. The attack does not seem to cause any permanent damage to the targeted systems.
“While it may only be an inconvenience for individuals, interrupting the charging process of critical vehicles, such as electric ambulances, can have life-threatening consequences,” the researchers said in a post.
According to the researcher scientific paper, CCS is becoming increasingly popular as a charging standard for not only passenger vehicles, but also for other type of vehicles, such as buses, heavy-duty trucks, aircraft push-back tractors, private boats, public ferries and even airplanes. Hence the BROKENWIRE attack has immediate implications to most type of vehicles.
The researchers’ scientific paper and related website are both very interesting reading, highly recommended. And at a guess, the consequences of their findings, i.e., the use of electromagnetic emanation as an attack vector, will presumably reduce the use of unshielded charging cables for future EVs.
More automotive security news
Written by Joakim Rosell