The EV Charging Security Dilemma



In this blog, we introduce the requirements of EV Charging Security Infrastructure. It highlights why relying solely on the individual Electric Vehicle Supply Equipment (EVSE) vendors or Charge Point Operators (CPOs) is not enough as well as why simply applying generic existing cybersecurity solutions is not sufficient as well.

The post shows why we believe a contextual and network-centric strategy, that looks beyond the individual devices and integrates energy data and telemetry is all needed for a sufficient security solution. 🚗🔌🔒


As Electric Vehicles (EV) adoption accelerates around the world, so does the deployment of EV charging stations and Distributed Energy Resources (DERs). This deployments bring significant and unique cybersecurity threats and risks, as this are the first energy asset with smart consumption that depend on internet connectivity and cloud-based management systems.

charging sites with cyber attack vectors

At the heart of this challenge lies a complex network paradigm. Assets that are often remotely located rely on public cellular connections (which are known to be vulnerable) that lack security standards, lack regulatory frameworks, have insufficient monitoring mechanisms embedded, and reliance on outdated software versions.

The fact that these distributed energy networks are considered as critical infrastructure makes it very lucrative for cybercriminals to target, and expose them to constant cyber threats, underscoring the critical need for enhanced cybersecurity in this rapidly evolving sector.

Current Approaches to EV Charging Security

Despite the importance, today’s methods that are used to protect EV charging stations are often elementary at best.

In the following sections, we’ll cover the common approaches for securing these sites, pointing out their drawbacks, and suggesting methods and ways to strengthen and make these networks more resilient and secured.

Trusting EV Supply Equipment (EVSE) Manufacturers:

A prevalent approach involves relying on the security measures embedded by EV chargers and other related devices manufacturers on the stand-alone devices themselves.

This method, however, has its drawbacks:

  • Market Dominance vs. Security: The most secure vendors are not always the market leaders. Pricing, availability, ease-of-use or brand reputation could be prioritized over security features.
  • Inherent Vulnerabilities: All systems and devices, regardless of the investment in security, are susceptible to vulnerabilities. New, unforeseen vulnerabilities can emerge over time, posing continuous and evolving risks.
  • Operational Risks: The configuration and firmware management by operators can inadvertently introduce security breaches.
  • Zones of Trust Challenges: A typical network consist of devices from various vendors and manufacturers. But energy assets that can affect the charging process or indicate on fraudulent data could be missed in the detection flow.
  • Physical and Proximity-Based Tampering Risks: EV charging stations are also vulnerable to both physical and proximity-based tampering due to their public accessibility.

Some manufacturers add a layer of security by implementing or integrating on-device agents for endpoint protection, but these agents have to be part of the manufacturing process and be tested extensively, as adding additional processes may cause unknown and dangerous operational issues. This results in vendor lock-in, limiting a company to a single vendor’s devices and services, in addition to not solving the drawbacks that were raised before.

This approach is not sufficient and emphasizes the need for an independent and informed network security management that adapts to new threats and continuously monitors these components as well as the overall network for new vulnerabilities, risky configuration changes, and verify the most up-to-date versions are installed to promptly detect and counteract any unauthorized access or interference.

Leaving it all to the CPOs

Beyond the EV chargers themselves, the eMobility industry introduces another critical entity: the Charge Point Operators (CPOs).

CPOs play a pivotal role in the construction and operation of EV charging sites, from integrating hardware from diverse electric vehicle supply equipment (EVSE) vendors, to facilitate communication between the charging units and their management systems in the cloud to validating continuous operation of EV charging systems.

However, a closer examination reveals that despite their essential functions, CPOs face notable challenges in prioritizing cybersecurity.

  • Lack of Security Focus: CPOs predominantly prioritize the operational facets of charging networks over cybersecurity. This focus on maintaining operational stability and optimized uptime often leaves them with insufficient resources and expertise dedicated to security.
  • Limited Context Awareness: While CPOs excel in managing direct communication pathways between chargers and their backend systems, they may lack comprehensive visibility into broader network activities. For instance, overlooking communication channels like smart meters can deprive them of valuable insights that could reveal potential security threats or malicious activities.
  • Vulnerability to Fabricated Data: CPOs are not on-site services and rely on communication from sites that may not have robust on-site security measures. This reliance exposes them to risks such as data impersonation, where malicious entities could manipulate or fabricate data to deceive the CPOs and compromise the integrity of the charging infrastructure.

By considering these points, it becomes clear that while EV chargers manufacturers and Charge Point Operators play a crucial role in the EV charging ecosystem, relying solely on them for security may not be sufficient. A broader approach that integrates multiple layers of security and involves collaboration among stakeholders is essential to safeguarding EV charging infrastructure effectively.

Existing Generic Network Security Solutions

Adapting existing generic network security solutions from other fields is another possible option, but has some major drawbacks as well:.

  • No Account for Energy Telemetry: These are the first devices with power consumption smart demand, attacks in these networks are often quickly identifiable in energy telemetry while looking normal in network telemetry.
  • Unique protocols Protocols and standards such as OCPP, OCPI, ISO 15118, and IEEE 2030.5 are specific to this domain, often encrypted, and require specialized parsing.
  • Communication broadband: EV chargers usually communicate using a cellular network and not over the regular spectrum making most of the classic solutions irrelevant as they focus on traditional networks.
  • Physical and Proximity-Based Tampering Risks: EV charging stations often have public accessibility, which opens opportunities for unauthorized access and tampering by unmonitored communication or physically opening the device.

Although this is a step in the right direction, these factors collectively underline the need for a nuanced and specialized approach to cybersecurity in EV Charging and Distributed Energy Networks.

Recommendation: Tailoring the Cybersecurity Solution with SaiFlow

SaiFlow offers a comprehensive platform that is contextually aware and specifically designed to meet the unique needs of this sector:

  • Native support for EV charging architectures: A solution that offers a seamless integration and doesn’t interfere with the existing infrastructure, requires no integration while ensuring no disruption to operational aspects across diverse network environments.
  • Domain and protocol expertise – Specializes in decoding and comprehending the relevant standards, providing security from vulnerabilities and threats and increasing posture using configuration management.
  • Cross-Manufacturer Security: Capable of securing devices from various manufacturers, eliminating dependence on the origin of the equipment. Provides a universal and standardized solution adaptable to a range of hardware and software ecosystems.
  • Energy anomaly detection: Equipped with advanced systems for learning Electricity consumption, network patterns and correlation to all energy related devices. In order to detect signals of unauthorized processes, tampering or zero-day threats. To proactively identify and responds to unknown or emerging security risks.
  • Full network and energy visibility: In addition to asset inventory and communication, operational values such as charger uptime and utilization are extracted as they can help in cyber monitoring context and energy visibility.
  • Risk Management: Alerts, configuration management, security gaps and events are provided for Investigation and Response in case further look is needed.

The SaiFlow solution integrates seamlessly into the CPO’s energy operations, Providing actionable insights to help secure, maintain and improve operational efficiency. With SaiFlow’s solution CPOs gain powerful security and performance insights, ensuring the security of its charging operations.

Schedule a call to ⚡️charge your operations with security and performance insights today:

Schedule a demo

Skip to content