View
221
Download
0
Category
Tags:
Preview:
Citation preview
Smart Charging of Electric Vehicles
Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures
=+ + + ?
Carlos Montes PortelaIT (privacy and security) Architect
Enexis – Asset Management Innovation ElaadNL – Innovation and Development
OCA Conference – 18th of November 2014
Contents What is Smart Charging all about?
Why do privacy and security (P&S) matter in this context?
How can we approach P&S without loosing focus on functionality?
What measures can we take for a sufficiently secured charging infrastructure?
How and when do we start implementing these measures?
It’s about flexibility…
Who will have most benefits from Smart Charging?
A – Charge Spot Operator
C – E-mobility service providers
B - Driver D - ‘Green’ producer
A
time8AM 6PM
200A
200A
Challenges and opportunities for the DSO
A
time8AM 6PM
200A
200A
The Open Smart Charging Protocol (OSCP) informs about the availably capacity via a forecast per cable
Challenges and opportunities for the DSO
Not realistic?
Challenges and opportunities for the DSO
200A200A200A 200A
500A
A
time
500A
OSCP
Challenges and opportunities for the DSO
Challenges and opportunities for the DSO
uc Capacity forecast based Smart Charging
Smart Charging - EV handling Smart Charging - Capacity Management
Request smart charge (ToD, SoC)
DSO
EV
EMSP
Calculate chargeplan parameters
check E-market (e.g. RES, contraints)
Check local capacity constraints
Execute chargeplan
Energy B2B Market
CSO
Allocate and communicate local capacity forecasts
(FRAND)
Communicate real and desired usage
Measure (and store) actual I/U
Calculate capacity forecast
Analyse weather forecast
«include»
«precedes»
«flow»
«include»
«flow»
«precedes»
«flow»
«flow»«flow»
«precedes»
Contents What is Smart Charging all about?
Why do privacy and security (P&S) matter in this context?
How can we approach P&S without loosing focus on functionality?
What measures can we take for a sufficiently secured charging infrastructure?
How and when do we start implementing these measures?
Many components that come with even more risks…
B – Malware introduced into EV via compromised charge spot
What is the biggest privacy and security risk in Smart Charging?
A – Large number of charge details data revealed
C – DoS attack on charge spot via malicious card
D - …
Risks evolve over time and their calculation is complicated
Charge Spot
Operator
Service Provider
Privacy and security is a balancing act
Contents What is Smart Charging all about?
Why do privacy and security (P&S) matter in this context?
How can we approach P&S without loosing focus on functionality?
What measures can we take for a sufficiently secured charging infrastructure?
How and when do we start implementing these measures?
Start small, grow further from there…
We started with NIST 800-30
• Guidance not a goal on itself
• Goal: balancing P, S and F
Initial assumptions / thoughts:
• Lock should be cheaper than the bicycle
• Value, form and usage of bicycle is evolving…
• Desirable –vs- realizable
Risk assessment
Traditional approach didn’t work fully
Defined measures didn’t tackle
evolving EV market dynamics It is difficult for stakeholders to assess
possible future risks and define
appropriate measures now End-2-end security with many to
many relationships isn’t trivial
Preliminary study to get info on costs (necessary time and
resources)
Stepwise approach: use case analysis
Stepwise approach: evolvability
“The EVDSN variant”
Stepwise approach: evolvability
“The EMSP variant”
Stepwise approach: defining security objectives
Stepwise approach: defining an attacker model
Stepwise approach: risk analysis
Highests risks for the EV charging (risk x impact):• Authentication of EV drivers• Integrity and condentiality of communication between DSO and
CSO, and between CSO and CS• Integrity of the Charge Spot.
Knowing this what should we do?
A – Wait for a big P&S incident to happen
C – Stick to (not so) good old diesel and gasoline
B – Nothing, we are safe D – Find out what the end-2-end security design looks like
Contents What is Smart Charging all about?
Why do privacy and security (P&S) matter in this context?
How can we approach P&S without loosing focus on functionality?
What measures can we take for a sufficiently secured charging infrastructure?
How and when do we start implementing these measures?
An end-2-end security design for EV charging
• Integrity protection on meter readings - securing the integrity of data for smart charging and billing
• Secure communication channels – providing generic confidentiality protection on data (defense-in-depth)
• Customer authentication - securing the customer identity, through stronger authentication
An end-2-end security design for EV charging: integrity protection of the meter
readings
An end-2-end security design for EV charging: integrity protection of the meter
readings
An end-2-end security design for EV charging: integrity protection of the meter
readings
At the meter
At the DSO, CSP, CSO,
Aggregator, etc.
Meter data integrity is protected not in a point-to-point fashion, but it makes
safe distribution of meter data possible to n parties. This is key for futureproofness and
evolvability.
An end-2-end security design for EV charging: secure communication channels
Performance is key in charging infrastructures. Specially at the
charge spot for comfortable interaction with the EV driver.
Report suggests how to implement this (for Soap over
HTTP and JSON)
An end-2-end security design for EV charging: Customer authentication
4 alternatives were analyzed:1. Mechanisms that do not rely on shared secret
or public/private keys to perform authentication, such as the Lamport's login.
2. A GSM-like solution where the EMSP provides the authenticating entity with challenge/ response pairs based on the secret key.
3. Provisioning the RFID-card with a private key and the authenticating entity with the corresponding public key. Certicates can be used to be able to authenticate large numbers of RFID-cards with a single public key. This system is used in the recently deployed wireless payment systems of Dutch banks.
4. A diversied key solution such as the one used for authenticating OV chipcards.
Alternative 3 – Certificate based is advised as it can work without communication from the charge
spot to the back-office and verification can be done with a public key (no sensitive data is
stored for this purpose).
Independent of market model
EmSP
Retailer
Backoffice DSO
OSCPIP
Charge Spot
OCPP Mode 3
Customer
OSCP + security
measures are market
model-agnostic
Independent of market model
Retailer
Backoffice DSO
OSCPEmSP
Charge Spot
OCPP Mode3
IP
Customer
OSCP + security
measures are market
model-agnostic
Contents What is Smart Charging all about?
Why do privacy and security (P&S) matter in this context?
How can we approach P&S without loosing focus on functionality?
What measures can we take for a sufficiently secured charging infrastructure?
How and when do we start implementing these measures?
How can we implement the end-2-end security design in practice?
A – Address this topic in OCA workgroups
C – Through R&D projects like FP7 (EU)
B – Sharing best practices within OCA
D – …
Please contact us at:info@openchargealliance.org
www.openchargealliance.org
Carlos Montes PortelaE: carlos.montes-portela@enexis.nl P: +31 (0)6 52570518
Recommended