The station you can trust
RUB engineers develop a secure charging station for electric cars
by Julia Weiler
March 2, 2015
A dense charging station network features significantly in future visions of electromobility. The charging stations will be located at motorway services, in car parks and also alongside remote country roads. Unlike with traditional petrol stations, the automated charging stations are not under the control of any operator who could enforce the safety and security of the charging process. But entirely unobserved, charging stations will become a highly interesting target for tampering attacks. With this threat of physical attacks, how can the electricity provider still be sure that the charging station invoices the exact amount that has been consumed? How can the user be sure that he does not pay too much? This is one of the key challenges that the Hardware Security Group is facing in the context of the project “SecMobil – Secure Electromobility”. In close collaboration with numerous partners at RUB, other research organisations, and the industry, they have developed a manipulation-proof charging station that is also designed to respect the privacy of the user.
Fig. 1© RUBIN, photo: Gorczany
Under the umbrella of the project “SecMobil”, Prof Dr-Ing. Tim Güneysu and his colleagues developed a secure charging station for electric cars.
“Usually engineers begin with tackling functional aspects of an emerging new technology, before they think about how to make it secure,” says Prof Dr-Ing. Tim Güneysu (fig. 1), Head of the Hardware Security Group. In electromobility, still a primary target of research is to increase the vehicles’ range, reduce the charging time and enhance the charging station network. Data and manipulation protection have, as yet, been barely considered. Exactly this gap is now being closed by “SecMobil”. In collaboration with colleagues at RUB, Güneysu’s team has developed a sensor for charging stations that unites three functions: it measures the electricity consumption during charging, detects manipulations to the charging station, and encrypts and authenticates the acquired data, before forwarding them to the charging station provider for invoicing purposes.
“When the project was originally launched, we planned to obtain an existing charging station from a manufacturer for our security analysis,” tells us Güneysu. But the manufacturers kept their cards close to their chest. Therefore, the team built its own charging station that implements security from scratch (fig. 2). “Based on functional requirements we developed a security concept for charging stations that can either prevent or detect attacks, even if the stations are completely unmonitored and stand freely accessible at any field road, so to speak.” How could a charging station be manipulated at all? The electricity charged is measured via magnetic fields that are generated when electricity passes the charging cable from the charging station into the car. If a magnet is now placed in a suitable spot at the charging station, this can interfere with the metering process so that the meter runs too slowly. Certainly, the researchers at RUB cannot prevent any charging station from falling victim to such manipulations, but they can reliably detect them. For this purpose, the current flow is measured at several spots along the cable that span a defined but secret correlation system to each other. Anybody who attempts to tamper with the measurement process will inevitably infer deviations within the correlation system. Such deviations can be detected by the sensor that then sends a warning to the charging station provider.
Fig. 2© RUBIN, photo: Gorczany
A look inside the RUB charging station
In case the measurement has been performed correctly, the charging process has produced the following data: electricity consumption, charging time, charging location, as well as user-related data such as a user authentication token obtained from the new electronic ID card or a prepaid card that can be used to identify a user to the charging station. This information has to be securely forwarded to the charging station provider to enable invoicing, typically over the mobile UMTS or LTE network. But if an attacker gains access to the charging station by hacking in via this communication interface, he could attempt to digitally alter the correctly measured data retrospectively. The secure hardware sensor from Bochum also addresses this issue. By means of cryptography it ties all information inextricably into one authenticated packet within the sensor hardware. Second, the packet is encrypted for transmission to the energy provider. Hence, even if somebody is able to successfully hack the software part of the station, he cannot retrospectively change the data packet that was cryptographically sealed in the hardware before. “The last resort for an attacker is to block the communication interface,” explains Tim Güneysu. “But the energy provider will quickly realise this manipulation when a charging station suddenly does not return any billing information anymore, in particular when it is reported by the infrastructure that energy has been consumed.”
What makes the project unique is that the “SecMobil” team assembled one single chip that integrates all three functions – measuring the current flows, detecting manipulations, packing data in a secure way. “Evidently, the more individual components a device contains, the more difficult it is to protect,” says Güneysu. With multiple components, it is often simple for an attacker to tap their interconnecting communication links. “A primary target of “SecMobil” was to integrate all necessary electrical processing elements for energy metering with the cryptographic functions inside one single chip,” explains the engineer. For this purpose, the team uses a reconfigurable hardware platform as development system. Reconfigurable hardware can be bought off-the-shelf and subsequently configured with a hardware circuit. “Due to the feature of reconfigurability, our development platform is not exactly cheap,” says Güneysu, “but note that this is just a prototype. An industrial manufacturer could easily make affordablesensor chips in bulk production.”
Certainly, security for electromobility requires more than just a secure sensor and a secure charging station. In collaboration with the Institute for Internet Security at the Westfälische Hochschule in Gelsenkirchen, the researchers supply energy providers with secure tools for processing the cryptographically sealed data inside their infrastructure. Energy providers must be capable to decrypt and verify the integrity and authenticity of the transmitted data packet that contains the invoicing data. “Due to the complexity of the entire system and the deployed protocols, a secure interface cannot easily be integrated within the provider’s infrastructure,” tells us the IT security researcher. “The existing infrastructure cannot be altered on short notice without potentially affecting the provider’s operational business.” Therefore, the “SecMobil” team developed a tool that provides translation services in the first place. After using cryptographic methods to verify that the data have been encrypted and authenticated correctly, it converts them into the respective communication standard of the provider. This way, the researchers finally implemented a secure charging process from end-to-end. Drivers wishing to charge their electric car without any second thoughts can do so at the Ruhr-Universität campus.
More research conducted in the course of the project “SecMobil”
The project “SecMobil” was funded from January 2012 to December 2014 by the Federal Ministry for Economic Affairs and Energy. Six chairs and working groups at the Faculty of Electrical Engineering and Information Technology were involved: Power System Technology, Analogue Integrated Circuits, Embedded Security, Network and Data Security, System Security as well as the Hardware Security Group. With respect to legal questions, the researchers collaborated with the Chair for Civil Law/IT Law, as well as the Institute for Mining and Energy Law. More information regarding the project and its industrial partners: http://www.secmobil.com