Presentation is loading. Please wait.

Presentation is loading. Please wait.

Smart Charging of Electric Vehicles Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures = + ++ ? Carlos Montes.

Similar presentations


Presentation on theme: "Smart Charging of Electric Vehicles Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures = + ++ ? Carlos Montes."— Presentation transcript:

1 Smart Charging of Electric Vehicles Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures = + ++ ? Carlos Montes Portela IT (privacy and security) Architect Enexis – Asset Management Innovation ElaadNL – Innovation and Development OCA Conference – 18th of November 2014

2 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

3 It’s about flexibility…

4 Who will have most benefits from Smart Charging? A – Charge Spot Operator C – E-mobility service providers B - Driver D - ‘Green’ producer

5 A time 8AM 6PM 200A Challenges and opportunities for the DSO

6 A time 8AM 6PM 200A The Open Smart Charging Protocol (OSCP) informs about the availably capacity via a forecast per cable Challenges and opportunities for the DSO

7 Not realistic? Challenges and opportunities for the DSO

8 200A 500A A time 500A OSCP Challenges and opportunities for the DSO

9

10 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

11 Many components that come with even more risks…

12 B – Malware introduced into EV via compromised charge spot What is the biggest privacy and security risk in Smart Charging? A – Large number of charge details data revealed C – DoS attack on charge spot via malicious card D - …

13 Risks evolve over time and their calculation is complicated Charge Spot Operator Service Provider

14 Privacy and security is a balancing act

15 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

16 Start small, grow further from there…  We started with NIST Guidance  not a goal on itself Goal: balancing P, S and F  Initial assumptions / thoughts: Lock should be cheaper than the bicycle Value, form and usage of bicycle is evolving… Desirable –vs- realizable

17 Risk assessment

18 Traditional approach didn’t work fully  Defined measures didn’t tackle evolving EV market dynamics  It is difficult for stakeholders to assess possible future risks and define appropriate measures now  End-2-end security with many to many relationships isn’t trivial

19 Stepwise approach: use case analysis

20 Stepwise approach: evolvability “The EVDSN variant”

21 Stepwise approach: evolvability “The EMSP variant”

22 Stepwise approach: defining security objectives

23 Stepwise approach: defining an attacker model

24 Stepwise approach: risk analysis Highests risks for the EV charging (risk x impact): Authentication of EV drivers Integrity and condentiality of communication between DSO and CSO, and between CSO and CS Integrity of the Charge Spot.

25 Knowing this what should we do? A – Wait for a big P&S incident to happen C – Stick to (not so) good old diesel and gasoline B – Nothing, we are safe D – Find out what the end-2-end security design looks like

26 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

27 An end-2-end security design for EV charging Integrity protection on meter readings - securing the integrity of data for smart charging and billing Secure communication channels – providing generic confidentiality protection on data (defense-in-depth) Customer authentication - securing the customer identity, through stronger authentication

28 An end-2-end security design for EV charging: integrity protection of the meter readings

29

30 At the meter At the DSO, CSP, CSO, Aggregator, etc. Meter data integrity is protected not in a point-to- point fashion, but it makes safe distribution of meter data possible to n parties. This is key for futureproofness and evolvability.

31 An end-2-end security design for EV charging: secure communication channels Performance is key in charging infrastructures. Specially at the charge spot for comfortable interaction with the EV driver. Report suggests how to implement this (for Soap over HTTP and JSON)

32 An end-2-end security design for EV charging: Customer authentication 4 alternatives were analyzed : 1.Mechanisms that do not rely on shared secret or public/private keys to perform authentication, such as the Lamport's login. 2.A GSM-like solution where the EMSP provides the authenticating entity with challenge/ response pairs based on the secret key. 3.Provisioning the RFID-card with a private key and the authenticating entity with the corresponding public key. Certicates can be used to be able to authenticate large numbers of RFID-cards with a single public key. This system is used in the recently deployed wireless payment systems of Dutch banks. 4.A diversied key solution such as the one used for authenticating OV chipcards. Alternative 3 – Certificate based is advised as it can work without communication from the charge spot to the back-office and verification can be done with a public key (no sensitive data is stored for this purpose).

33 Independent of market model EmSP Retailer Backoffice DSO OSCP IP Charge Spot OCPP Mode 3 Customer OSCP + security measures are market model-agnostic

34 Independent of market model Retailer Backoffice DSO OSCP EmSP Charge Spot OCPPMode3 IP Customer OSCP + security measures are market model-agnostic

35 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

36 How can we implement the end-2-end security design in practice? A – Address this topic in OCA workgroups C – Through R&D projects like FP7 (EU) B – Sharing best practices within OCA D – …

37 Please contact us at: Carlos Montes Portela E: P: +31 (0)6


Download ppt "Smart Charging of Electric Vehicles Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures = + ++ ? Carlos Montes."

Similar presentations


Ads by Google