Presentation is loading. Please wait.

Presentation is loading. Please wait.

Smart Charging of Electric Vehicles Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures = + ++ ? Carlos Montes.

Published byKenia Fruin Modified over 9 years ago

Similar presentations

Presentation on theme: "Smart Charging of Electric Vehicles Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures = + ++ ? Carlos Montes."— Presentation transcript:

1 Smart Charging of Electric Vehicles Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures = + ++ ? Carlos Montes Portela IT (privacy and security) Architect Enexis – Asset Management Innovation ElaadNL – Innovation and Development OCA Conference – 18th of November 2014

2 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

3 It’s about flexibility…

4 Who will have most benefits from Smart Charging? A – Charge Spot Operator C – E-mobility service providers B - Driver D - ‘Green’ producer

5 A time 8AM 6PM 200A Challenges and opportunities for the DSO

6 A time 8AM 6PM 200A The Open Smart Charging Protocol (OSCP) informs about the availably capacity via a forecast per cable Challenges and opportunities for the DSO

7 Not realistic? Challenges and opportunities for the DSO

8 200A 500A A time 500A OSCP Challenges and opportunities for the DSO

9

10 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

11 Many components that come with even more risks…

12 B – Malware introduced into EV via compromised charge spot What is the biggest privacy and security risk in Smart Charging? A – Large number of charge details data revealed C – DoS attack on charge spot via malicious card D - …

13 Risks evolve over time and their calculation is complicated Charge Spot Operator Service Provider

14 Privacy and security is a balancing act

15 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

16 Start small, grow further from there…  We started with NIST 800-30 Guidance  not a goal on itself Goal: balancing P, S and F  Initial assumptions / thoughts: Lock should be cheaper than the bicycle Value, form and usage of bicycle is evolving… Desirable –vs- realizable

17 Risk assessment

18 Traditional approach didn’t work fully  Defined measures didn’t tackle evolving EV market dynamics  It is difficult for stakeholders to assess possible future risks and define appropriate measures now  End-2-end security with many to many relationships isn’t trivial

19 Stepwise approach: use case analysis

20 Stepwise approach: evolvability “The EVDSN variant”

21 Stepwise approach: evolvability “The EMSP variant”

22 Stepwise approach: defining security objectives

23 Stepwise approach: defining an attacker model

24 Stepwise approach: risk analysis Highests risks for the EV charging (risk x impact): Authentication of EV drivers Integrity and condentiality of communication between DSO and CSO, and between CSO and CS Integrity of the Charge Spot.

25 Knowing this what should we do? A – Wait for a big P&S incident to happen C – Stick to (not so) good old diesel and gasoline B – Nothing, we are safe D – Find out what the end-2-end security design looks like

26 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

27 An end-2-end security design for EV charging Integrity protection on meter readings - securing the integrity of data for smart charging and billing Secure communication channels – providing generic confidentiality protection on data (defense-in-depth) Customer authentication - securing the customer identity, through stronger authentication

28 An end-2-end security design for EV charging: integrity protection of the meter readings

29

30 At the meter At the DSO, CSP, CSO, Aggregator, etc. Meter data integrity is protected not in a point-to- point fashion, but it makes safe distribution of meter data possible to n parties. This is key for futureproofness and evolvability.

31 An end-2-end security design for EV charging: secure communication channels Performance is key in charging infrastructures. Specially at the charge spot for comfortable interaction with the EV driver. Report suggests how to implement this (for Soap over HTTP and JSON)

32 An end-2-end security design for EV charging: Customer authentication 4 alternatives were analyzed : 1.Mechanisms that do not rely on shared secret or public/private keys to perform authentication, such as the Lamport's login. 2.A GSM-like solution where the EMSP provides the authenticating entity with challenge/ response pairs based on the secret key. 3.Provisioning the RFID-card with a private key and the authenticating entity with the corresponding public key. Certicates can be used to be able to authenticate large numbers of RFID-cards with a single public key. This system is used in the recently deployed wireless payment systems of Dutch banks. 4.A diversied key solution such as the one used for authenticating OV chipcards. Alternative 3 – Certificate based is advised as it can work without communication from the charge spot to the back-office and verification can be done with a public key (no sensitive data is stored for this purpose).

33 Independent of market model EmSP Retailer Backoffice DSO OSCP IP Charge Spot OCPP Mode 3 Customer OSCP + security measures are market model-agnostic

34 Independent of market model Retailer Backoffice DSO OSCP EmSP Charge Spot OCPPMode3 IP Customer OSCP + security measures are market model-agnostic

35 Contents  What is Smart Charging all about?  Why do privacy and security (P&S) matter in this context?  How can we approach P&S without loosing focus on functionality?  What measures can we take for a sufficiently secured charging infrastructure?  How and when do we start implementing these measures?

36 How can we implement the end-2-end security design in practice? A – Address this topic in OCA workgroups C – Through R&D projects like FP7 (EU) B – Sharing best practices within OCA D – …

37 Please contact us at: info@openchargealliance.org www.openchargealliance.org Carlos Montes Portela E: carlos.montes-portela@enexis.nl P: +31 (0)6 52570518carlos.montes-portela@enexis.nl

Download ppt "Smart Charging of Electric Vehicles Balancing privacy, security and functionality in public Smart Charging of EVs infrastructures = + ++ ? Carlos Montes."

Similar presentations

1 Landis+Gyr Confidential Analyst Presentation November 2008`1 Confidential Company Overview & Update DRAFT November 2008 Cyber-Security & Interoperability.

1 Landis+Gyr Confidential Analyst Presentation November 2008`1 Confidential Company Overview & Update DRAFT November 2008 Cyber-Security & Interoperability.
Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.
Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI 2010. All rights reserved.

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved.
Impact of Smart Grid, ICT on Environment and Climate Change David Su Advanced Network Technologies National Institute of Standards and Technology ITU Symposium.

Impact of Smart Grid, ICT on Environment and Climate Change David Su Advanced Network Technologies National Institute of Standards and Technology ITU Symposium.
Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.

Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
Prompts Consider the following questions as you build this slide:

Prompts Consider the following questions as you build this slide:
Secure Systems Research Group - FAU Process Standards (and Process Improvement)

Secure Systems Research Group - FAU Process Standards (and Process Improvement)
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
<<Date>><<SDLC Phase>>

<<Date>><<SDLC Phase>>
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
EStorage First Annual Workshop Arnhem, NL 30, Oct. 2013 Olivier Teller.

EStorage First Annual Workshop Arnhem, NL 30, Oct Olivier Teller.
Information Security Policies Larry Conrad September 29, 2009.

Information Security Policies Larry Conrad September 29, 2009.
Security Controls – What Works

Security Controls – What Works
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
The Role of Security & Privacy in EA Program

The Role of Security & Privacy in EA Program

Similar presentations

Ads by Google