Utilizing key management systems & PKI solutions to protect critical infrastructure & V2G communications
- Energy grids are a critical infrastructure
- Bad actors can use EV charging stations as an entry point into the grid
- Encryption/PKI facilitates a verified connection between EVs & charging stations, enabling secure transmissions
- A key management system (KMS) ensures cryptographic integrity
There are over 630,000 electric vehicle (EV) charging stations across the EU, a fraction of the 3.5 million that the European Commission aims to have in operation by 2030 (European Commission Study). Numbers trail in the US at just under 200,000 charging stations, but the injection of a major $521 million Biden-Harris grant is accelerating installations.
As technologies improve, governments are doubling down on EVs as a pathway too achieving climate goals. An array of private contractors manufacture, install and service these charging stations for governments. Each of these critical infrastructure OEMs, along with EV OEMs, adopts its own unique processes and safeguards. This results in a jumble of manufacturers using their discretion to make critical cybersecurity decisions that affect public safety.
ISO standard 15118 seeks to streamline the cybersecurity of critical mobility infrastructure and resolve discrepancies in quality.
ISO 15118 | Road Vehicles – Vehicle to grid communication interface
A smart grid is the energy grid that enables charging, connecting energy producers with energy consumers. Electric vehicles communicate with these grids instantaneously via charging stations in order to receive service and complete accurate payments.
Traditionally, car owners plugged into charging stations and manually completed transactions, for example via direct payment or by opening an app. ISO 15118 was the first to suggest that future transactions would be fully automated. It proposed cryptographic solutions for authentication and secure communication, dubbed Plug and Charge.
It is here, during these automatic device-to-device (or vehicle-to-grid, V2G) communications that cyber criminals can gain entry. Secure communication is, therefore, essential.
Securing the V2G connection
Plug and Charge delivers exactly what the name suggests: It automates the entire charging interaction so that drivers only need to plug in, charge & drive away, without ever taking out a phone or wallet.
The EV and charging station are linked via a charging cable or WIFI connection. All other communication networks and applications are then layered on top of it.
This EV-charging station connection is an entry point into the energy grid, a critical infrastructure. Protecting infiltration by bad actors is an essential responsibility of any V2G system and related devices.
Key elements for protecting EV-charging station communications
- Identity verification: Integrate digital certificates that authenticate the sender’s identity
- Utilize encryption and decryption best practices to protect data transfers
- Maintain an effective key management system to ensure cryptographic integrity
The role of KMS in charging station cybersecurity
Even if a manufacturer sets out to integrate identity verification and encryption into its devices, the lack of a secure key management system could be their downfall.
Key management systems let organizations manage the entire key lifecycle and related functionalities in one place:
- Key generation
- Key provisioning during manufacturing
- Software/firmware signing & encryption
- Device enrollment & key provisioning/revocation
- Digital signatures
- Custom encryption
- PKI integration
Custom encryption solutions & innovation strategies: partnering with Keys&More to secure critical infrastructure
Keys&More helps its partners establish a robust, comprehensive encryption strategy that achieves optimal cybersecurity and supports business success. The benefits of its KMS include the following features:
- Hardware agnostic
- Multi-level role management
- Unified, customizable dashboard for organization-wide oversight
- Configurable audit logs
- Flexible deployment (on-premises, cloud-based & hybrid)
Keys&More and its parent company INCERT have a successful track record of establishing long-term innovation partnerships that transform public administrations and private organizations.
INCERT, a state-owned entity, gives Keys&More the stability and reliability needed to guarantee long-term support throughout a client’s entire production line lifespan.
Keys&More’s comfort level in both the public and private spheres make it an ideal match for helping manufacturers comply with the complex security demands related to critical infrastructure.
Keys&More’s mobility/automotive expertise covers the following:
- Vehicle-to-everything
- OTA software updates
- Industry regulations, such as UNECE R155/156
- Supply chain data protection
- Production line digitalization
- IoT applications
Keys&More for fleet management and key provisioning during manufacturing prove particularly helpful for EV or critical infrastructure OEMs. Our KMS facilitates scalability without compromising security. It lets cybersecurity teams oversee role-based access, potential threats and emergency responses in one place.
Government administrations cannot tolerate reputational or societal risk, making effective KMS essential for contractors that interact with critical infrastructure.