Intern develops technology to find EV charging vulnerabilities

The AcCCS system
INL intern, Jake Guidry, is using the AcCCS system to interface with an electric vehicle through the CCS charge port to evaluate the cybersecurity posture of the charging communication protocols. Courtesy: Idaho National Laboratory

Idaho National Laboratory (INL) intern Jake Guidry has developed a cybersecurity research tool that could improve the security of electric vehicle charging.

INL experts demonstrated the tool to colleagues from Sandia and Pacific Northwest national laboratories on June 7. The AcCCS tool provides access capabilities through combined charging system (CCS) communications protocol.

What is the AcCCS system?

AcCCS , pronounced access, is a combination of hardware and software that emulates the electronic communications that occur between an electric vehicle and an extreme fast charger during the charging process. The tool gives researchers a new way to search for vulnerabilities in electric vehicles and charging stations.

The AcCCS hardware includes a charging port and a charging cable, both of which can be plugged into real-world equipment.

No charging power flows through the device. If you plug AcCCS into an electric vehicle, the vehicle’s computer thinks the battery is receiving a charge. If you plug the tool into a 350-kilowatt fast charging station, the station thinks it is charging an electric vehicle.

“It’s basically acting like one to trick the other,” said Guidry, a master’s degree student in mechanical engineering from the University of Louisiana at Lafayette. Guidry began an internship at INL last winter after being recruited by lab researchers at the 2022 SAE CyberAuto Challenge workshop. “With this technology, you can not only skew from normal operations, but also introduce cyberattacks.”

“Currently, some commercial devices allow researchers to test EVs and charging equipment to make sure that they meet certain specifications, but AcCCS is less expensive and a lot more flexible,” said Ken Rohde, a cybersecurity researcher at INL who serves as an advisor for Guidry’s project. The tool further reduces costs by eliminating the need for real-world charging equipment or vehicles.

“It’s a low-cost solution that allows us to test outside of the bounds,” Rohde said. “It brings the barrier of entry to EV charging research way down.”

During the June 7 meeting, researchers used AcCCS to hack a charging station and a vehicle. Researchers then demonstrated a mitigation to the cyberattacks. Future experiments will help researchers develop best practice recommendations for industry.

Next steps for AcCCS

Guidry and his colleagues will next demonstrate the technology at this year’s SAE CyberAuto Challenge. He plans to extend his internship to further test AcCCS.

“Immediate next steps are to see how much further I can go with it,” Guidry said. “What is the extent of the things that we can do with this capability?”

AcCCS was developed as part of the Electric Vehicle Secure Architecture Laboratory Demonstrations, a pilot project to demonstrate cybersecurity best practices and collaborations to deploy and operate cybersecure electric vehicle charging facilities.

This project is a research effort by Idaho, Sandia and Pacific Northwest national laboratories, and is sponsored by the Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response and Vehicle Technologies Office.




Keep your finger on the pulse of top industry news