Home Web system UTSA researcher is part of the team protecting electric vehicle charging stations from cyberattacks | UTSA today | UTSA

UTSA researcher is part of the team protecting electric vehicle charging stations from cyberattacks | UTSA today | UTSA


Bou-Harb and his fellow researchers wanted to explore the real implications of cyberattacks on electric vehicle charging systems and how to use cybersecurity countermeasures to mitigate them. His team also assessed how operated systems can attack critical infrastructure such as the power grid.

“Electric vehicles are the norm these days. However, their managerial positions are susceptible to security exploitation, ”said Bou-Harb, associate professor in the department of information systems and cybersecurity at Carlos Alvarez College of Business. “In this work, we have endeavored to uncover their safety weaknesses and understand their impact on electric vehicles and the smart grid while providing recommendations and sharing our findings with the relevant industry for proactive remediation of the problem. Security.

The team identified 16 electric vehicle charging management systems, which they divided into distinct categories such as firmware, mobile and web apps. They performed a thorough security scan on each.

“We designed a system research and collection approach to identify a large number of EV charging systems, and then used reverse engineering and penetration testing techniques of white / black box web applications. to perform an in-depth vulnerability scan, ”Bou-Harb said.

The team discovered a range of vulnerabilities among the 16 systems and highlighted the 13 most serious vulnerabilities, such as missing authentication and cross-site scripting. By exploiting these vulnerabilities, attackers can cause several problems, including tampering with firmware or disguising themselves as real users and gaining access to user data.

According to a recent study from the researchers’ white paper, “Although it is possible to conduct different attacks on various entities within the EV ecosystem, in this work we focus on the study of large-scale attacks. that have a severe impact on the compromised charging station. , its user and the connected electrical network.

During this project, the team developed several security measures, guidelines and best practices for developers to mitigate cyber attacks. They also created countermeasures to correct each individual vulnerability they found.

To avoid a massive attack on the power grid, the researchers recommend that developers correct existing vulnerabilities but also integrate initial security measures when manufacturing charging stations.