After years of quiet growth, the electric vehicle (EV) market has kicked into high gear, powered by sustainability trends, technology advances and increased consumer enthusiasm. Earlier this year, a team from Cornell created a new lithium battery that can charge in under five minutes, while maintaining stable performance over extended cycles of charging and discharging. Ford and Rivian have also recently announced adapters to give their EVs access to Tesla Superchargers. According to Fortune Business Insights, the global electric vehicle market size is expected to demonstrate a CAGR of 17.8% over the next six years.
As more people drive EVs, we’ll also see an increased need for the infrastructure that supports them — especially public charging stations. While drivers seek convenience at the charging station, they expect an experience that’s secure. Government, industry and technology leaders are actively working together to deliver both.
When EVs first emerged, of the barriers to their adoption was the availability of public charging stations on highways and other major routes. Consumers have been understandably anxious about running low on power on an isolated stretch of road – often referred to as “range anxiety.” To improve the availability of public charging stations, the U.S. Department of Transportation established the National Electric Vehicle Infrastructure (NEVI) Formula Program. Spanning nearly 80,000 miles across 26 states, this $5 billion initiative is intended to extend the reach of dependable, fast chargers across the country’s national highways. NEVI is part of a larger $7.5 billion bipartisan infrastructure law that provides funding for other related initiatives.
Along with sheer volume, interoperability is also critical to a smooth charging experience. For example, Tesla Superchargers are widespread, but until recently they have not been available for use by owners of other vehicles. Certain Tesla Superchargers support Magic Dock Combined Charging System (CCS) adapters, as well as the new adapters from Ford and Rivian, but non-Tesla drivers still encounter some friction to use them. They must download a Tesla app and set up a profile and payment method. Tesla charging station cords are also relatively short, which could create issues for certain EV models. As manufacturers address interoperability issues, the user experience will steadily improve.
Even as manufacturers tackle convenience issues, the need for digital trust throughout EV infrastructure and ecosystems still remains. The technology is diverse and is only as strong as its weakest link. It’s up to manufacturers to extend protection across a variety of components and processes, including energy distribution systems, payment systems, software for vehicles and their drivers’ devices and vehicle identity authentication.
Public key infrastructure (PKI) is a cornerstone of trust in secure EV charging. It establishes a secure connection between vehicles and charging stations, utilizing a two-way authentication process that starts automatically, the moment an EV plugs in. The need for a secure PKI in the EV charging ecosystem has been recognized due to the potential cyber vulnerabilities that arise as more EVs connect to the electrical system. Leading manufacturers and industry groups are working to fortify the EV charging infrastructure in North America.
SAE International has established the Electric Vehicle Public Key Infrastructure Consortium (EVPKI Consortium) to enhance the security of the EV ecosystem through the development and management of a secure digital trust framework. The consortium’s mission is to create an inclusive, interoperable PKI marketplace that can scale globally and facilitate secure bi-directional charging.
The consortium aims to deliver a comprehensive PKI governance model for the industry, ensuring high-quality service around certificate providers and a high level of user experience and interoperability. It is industry-led and managed by SAE Industry Technologies Consortia (SAE ITC), with membership open to private companies and public sector organizations. Charter members include ChargePoint, Electrify America, Ford Motor Company and General Motors. These industry leaders are working together to establish governance and rules for multiple PKI systems, guaranteeing system interoperability and enhancing the charging experience for EV drivers.
The consortium’s efforts are aligned with the goals of the Charging Interface Initiative e.V. (CharIN) and the ISO 15118 standard, which operates within a PKI ecosystem and sets the terms for secure information exchange between electric vehicles, charging stations, and mobility service providers. The ISO 15118-2 standard addresses interoperability and scaling issues related to the high volume of certificates required to support the EV charging market. Digital trust leader DigiCert established EV charging industry’s first unaffiliated root of trust, which allows manufacturers to issue, test, deploy ISO 15118-2 compliant certificates. Ford, EVgo, BMW, Mercedes and others were among the first to conduct live testing.
Despite progress in testing for the ISO 15118-2 standard, it has been criticized for some deficiencies in fully addressing security. One of the main criticisms is that the standard does not adequately handle security certificates. The standard is primarily focused on the communication between the vehicle and the charging station, and the way certificates are created or maintained on the backend is not within the scope of the document.
This has led to concerns about the security of the certificate management process, as it is not a feature of the standard.
Another criticism is that the standard was initially biased towards a small group of organizations that distribute certificates, injecting a higher-level mobility operator into the system. These issues could limit the scalability and interoperability of the system, as it may not be inclusive of all stakeholders in the EV charging ecosystem.
Furthermore, the standard initially did not require the use of transport layer security (TLS) for all communication, only for Plug and Charge. This left RFID and app-based authentication methods potentially unsecured. However, with the publication of ISO 15118:20, the use of TLS during communication has been made mandatory, which has strengthened the security of the standard.
Finally, the standard does not fully address the physical security of EVSE equipment. Since these devices are often installed in public but potentially isolated locations, they are at risk of physical attacks, tampering, or theft.
It’s clear that delivering both convenience and security are key to unlocking the collective potential of the burgeoning EV market. As standards and innovation continue to mature, we’re confident that the industry will continue to address both. Close collaboration among the ecosystem’s key stake holders is critical to scale adoption and maximizing interoperability — while addressing changing security risks.
Recent Articles By Author