Mechanical engineering grad student develops technology to find electric vehicle charging vulnerabilities

Published

UL Lafayette graduate student Jake Guidry, an intern at Idaho National Laboratory, has developed a cybersecurity research tool that could improve the security of electric vehicle charging.

INL experts demonstrated the tool to colleagues from Sandia and Pacific Northwest national laboratories on June 7. The AcCCS tool provides access capabilities through CCS (combined charging system) communications protocol.

AcCCS (pronounced access) is a combination of hardware and software that emulates the electronic communications that occur between an electric vehicle and an extreme fast charger during the charging process. The tool gives researchers a new way to search for vulnerabilities in electric vehicles and charging stations.

The AcCCS hardware includes a charging port and a charging cable, both of which can be plugged into real-world equipment.

No charging power flows through the device. If you plug AcCCS into an electric vehicle, the vehicle鈥檚 computer thinks the battery is receiving a charge. If you plug the tool into a 350-kilowatt fast charging station, the station thinks it is charging an electric vehicle.

鈥淚t鈥檚 basically acting like one to trick the other,鈥 said Guidry, who鈥檚 pursuing a master鈥檚 degree in mechanical engineering. Guidry began an internship at INL last winter after being recruited by lab researchers at the 2022 SAE CyberAuto Challenge workshop. 鈥淲ith this technology, you can not only skew from normal operations, but also introduce cyberattacks.鈥

鈥淐urrently, some commercial devices allow researchers to test EVs and charging equipment to make sure that they meet certain specifications, but AcCCS is less expensive and a lot more flexible,鈥 said Ken Rohde, a cybersecurity researcher at INL who serves as an adviser for Guidry鈥檚 project. The tool further reduces costs by eliminating the need for real-world charging equipment or vehicles.

鈥淚t鈥檚 a low-cost solution that allows us to test outside of the bounds,鈥 Rohde said. 鈥淚t brings the barrier of entry to EV charging research way down.鈥

During the June 7 meeting, researchers used AcCCS to hack a charging station and a vehicle. Researchers then demonstrated a mitigation to the cyberattacks. Future experiments will help researchers develop best practice recommendations for industry.

Guidry and his colleagues will next demonstrate the technology at this year鈥檚 SAE CyberAuto Challenge. He plans to extend his internship to further test AcCCS.

鈥淚mmediate next steps are to see how much further I can go with it,鈥 Guidry said. 鈥淲hat is the extent of the things that we can do with this capability?鈥

AcCCS was developed as part of the Electric Vehicle Secure Architecture Laboratory Demonstrations, a pilot project to demonstrate cybersecurity best practices and collaborations to deploy and operate cybersecure electric vehicle charging facilities.

This project is a research effort by Idaho, Sandia and Pacific Northwest national laboratories, and sponsored by the Department of Energy鈥檚 Office of Cybersecurity, Energy Security and Emergency Response and Vehicle Technologies Office.

Photo caption: UL Lafayette graduate student Jake Guidry, an intern at the Idaho National Laboratory, has developed a cybersecurity research tool that could improve the security of electric vehicle charging. Guidry, shown conducting research at the laboratory, is pursuing a master's degree in mechanical engineering. Submitted photo

This press release was issued by the Idaho National Laboratory.

About Idaho National Laboratory
Battelle Energy Alliance manages INL for the U.S. Department of Energy鈥檚 Office of Nuclear Energy. INL is the nation鈥檚 center for nuclear energy research and development, and also performs research in each of DOE鈥檚 strategic goal areas: energy, national security, science and the environment. For more information, visit www.inl.gov. Follow us on social media: Twitter, Facebook, Instagram and LinkedIn.