Driving cybersecurity evolution

Meitong Pan, examines an FPGA board used to implement complex digital computations.Meitong Pan, a master’s student who works with Dr. Mitra Mirhassani in the Analog and Mixed Signal Research Lab, examines an FPGA board used to implement complex digital computations.

Companies are well aware of the environmental benefits of electrifying vehicle fleets, but how much is known about the security of these systems?

A University of Windsor researcher aims to dig deeper through the investigation of cybersecurity issues that arise when using electric vehicle fleets with battery charging infrastructure.

“The environmental, geopolitical and financial advantages of electric vehicles are well-studied and addressed in many research publications. However, security of these systems is not given the full attention that it requires,” says Dr. Mitra Mirhassani, the project lead and associate professor who specializes in electrical engineering.

Amazon announced in fall 2019 the largest order of electric delivery vehicles ever, according to David Clark, Amazon’s senior vice president of operations. The world’s largest retailer purchased 100,000 electric delivery vans from Rivian, a Michigan-based start-up. While companies like Amazon are making the switch to electric fleets, municipalities are preparing with plans to add infrastructure to accommodate the surge in consumer and corporate investments in alternative fuels. The City of Windsor is looking to set up 11 dual-port electric vehicle (EV) charging stations across the municipality, according to a 2019 city council report.

The most common method of recharging electric vehicles is to use exchange or recharge stations. When the energy resources are converted to electrical systems, security issues come into play, Mirhassani says. The main components of a charging station include the main board, communication equipment that is connected to a central unit, radio-frequency identification (RFID) readers, and other electronic components such as circuit breakers and electrical measurement systems. 

“This means that essentially a computer is placed on the street, with potential access to the smart grid that it is connected to. This creates the potential for weak security points that can provide a hacker with possible access to the primary network.”

Once they’re in the system, hackers have access to a plethora of information, which can lead to identity and financial theft and Denial of Service (DoS) attacks that can create a disruption in the electrical and power generation systems.

Mirhassani notes some of the weak points in EV charger systems include the physical access, which can be directly accessed through a panel, an open port or wirelessly through its communication lines. She also says the use of RFID access cards provide an easy and convenient way for vehicle operators to access charging stations.

“However, the security level of these cards is very low. An RFID card can be broken in a short time and hence is vulnerable to attacks.” Another weak point is “backdoors” used for maintenance and possible future system upgrades, which are often not protected, she adds.

The three-year project is funded in partnership with the WindsorEssex Economic Development Corporation as part of a FedDev Ontario $5 million investment in community economic development and diversification that supports the Windsor-Essex Region in transitioning from traditional automotive manufacturing to transformative automotive technologies.

Up to $640,000 has been allocated to the University of Windsor and Dr. Mirhassani’s work on cybersecurity and automotive technologies.

“This project will help further position Windsor-Essex as the automobility capital of Canada, by building on the automotive history, knowledge and experience of its past to emerge as a cybersecurity powerhouse in automotive technologies,” says Stephen MacKenzie, the president and CEO of WindsorEssex Economic Development Corporation.

This article is featured in the 2019 issue of Windsor Engineering (WE).