Background
The man-in-the-middle (MitM) attack vector is regularly utilized to perform attacks on two-way in-vehicle communications such as Ethernet and Controller Area Network (CAN) busses. This same attack vector had not been previously tested on J1772, the standard interface for managing electric vehicle (EV) charging in North America. These attacks could manipulate charging and cause damage to the battery and other vehicle systems.
Approach
This effort explored the extent to which it is possible to interfere with or disrupt the charging process of an EV. Using custom hardware, software, and a division-owned EV, the research team reverse engineered the signals and circuits used in the vehicle and charger. With this knowledge, the team developed a system capable of creating control pilot and proximity detection signals of the J1772 charger.
Accomplishments
Three malicious scenarios were successfully exercised: 1) limiting charge, 2) overcharging, and 3) denying charge to the vehicle. The limit charging scenario was successful, as the team was able to significantly limit the rate of vehicle charging. The overcharging test requested more charge than the vehicle could handle and tripped a safety warning on the vehicle “Problem Detected with Charging Station.” The denying charge test was also successful, and the vehicle recognized that it was both ready to charge and had the charger plugged in but displayed “Not Able to Charge.”
Figure 1: EV used for testing.
Figure 2: “Problem Detected with Charging Station” message.
Figure 3: “Not Able to Charge” message.