Mechanical engineering grad student develops technology to find electric vehicle charging vulnerabilities

Published

UL Lafayette graduate student Jake Guidry, an intern at Idaho National Laboratory, has developed a cybersecurity research tool that could improve the security of electric vehicle charging.

INL experts demonstrated the tool to colleagues from Sandia and Pacific Northwest national laboratories on June 7. The AcCCS tool provides access capabilities through CCS (combined charging system) communications protocol.

AcCCS (pronounced access) is a combination of hardware and software that emulates the electronic communications that occur between an electric vehicle and an extreme fast charger during the charging process. The tool gives researchers a new way to search for vulnerabilities in electric vehicles and charging stations.

The AcCCS hardware includes a charging port and a charging cable, both of which can be plugged into real-world equipment.

No charging power flows through the device. If you plug AcCCS into an electric vehicle, the vehicle’s computer thinks the battery is receiving a charge. If you plug the tool into a 350-kilowatt fast charging station, the station thinks it is charging an electric vehicle.

“It’s basically acting like one to trick the other,” said Guidry, who’s pursuing a master’s degree in mechanical engineering. Guidry began an internship at INL last winter after being recruited by lab researchers at the 2022 SAE CyberAuto Challenge workshop. “With this technology, you can not only skew from normal operations, but also introduce cyberattacks.”

“Currently, some commercial devices allow researchers to test EVs and charging equipment to make sure that they meet certain specifications, but AcCCS is less expensive and a lot more flexible,” said Ken Rohde, a cybersecurity researcher at INL who serves as an adviser for Guidry’s project. The tool further reduces costs by eliminating the need for real-world charging equipment or vehicles.

“It’s a low-cost solution that allows us to test outside of the bounds,” Rohde said. “It brings the barrier of entry to EV charging research way down.”

During the June 7 meeting, researchers used AcCCS to hack a charging station and a vehicle. Researchers then demonstrated a mitigation to the cyberattacks. Future experiments will help researchers develop best practice recommendations for industry.

Guidry and his colleagues will next demonstrate the technology at this year’s SAE CyberAuto Challenge. He plans to extend his internship to further test AcCCS.

“Immediate next steps are to see how much further I can go with it,” Guidry said. “What is the extent of the things that we can do with this capability?”

AcCCS was developed as part of the Electric Vehicle Secure Architecture Laboratory Demonstrations, a pilot project to demonstrate cybersecurity best practices and collaborations to deploy and operate cybersecure electric vehicle charging facilities.

This project is a research effort by Idaho, Sandia and Pacific Northwest national laboratories, and sponsored by the Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response and Vehicle Technologies Office.

Photo caption: UL Lafayette graduate student Jake Guidry, an intern at the Idaho National Laboratory, has developed a cybersecurity research tool that could improve the security of electric vehicle charging. Guidry, shown conducting research at the laboratory, is pursuing a master's degree in mechanical engineering. Submitted photo

This press release was issued by the Idaho National Laboratory.

About Idaho National Laboratory
Battelle Energy Alliance manages INL for the U.S. Department of Energy’s Office of Nuclear Energy. INL is the nation’s center for nuclear energy research and development, and also performs research in each of DOE’s strategic goal areas: energy, national security, science and the environment. For more information, visit www.inl.gov. Follow us on social media: Twitter, Facebook, Instagram and LinkedIn.