CSIS Seminar

Internet-Scale Discovery and Security Analysis of EV Charging Management Systems

Abstract

Electric Vehicle Charging Management Systems (EVCMS) are a collection of specialized software that allow users to remotely operate Electric Vehicle Charging Stations (EVCS). With the increasing number of deployed EVCS to support the growing global EV fleet, the number of EVCMS are consequently growing, which introduces a new attack surface. In this paper, we propose a multi-stage framework to discover Internet-connected EVCMS and investigate their security posture. Our approach leverages identifiers extracted from a small seed of EVCMS to extend the capabilities of device search engines through iterative fingerprinting using a combination of classification and clustering approaches. Indeed, by leveraging a small seed of 1,800 discovered hosts that deployed 9 distinct EVCMS, we leveraged our approach to identify 27,439 online EVCS instrumented by 44 unique EVCMS. Consequently, our in-depth security analysis highlighted the insecurity of the majority of the deployed EVCMS while uncovering 120 0-day vulnerabilities. Our findings shed light on the insecurity of the EVCSMS at scale while highlighting the feasibility of cyber attacks against the EV charging ecosystem, its users, and the connected power grid. Finally, while we recommend countermeasures to mitigate future threats, this work contributes to the security of the EVCS ecosystem via conducting a Coordinated Vulnerability Disclosure (CVD) effort with system developers/vendors who acknowledged and assigned the discovered vulnerabilities more than 20 CVE-IDs. If you cannot join in person, you are welcome to join via Zoom meeting: https://gmu.zoom.us/j/96351546909?pwd=WFVpNVF0eGRuSmtmWWEzV0tZalQ2QT09 Meeting ID: 963 5154 6909 Passcode: 788844

Speaker Bio

Sadegh Torabi is an assistant professor and a research fellow at Department of Information Science and Technology (IST), School of Computing, at George Mason University. Prior to joining the department of IST, Sadegh was a postdoctoral research fellow at the Center for Secure Information Systems (CSIS) at George Mason University. Sadegh’s research interests are in the areas of Internet measurements, network/systems security, IoT malware detection and characterization, and operational cyber security including the security of Internet of Things (IoT) and Cyber-Physical Systems (CPS). Sadegh received his Ph.D. degree in Information Systems Engineering (with Outstanding Ranking) from Concordia University, Montreal, Canada. During his Ph.D., Sadegh was a member of the Security Research Centre (SRC) at Concordia University, where he received several awards and scholarships such as the Abdul-Aziz Hariri Graduate Scholarship in Cyber Security and the Carolyn and Brian Neysmith Graduate Scholarship. Sadegh also received his M.Sc. from the Electrical and Computer Engineering Department at University of British Columbia (UBC), Vancouver, Canada.