The global surge in electric vehicle(EV)adoption is proportionally expanding the EV charging station(EVCS)infrastructure,thereby increasing the attack surface and potential impact of security breaches within this crit...The global surge in electric vehicle(EV)adoption is proportionally expanding the EV charging station(EVCS)infrastructure,thereby increasing the attack surface and potential impact of security breaches within this critical ecosystem.While ISO 15118 standardizes EV-EVCS communication,its underspecified security guidelines and the variability in manufacturers’implementations frequently result in vulnerabilities that can disrupt charging services,compromise user data,or affect power grid stability.This research introduces a systematic black-box fuzzing methodology,accompanied by an open-source tool,to proactively identify and mitigate such security flaws in EVCS firmware operating under ISO 15118.The proposed approach systematically evaluates EVCS behavior by leveraging the state machine defined in the ISO 15118 standard for test case generation and execution,enabling platform-agnostic testing at the application layer.Message sequences,corresponding to valid andmutated traversals of the protocol’s state machine,are generated to uncover logical errors and improper input handling.Themethodology comprises state-aware initial sequence generation,simulated V2G session establishment,targeted message mutation correlated with defined protocol states,and rigorous response analysis to detect anomalies and system crashes.Experimental validation on an open-source EVCS implementation identified five vulnerabilities.These included session integrity weaknesses allowing unauthorized interruptions,billing manipulation through invalid metering data acceptance,and resource exhaustion vulnerabilities from specific parameter malformations leading to denial-of-service.The findings confirm the proposed method’s capability in pinpointing vulnerabilities often overlooked by standard conformance tests,thus offering a robust and practical solution for enhancing the security and resilience of the rapidly growing EV charging infrastructure.展开更多
The energy sector faces rapid decarbonisation and decision-makers demand reliable assessments of the security of electricity supply. For this, detailed simulation models with a high temporal and technological resoluti...The energy sector faces rapid decarbonisation and decision-makers demand reliable assessments of the security of electricity supply. For this, detailed simulation models with a high temporal and technological resolution are required. When confronted with increasing weather-dependent renewable energy generation, probabilistic simulation models have proven. The significant computational costs of calculating a scenario, however, limit the complexity of further analysis. Advances in code optimization as well as the use of computing clusters still lead to runtimes of up to eight hours per scenario. However ongoing research highlights that tailor-made approximations are potentially the key factor in further reducing computing time. Consequently, current research aims to provide a method for the rapid prediction of widely varying scenarios. In this work artificial neural networks (ANN) are trained and compared to approximate the system behavior of the probabilistic simulation model. To do so, information needs to be sampled from the probabilistic simulation in an efficient way. Because only a limited space in the whole design space of the 16 independent variables is of interest, a classification is developed. Finally it required only around 35 min to create the regression models, including sampling the design space, simulating the training data and training the ANNs. The resulting ANNs are able to predict all scenarios within the validity range of the regression model with a coefficient of determination of over 0.9998 for independent test data (1.051.200 data points). They need only a few milliseconds to predict one scenario, enabling in-depth analysis in a brief period of time.展开更多
Primary energy has the potential to bring challenges to the reliability,economic,and eco-friendliness of global electric power systems.The concept of electric power security are proposed,including many factors that ar...Primary energy has the potential to bring challenges to the reliability,economic,and eco-friendliness of global electric power systems.The concept of electric power security are proposed,including many factors that are not considered in power system reliability analysis,such as coal supply for power system,fuel price for electricity power market,carbon emissions of power generation,and so on.It is broader than power system reliability and security,which means that providing energy in the form of reliable,economical,and eco-friendly electric power.Following an account of existing blackout defence methods and systems,the processes of transforming various kinds of primary energy into electric power and the interactions between them are described,particularly with regard to flows of energy,capital,and information.Factors that limit the liquidity of these flows are defined as“generalized congestion”,and the challenges presented by primary energy are named“primary energy congestion”.China’s dilemma on coal supply for power generation is presented in some detail as an example of primary energy congestion.To cope with impacts of the primary energy on electric power systems,an idea is introduced to extend the scope of existing coordinated blackout defence systems to account for primary energy,which would lead to an integrated tool to provide decision support to power system operators accounting for primary energy congestion.展开更多
基金support of the Korea Internet&Security Agency(KISA)—Information Security Specialized University Support Project(50%)supported by a grant from the Korea Electric Power Corporation(R24XO01-4,50%)for basic research and development projects starting in 2024.
文摘The global surge in electric vehicle(EV)adoption is proportionally expanding the EV charging station(EVCS)infrastructure,thereby increasing the attack surface and potential impact of security breaches within this critical ecosystem.While ISO 15118 standardizes EV-EVCS communication,its underspecified security guidelines and the variability in manufacturers’implementations frequently result in vulnerabilities that can disrupt charging services,compromise user data,or affect power grid stability.This research introduces a systematic black-box fuzzing methodology,accompanied by an open-source tool,to proactively identify and mitigate such security flaws in EVCS firmware operating under ISO 15118.The proposed approach systematically evaluates EVCS behavior by leveraging the state machine defined in the ISO 15118 standard for test case generation and execution,enabling platform-agnostic testing at the application layer.Message sequences,corresponding to valid andmutated traversals of the protocol’s state machine,are generated to uncover logical errors and improper input handling.Themethodology comprises state-aware initial sequence generation,simulated V2G session establishment,targeted message mutation correlated with defined protocol states,and rigorous response analysis to detect anomalies and system crashes.Experimental validation on an open-source EVCS implementation identified five vulnerabilities.These included session integrity weaknesses allowing unauthorized interruptions,billing manipulation through invalid metering data acceptance,and resource exhaustion vulnerabilities from specific parameter malformations leading to denial-of-service.The findings confirm the proposed method’s capability in pinpointing vulnerabilities often overlooked by standard conformance tests,thus offering a robust and practical solution for enhancing the security and resilience of the rapidly growing EV charging infrastructure.
基金support by National Natural Science Foundation of China(61202354,51507084)Nanjing University of Post and Telecommunications Science Foundation(NUPTSF)(NT214203)
基金Funded by the Deutsche Forschungsgemeinschaft(DFG,German Research Foundation)-532148125 and supported by the central publication fund of Hochschule Düsseldorf University of Applied Sciences.
文摘The energy sector faces rapid decarbonisation and decision-makers demand reliable assessments of the security of electricity supply. For this, detailed simulation models with a high temporal and technological resolution are required. When confronted with increasing weather-dependent renewable energy generation, probabilistic simulation models have proven. The significant computational costs of calculating a scenario, however, limit the complexity of further analysis. Advances in code optimization as well as the use of computing clusters still lead to runtimes of up to eight hours per scenario. However ongoing research highlights that tailor-made approximations are potentially the key factor in further reducing computing time. Consequently, current research aims to provide a method for the rapid prediction of widely varying scenarios. In this work artificial neural networks (ANN) are trained and compared to approximate the system behavior of the probabilistic simulation model. To do so, information needs to be sampled from the probabilistic simulation in an efficient way. Because only a limited space in the whole design space of the 16 independent variables is of interest, a classification is developed. Finally it required only around 35 min to create the regression models, including sampling the design space, simulating the training data and training the ANNs. The resulting ANNs are able to predict all scenarios within the validity range of the regression model with a coefficient of determination of over 0.9998 for independent test data (1.051.200 data points). They need only a few milliseconds to predict one scenario, enabling in-depth analysis in a brief period of time.
基金This work is jointly supported by Major Program of National Natural Science Foundation of China(No.91024028)National High Technology Research and Development Program of China(863 Program)(No.2011AA05A105)+1 种基金SGCC Projects SGCC-MPLG003-2012the Australian Research Council(DP120101345).
文摘Primary energy has the potential to bring challenges to the reliability,economic,and eco-friendliness of global electric power systems.The concept of electric power security are proposed,including many factors that are not considered in power system reliability analysis,such as coal supply for power system,fuel price for electricity power market,carbon emissions of power generation,and so on.It is broader than power system reliability and security,which means that providing energy in the form of reliable,economical,and eco-friendly electric power.Following an account of existing blackout defence methods and systems,the processes of transforming various kinds of primary energy into electric power and the interactions between them are described,particularly with regard to flows of energy,capital,and information.Factors that limit the liquidity of these flows are defined as“generalized congestion”,and the challenges presented by primary energy are named“primary energy congestion”.China’s dilemma on coal supply for power generation is presented in some detail as an example of primary energy congestion.To cope with impacts of the primary energy on electric power systems,an idea is introduced to extend the scope of existing coordinated blackout defence systems to account for primary energy,which would lead to an integrated tool to provide decision support to power system operators accounting for primary energy congestion.
