Plug-in Electric Vehicle Fingerprinting: Authentication for Plug-in Electric Vehicles presented at ShmooCon 2017

by Rebekah Houser,

Summary : With increasing options for connectivity and reliance on drive-by-wire systems, automobiles have become targets for a variety of attacks. Researchers have exposed vulnerabilities in vehicle systems, garnering much attention and prompting government warnings. Hacking vehicles is a hot topic. However, there is one aspect of vehicle vulnerability that is underappreciated, mostly because it only applies to a minute percentage of the vehicles on the road today. Plug-in electric vehicles (PEVs) make up a tiny portion of the overall vehicle market, but they are becoming more common. PEV charging involves, authentication, payments, and, increasingly, communication for managing power flow to stabilize the electric power grid. In the design of many charging protocols, security is not always emphasized, or is only implemented in the cyber domain. As a cyber physical system, PEVs need authentication the cyber and the physical domain. In this talk we propose a means for charging stations to identify the type of PEV connected to charge without explicit communication of this information from the PEV. This approach is similar to that adopted in other fields to identify individual computers through a browser, or hardware. We report the results of initial testing, and outline future work.