search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
EV Charging


Prioritising cybersecurity at EV charging points


In 2023, it was found by Hiscox research that over half of UK businesses suffered at least one cyberattack in the preceding 12 months, a five-point increase on the year before.


I


n an increasingly connected society, the risk of cyberattack moves beyond just business IT systems and will infiltrate into newer technologies such as EV charging ports, autonomous vehicles and renewable energy sources, among many others. Here, senior consultant for EV charging at Bureau Veritas, George White, brings attention to the criticality of cybersecurity in the evolution of EV adoption, and addresses how securing the EV infrastructure and its supply chain is paramount to mitigating potential exploits from cyberattacks.


With initiatives and funding from the Department for Transport and the Office for Zero Emission Vehicles contributing to the growing EV infrastructure, there is a critical need to focus on the associated cybersecurity risks. This is especially pertinent following the recent National Grid warning associated with EV owners.


Cyber vulnerabilities in EVCPs In the pursuit of an electrified future, the digital aspect is rife with evolving cybersecurity threats that could potentially compromise the integrity of EV charging points. Unauthorised access through unprotected network or peripheral device interfaces poses a huge risk, as does firmware-based attacks that manipulate voltage settings, potentially causing major damage. The UK Electric Vehicles (Smart Charge Points) Regulations 2021, is fundamentally the first place to start, which states that charge points must be designed, manufactured and configured to


“Cybersecurity is not a luxury but a necessity in the EV space.”


provide appropriate protection: against the risk of harm to, or disruption of, the electricity system against the risk of harm to, or disruption of, the relevant charge point for the personal data of the owner and any other end-user of the relevant charge point.


How to do more to protect EVCPs from cyber threats


Ensuring the supplier of charge points adheres to this before they ship is key to ensure that the right levels of security are maintained over its lifetime. Before charge points are shipped, we recommend thorough pre-installation inspections. This includes scrutinising passwords, ensuring software is up to date, validating security configurations, secure communication, data inputs and ease of use. These assessments aim to identify and rectify security gaps before installation, saving time and resources. Firstly, the software must be capable of secure updates, employing cryptographic measures to protect against cyber-attacks. Regular security


20 | electrical wholesaler June 2024


checks during setup and periodic updates are also essential, with owners responsible for verifying the authenticity and integrity of each update. Furthermore, sensitive security considerations, such as credentials, should be stored securely, avoiding hard-coded information and designed to verify authorised access. Charge points must also be able to encrypt all communications to maintain the confidentiality and integrity of transmitted data, preventing unauthorised access or tampering. Along with this, the configuration should verify data inputs, discarding unverified data to prevent potential security vulnerabilities. Lastly, and quite importantly, for user convenience and compliance with privacy regulations, charge points should be designed for ease of use, minimising owner inputs and allowing straightforward deletion of personal data. Cybersecurity is not a luxury but a necessity in the EV space. Bureau Veritas’s comprehensive approach, from third-party risk reviews to ongoing maintenance assessments, ensures a robust cybersecurity framework for the entire EV ecosystem that we encourage companies to incorporate into their security measures and planning.


ewnews.co.uk


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44