Short: Breaking the Charge: Exploiting State Manipulation in EV Charging

Electric vehicles (EVs) have become one of the promising solutions to the ever-evolving environmental and energy crisis. The key to the wide adoption of EVs is a pervasive charging infrastructure, composed of both private/home chargers and public/commercial charging stations. The security of EV charging, however, has not been thoroughly investigated. This paper investigates the communication mechanisms between the chargers and EVs, and exposes the lack of protection on the authenticity in the SAE J1772 charging control protocol. To showcase our discoveries, we propose a new class of attacks, ChargeX, which aims to manipulate the charging states of EV chargers with the goal of disrupting the charging schedules, causing a denial of service (DoS), or degrading the battery performance. ChargeX inserts a hardware attack circuit to strategically modify the charging control signals. We design and implement two different attacks and evaluate them on a public charging station and two home chargers using a simulated vehicle load in the lab environment. Extensive experiments on different types of chargers demonstrate the effectiveness and generalization of ChargeX. Specifically, we demonstrate that ChargeX can force switching an EV's charging state from "stand by'' to "charging'', potentially leading to overcharging. We further validate the attacks on a Tesla Model 3 vehicle to demonstrate the disruptive impacts of ChargeX. If deployed, ChargeX may significantly demolish people's trust in the EV charging infrastructure.