Wednesday, February 8 2023 Sign In   |    Register

News Quick Search



Front Page
Power News
Today's News
Yesterday's News
Week of Feb 06
Week of Jan 30
Week of Jan 23
Week of Jan 16
Week of Jan 09
By Topic
By News Partner
Gas News
News Customization


Pro Plus(+)

Add on products to your professional subscription.
  • Energy Archive News

    Home > News > Power News > News Article

    Share by Email E-mail Printer Friendly Print

    This how New York must hack-proof our EV future

    November 21, 2022 - Times Herald-Record


      There has been considerable debate over the viability of New York's recent announcement that it will join the list of states that have banned the sale of light-duty internal combustion engine vehicles starting in 2035.

      Achieving this ambitious goal will require significant infrastructure investments. The electric grid must be able meet the increased demand while transitioning away from fossil fuels, and the network of changing stations must quickly expand – an effort that is already years behind schedule.

      There's a third critical element inherent to ensuring the switch to electric vehicles is both successful and safe, and it is too often overlooked: Protecting against the threat of cyberattacks.

      Though the U.S. is moving to shore up domestic production, allocating $2 billion in the recently approved Chips and Science Act for legacy chips used in automobiles and defense systems, the vast majority of critical components used for EVs, chargers and batteries are currently manufactured in China. This leaves open the possibility for manufacturers with malicious intent to create entry points for the collection of sensitive data.

      The heart of any EV infrastructure will be a network of charging stations. Nationwide, the Inflation Reduction Act provides $7.5 billion to install 500,000 stations by 2030. These stations are connected to a central control unit —known as "the backend" — that communicates over wireless network SIM cards. This allows chargers to collect and transmit payment and location data that might include email addresses and IP numbers — a considerable benefit for drivers, but also an opportunity for bad actors.

      Hackers could steal financial data from the networks serving EV customers or hold emergency responders, school buses or utility providers' vehicles hostage in ransomware attacks. We have already seen school districts, libraries and municipal governments paralyzed by these sorts of attacks.

      More connected vehicles could increase risk to the electric grid. The grid of the future will not only affect our lights and heating at home, but also the ability to move emergency vehicles, transit systems and more.

      Someone bent on wreaking havoc could disrupt individual vehicles or fleets. Years ago, a team of white hat hackers demonstrated that they could take over the controls and shut down a 2015 Jeep Cherokee speeding down the highway. That team was helping the industry identify vulnerabilities, but the real-world nightmares are easy to imagine.

      Drivers are already accustomed to the benefits of connected car technology. Over-the-air software updates can add or improve car features overnight. Real-time traffic updates calculate the fastest or most energy efficient routes, plotting charging stops along the way if needed — often with data showing how many other vehicles are using a charging station and how many spots are free.

      All of this requires a real-time connection to the internet. Each of these vehicles represents a point of vulnerability, and the flood of EVs expected to hit our streets in the coming decade will make this challenge infinitely worse.

      Modern vehicles have more than 100 independently developed software and hardware components — each with their own manufactured and supply chain. The "Internet of Things" is giving way to the "Internet of Car Parts," leaving our cars vulnerable to hacks.

      Governments invest billions in protecting critical infrastructure from cyber threats. The EV infrastructure should be no different. We need common cyber security criteria and stronger rules managing the complex automotive supply chain.

      Like it or not: the EV conversion is happening. Electric vehicles accounted for more than 7% of new car sales in July, about 62% higher than last summer. Experts predict the number of EVs on the road will expand to 125 million worldwide by 2030. In the U.S. alone, President Biden has set a goal of 50 percent EV sales by that same year.

      This shift includes all types of vehicles. New York is working to make its fleet of 50,000 school buses 100% electric by 2035. The Metropolitan Transit Authority is committed to deploying a zero-emissions bus fleet by 2040. Even street sweepers and fire trucks are going electric. While this transformation is under way, we need to take a step back and look at the system as a whole to ensure we aren't creating vulnerabilities that will be difficult to address down the road.

      Russell Davies is Senior Program Director for Electrification and Alternate Fuels at Parsons. Juan Espinosa is a principal project manager leading major cybersecurity initiatives for Parsons.

      Your Turn

      Russell Davies and Juan Espinosa

      Guest columnists


    Other Articles - International


       Home  -  Feedback  -  Contact Us  -  Safe Sender  -  About Energy Central   
    Copyright © 1996-2023 by CyberTech, Inc. All rights reserved.
    Energy Central® and Energy Central Professional® are registered trademarks of CyberTech, Incorporated. Data and information is provided for informational purposes only, and is not intended for trading purposes. CyberTech does not warrant that the information or services of Energy Central will meet any specific requirements; nor will it be error free or uninterrupted; nor shall CyberTech be liable for any indirect, incidental or consequential damages (including lost data, information or profits) sustained or incurred in connection with the use of, operation of, or inability to use Energy Central. Other terms of use may apply. Membership information is confidential and subject to our privacy agreement.