This page is fully or partially automatically translated.

Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

it-sa365-n-achelos-Header-Desktop
IT Security Talks May 2023 Stream I

Security testing of high-level charging communication (for eMobility)

A practical application of the achelos TLS Inspector together with the dSPACE Smart Charging Solution

calendar_today Wed, 03.05.2023, 11:30 - 11:45

event_available Digital

Action Video

south_east

Action description

south_east

Speaker

south_east

Themes

Mobile Security

Organizer

Event

This action is part of the event IT Security Talks May 2023

Action Video

grafischer Background
close

This video is available to the it-sa 365 community. 
Please register or log in with your login data.

Action description

Since mid-2022, vehicle manufacturers have had to demonstrate cybersecurity when registering a new vehicle type in accordance with UNECE 155. As a result, they must now effectively secure the integrity and authenticity of communication between control units and between the vehicle and back-end systems.

Since TLS (Transport Layer Security) is usually used for protocol security in Ethernet communication, test systems must be developed for the TLS implementation that not only secure functional aspects, but also check for vulnerabilities in cybersecurity. The technical solution realized in cooperation between dSPACE and achelos is a way to support and automate the quality assurance of a TLS-protected Ethernet communication between charging station and vehicle. For example, if the vehicle side is to be tested, a charging pole simulation and a TLS test suite are required - represented in our example by the dSPACE Smart Charging Solution in conjunction with achelos' TLS Inspector.

Cyberattacks on connectivity are becoming scalable and can lead to major negative impacts for automotive manufacturers and their suppliers. UNECE Working Group 29 has therefore proposed regulations on cybersecurity - Regulation 155 - and software update management - Regulation 156 - which came into force at the beginning of 2021, creating a paradigm shift in the automotive industry in all participating member states. They stipulate, for example, that identified risks must be mitigated and extensive testing must be carried out.

Charging communication also falls under this regulation. Processes such as Plug & Charge for charging and payment at public charging stations require encrypted communication in accordance with DIN EN ISO 15118.

However, the communication interfaces required for this also significantly increase the attack surface for potential hackers or cybercriminals. For example, attacks can lead to a general disruption of the charging infrastructure and even to the tapping of identities, which can be used for various types of fraud.

Testing the TLS interface
When server and client systems communicate with each other, securing these connections is essential today. It must be possible to prove at any time who was or is connected to whom, to encrypt the transmitted data so that third parties cannot read or modify it. These network connections use cryptographic technologies. Here, the implementation as well as the correct use of existing libraries are a major challenge.

- Conformance to the standard: Conformance of the functional behavior to both RFC standards and the functional requirements of the automotive application, for example according to the ISO 15118 standard, must be ensured so that vehicle components can communicate with each other interoperably. 


- Configuration: The available variety of configuration options is so extensive that loopholes for attackers can arise both during integration and during subsequent configuration of the vehicle component. Verification of the configuration should ensure that it is secure in the sense of the requirements, for example in accordance with the ISO 15118 standard or the BSI checklists. This includes, for example, the cipher suites used (according to ISO 15118, for example, only 2 specified cipher suites may be used)


- Tests for correct implementation: A robust protocol implementation should also be checked, for example in the event of manipulation of the message sequence or checking the padding for correctness.

The subject of the test is the establishment of the TLS connection up to mutual authentication, the reaction to incorrect behavior and the termination of the connection.

... read more

Language: German

Questions and Answers: Yes

Speaker

show more
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.