Since mid-2022, vehicle manufacturers have had to demonstrate cybersecurity when registering a new vehicle type in accordance with UNECE 155. As a result, they must now effectively secure the integrity and authenticity of communication between control units and between the vehicle and back-end systems.
Since TLS (Transport Layer Security) is usually used for protocol security in Ethernet communication, test systems must be developed for the TLS implementation that not only secure functional aspects, but also check for vulnerabilities in cybersecurity. The technical solution realized in cooperation between dSPACE and achelos is a way to support and automate the quality assurance of a TLS-protected Ethernet communication between charging station and vehicle. For example, if the vehicle side is to be tested, a charging pole simulation and a TLS test suite are required - represented in our example by the dSPACE Smart Charging Solution in conjunction with achelos' TLS Inspector.
Cyberattacks on connectivity are becoming scalable and can lead to major negative impacts for automotive manufacturers and their suppliers. UNECE Working Group 29 has therefore proposed regulations on cybersecurity - Regulation 155 - and software update management - Regulation 156 - which came into force at the beginning of 2021, creating a paradigm shift in the automotive industry in all participating member states. They stipulate, for example, that identified risks must be mitigated and extensive testing must be carried out.
Charging communication also falls under this regulation. Processes such as Plug & Charge for charging and payment at public charging stations require encrypted communication in accordance with DIN EN ISO 15118.
However, the communication interfaces required for this also significantly increase the attack surface for potential hackers or cybercriminals. For example, attacks can lead to a general disruption of the charging infrastructure and even to the tapping of identities, which can be used for various types of fraud.
Testing the TLS interface
When server and client systems communicate with each other, securing these connections is essential today. It must be possible to prove at any time who was or is connected to whom, to encrypt the transmitted data so that third parties cannot read or modify it. These network connections use cryptographic technologies. Here, the implementation as well as the correct use of existing libraries are a major challenge.
- Conformance to the standard: Conformance of the functional behavior to both RFC standards and the functional requirements of the automotive application, for example according to the ISO 15118 standard, must be ensured so that vehicle components can communicate with each other interoperably.
- Configuration: The available variety of configuration options is so extensive that loopholes for attackers can arise both during integration and during subsequent configuration of the vehicle component. Verification of the configuration should ensure that it is secure in the sense of the requirements, for example in accordance with the ISO 15118 standard or the BSI checklists. This includes, for example, the cipher suites used (according to ISO 15118, for example, only 2 specified cipher suites may be used)
- Tests for correct implementation: A robust protocol implementation should also be checked, for example in the event of manipulation of the message sequence or checking the padding for correctness.
The subject of the test is the establishment of the TLS connection up to mutual authentication, the reaction to incorrect behavior and the termination of the connection.