We present a novel attack against the Combined Charging System, one of the most widely used DC rapid charging systems for electric vehicles (EVs). Our attack, Brokenwire, interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance, allowing individual vehicles or entire fleets to be disrupted stealthily and simultaneously. In addition, it can be mounted with off-the-shelf radio hardware and minimal technical knowledge. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it. We first study the attack in a controlled testbed and then demonstrate it against seven vehicles and 18 chargers in real deployments. We find the attack to be successful in the real world, at ranges up to 47 m, for a power budget of less than 1 W. We further show that the attack can work between the floors of a building (e.g., multi-story parking), through perimeter fences, and from 'drive-by' attacks. We present a heuristic model to estimate the number of vehicles that can be attacked simultaneously for a given output power. Brokenwire has immediate implications for many of the around 12 million battery EVs on the roads worldwide - and profound effects on the new wave of electrification for vehicle fleets, both for private enterprise and crucial public services. As such, we conducted a disclosure to the industry and discussed a range of mitigation techniques that could be deployed to limit the impact.
翻译:我们对电动车辆(EVs)最广泛使用的DC快速充电系统之一,即联合充电系统(United United United United United United United Angage System)进行了新的攻击。我们的攻击,断电线,中断了车辆和充电器之间必要的控制通信,造成电压中断。攻击可以从远距离无线进行,使个别车辆或整个机队能够被偷偷地和同时干扰。此外,也可以用现成的无线电硬件和最微小的技术知识来安装。被利用的行为是HomePlug Green Phy、DIN 70121和ISO 15118标准以及所有已知的执行系统的必要部分。我们首先在受控的试盘中研究这次攻击,然后在实际部署时对七部车辆和18台充电器进行演示。我们发现攻击在现实世界中是成功的,使个别车辆或整个机队的能量预算达到47米。我们进一步表明,攻击可以在建筑物楼楼楼楼层之间起作用,通过周边的围栏栅栏限制,从我们所设计的电路路面攻击可以攻击。我们用来攻击。