WISeKey International Holding Ltd, a leading Swiss cybersecurity and IoT company announced that is combining software and microchips to allow Electric Vehicles (EVs) to securely communicate with charging stations, the network of connected vehicles, and even the electrical grid.
The company has shown strong growth and made tremendous progress on the EV and Connected Vehicle industry with the signing of strategic partnerships with leading European automobile manufacturers. WISeKey’s initial application was based on the integration of the WISeKey IoT and Public Key Infrastructure (PKI) in the manufacturers connected car solutions which allowed them to authenticate legitimate car components and enabled owners to securely interact with the car’s smart features. This technology has been upgraded to allow EVs and charging stations to securely communicate using network segmentation technologies to reduce the associated risk.
EV charging stations are an existing risk as attackers can compromise the security of the electronic charging stations to cause damage. This is often done through the Near-Field Communication (NFC) card that is used to handle billing when drivers charge their EVs as third-party providers of these ID cards, often do not secure their customer data.
WISeKey’s solutions reduce EV’s potential security threats by providing:
- IoT “secure element” chips, essentially a small smartcard, that can be embedded into different components of the car to enhance the security of their electronic functions.
- Highly-scalable and reliable PKI to create the electronic credentials that assert the identity of the device or authorized users and enables encryption to protect data or software integrity. These PKI solutions are highly adaptable to both the “lightweight” technology needs of IoT and the changing attributes of IoT devices over time after the vehicle has left the car factory.
In short, the WISeKey IoT solutions benefit both: the manufacturer by providing cost-effective solution to secure car components and their related online services, and also drivers in securing the massive amount of data produced by smart cars in daily use – which includes significant detail on the driver’s personal behavior and movements, similar to that produced by a smartphone.
Additionally, many of the charging stations today use an outdated Open Charge Point Protocol based on HTTP, which does not encrypt data or communications. This could lead to relay or man-in-the-middle attacks where attackers leverage a seemingly legitimate signal such as Wi-Fi. This vulnerability could also allow attackers to rewire charging requests altogether, and gain root access to the station. USB ports on charging stations could also be used for malicious intent that could directly affect driver privacy. Through a simple flash drive, logs and data can be copied to the drive, giving attackers not only the data on the OCPP server itself, but also confidential information on users of the charging point, allowing attackers to copy their ID numbers or even track their location.
WISeKey Machine to Machine digital certificates and microchips like NanoSeal allow connected cars to connect securely at the Electric Charging Stations, completing the transaction without using credit cards or any other traditional payment. Connected car owners can charge their cars and pay by transferring the credit via NFC technology directly from their mobiles or from their car wallet to the Electric Charging Station. WISeKey’s Digital certificate stored on a WISeKey Microchip acts as a secure hardware module which securely sends payment transactions between the electric car and the electric charger without any intermediaries or paying any transactional fees.
WISeKey IoT for EVs also includes an unforgeable Digital Identification for the EV and eCharger, securing both. Virtually all new cars on the market today include electronic technologies that could pose vulnerabilities to hacking or privacy intrusions if data security is not addressed. For example, smart cars without cybersecurity protection technology could allow hackers to gain remote access by exploiting vulnerabilities in their ecosystem of connected components and online services. As the number of cars connected to the Internet is growing quickly (to over a quarter of a billion by the year 2020, as estimated by Gartner), smart car manufactures are working to identify and reduce potential hacking vulnerabilities in their vehicles. BI Intelligence expects 94 million connected cars to be sold in 2021, and for 82% of all cars sold during that year to be connected. This represents a compound annual growth rate of 35%, from 21 million connected cars in 2016. In recent years, the security protections of smart cars have expanded using proven IoT technologies. There is the increased use of “secure element” chips provided by WISeKey Semiconductor to authenticate individual car components within the vehicle itself and to the online services it interacts with and to ensure that only legitimate software is installed in the car.
In recent years, security protections of smart cars have expanded using proven IoT technologies. There is an increased use of “secure element” chips provided by WISeKey Semiconductor to authenticate individual car components within the vehicle itself and to the online services it interacts with, and to ensure that only legitimate software is installed in the car.
“As cars continue to evolve, essentially becoming motorized computers, they are vulnerable to the very same threats and attacks as home computers, laptops, and smartphones. Unless appropriate cybersecurity measures are implemented, hackers can remotely access the vehicle’s computer system, manipulate the brakes, engine, and transmission. Our technology is designed to help verify legitimate car systems, protect the data they create and avoid malicious hacking,” said Carlos Moreira, CEO of WISeKey.