Cybersecurity of Electric Vehicle Smart Charging Management Systems

In concept, a smart charging management system (SCMS) optimizes the charging of plug-in vehicles (PEVs) and provides various grid services including voltage control, frequency regulation, peak shaving, renewable energy integration support, spinning reserve, and emergency demand response. These functionalities largely depend upon data collected from various entities such as PEVs, electric vehicle supply equipment (EVSE), service providers, and utilities. SCMS can be susceptible to both cyber and physical threats (e.g. man-in-the-middle attack, data intrigued attack, denial of charging, physical-attack) due to interactions of and interdependencies between cyber and physical components. Cyber-physical threats through highly connected malware vectors raise various concerns including public safety hazards to vehicle operators and those in the immediate vicinity as well as disruptions to electric grid operations. This paper describes the concept of SCMS and provides a comprehensive review of the cybersecurity aspects of EVSEs and SCMSs with their possible impacts on the power grid and society. It also contributes to the development of cybersecurity measures to the SCMSs. Various functions of SCMS are reviewed in detail including peak shaving, demand charge reduction, frequency regulation, spinning reserve, renewable integration support, distribution congestion management, reactive power compensation, and emergency demand response with unidirectional PEVs charging. Also, a critical literature survey on current practices of SCMS cybersecurity is provided to explore major impacts and challenges of cyber-physical attacks and to identify research gaps and vulnerabilities in currently available SCMSs technologies.