MitM cyber risk analysis in OCPP enabled EV charging stations

Hamdare, S, Brown, DJ ORCID logoORCID: https://orcid.org/0000-0002-1677-7485, Kaiwartya, O ORCID logoORCID: https://orcid.org/0000-0001-9669-8244, Cao, Y and Jugran, M, 2025. MitM cyber risk analysis in OCPP enabled EV charging stations. In: Jararweh, Y, Alsmirat, M and Lloret, J, eds., 2024 4th Intelligent Cybersecurity Conference (ICSC). IEEE, pp. 151-157. ISBN 9798350354782

[thumbnail of 2478037_Brown.pdf]
Preview
Text
2478037_Brown.pdf - Post-print

Download (546kB) | Preview

Abstract

The increasing adoption of Electric Vehicle Charging Stations (EVCS) necessitates robust security measures, par-ticularly in the communication protocols used between Charging Point (CP) and EVCS Server (CS). This paper focuses on the vulnerabilities associated with the Open Charge Point Protocol (OCPP), a widely used protocol for EVCS communication. Specifically, we analyze the risks of Man-in-the-Middle (MitM)attack, which exploit weaknesses in OCPP's client and server communication. We implemented a MitM attack on OCPP 1.6, discovering that although it uses TLS 1.2 for encryption, this version is not secure. In the intercepted packets, the information about the cipher suites used by TLS 1.2, session id, server address, application protocols is in plaintext, making the system vulnerable. Our findings underscore the need for enhanced security measures. First and foremost, preventing MitM attacks is crucial. Additionally, if communication is intercepted, using the latest version of TLS and encrypting cipher suite information can further strengthen security. Our analysis is supported by experimental results demonstrating the feasibility of such attacks and their potential consequences.

Item Type: Chapter in book
Creators: Hamdare, S., Brown, D.J., Kaiwartya, O., Cao, Y. and Jugran, M.
Publisher: IEEE
Date: 25 February 2025
ISBN: 9798350354782
Identifiers:
Number
Type
10.1109/icsc63108.2024.10895308
DOI
2478037
Other
Divisions: Schools > School of Science and Technology
Record created by: Laura Borcherds
Date Added: 25 Sep 2025 07:32
Last Modified: 25 Sep 2025 07:32
URI: https://irep.ntu.ac.uk/id/eprint/54419

Actions (login required)

Edit View Edit View

Statistics

Views

Views per month over past year

Downloads

Downloads per month over past year