Abstract | Plug-and-Charge (PnC) standards such as ISO 15118-20 enable the charging of Electric Vehicles (EVs) with (nearly) no user intervention by storing authentication credentials directly in the vehicle. However, these credentials are generated in backend systems of vehicle manufacturers and charging service providers (called Mobility Operators (MOs)) making them vulnerable to attacks on corporate networks. In previous work, we proposed HIP, an ISO 15118 extension where credentials are generated in a Hardware Security Module (HSM) within the EV and the private parts of the credentials never leave the Hardware Security Module (HSM). In this paper, we propose HIP-20, which improves HIP by enabling easy integration into existing backend infrastructures and processes. HIP-20 enables support of existing Certificate Authoritiess (CAs) and established processes such as using Certificate Signing Requests (CSRs), enables credential provisioning via channels outside of ISO 15118, and makes necessary adaptations required due to changes in the new edition ISO 15118-20. Our evaluation shows that HIP-20 significantly increases security and interoperability with existing processes and infrastructures. |
---|