Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a groundbreaking security research presentation that introduces EmuOCPP, a novel testing framework designed to evaluate the security and privacy of the Open Charge Point Protocol (OCPP) used in electric vehicle charging infrastructure. Learn how researchers developed a container-based emulation system using open-source software and low-cost hardware to reproduce real-world OCPP networks with high fidelity while maintaining cost efficiency. Discover five critical security vulnerabilities uncovered across OCPP versions 1.6, 2.0, and 2.0.1, including sophisticated man-in-the-middle attacks that exploit security profile upgrades and downgrades, as well as charging station impersonation attacks that leverage undefined behaviors in the boot notification process. Examine how these attacks were successfully demonstrated across nine different targets, ranging from open-source and closed-source OCPP implementations to actual charging stations and production networks operated by major companies. Understand the root causes of these vulnerabilities, including newly identified design and implementation flaws in OCPP, and review the effective mitigation strategies proposed to address these security concerns. Gain insights into the responsible disclosure process with the OCPP consortium and the researchers' commitment to open-sourcing the EmuOCPP framework to benefit the broader cybersecurity and electric vehicle infrastructure communities.
