Current Affairs: A Security Measurement Study of CCS EV Charging Deployments

Since its introduction in 2012, the Combined Charging System (CCS) has emerged as the leading technology for EV fast charging in Europe, North America and parts of Asia. The charging communication of CCS is defined by the ISO 15118 standards, which have been improved over the years. Most notably, in 2014, important security features such as Transport Layer Security (TLS) and usability enhancements such as Plug and Charge were introduced. In this paper, we conduct the first measurement study of publicly deployed CCS DC charging stations to capture the state of deployment for different protocol versions and to better understand the attack surface of the EV charging infrastructure. In our evaluation, we examine 325 chargers manufactured between April 2013 and June 2023, and installed as late as May 2024 by 26 manufacturers across 4 European countries. We find that only 12% of the charging stations we analyzed implement TLS at all, leaving all others vulnerable to attacks that have already been demonstrated many years ago. We observe an increasing trend in support for ISO 15118-2 over the years, reaching 70% of chargers manufactured in 2023. We further notice that most chargers use a decade-old firmware for their HomePlug modems, which could contain vulnerabilities that have been patched since. Finally, we discuss design flaws with the Public Key Infrastructure system used in EV charging, and propose changes to improve the adoption and availability of TLS.