How public EV charger software sector leaves UK open to cyber attack

Petalite Logo

How public EV charger software sector leaves UK open to cyber attack

As the EV industry continues to expand at a rapid pace, one of the most pressing issues is that of cyber security. CPOs in the UK are often reliant on third parties from unknown locations to manage and upgrade public charger firmware – but to what extent does this leave the UK open to cyber-attack, malware and data breaches?

In December 2021 the UK government passed the Electric Vehicles (Smart Charge Points) Regulations 2021 to help protect against a deliberate cyber-attack or a drive-by malware infection. However, chargers will not need to meet these new standards until 2023, leading to fears of a year of free-for-all installing of substandard chargers to beat the deadline and existing chargers certified by OZEV ‘grandfathered’ in.

 There are many potential benefits of linking the EV charging sector with the industrial internet. For operators it means comprehensive real-time monitoring, management and maintenance of charging stations. It can also mean improved energy efficiency through real-time information exchange to manage power transmission and consumption. Automatic software updates can also assist scalability and future proofing – a ‘virtual power station’ in the cloud. 

As with all cloud-connected devices, however, electric chargers are vulnerable to cyber-attack if not properly secured. In November 2021 security issues exposed the data of 140,000 users of the Pod Point electric car charging app. There are fears that third party access to the grid could lead to even greater threats, including significant power flows and blackouts caused by intentional overloading of the grid.

In August 2019, over 1 million businesses and homes were affected by a major power disruption due to a lightning strike on an overhead transmission line in Cambridgeshire. This generated knock-on disruptions in the rail transport, health, water and oil sectors across the UK.

At the time of the lightening strike, ESO was holding 1,000MW of reserve generation however the total generation lost from the affected power stations, as part of the initial event, was in the region of 2,100MW, greater than the response held. The ESO is also required to ensure that the frequency of the electricity system remains between 49.5Hz – 50.5Hz to maintain stability and prevent a full system collapse. However, the loss caused the system frequency to drop to 48.8Hz. This drop had the effect of disconnecting approximately 973MW of demand, the equivalent of 1 million customers.

Potential hackers only need to see that the grid is struggling. The lightening strike in August 2019 is an example of how sensitive and vulnerable the grid can be.

The threat of third-party cyber-attacks from overseas remains a global concern. In 2021 around 200 US businesses were targeted with a “colossal” ransomware attack believed to be perpetrated by the Russia-linked REvil ransomware group.

As a result of such attacks, in June 2021 Texas passed the Lone Star Infrastructure Protection Act (LIPA), which prohibits Texas businesses and governments from contracting with entities owned or controlled by individuals from China, Russia, North Korea, and Iran, if the contracting provides the foreign party remote access or control of “critical infrastructure.”

How transparent are leading charge point operators in the UK being in relation to their reliance on hardware produced in from countries such as China and Russia. To what extent does the race to be first to market mean compromising on cyber security? As the confidence around software security is only as trusted as the hardware being installed.

Petalite is an award-winning, innovative electric vehicle charging company who have engineered a break-through technology called SDC which confidently solves customer and EV driver pains related to ‘charge anxiety’. SDC charges cars, HGVs, and aircraft and will benefit CPOs, energy companies, local authorities, commercial businesses, and fleet operators. This unique charging technology meets the 99% reliability standards set by the UK government for rapid charge points

Petalite have received private investment and developed key partnerships to bring this essential SDC technology to the public charging market. With infrastructure that lasts up to 30 years, it benefits from quick installation and high scalability. Their PowerCores (modules) can be infinitely stacked like Lego bricks and simply upgraded when the future inevitably demands more power. Due to its built-in multiple redundancy system, Petalite’s chargers can actively switch in new PowerCores to compensate a power loss, resulting in a highly trustworthy charge experience for EV drivers.

A vertically integrated approach means Petalite have developed and managed every stage of the charger design, including hardware design, software management and firmware updates. This means customers benefit from advanced protection in cyber security. 

Petalite’s chargers are low cost for the future, and this is by means of their long-term (15-25 years) ‘Charging as a Service’ (CaaS) contract which increases future reliability and as a result, customers revenue potential increases too. Petalite’s charging hardware features standard commodity parts. As a result, Petalite aims to repair, not replace hardware and this ultimately reduces waste.

2022 will see Petalite quickly progressing to become a world-leading solution to electric vehicle charging. Their much-anticipated SDC brings innovation, 99% reliability as standard and low future cost to the global electric vehicle charging industry.

Leigh Purnell, Founder and CEO is speaking on 14 June, Focus Day in:

9.40 – 11.00, Fleet Charging panel

12.30 – 13.15, Robust public charging networks to service consumers and fleets Partner panel

See the timetable of the Focus Day, 14 June

And on 15 June, The Ambassadors’ Day:

12.45 – 13.30, Leading the UK’s fleet electrification transition. Going faster together than alone panel

Leigh Purnell, Founder and CEO and Paul Khullar, Chief of Staff will also be hosting roundtable discussions with participants on 15 June, Ambassadors’ Day:

15.05-15.50 and 15.50-16.35 The importance of long-life infrastructure, how to make money from charging and how technology will solve ‘charge anxiety’ 

Ultra Rapid DC chargers must be able to make a return on investment for the charger operator; this is a challenge in an industry where charging technology is stagnating with limited improvements on hardware life and warranty offerings. There are two main paths to profitability as an operator, a drastic change in the technology and vertical integration of hardware, software, maintenance and payment services.
Petalite’s Ultra-reliable SDC chargers offer a new revenue model and are a step change in this market with a predicted 17 year life and a usage based contract. Petalite are also vertically integrated, which benefits operators as every step for them, from manufacturing to installation, maintenance, payment and robust cyber security services.
If you are looking to create a business model out of DC charging, it’s important for you to join our round table so we can discuss how Petalite can solve the business model and make you money through highly reliable and long-life charging infrastructure for the future. 

See the timetable of the Ambassadors’ Day, 15 June

The team from Petalite will be exhibiting on 14 and 15 June.

If you would like to meet with Leigh Purnell and his colleagues please register here using our registration form here quoting PETA-EV1 to get 50% off