A zero trust and blockchain-based defense model for smart electric vehicle chargers. (April 2023)
- Record Type:
- Journal Article
- Title:
- A zero trust and blockchain-based defense model for smart electric vehicle chargers. (April 2023)
- Main Title:
- A zero trust and blockchain-based defense model for smart electric vehicle chargers
- Authors:
- Li, Peirong
Ou, Wei
Liang, Haozhe
Han, Wenbao
Zhang, Qionglu
Zeng, Guang - Abstract:
- Abstract: Electric vehicles (EVs) have rapidly developed over the last decade due to their environmental benefits. As a key component of EVs, electric vehicle chargers are becoming increasingly digital and intelligent. However, due to the vast attack surface and the lack of systematic study, EV chargers and charging management cloud platforms are facing cyber security problems. These problems include weak cryptographic mechanisms, insecure data communication, and malicious firmware attacks. Through specific vulnerabilities, attackers can tamper with the data communication or replay network requests between EV chargers and cloud platforms. It will cause threats such as user-level privacy leakage, power fluctuations in the smart grid, and damage to Electric vehicles, damaging public life and property safety. Given the above, this paper proposes a security protection scheme incorporating blockchain, zero trust, and ShangMi cryptographic (SM) algorithms. The scheme uses Hyperledger Fabric for key management and trust evaluation event storage to guarantee the authenticity, non-repudiation, and tamper-proof of keys and events. In addition, zero trust is applied to secure valuable resources and enforce identity and access management (IAM) for accessing entities. We adopt the dynamic trust evaluation method to assess the trustworthiness of accessing entities in real time to implement dynamic authorization. Furthermore, the SM algorithms SM2, SM3, and SM4 are used to protect dataAbstract: Electric vehicles (EVs) have rapidly developed over the last decade due to their environmental benefits. As a key component of EVs, electric vehicle chargers are becoming increasingly digital and intelligent. However, due to the vast attack surface and the lack of systematic study, EV chargers and charging management cloud platforms are facing cyber security problems. These problems include weak cryptographic mechanisms, insecure data communication, and malicious firmware attacks. Through specific vulnerabilities, attackers can tamper with the data communication or replay network requests between EV chargers and cloud platforms. It will cause threats such as user-level privacy leakage, power fluctuations in the smart grid, and damage to Electric vehicles, damaging public life and property safety. Given the above, this paper proposes a security protection scheme incorporating blockchain, zero trust, and ShangMi cryptographic (SM) algorithms. The scheme uses Hyperledger Fabric for key management and trust evaluation event storage to guarantee the authenticity, non-repudiation, and tamper-proof of keys and events. In addition, zero trust is applied to secure valuable resources and enforce identity and access management (IAM) for accessing entities. We adopt the dynamic trust evaluation method to assess the trustworthiness of accessing entities in real time to implement dynamic authorization. Furthermore, the SM algorithms SM2, SM3, and SM4 are used to protect data confidentiality, integrity, and authenticity. Experimental results demonstrate that our scheme can effectively resist replay and tampering attacks, securing data communication between EV chargers and cloud platforms. And the performance of the cryptographic algorithm, blockchain system, and Secure Sockets Layer (SSL) meets Chinese national and industry standards. Graphical abstract: Image 1 Highlights: We propose an EV charger protection schemebased on zero trust, blockchain, and SM algorithms. A novel zero-trust-based architecture for EV chargers and the cloud platform is presented. Hyperledger Fabric is used for key management and the support for trust evaluation. SM algorithms are applied to implement enhanced authentication and data encrypted communication. A security scheme for OTA updates based on threshold signatures and multi-signatures is designed. … (more)
- Is Part Of:
- Journal of network and computer applications. Volume 213(2023)
- Journal:
- Journal of network and computer applications
- Issue:
- Volume 213(2023)
- Issue Display:
- Volume 213, Issue 2023 (2023)
- Year:
- 2023
- Volume:
- 213
- Issue:
- 2023
- Issue Sort Value:
- 2023-0213-2023-0000
- Page Start:
- Page End:
- Publication Date:
- 2023-04
- Subjects:
- Electric vehicle chargers -- Blockchain -- Zero trust -- Dynamic trust evaluation -- Identity and access management -- ShangMi cryptographic algorithms
Microcomputers -- Periodicals
Computer networks -- Periodicals
Application software -- Periodicals
Micro-ordinateurs -- Périodiques
Réseaux d'ordinateurs -- Périodiques
Logiciels d'application -- Périodiques
Application software
Computer networks
Microcomputers
Periodicals
004.05
004 - Journal URLs:
- http://www.sciencedirect.com/science/journal/10848045 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.jnca.2023.103599 ↗
- Languages:
- English
- ISSNs:
- 1084-8045
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5021.410600
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 26495.xml