Abstract
Apps that run on mobile devices are one of critical components of the electric vehicle (EV) ecosystem and pose possible threat actor points of entry that may impact the trust and security of EV charging systems in the future. Mobile apps often rely on communication between cloud servers and users, thereby creating potential points of entry for cyberattacks. Although app stores such as Apple App Store or Google Play Store generally test the security of apps, the cyber aspects may not be sufficient for many entities including DOD, federal fleets, and commercial entities. A more thorough inspection and the ability to influence developers is imminently needed. This research studies security attributes and vulnerabilities of a sample of mobile applications that support key user functions in the EV ecosystem. The study shows that all analyzed apps have security risks, categorized as either high or medium or both and a comprehensive cybersecurity guideline for developing mobile apps is necessary.
Original language | American English |
---|---|
Number of pages | 16 |
DOIs | |
State | Published - 2024 |
NREL Publication Number
- NREL/TP-5T00-90388
Keywords
- electric vehicle ecosystem
- mobile applications
- security