Sebastian Köhler (University of Oxford)

Brokenwire is a novel attack against the Combined Charging System, one of the most widely used DC rapid charging technologies for electric vehicles (EVs). It interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack requires only temporary physical proximity and can be conducted wirelessly from a distance, allowing individual vehicles or entire fleets to be disrupted stealthily and simultaneously. In addition, it can be mounted with off-the-shelf radio hardware and minimal technical knowledge. By exploiting CSMA/CA behavior, only a very weak signal needs to be induced into the victim to disrupt communication — exceeding the effectiveness of broadband noise jamming by three orders of magnitude. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it.

In this session, we will present how we studied the attack in a controlled environment on a testbed and then demonstrated it against eight vehicles and 20 chargers in real deployments. We further show how we evaluated the attack in different scenarios, including between the floors of a building (e.g., multi-story parking), through perimeter fences, and from ‘drive-by’ attacks. Finally, we present our heuristic model that we used to estimate the number of vehicles that can be attacked simultaneously for a given output power.

Brokenwire has immediate implications for a substantial proportion of the around 12 million battery EVs on the roads worldwide — and profound effects on the new wave of electrification for vehicle fleets, both for private enterprise and crucial public services, as well as electric buses, trucks and small ships. As such, we conducted a disclosure to the industry and discussed a range of mitigation techniques that could be deployed to limit the impact.

Speaker’s Biography

Sebastian Köhler is a doctoral researcher in the Centre for Doctoral Training in Cyber Security at the University of Oxford and part of the Systems Security Lab, focusing on the security of the physical-layer of large and complex systems, such as vision-based intelligent and automotive systems. He started specializing on Cyber Security during his undergraduate studies at the University of Applied Sciences Wurzburg-Schweinfurt, Germany. After his BSc, he received an MSc in Computing & Security and got awarded a prize for the best overall performance from King’s College London.

View More Papers

ProbFlow : Using Probabilistic Programming in Anonymous Communication Networks

Hussein Darir (University of Illinois Urbana-Champaign), Geir Dullerud (University of Illinois Urbana-Champaign), Nikita Borisov (University of Illinois Urbana-Champaign)

Read More

RoVISQ: Reduction of Video Service Quality via Adversarial Attacks...

Jung-Woo Chang (University of California San Diego), Mojan Javaheripi (University of California San Diego), Seira Hidano (KDDI Research, Inc.), Farinaz Koushanfar (University of California San Diego)

Read More

Exploiting Transport Protocol Vulnerabilities in SAE J1939 Networks

Rik Chatterjee, Subhojeet Mukherjee, Jeremy Daily (Colorado State University)

Read More

Screen Gleaning: Receiving and Interpreting Pixels by Eavesdropping on...

Zhuoran Liu, Léo Weissbart, Dirk Lauret (Radboud University)

Read More