A zero trust and blockchain-based defense model for smart electric vehicle chargers

【Author】 Li, Peirong; Ou, Wei; Liang, Haozhe; Han, Wenbao; Zhang, Qionglu; Zeng, Guang

【Source】JOURNAL OF NETWORK AND COMPUTER APPLICATIONS

【影响因子】7.574

【Abstract】Electric vehicles (EVs) have rapidly developed over the last decade due to their environmental benefits. As a key component of EVs, electric vehicle chargers are becoming increasingly digital and intelligent. However, due to the vast attack surface and the lack of systematic study, EV chargers and charging management cloud platforms are facing cyber security problems. These problems include weak cryptographic mechanisms, insecure data communication, and malicious firmware attacks. Through specific vulnerabilities, attackers can tamper with the data communication or replay network requests between EV chargers and cloud platforms. It will cause threats such as user-level privacy leakage, power fluctuations in the smart grid, and damage to Electric vehicles, damaging public life and property safety. Given the above, this paper proposes a security protection scheme incorporating blockchain, zero trust, and ShangMi cryptographic (SM) algorithms. The scheme uses Hyperledger Fabric for key management and trust evaluation event storage to guarantee the authenticity, non-repudiation, and tamper-proof of keys and events. In addition, zero trust is applied to secure valuable resources and enforce identity and access management (IAM) for accessing entities. We adopt the dynamic trust evaluation method to assess the trustworthiness of accessing entities in real time to implement dynamic authorization. Furthermore, the SM algorithms SM2, SM3, and SM4 are used to protect data confidentiality, integrity, and authenticity. Experimental results demonstrate that our scheme can effectively resist replay and tampering at-tacks, securing data communication between EV chargers and cloud platforms. And the performance of the cryptographic algorithm, blockchain system, and Secure Sockets Layer (SSL) meets Chinese national and industry standards.

【Keywords】Electric vehicle chargers; Blockchain; Zero trust; Dynamic trust evaluation; Identity and access management; ShangMi cryptographic algorithms

【发表时间】2023 APR

【收录时间】2023-04-09

【文献类型】

【主题类别】

--