April 4, 2024

Motivation and Design of the OCPP Security Service


Pacific Northwest National Laboratory is conducting in-depth research aimed at exploring how zero trust security principles can be effectively applied to electric vehicle charging infrastructure. This investigation seeks to enhance the resilience and reliability of these systems against cyber threats, ensuring secure and uninterrupted access to charging services for electric vehicle users and electric supply. Zero trust is a security concept centered on the belief that system operators should not automatically trust users or systems based on their location, whether inside or outside the organization, but instead must verify everything trying to connect to their systems before granting access. A key aspect of the project is to demonstrate and validate zero trust approaches targeted to electric vehicle (EV) charging infrastructure. It has been observed that both open-source and commercial solutions often overlook the specific protocols employed in managing EV charging stations and proceeded with a general, protocol-agnostic approach. While these strategies effectively block non-authorized routes to the charging infrastructure, they do not tackle the situations where attackers may exploit legitimate access channels, such as the inattentive operator model posited by the Idaho National Laboratory. To address this gap, this paper proposes and discusses a new security service targeted to the Open Charge Point Protocol (OCPP), which is the de facto protocol for the management of charging stations and serves a critical role in the broader adoption of electric vehicles. The design and architecture of the proposed OCPP security service are discussed in detail, outlining how it aims to safeguard charging station management system (CSMS) functions. The service is particularly important in scenarios where the charging station operator (CSO), responsible for the maintenance and operation of charging stations, and the charging network provider (CNP), which manages the charging network's accessibility and billing, are separate entities. This distinction is crucial because CSOs and CNPs often have different priorities, objectives, and operational responsibilities, which may not always align perfectly. For instance, a CSO might prioritize uptime and customer satisfaction, while a CNP might focus on maximizing revenue and network utilization. Such misalignment can create security vulnerabilities, as each entity might implement different policies and standards, potentially leaving gaps in the overall security posture.

Published: April 4, 2024


Carroll T.E., B.A. Edwards, and L.H. Chang. 2024. Motivation and Design of the OCPP Security Service Richland, WA: Pacific Northwest National Laboratory.