A threat analysis of the vehicle-to-grid charging protocol ISO 15118

  • Kaibin BaoEmail author
  • Hristo Valev
  • Manuela Wagner
  • Hartmut Schmeck
Special Issue Paper


This work performs a security analysis of the vehicle-to-grid charging protocol ISO 15118 and presents various scenarios of how to compromise the availability of the charging service or the integrity, authenticity, or confidentiality of the communication on a protocol level. Furthermore, it analyzes processes related to the authentication, transfer of information, and the certification hierarchy for vulnerabilities, which could be used by an adversary to gain unfair advantage over the charging process and use it for his own self-interest, mostly harming legitimate users or other participants.


Electric vehicle ISO 15118 Vehicle-to-grid Charging protocol Thread analysis 


  1. 1.
    ISO 15118-1:2013. Road vehicles—vehicle to grid communication interface—Part 1: general information and use-case definition. International Organization for StandardizationGoogle Scholar
  2. 2.
    ISO 15118-2:2014. Road vehicles—vehicle-to-grid communication interface—Part 2: network and application protocol requirements. International Organization for StandardizationGoogle Scholar
  3. 3.
    ISO 15118-3:2015. Road vehicles—vehicle to grid communication interface—Part 3: physical and data link layer requirements. International Organization for StandardizationGoogle Scholar
  4. 4.
    BSI TR-03109-1 (2013) Anforderungen an die Interoperabilität der Kommunikationseinheit eines intelligenten Messsystems. Federal Office for Information Securtity (BSI)Google Scholar
  5. 5.
    Bräuchle T (2017) Datenschutzprinzipien in IKT-basierten kritischen InfrastrukturenGoogle Scholar
  6. 6.
    Bretthauer S (2017) Smart Meter im Spannungsfeld zwischen Europäischer Datenschutzgrundverordnung und Messstellenbetriebsgesetz. Zeitschrift für das gesamte Recht der Energiewirtschaft, pp 56–61Google Scholar
  7. 7.
    Damon E, Dale J, Laron E, Mache J, Land N, Weiss R (2012) Hands-on denial of service lab exercises using slowloris and rudy. In: Proceedings of the 2012 information security curriculum development conference, InfoSecCD ’12, pp 21–29. ACM, New York, NY, USA. doi: 10.1145/2390317.2390321
  8. 8.
    Deutscher Bundestag: Drucksache 18/7555, Entwurf eines Gesetzes zur Digitalisierung der Energiewende (17.02.2016).
  9. 9.
    Deutscher Bundestag: Drucksache 18/8919, Beschlussempfehlung und Bericht zum Entwurf eines Gesetzes zur Digitalisierung der Energiewende (22.06.2016).
  10. 10.
    Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Falk R, Fries S (2012) Electric vehicle charging infrastructure security considerations and approaches. In: Proceedings of INTERNET, pp 58–64Google Scholar
  12. 12.
    Falk R, Fries S (2013) Securely connecting electric vehicles to the smart grid. Int J Adv Internet Technol 6(1 & 2): 57–67Google Scholar
  13. 13.
    Garcia FD, de Koning Gans G, Muijrers R, van Rossum P, Verdult R, Schreur RW, Jacobs B (2008) Dismantling MIFARE classic. Springer, Berlin, pp 97–114. doi: 10.1007/978-3-540-88313-5_7 Google Scholar
  14. 14.
    Höfer C, Petit J, Schmidt R, Kargl F (2013) Popcorn: privacy-preserving charging for emobility. In: Proceedings of the 2013 ACM workshop on security, privacy & dependability for cyber vehicles, pp 37–48. ACMGoogle Scholar
  15. 15.
    Kühling J, Martini M (2016) Die Datenschutz-Grundverordnung: Revolution oder Evolution im europäischen und deutschen Datenschutzrecht? Europäische Zeitschrift für Wirtschaftsrecht, pp 448–454Google Scholar
  16. 16.
    Lee S, Park Y, Lim H, Shon T (2014) Study on analysis of security vulnerabilities and countermeasures in ISO/IEC 15118 based electric vehicle charging technology. In: 2014 International conference on IT convergence and security (ICITCS), pp 1–4. IEEEGoogle Scholar
  17. 17.
    Mültin M (2014) Das Elektrofahrzeug als flexibler Verbraucher und Energiespeicher im Smart Home. Ph.D. Thesis. Karlsruhe, KIT, Diss
  18. 18.
    Nohl K, Evans D, Starbug S, Plötz H (2008) Reverse-engineering a cryptographic RFID tag. In: USENIX security symposium, vol 28Google Scholar
  19. 19.
    Verdult R, Garcia FD, Balasch J (2012) Gone in 360 seconds: Hijacking with Hitag2Google Scholar

Copyright information

© Springer-Verlag GmbH Germany 2017

Authors and Affiliations

  • Kaibin Bao
    • 1
    Email author
  • Hristo Valev
    • 1
  • Manuela Wagner
    • 1
  • Hartmut Schmeck
    • 1
  1. 1.Karlsruhe Institute of TechnologyKarlsruheGermany

Personalised recommendations