Security Weaknesses in ISO 15118-Based CCS2 Charging
摘要
With the rapid deployment of electric vehicles (EVs), the security of vehicle-to-grid communication protocols has become increasingly critical. ISO 15118, a core component of the Combined Charging System (CCS2), enables intelligent charging features over power line communication (PLC). Although the standard supports encrypted transport and certificate-based authentication, many implementations omit these mechanisms in practice. In this paper, we present an empirical security analysis based on custom-developed Electric Vehicle Communication Controller (EVCC) and Supply Equipment Communication Controller (SECC) prototypes. Through testing more than thirty commercial electric vehicles and multiple public charging stations, we identify critical vulnerabilities, including the absence of MAC address verification, lack of TLS support with silent downgrades, and misuse of MAC addresses as identity tokens. These weaknesses expose the system to man-in-the-middle attacks, session hijacking, and unauthorized access. We analyze the root causes of these issues, ranging from specification ambiguity to implementation deficiencies, and provide recommendations for secure deployment, including mandatory TLS enforcement and improved protocol binding. Our findings highlight the urgent need for more rigorous conformance testing and stricter adherence to security principles in ISO 15118 deployments.