Sebastian Köhler (University of Oxford)

Brokenwire is a novel attack against the Combined Charging System, one of the most widely used DC rapid charging technologies for electric vehicles (EVs). It interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack requires only temporary physical proximity and can be conducted wirelessly from a distance, allowing individual vehicles or entire fleets to be disrupted stealthily and simultaneously. In addition, it can be mounted with off-the-shelf radio hardware and minimal technical knowledge. By exploiting CSMA/CA behavior, only a very weak signal needs to be induced into the victim to disrupt communication — exceeding the effectiveness of broadband noise jamming by three orders of magnitude. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it.

In this session, we will present how we studied the attack in a controlled environment on a testbed and then demonstrated it against eight vehicles and 20 chargers in real deployments. We further show how we evaluated the attack in different scenarios, including between the floors of a building (e.g., multi-story parking), through perimeter fences, and from ‘drive-by’ attacks. Finally, we present our heuristic model that we used to estimate the number of vehicles that can be attacked simultaneously for a given output power.

Brokenwire has immediate implications for a substantial proportion of the around 12 million battery EVs on the roads worldwide — and profound effects on the new wave of electrification for vehicle fleets, both for private enterprise and crucial public services, as well as electric buses, trucks and small ships. As such, we conducted a disclosure to the industry and discussed a range of mitigation techniques that could be deployed to limit the impact.

Speaker’s Biography

Sebastian Köhler is a doctoral researcher in the Centre for Doctoral Training in Cyber Security at the University of Oxford and part of the Systems Security Lab, focusing on the security of the physical-layer of large and complex systems, such as vision-based intelligent and automotive systems. He started specializing on Cyber Security during his undergraduate studies at the University of Applied Sciences Wurzburg-Schweinfurt, Germany. After his BSc, he received an MSc in Computing & Security and got awarded a prize for the best overall performance from King’s College London.

View More Papers

LOKI: State-Aware Fuzzing Framework for the Implementation of Blockchain...

Fuchen Ma (Tsinghua University), Yuanliang Chen (Tsinghua University), Meng Ren (Tsinghua University), Yuanhang Zhou (Tsinghua University), Yu Jiang (Tsinghua University), Ting Chen (University of Electronic Science and Technology of China), Huizhong Li (WeBank), Jiaguang Sun (School of Software, Tsinghua University)

Read More

Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep...

Christoph Sendner (University of Wuerzburg), Huili Chen (University of California San Diego), Hossein Fereidooni (Technische Universität Darmstadt), Lukas Petzi (University of Wuerzburg), Jan König (University of Wuerzburg), Jasper Stang (University of Wuerzburg), Alexandra Dmitrienko (University of Wuerzburg), Ahmad-Reza Sadeghi (Technical University of Darmstadt), Farinaz Koushanfar (University of California San Diego)

Read More

Hope of Delivery: Extracting User Locations From Mobile Instant...

Theodor Schnitzler (Research Center Trustworthy Data Science and Security, TU Dortmund, and Ruhr-Universität Bochum), Katharina Kohls (Radboud University), Evangelos Bitsikas (Northeastern University and New York University Abu Dhabi), Christina Pöpper (New York University Abu Dhabi)

Read More

Detecting Unknown Encrypted Malicious Traffic in Real Time via...

Chuanpu Fu (Tsinghua University), Qi Li (Tsinghua University), Ke Xu (Tsinghua University)

Read More