Plug your EV and the charge will start! No more badge or app! This is made possible with the new 15-118 protocol. GIREVE explains Plug-and-Charge, how it will affect cybersecurity, and the services this new standard will enable.
15-118 standard for e-mobility security
ISO 15-118 standard describes a technical protocol of communication between electric vehicles and charging stations. This protocol brings new features for “Smart Charging” and the “Plug and Charge” feature is its most visible improvement: it enables a driver to start a charging session on its EV by plugging in the cable, without having to use a badge, a credit car or a mobile application. The user is identified automatically by the connection between the vehicle and the charging point.
15-118 is the first standard that includes a cyber-security aspect. It ensures security of data exchanges between stakeholders of the charging process, avoiding theft and increasing user trust.
For a Plug-and-Charge charging session to be authorized, three stakeholders must approve each other as trust-worthy parties: the CPO (Charge Point Operator), the OEM (Original Equipment Manufacturer) and the eMSP (e-Mobility Service Provider). Each one of them is authenticated by a certifying authority, so the two others can be sure that it is not a thief. The IT process that enables authentication is similar to the internet payment IT process made of “X509 certificates”. Only when the three stakeholders are authenticated can the charging session start.
To Jean-Marc Rives, GIREVE’s CTO: “This protocol is the first chapter of e-mobility cyber-security. It is thus a major step for the mass development of EV! You cannot imagine widespread development of this type of mobility without highly secured data exchanges between the charging station and the vehicle”.
GIREVE facilitates Plug-and-Charge
An intermediary service provider for e-mobility players, GIREVE extends its activity and contributes to 15-118 development by offering Plug-and-Charge consulting services to eMSPs, CPOs and OEMs that wish to be certified.
GIREVE plays the same role as in roaming transactions: the platform will have to transfer certificates created by eMSPs to charging stations and thus enable a tedious check-up of the actors.
“Securing data flows is a serious stake and it can be very complicated. GIREVE brings simple solutions to face up to this complexity and to help operators reach an excellent level of security, no matter their company size”
A first demo with Renault, Total EV-Charge, VEDECOM and Trialog
Those solutions were implemented during the EVS32 fair in Lyon in May, 2019.
Renault, Vedecom, GIREVE, TOTAL EVCharge and TRIALOG performed a Plug-and-Charge session live on a Renault ZOE car. With this demo, the audience could experiment how simple charging can be (I plug, charging starts) and both eMSPs and CPOs could see that the technical process was easy to implement..
GIREVE joined this demo by intermediating authentication and authorization messages in real time.
On the charging station it was possible to plug in the vehicle and see the authentication and charge authorization processes live. A “dashboard” displayed the process, with visible message delivery.
The demo also covered the process of a user subscribing to an eMSP, and a security certificate being transferred to the car. Certification data flows were animated in real time by GIREVE’s interoperability platform, which kept its role of a trusted third-party and data exchange platform.