Login

Project

#9 Analyzing and Defending Cyberattacks on Electric, Hybrid, and AV Battery Systems


Principal Investigator
Venkat Viswanathan
Status
Completed
Start Date
Jan. 1, 2017
End Date
Aug. 31, 2018
Project Type
Research Applied
Grant Program
MAP-21 TSET National (2013 - 2018)
Grant Cycle
2017 TSET UTC
Visibility
Public

Abstract

We envision two key technology trends that are poised to revolutionize the automotive industry in the near future: (1) the commoditization of electric vehicles (EVs) and (2) the emergence of autonomous driving systems.  These trends offer great promise to different stakeholders  (consumers, car manufacturers, governments, society) in terms of costs, efficiency, and environmental impact.   While the benefits are promising, they are accompanied by (valid) concerns with respect to safety and security. EVs in particular at present have an increased perceived safety and security risk due to concerns about fire hazards (e.g., large battery packs contain flammable electrolytes),  ``range anxiety'' (e.g., driving range on a single charge), and battery life. These concerns with respect to car safety are very real -- recent hack with Jeep Cherokee proves this point!  The goal of our research  project is to  develop a principled understanding of the challenges associated in electric vehicle safety and security specifically targeted at the battery system (e.g., safety, range, life). To this end, we will develop (1) develop robust models for degradation and identify danger zones of operation; (2) systematic ``attack graphs'' that shed light on  possible attack strategies; (3) concrete demonstrations of attacks against EV batteries; and (4) control strategies to mitigate the damage from these attacks.    
Description
Modern vehicles are entirely controlled by electronic devices and networks that expose them to the threat of cyberattacks. Alongside, there is an enormous increase in the number of electric vehicles (EVs) within the transportation fleet.  Cyber vulnerabilities are magnified with EVs due to unique risks associated with EV battery packs. The batteries provide a fixed driving range for a finite lifetime, causing the well-known `range anxiety' for vehicle operators.  Further, there are fire-related safety concerns with Li-ion batteries. In this study, we develop a systematic framework to assess the impact of cyberattacks on EVs and EV subsystems. We categorize this impact into physical and financial which could due to reduction in range, lifetime or safety of the battery packs. While the current focus of automotive cyberattacks is on short-term physical safety, we believe that it is crucial to consider long-term cyberattacks that aim to cause financial losses through accrued impact. Compromised battery management systems such as the control of the voltage regulator could lead to cyberattacks that can either overdischarge or overcharge the pack. Overdischarge could lead to failures such as internal shorts in timescales of under an hour through cyberattacks that utilize energy-intensive EV subsystems like auxiliary components.  Attacks that overcharge the pack could shorten the lifetime of a new battery pack to less than a year.  Further, this also poses potential physical safety risks via the triggering of thermal (fire) events.  Attacks on auxiliary components lead to draining the battery, which could be up to 20% per hour.  We develop a heuristic for stealthiness of a cyberattack to augment traditional threat models for automotive systems. The methodology and the approach presented here will help in building the foundational principles for cybersecurity in the context of electric vehicles: a nascent but critical topic in the coming years.
Timeline
-- Build EV model (Q1)
-- Analyze auxiliary component Cyberattacks (Q2-Q3)
-- Analyze battery management system cyberattacks (Q4-Q5)
-- Develop complete analysis framework for EV cyberattacks (Q6)
Strategic Description / RD&T

    
Deployment Plan
The team is in discussion with automotive companies to discuss further deployment opportunities.  The team has on-going discussions with Chargepoint, an electric vehicle supply equipment (EVSE) provider.
Expected Outcomes/Impacts
-- We have discussed the potential physical and financial impact due to cyberattacks on EVs and EV subsystems, specifically, the auxiliary components and charging infrastructure.   
-- We identify and confirm simple but effective cyberattacks on auxiliary components that can drain the of the battery pack up to 20% per hour.  Furthermore, we analyze novel stealthy attacks, that over a long period could lead to a deterioration in the power capability due to an increase in the cell resistance.  
-- We use a metric which is equivalent to the `normalized resistance increase', which can be used to quantify the extent of performance reduction. 
-- We also explore the effect of environmental conditions, such as temperature, the state of the pack when the attack is launched and the age of the pack.  
-- We find that normalized resistance increase is generally higher for colder regions.  
-- We find that cyberattacks on auxiliary components launched after the pack is completely charged (i.e. high state-of-charge) leads to more damage.  
-- We show that compromised battery management systems expose the pack to two kinds of attacks, (i) Overdischarge and (ii) Overcharge.  Overdischarge attacks which override the lower cutoff voltage of the pack could lead to the complete decomposition of the SEI layer in under two hour thorough auxiliary components with a power rating of over 200W. The decomposition of the SEI is followed by the dissolution of Copper ions which could eventually lead to internal shorts and potential safety events.  
-- Cyberattacks launched during charging through compromise of the voltage regulator could lead to an overcharge of the cells, which in some cases could even lead to physical safety issues (e.g. fire).  Further, this could lead to a new pack being depleted to 80\% capacity (end-of-life for an EV battery) in less than a year.  Finally, a compromise of the battery management system could lead to novel "rowhammer"-style attacks (attacking a string of cells), which could instantly damage a subset of cells.
Expected Outputs

    
TRID


    

Individuals Involved

Email Name Affiliation Role Position
sekark@cmu.edu Kulandaivel, Sekar ECE Other Student - PhD
vsekar@andrew.cmu.edu Sekar, Vyas ECE Co-PI Faculty - Untenured, Tenure Track
ssripad@andrew.cmu.edu Sripad, Shashank MechE Other Student - PhD
venkvis@cmu.edu Viswanathan, Venkat MechE PI Faculty - Untenured, Tenure Track

Budget

Amount of UTC Funds Awarded
$127500.00
Total Project Budget (from all funding sources)
$127500.00

Documents

Type Name Uploaded
Presentation Viswanathan_Mar2017_UTC.pptx March 31, 2018, 2:09 p.m.
Progress Report 9_Progress_Report_2017-09-30 Oct. 5, 2017, 10:02 a.m.
Publication Vulnerabilities of Electric Vehicle Battery Packs to Cyberattacks on Auxiliary Components March 31, 2018, 2:09 p.m.
Presentation Vulnerabilities of Electric Vehicle Battery Pack to Cyber Attacks on Auxiliary Components March 31, 2018, 2:09 p.m.
Presentation Vulnerabilities of Electric Vehicle Battery Pack to Cyber Attacks on Auxiliary Components March 31, 2018, 2:09 p.m.
Final Report 9-EVSec_annualreport.pdf Oct. 9, 2018, 10:51 a.m.
Progress Report 9_Progress_Report_2018-03-31 March 18, 2019, 10:59 a.m.
Publication Plug-in hybrid electric vehicle LiFePO4 battery life implications of thermal management, driving conditions, and regional climate Dec. 21, 2020, 11:09 p.m.
Publication Practical challenges hindering the development of solid state Li ion batteries Dec. 21, 2020, 11:11 p.m.
Publication Enhanced strength and temperature dependence of mechanical properties of Li at small scales and its implications for Li metal anodes Dec. 21, 2020, 11:14 p.m.
Publication Evaluation of current, future, and beyond Li-ion batteries for the electrification of light commercial vehicles: challenges and opportunities Dec. 21, 2020, 11:48 p.m.
Publication Vulnerabilities of electric vehicle battery packs to cyberattacks Dec. 21, 2020, 11:49 p.m.
Publication Towards Synergistic Electrode–Electrolyte Design Principles for Nonaqueous Li–O2 batteries Dec. 21, 2020, 11:50 p.m.

Match Sources

No match sources!

Partners

No partners!