Electric vehicles are well known for running on battery power instead of internal combustion. However, their batteries are not their only essential parts. Electric vehicles (EVs) normally contain dozens of connected sensors and devices that help them function.
These devices—which are part of the Internet of Things (IoT)—rely on wireless networks to exchange data. And where there’s a network, there’s a pressing need to protect it from security threats. In this article, Ruchin Kumar, Vice President – South Asia, Futurex, explains how EV manufacturers deploy cryptography to secure IoT devices in their vehicles.
Electric vehicles and IoT devices
Essentially, an EV’s motor converts electrical energy stored in the batteries into mechanical energy to move the wheels. However, modern automobiles need more than the bare essentials. EVs are often equipped with IoT devices to enhance safety, performance, and convenience for the driver.
Here are a few examples of IoT devices common to electric vehicles:
- Telematics devices: These include connected sensors that monitor and report on important metrics like battery performance, speed, internal diagnostics, and geographic location.
- Vehicle-to-grid (V2G) technology: V2G technology allows the EV to exchange data with the power grid to return energy to the grid when it’s not in use.
- Charging station management: EVs can be equipped with IoT devices that allow them to communicate with charging stations and manage the charging process.
- Remote control: EVs might have IoT devices that allow drivers to lock and unlock doors remotely, turn on the AC, and start or stop the motor.
- Safety sensors: These can monitor an EV’s surroundings and inform the driver of things like incoming obstacles and sudden changes in the speed of adjacent vehicles.
Securing IoT devices
Internet of Things devices can be secured by giving them unique identities. Assigning a unique identity to a device allows users to monitor it and manage its access to data. To provide an IoT device with an identity, it is necessary to create and issue a digital certificate to the device.
Digital certificates are electronic files that bind identifiable information—like device ID numbers or IP addresses—with an asymmetric key pair. Each asymmetric key pair consists of a public key that encrypts data and a private key that decrypts it. The certificate will often contain the public key, which is authenticated by its assigned private key to prove the identity of the IoT device.
This process of validating device identity through asymmetric encryption is part of public key infrastructure (or PKI). PKI is a common way to create trust between devices on a network using strong encryption. Similar to how a person might present their driver’s license to identify themselves, a device can identify itself to other devices with a digital certificate. When PKI is deployed to secure IoT devices, it mitigates the risk of their data being stolen or sent to unauthorized devices.
So, PKI, digital certificates, and strong encryption are the strategy for protecting IoT devices. The question then becomes, how do you deploy that in electric vehicles?
Deploying cryptography for electric vehicles
Manufacturers of electric vehicles have to secure countless IoT devices around the world. This involves the issuing of a huge number of digital certificates. The most efficient way to do this is to deploy a cryptographic strategy comprising hardware-based encryption and cryptographic management solutions.
Encryption keys are used in encryption algorithms to encrypt data. They are also used to validate each other, such as when the private key authenticates the public key in an asymmetric pair. A certificate authority (CA) is needed to generate and issue certificates. A PKI must be established to manage CAs and the certificate process. And all the encryption keys used throughout the process must be managed: administrators have to define the policies by which keys are created, distributed, rotated, and retired after a set time or condition.
In fewer words, a combination of hardware security modules (HSMs) and key management solutions can be used to accomplish the following use cases to secure IoT devices:
- Generate, sign, and manage encryption keys
- Establish and manage a public key infrastructure (PKI)
- Use enterprise certificate authority (CA) to sign objects digitally
Choosing a solution
The solution for IoT security may sound complex, but implementing the solution can be fairly straightforward. Instead of looking for multiple solutions through different vendors and finding a way to coordinate such a system, organizations are well advised to find a cryptographic platform that allows them to deploy encryption, PKI, CA, and key management all from one place.
A centralized approach to cryptography is essential to prevent IT sprawl, increase efficiency, reduce costs, and—most importantly—preserve trust across an organization’s connected devices and among its customers.
About the author
Ruchin Kumar is Vice President of South Asia at Futurex, where he is working with BFSI, Government & Enterprises dealing with critical data and where security & compliance is a concern. He is responsible for developing partner and channel networks, developing strong relationships with key customers, robust business growth and monitoring business operations in the South Asia region.
This article was first published in EVreporter Aug 2023 magazine.
Subscribe today for free and stay on top of latest developments in EV domain.