Information Security and Protocols: An Update on What Is Happening with OCPP, OPNC and PKIs

premium account

Recording of Wednesday, May 07, 2025 | The smarter E Europe Conferences 2025 | Conference Program | Language: English | Duration: 18:01 .

Open Charge Alliance Calls for Strengthened Security in EV Charging Systems Due to OCPP Vulnerabilities

The presentation delves into the Open Charge Point Protocol (OCPP), a global standard facilitating communication between electric vehicle charging stations and management systems. The speaker from the Open Charge Alliance highlights OCPP's pivotal role in securing cloud communications within EV infrastructure. Since its inception in 2009, OCPP has undergone several updates; version 2.0.1 released in 2020 integrates security features as core components under IEC standards (IEC 63584). This iteration includes advanced functionalities like bidirectional charging, also present in version 2.1 launched recently. To ensure compliance with secure implementations of OCPP, stakeholders are advised to query vendors about their use of secured versions and certifications post-software updates using tools from certification labs listed on the alliance’s website for networks employing various architectures while safeguarding against vulnerabilities. Despite inherent protocol security, system architecture can harbor vulnerabilities—highlighted by an incident involving clear text storage of FTP credentials found by Homeland Security related to vendor implementation flaws rather than protocol deficiencies itself. In response to such challenges, the Open Charge Alliance is developing comprehensive guides addressing certificate usage and regulatory compliance across regions like Europe due to AFIR requirements while encouraging participation in shaping future protocols through its task group focused on enhancing cybersecurity measures industry-wide—a critical yet often overlooked aspect emphasized throughout this session before transitioning discussions led by Felix from Siemens regarding further advancements needed within this sector.

Automated summarization by AI Conver

Speaker

Lonneke Driessen
Director
OCA
The Netherlands

Talk of session: Securing Data in Charging: How to Enhance Communication Within the Ecosystem

This session will address the growing issues of cybersecurity, authentication and payment in the EV charging ecosystem, focusing on data security, secure payments, and the integrity of communication between vehicles, charging infrastructure, and the grid. Discussions will explore how these aspects can be supported via back-end protocols, including OPNC, open charging standards, PKIs, etc.

Further Talks of this session:

Welcome and Introduction

Speaker

Lonneke Driessen
Director
OCA
The Netherlands

To Talk

Cyber Security Vulnerabilities in the EV Charging Infrastructure, and What We Can and Must Do About It

Speaker

Harm van den Brink
Lead Cyber Security
ElaadNL
The Netherlands

Recording of presentation not authorized for publication.

Securing Data: Cybersecurity Monitoring of Charging Infrastructure

Speaker

Felix Sprenger
Cybersecurity Officer
Siemens AG
Germany

To Talk

Lessons From Pwn2Own Automotive: Securing the Future of EV Charging Systems

Speaker

Johan Veenstra
Business Development & Partner Manager
VicOne
USA

To Talk

Closing

Speaker

Lonneke Driessen
Director
OCA
The Netherlands

To Talk

Partners & Sponsors

You are using an outdated browser

The website cannot be viewed in this browser. Please open the website in an up-to-date browser such as Edge, Chrome, Firefox, or Safari.