The objective of this primary project is to investigate and analyze how cybersecurity monitoring and anomaly detection should be approached in the field of electric and connected vehicles (EVs), more specifically in the context of vehicle fleets, such as Car Sharing, last mile delivery fleets, autonomous vehicles, etc. and their charging infrastructures.
By their very nature, these types of vehicles and their charging points require to be operational a good number of remote connections for the purposes of, for example, maintenance, geolocation, payment and user management, incident management, firmware updates, etc., being also exposed to physical access by the users themselves or third parties in the public or other uncontrolled environments. Similarly, they offer a whole series of interfaces to users (wireless connections, physical connectors) that can be exploited, in some cases from outside the vehicle itself. One of the main focuses of attention is the early detection of any attempted attack and especially advanced persistent threats (APTs). APTs can employ a new generation of sophisticated malicious software with very specific and targeted goals, which are highly effective and stealthy during their execution, being able to hide from traditional security measures.
The automobile has a number of characteristics that differentiate it from the environments for which monitoring solutions have been developed, typically IT or OT systems in energy, manufacturing, water, etc. infrastructures. The main difference is that they are moving platforms, with limited space for the installation of equipment and with operators (drivers) with no knowledge of cybersecurity who concentrate their attention on the tasks of driving, with little reaction time and risk to their own lives and those of third parties.