Automated Security Testing for EV Charging Communication

As electric vehicles and charging infrastructure become increasingly interconnected, ensuring secure communication between systems has become a key requirement in electromobility. In this context, Vector Informatik has expanded its CANoe Test Package EV to include automated security tests for charging communication.

Rising security requirements in connected charging systems
Charging communication is evolving with the adoption of standards such as ISO 15118 and features like Plug and Charge, which enable automated authentication and energy transfer between vehicles and charging stations. These systems rely on secure communication protocols, including TLS, to protect data exchange.

As connectivity increases, vulnerabilities in communication layers can affect both safety and system reliability. Identifying such vulnerabilities early in development is therefore critical, particularly for manufacturers and suppliers working within the automotive data ecosystem.

Limitations of manual testing approaches
Traditional security testing methods are often manual, making them time-consuming and difficult to reproduce consistently. These approaches are not easily integrated into CI/CD pipelines, limiting their effectiveness in modern software-driven development environments.

In addition, maintaining test coverage, documenting results, and updating test scenarios over time can require significant engineering effort, particularly as standards and system architectures evolve.

Automated validation integrated into development workflows
The CANoe Test Package EV – Security introduces an automated testing framework designed to validate charging communication continuously throughout the development lifecycle.

By enabling reproducible test execution and structured documentation of results, the system reduces manual workload and supports consistent quality assurance. Its integration into existing development and integration environments allows security validation to be incorporated into continuous testing processes, improving traceability and efficiency.

Coverage of protocols and test mechanisms
The extended test package includes multiple security testing methods targeting vehicle-to-grid communication. These include fuzzing techniques for V2G communication with system monitoring, as well as TLS fuzzing and protocol-specific tests.

The solution supports key standards used in EV charging communication, including ISO 15118-2, ISO 15118-20, and TLS versions 1.2 and 1.3. It also allows the implementation of custom security tests through defined interfaces, enabling adaptation to specific project requirements.

Supporting secure development in electromobility
By integrating automated security testing into the CANoe Test Package EV, Vector enables earlier identification of vulnerabilities in charging communication systems.

This approach supports the development of secure and compliant EV charging solutions while aligning with modern validation strategies that emphasize automation, reproducibility, and continuous integration across the software development lifecycle.

Edited by Aishwarya Mambet, Induportals Editor, with AI assistance.

www.vector.com