Electric mobility is leading to a complex integration of automotive products within the internet of things, giving rise to the emergence of new threats from a cybersecurity point of view. As e-mobility is still perceived as a young industry, the level of cybersecurity investment for each product varies by individual manufacturer and supplier. “Electric mobility is a bit of a wild West when it comes to cybersecurity”1 says Andrew Barratt, UK CEO of Coalfire, a cybersecurity consultancy. Currently most of the vulnerabilities in electric vehicles lie in the battery management and the main digital interface, however, if we consider that the research is directed towards the production of autonomous cars, the threat is greater as the vehicles would be linked together and they would also be linked to networked road systems. “A nation state or serious organized crime group could induce a range of vehicles to crash at high speeds. Attackers wishing to harm critical national infrastructure without direct loss of life could force all traffic to attempt to go through certain areas, creating large localized traffic jams” says Vic Harkness of F-Secure Consulting, a security consultancy. Another example of a threat was presented by a group of computer science experts from UTSA2, who showed that it is possible to hack electric scooters, for example the Segway miniPro and other models such as Xiaomi’s M365 scooter, which are provided with a mobile application that is combined with the use of the electric scooter. It has been shown that a good knowledge of Assembly language can be sufficient to overcome the safety protections, thus taking control of the device, so as to be able to stop the race or decide where to direct people, for example to a place where they could be easily robbed. It is clear that the introduction of safety at the design stage is vital for electric mobility as well as a sharing framework, so that overall safety increases faster thanks to cooperation between manufacturing companies. In the IoT-NGIN project, electric mobility will be present in various pilot sites and among the many activities that will be carried out during the project there will be IoT systems protecting from cyber-attacks (e.g., contradictory, adversarial or sybil poisoning attacks, backdoor adversary attacks) to assist ML-based anomaly detection and implement novel low and medium interaction adversarial nets to identify malicious or suspicious IoT nodes.
1 https://www.ft.com/content/137077ad-58a6-450a-8944-a7416597e49f
2 https://www.utsa.edu/today/2020/01/story/escooter-hacking.html