DCA: Delayed Charging Attack on the Electric Shared Mobility System

TL;DR

This paper introduces the Delayed Charging Attack (DCA) on electric shared mobility systems, demonstrating its ability to cause significant operational disruptions and revenue losses while bypassing existing detection methods.

Contribution

It presents a detailed threat model, implementation, and simulation of DCA, highlighting its long-term impacts and robustness against anomaly detection in ESMS.

Findings

A 10-minute delay causes 12-minute longer queues and 8% more unfulfilled requests.

DCA results in over 10% weekly revenue loss per driver.

DCA remains effective despite anomaly detection algorithms, increasing repair costs.

Abstract

An efficient operation of the electric shared mobility system (ESMS) relies heavily on seamless interconnections among shared electric vehicles (SEV), electric vehicle supply equipment (EVSE), and the grid. Nevertheless, this interconnectivity also makes the ESMS vulnerable to cyberattacks that may cause short-term breakdowns or long-term degradation of the ESMS. This study focuses on one such attack with long-lasting effects, the Delayed Charge Attack (DCA), that stealthily delays the charging service by exploiting the physical and communication vulnerabilities. To begin, we present the ESMS threat model by highlighting the assets, information flow, and access points. We next identify a linked sequence of vulnerabilities as a viable attack vector for launching DCA. Then, we detail the implementation of DCA, which can effectively bypass the detection in the SEV's battery management system and the cross-verification in the cloud environment. We test the DCA model against various Anomaly Detection (AD) algorithms by simulating the DCA dynamics in a Susceptible-Infectious-Removed-Susceptible process, where the EVSE can be compromised by the DCA or detected for repair. Using real-world taxi trip data and EVSE locations in New York City, the DCA model allows us to explore the long-term impacts and validate the system consequences. The results show that a 10-min delay results in 12-min longer queuing times and 8% more unfulfilled requests, leading to a 10.7% (\$311.7) weekly revenue loss per driver. With the AD algorithms, the weekly revenue loss remains at least 3.8% (\$111.8) with increased repair costs of \$36,000, suggesting the DCA's robustness against the AD.