Streamlining Plug-and-Charge Authorization for Electric Vehicles with OAuth2 and OIDC

TL;DR

This paper proposes a simplified, flexible, and secure authorization framework for Plug-and-Charge EV charging using OAuth2 and OIDC, improving user-friendliness and supporting fine-grained access control.

Contribution

It introduces a novel OAuth2-based approach for EV charging authorization, enhancing security, flexibility, and ease of deployment over traditional PKI methods.

Findings

Reduced complexity in credential installation

Supported fine-grained authorization constraints

Validated through performance evaluation and protocol verification

Abstract

The Plug-and-Charge (PnC) process defined by ISO 15118 standardizes automated Electric Vehicle (EV) charging by enabling automatic installation of credentials and use for authentication between EV and Charge Point (CP). However, the current credential installation process is non-uniform, relies on a complex Public Key Infrastructure (PKI), lacks support for fine-grained authorization parameters, and is not very user-friendly. In this paper, we propose a streamlined approach to the initial charging authorization process by leveraging the OAuth Device Authorization Grant and Rich Authorization Requests. The proposed solution reduces technical complexity, simplifies credential installation, introduces flexible authorization constraints (e.g., time- and cost-based), and facilitates payment through OpenID Connect (OIDC). We present a proof-of-concept implementation along with performance evaluations and conduct a symbolic protocol verification using the Tamarin prover. Furthermore, our approach solves the issue of OAuth's cross-device authorization, making it suitable as a formally proven blueprint in contexts beyond EV charging.