The Major Problem With EVs No One Is Talking About

Whoosh

Well-known member
First Name
Greg
Joined
Mar 30, 2021
Messages
135
Reaction score
131
Location
Dupage County Illinois
Vehicles
21' PB F150,18&20 Ecoboost Explorer Platinum,
Occupation
Worker of lead
May be not as much to worry about now but once we are at level 5. Chinese or Russians hacking to over the air updates for Tesla, Ford and GM ten years from now will not need nukes anymore because they will have an army of +3,000 lb robots across the country that can run over people and into buildings while setting themselves and other things on fire. Well, may be not as much of Chinese attack since in 10 years, they will own the EV market and won't want to mess with that.
" Well, may be not as much of Chinese attack since in 10 years, they will own the EV market and won't want to mess with that. " Um, don't they already hold trillions in America's debt, I don't think the 3klb robots are going to be necessary lol
 

Slappy McGee

Well-known member
Joined
Apr 19, 2021
Messages
100
Reaction score
76
Location
South Caccalackey
Vehicles
2021 F-150 Powerboost
My understanding on the Bolt is that the original cells are flawed and that flaw is coming about now, not a bad BMS allowing overcharging. That would explain some of the swelling I saw on the cell during our lithium plating testing.
As a former Bolt owner I can confirm that yes, the cells in the Bolt pack had a manufacturing flaw that could cause what I believe they call "thermal runaway."

GM's initial mitigation was to limit charging since there seemed to be some correlation between too high a charge and thermal runaway and they launched a "interim fix" that basically just prevented charging beyond 90%.

Their "permanent fix" was also software based, and was supposed to "discover" if the pack was flawed and notify the operator/GM for a pack replacement. 2-3 (not sure of exact count since I stopped following this closely) caught on fire after the "permanent fix" and caused significant damage, so now as I understand it, the mitigation is "don't charge to full, park outside, don't charge at night/unsupervised and wait for use to replace tons of battery packs."

I liked the Bolt and have no complaints about GM doing a buyback on my vehicle with a fairly painless (other than waiting) process that got me into an F-150 Powerboost, but worry this has soured many people on EV ownership.
 

dhrandy

Well-known member
First Name
Randy
Joined
Jul 25, 2021
Messages
300
Reaction score
193
Location
Concord, NC
Vehicles
1950 Plymouth, 2021 F-150 Lariat Ordered
Occupation
Engineering Tech
Most EVs can't be overcharged...

But you're telling me that no one can hack a gasoline vehicle parked in a garage to start and kill everyone in the house? Oh wait, no fumes with the EV. So there's a plus.
 

Squatch

Active member
Joined
May 19, 2021
Messages
40
Reaction score
44
Location
Miami
Vehicles
Reef flip flops
There are some ridiculous aspects of the article, but it's almost like people forgot about sensational journalism since it took over the entirety of news outlets.

The point about Biden's EO is the most ridiculous, but I want to side-step any political discussion. Manufacturers have been allowed to coerce the public into "agreeing" to be spied on in a way they wouldn't even allow their spouse or significant other to do and in many ways is beyond human capability to monitor let alone prevent. As long as this paradigm exists and is supported by governance, massive and prolific vulnerabilities will persist. Protecting your PII, etc. isn't the companies' top priority. They're getting slaps on the wrist when they should be shut down or even locked up. Looking at Equifax now. Auto manufacturers will always have a backdoor into your connected vehicle whether it's an EV or not and that is exploitable, always.

Maybe, you could be so important that your vehicle gets hacked and you're the target of an assassination, but unlikely. I would be more concerned about a nationwide hacking of charging networks being used to destabilize the Grid in strategic places for nefarious purposes.

*Side note: I thought this was written by Irina Slavina at first... that's a crazy story.
 

MickeyAO

Well-known member
First Name
Mickey
Joined
Apr 2, 2020
Messages
94
Reaction score
120
Location
San Antonio Tx
Vehicles
F150 Limited, Sierra Denali
Occupation
Lab Manager of the Energy Storage Technology Center
This article is what we call FUD.
The article (and many others like it) was based on a paper released about an Internal Research (IR) project at Southwest Research Institute. If you can find the original report at SwRI.org, you will find my name as an author on the paper. I made an off-hand remark to a couple of friends (white hat hackers in another Division) on how I would try to attack EVs, which directly lead to the IR. I did not participate in the hands-on attack, but I had to review their process and data before I could approve the report.

I'm really hoping we get funding for the next IR on this where I have a couple of really diabolic ideas on what to do next with DCFC ;)

If you have any questions about the actual paper (and how it differs from the news articles), please feel free to ask me.
 

Brian Head Yankee

Well-known member
Joined
May 20, 2021
Messages
137
Reaction score
137
Location
Brian Head, UT
Vehicles
Bronco Sport, Chevy Colorado 4x4
It's a sign of the Youtubers these days. 99% of them aren't any different than the sensationalized newspapers at the checkout counter in the 80's. Its just presented in a different format. The challenge is to know when you are being had.

This thread is using the old playbook by saying it is a "major problem no one is talking about". FUD is the correct assessment. I was surprised that the author's hat isn't made out of tinfoil.
 

Diabolical!

Active member
First Name
Lee
Joined
Jun 22, 2021
Messages
25
Reaction score
15
Location
New Orleans
Vehicles
'11 F250, '17 Chevy Volt, '22 Lightning (Reserved)
The Major Problem With EVs No One Is Talking About

More like the minor problem no one is concerned about....
 

Vulnox

Well-known member
First Name
Bob
Joined
Mar 19, 2021
Messages
267
Reaction score
318
Location
Livonia, MI
Vehicles
2021 F-150 Lariat 502A, 3.5L PowerBoost
The Major Problem With EVs No One Is Talking About

More like the minor problem no one is concerned about....
Yeah it's funny how those articles that say "No One is Talking About" skim the part where the reason is either:
A. It's not a real thing, or is so insignificant in terms of chance as to make it as much of a concern as checking the sky for comets every time you step outside.
B. People are talking about it, and quite a bit, they are just lying to get clicks. I see this one sometimes most often, usually when an article says "The major news networks won't tell you...", yet a five second google search shows every major network already ran a story on it.

I can't be mad at them though. They make those titles because they work on more people, and in general an article titled "Vehicle security is something we should pay attention to in an ever more connected future" would get 1/50th of the clicks and probably wouldn't have even become a post here as the OP would have skipped it too.

Reality of connected devices is before you worry about your car, you need to be worried about what is in your home. Cheap IIoT devices are present in most homes in the US, from smart bulbs or switches to smart assistants like Alexa or Google Home. I am not even talking about the manufacturers doing anything nefarious, the problem is that these devices often get the bare minimum of security and you invite them onto your home network. If you look up the recent history of bot nets and DDoS attacks, a lot of them are coming from IIoT devices that are taken over and used as the initiator of the attack. Even your smart lightbulb is capable of making constant DNS queries to a service and being one of a million other infected devices can cause trouble for the targeted service, and you won't even know.

It is made even worse by how difficult it is for the average person to put in basic safeguards for this. I have a Ubiquiti UDM-Pro gateway which allows me to segment my wireless network between a main and IIoT network and I have rules set up so devices on the main network can talk to the IIoT devices, but the IIoT devices can't see anything on my main network. The IIoT devices also have restricted DNS access, only getting what they need for their individual service.

Sorry it gets off topic, but also not. It's an issue beyond automotive, and we need to get more individuals in congress that aren't approaching triple digits in age to start getting a handle on this.
 

MickeyAO

Well-known member
First Name
Mickey
Joined
Apr 2, 2020
Messages
94
Reaction score
120
Location
San Antonio Tx
Vehicles
F150 Limited, Sierra Denali
Occupation
Lab Manager of the Energy Storage Technology Center
The article (and many others like it) was based on a paper released about an Internal Research (IR) project at Southwest Research Institute. If you can find the original report at SwRI.org, you will find my name as an author on the paper. I made an off-hand remark to a couple of friends (white hat hackers in another Division) on how I would try to attack EVs, which directly lead to the IR. I did not participate in the hands-on attack, but I had to review their process and data before I could approve the report.

I'm really hoping we get funding for the next IR on this where I have a couple of really diabolic ideas on what to do next with DCFC ;)

If you have any questions about the actual paper (and how it differs from the news articles), please feel free to ask me.
Here is the official link from the Institute about the IR
SwRI hacks electric vehicle charging to demonstrate cybersecurity vulnerabilities | Southwest Research Institute
 

LightningShow

Active member
Joined
Sep 1, 2021
Messages
31
Reaction score
18
Location
MA
Vehicles
'12 Ford Flex/'19 Chevy Bolt/'09 Porsche Boxster
The article (and many others like it) was based on a paper released about an Internal Research (IR) project at Southwest Research Institute. If you can find the original report at SwRI.org, you will find my name as an author on the paper. I made an off-hand remark to a couple of friends (white hat hackers in another Division) on how I would try to attack EVs, which directly lead to the IR. I did not participate in the hands-on attack, but I had to review their process and data before I could approve the report.

I'm really hoping we get funding for the next IR on this where I have a couple of really diabolic ideas on what to do next with DCFC ;)

If you have any questions about the actual paper (and how it differs from the news articles), please feel free to ask me.

Is your conclusion that the security vulnerabilities are *worse* than any number of other types of infrastructure, consumer appliances, automobiles, etc., etc. or that it's just something we should consider along with all of those other things?
 

MickeyAO

Well-known member
First Name
Mickey
Joined
Apr 2, 2020
Messages
94
Reaction score
120
Location
San Antonio Tx
Vehicles
F150 Limited, Sierra Denali
Occupation
Lab Manager of the Energy Storage Technology Center
Is your conclusion that the security vulnerabilities are *worse* than any number of other types of infrastructure, consumer appliances, automobiles, etc., etc. or that it's just something we should consider along with all of those other things?
We used a man-in-the-middle for this attack...eventually, the components will be small enough to hide, but for now we would not be able to pull this off on an unsuspecting person.

The signal control is extremely simplistic, using a PWM signal to control the current levels.

Bottom line? This was just a way to get us started looking for attack vectors at EVSE and EVs in general, and I am not personally concerned about this happening to me.
 

LightningShow

Active member
Joined
Sep 1, 2021
Messages
31
Reaction score
18
Location
MA
Vehicles
'12 Ford Flex/'19 Chevy Bolt/'09 Porsche Boxster
We used a man-in-the-middle for this attack...eventually, the components will be small enough to hide, but for now we would not be able to pull this off on an unsuspecting person.

The signal control is extremely simplistic, using a PWM signal to control the current levels.

Bottom line? This was just a way to get us started looking for attack vectors at EVSE and EVs in general, and I am not personally concerned about this happening to me.

Thanks for the feedback, I'll check out the paper. I'm in the business of installing and managing EVs and EVSE so this is relevant to me professionally.
 

EaglesPDX

Well-known member
First Name
Eagles
Joined
May 29, 2021
Messages
143
Reaction score
68
Location
PDX
Vehicles
Tesla Model 3
I would be more concerned about a nationwide hacking of charging networks being used to destabilize the Grid in strategic places for nefarious purposes.
It was the gasoline supply that actually did get hacked causing gas shortages in NE. Where you have computerized controls you will get hacking, not really an EV issue.
 
Advertisement

 
Advertisement
Top