The Major Problem With EVs No One Is Talking About
When GM earlier this year started recalling Bolts, it issued a warning to owners of the EV: don’t charge your car battery to 100 percent. Normally, this would be easy enough to do. But what if your charger got hacked?
Last year, researchers from the Southwest Research Institute in Texas successfully hacked the most popular charging system used in North America. The hack limited the charging rate, then blocked charging, and then overcharged the battery. The reason for the hack:
“This was an initiative designed to identify potential threats in common charging hardware as we prepare for widespread adoption of electric vehicles in the coming decade,” according to lead researcher Austin Dodson.
Earlier this month, UK cybersecurity firm Pen Test Partners said that it had found cyber vulnerabilities in six home EV chargers and a large public charging network.
Some of the vulnerabilities were no small potatoes.
Among the findings of Pen Test Partners was a vulnerability that could potentially make possible the hacking of millions of EV chargers simultaneously and another that exposed user and charger data for the hacker to use.
Perhaps the most dangerous vulnerability that the cybersecurity experts uncovered, however, was the possibility for a hacker to take control over millions of chargers.
“As one could potentially switch all chargers on and off synchronously, there is potential to cause stability problems for the power grid, owing to the large swings in power demand as reserve capacity struggles to maintain grid frequency,” the firm said.
EVs have been touted as the future of transportation. Governments in Europe and North America are allocating billions in financing that focuses precisely on public charging networks. Yet, there is little talk about the cybersecurity implications of having a huge network of hundreds of chargers that can be hacked.
Public chargers are the riskiest, it seems. While one could hack a home charger, they would only gain access to that device and possibly the home network of that household. If they hack a public charger, they could gain access to the whole network, explains Baksheesh Singh Ghuman, Senior Director of Product and GTM Strategy at Finite State, a cybersecurity firm that specializes in connected devices.
Gaining access to data is one risk associated with the vulnerabilities of EV chargers. Another is even more straightforward: electricity theft. If a hacker breaches a public charger, they could siphon electricity off it and make someone else pay, says Singh Ghuman.
Attacks on home chargers can be serious, too, despite their much more limited focus. Since both EVs and EV chargers are connected devices, hacking the charger could grant the attacker access to things like passwords and other credentials.
And that’s not even the worst that can happen.
“Threat actors can also gain control of the electric vehicles themselves, which includes control over steering, brakes, acceleration, and other functions which could result in an accident,” Singh Ghuman told Oilprice.
“They would have the ability to listen in on phone conversations held within the car and steal personal data from the vehicle’s connected network too.”
Everything is hackable, cybersecurity experts have warned repeatedly, from a corporate computer system to a pacemaker. And cybercriminals are often ahead of their opponents in the game of cat and mouse, forcing governments and cybersecurity service providers to often catch up.
Luckily, in the wake of the latest massive hack attacks in the U.S., action is being taken. A recent executive order by President Biden will oblige manufacturers of hackable equipment to start implementing more stringent cybersecurity standards, Singh Ghuman says.
It is important to act preemptively and remove as many vulnerabilities as possible as early as possible.
A lot of hopes are being pinned on electric vehicles as a crucial element of the low-carbon economy of the future. Automakers are spending billions on their shift to EVs, and one could only hope some of that money is being spent on guaranteeing the cybersecurity of the vehicles. It should be, given how much is at stake.
And with carmakers already aware of the challenges they face in promoting their EV models as the better cars, they need to be exceptionally wary of the possibility that the hackability of an EV could very well become a monumental issue alongside range anxiety.
Chargers are even more important. If a hacker can make several hundred chargers switch on and off when the hacker tells them to, that becomes a problem for the grid. And if a larger-scale attack can be launched, the situation would become a lot more serious.
There are already concerns about the addition of millions of EVs to city grids that were not built for this sort of electricity demand. Investments in the upgrade of grids so it can take the additional demand are seen at between $1,630 and $5,380 per EV, according to Boston Consulting Group.
And that’s for EV penetration rates of 10-20 percent. The more EVs are added, the more money will need to be spent to keep the grid stable.
The EV revolution is becoming a challenging endeavor in more aspects than one. The cybersecurity theme needs to be at the center of the EV discourse. The threats might be potential for now but let’s remember: everything can be hacked.
World’s Biggest Battery Sidelined After “Overheating Incident”
Another major problem has struck at a pioneering big battery project, this time at the 400MW/1600MWh Moss Landing Energy Storage Facility in California, south of San Francisco, which was recently expanded to become the world’s largest of its kind.
The owner and operator of the big battery, Vistra Corp, says an investigation is underway into an “overheating incident” at the Moss Landing facility, which did not result in a fire, but has taken the 300MW, four hour storage first phase of the project out of service.
“Late Saturday evening, Sept. 4, the Moss Landing Energy Storage Facility experienced an overheating issue with a limited number of battery modules in its Phase I, 300-megawatt/1200-megawatt hour system,” the statement said.
An in-built safety system had detected that the modules were operating at a temperature above operational standards and triggered a sprinkler system, bringing the overheating back under control and averting a fire, but the local fire department was called as a precaution in the record heatwave conditions of that weekend.
Vistra says it is now working alongside teams from battery manufacturer LG Energy Solution, engineering firm Fluence, and “other external experts” to gather information and begin their investigation into the root cause of the issue.
“With safety as its No. 1 priority, the company is taking a conservative approach and keeping the entire facility offline as it investigates the root cause of the incident in partnership with its engineering contractor, Fluence, and battery manufacturer, LG Energy Solution,” a statement said.
“Vistra is uncertain on the timing of the return of the facility, pending an investigation and any needed repairs. The company will update the status of Phase I Moss Landing as it learns more. The Phase II 100-MW system, which is located in a separate building on site, has not been affected by the event. It is currently available for operation.”
Originally announced as a two-phased 400MW/1600MWh facility, Texas-based gen-tailer Vistra was granted permission in August of last year to expand the battery energy storage system to provide up to 1,500MW, or 6,000MWh of energy storage.
The Moss Landing battery has a long term “resource adequacy” deal with Pacific Gas and Electric Company (PG&E) and had only just last month completed the 100MW second phase of the project that is being built alongside a gas-fired power plant.
The expansion was celebrated by Vistra CEO Curt Morgan, who said the four-hour battery would help fill a “reliability gap” by storing excess daytime power and sending it to the grid when needed.
But that role is now on hold until the root of the overheating problem – not to mention any damage caused by the sprinklers – is fully understood and addressed.
As a Vistra spokesperson told US website EnergyWire this week, with “more than 4,500 racks or cabinets that each contain 22 battery modules — that’s nearly 100,000 modules … and we will inspect every one of them. We are confident it is a matter of when, not if, the facility returns to service,” the spokesperson said. “However, speed is not our goal here — safety is.”
The Moss Landing incident lands a fresh blow to LG Energy Solution, which is in the midst of a major home battery recall in the US – and on a smaller scale in Australia, too – due to potential fire risks in its popular RESU 10H line.
The South Korean company has also been embroiled in the recall of electric vehicles that use its battery technology, including Hyundai EVs and, in the US, Chevy Bolts.
But it’s also a fresh blow to lithium-ion batteries, more broadly, and certain chemistries under that umbrella – lithium nickel manganese cobalt, in particular – that are known to be more prone to problems of overheating and thermal runaway.
Australia, of course, has had its own even more dramatic example of this in the recent fire that destroyed two Tesla Megapack containers at the Neoen-owned Victoria Big Battery in July, with still no word yet on the impact the incident has had on the commissioning of what will be Australia’s biggest battery.
As will no doubt be the case in the Moss Landing investigation, the big question for Neoen will be the cause of the fire and whether it stemmed from a manufacturing or installation or production fault.
It has not yet been made clear which battery chemistry has been used in the Victorian Megapacks, but Tesla announced earlier this year it was switching from lithium nickel manganese cobalt to LFP (lithium iron phosphate) which is said to be more fire resistant and non toxic.
As EnergyWire reports, however, the mood in the US around Moss Landing is overwhelmingly positive, buoyed by the belief that the energy storage industry – which is rapidly becoming one of the most important enabling partners to the global shift to renewables – will rise to such challenges, as well as to the costs that come with them.
“I do not think we should understate the importance of safety,” Kelsey Hatzell, an assistant professor at the Andlinger Center for Energy and the Environment at Princeton University who studies batteries, told the website. “But I am optimistic that we can engineer for safety.”
“The safety systems in place for the Moss Landing project worked as designed to notify operators of overheating,” said Jason Burwen, interim CEO of the U.S. Energy Storage Association. “Grid operators, including California’s, expect to rely on increasing levels of energy storage to meet decarbonisation and reliability goals and we don’t see that changing because of what happened with the Moss Landing project.”
This battery can store enough electricity to provide power for just four hours? Having a water fire suppression system for a large electrical facility doesn’t seem very clever to me.