Next Article in Journal
Machine Learning for Early Outcome Prediction in Septic Patients in the Emergency Department
Next Article in Special Issue
An Energy-Aware Load Balancing Method for IoT-Based Smart Recycling Machines Using an Artificial Chemical Reaction Optimization Algorithm
Previous Article in Journal
CUDA and OpenMp Implementation of Boolean Matrix Product with Applications in Visual SLAM
Previous Article in Special Issue
An Actor-Based Formal Model and Runtime Environment for Resource-Bounded IoT Services
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Algorithms
Volume 16
Issue 2
10.3390/a16020075
Review Report
algorithms-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Intrusion Detection for Electric Vehicle Charging Systems (EVCS)

Algorithms 2023, 16(2), 75; https://doi.org/10.3390/a16020075
by Mohamed ElKashlan 1, Heba Aslan 1, Mahmoud Said Elsayed 2,*, Anca D. Jurcut 2 and Marianne A. Azer 1,3
Reviewer 2: Anonymous
Algorithms 2023, 16(2), 75; https://doi.org/10.3390/a16020075
Submission received: 5 December 2022 / Revised: 25 January 2023 / Accepted: 28 January 2023 / Published: 31 January 2023
(This article belongs to the Special Issue AI-Based Algorithms in IoT-Edge Computing)

Round 1

Reviewer 1 Report

Authors take up an important issue concerning not just EVCS but the permeation of IoT/ICT and digitialization initiatives. Paper utilizes ML algorithm to distinguish and isolate  security breaches from legitimate grid/vehicle to EVCS communications.

It would be worthwhile mentioning few lines about OCPP, ISO15118, ISO/SAE21434 in the introduction and background as these are some of the ongoing developmental standards in the context of EV/EVCS/EVSE communication, open charging protocols, and cybersecurity.
Grammar and structuring could use a revision and recheck.

The IDS algorithm seems like a generic IoT use case, the specific linkages between EV/EVSE ecosystem is missing or atleast needs to be strongly emphasized and explained.

Please interpret prefixes as page number : line number

2:58 DL is technically a subset of ML strictly speaking

2:64 What is transport protocol?

3:73 I would suggest refraining from including literature synthesis and state of play from the specific objectives of the paper

2:92 Background could be enhanced by referencing more recent works in the charging protocol and open communication standardization in addition to SCADA, which is little broader and umbrella term. Something specific and related to EVCS is recommended to include and update

3:113 Since we are dealing with an interconnected or system of systems, exactly how to distinctly label the possible attacks as evcs, user, and power grid is little unclear

4:128 battery degradation being labeled as a user attack is a stretch.

4:138 power grid attacks will affect supply demand linkages, not necessarily something that could be linked to EVCS, which is just one of the plethora of end-use demand

4:--B and C have multiple sentence structuring and typos as well as technical inconsistencies. Please read and revise as needed. "discharge of an EV also called V2G"..discharge happens also when driving

4:152 It is just improbable to impossible to perceive an EVCS hack affecting power plant generation because we are dealing at the secondary distribution level whereas the generation is way upstream. Also, you need millions of EVs to even make a noticable impact even assuming in some roundabout way, EVCS hack impacting upstream generation.

5:226 not sure why medical applications is being listed here

Fig 4: not exactly an efficient use of figure to just mention three % shares

9:-- experimental approach lacks details how the proposed IDS is uniquely applicable to EV/EVSE ecosystem.

9:-- the training and testing models needs more clarification and explanation in relation to the 124000 flows and the attack/benign traffic split.

Conclusions and discussions

EVCS security requirements needs to reflect the real-world practicalities as in the specific developments, signal/hand-shake/authorization protocols that are developed and soon to be implemented. The depth of text on these aspects is very less compared to the broader cybersecurity threat. Intro and background is reasonable long but misses mentioning topical works specific to EV/EVCS.

 

 

 

 

 

Author Response

Reviewer#1, Concern #1:

  1. It would be worthwhile mentioning few lines about OCPP, ISO15118, ISO/SAE21434 in the introduction and background as these are some of the ongoing developmental standards in the context of EV/EVCS/EVSE communication, open charging protocols, and cybersecurity..

Authors response:  We thank the reviewer for the time given in the review of our manuscript. The newly raised comments were carefully addressed.

Authors Action: We’ve added more information in the introduction about the mentioned protocols and the cybersecurity.

Added section: “It is worth mentioning that there are set of protocols that govern the communication within the EVCS ecosystem. Open Charge Point Protocol (OCPP) is a communication protocol for electric vehicle charging stations. It allows for remote monitoring and management of the charging process, as well as the collection of usage data.

ISO 15118 is a set of international standards for the communication between electric vehicles and charging stations. It defines the protocols and procedures for secure and efficient charging and payment transactions. Likewise, ISO/SAE 21434 is a standard for the cybersecurity of road vehicles. It provides guidelines for the design and development of secure systems, networks and components in vehicles, including electric vehicles and charging stations. It is intended to help protect vehicles against cyber attacks and ensure the safety and security of passengers and other road users.”

Reviewer#1, Concern #2:

  1. Grammar and structuring could use a revision and recheck.

Authors action: The paper was rechecked and restructured in some sections.

Reviewer#1, Concern #3:

3- The IDS algorithm seems like a generic IoT use case, the specific linkages between EV/EVSE ecosystem is missing or atleast needs to be strongly emphasized and explained.

Authors response: We thank the reviewer for this valuable comment, and we’ve addressed the link between the IoT and the EVCS. Mainly it is due to 2 main points.

First:  The EVCS is actually an IoT device, if we breakdown a charging station, we will see a raspberry pi and set of controller boards as shown in the diagram below

Second: The same cybersecurity challenges affecting the EVCS  also affect the IoT. Therefore, having an effective way of detecting threats  will benefit  EVCS and IOT similarly.

 

 

Authors action: We added more clarification in the background section about the link between EVCS and IoT.

Added section: “The Internet of Things (IoT) and Electric Vehicle Charging Stations (EVCS) are linked through the use of communication protocols and technologies that allow for remote monitoring, management, and control of the charging process. IoT technologies such as sensors, wireless communication, and cloud computing are used in EVCS to provide real-time data on charging status, energy consumption, and other relevant information. This data can be used to optimize the charging process and improve the overall efficiency of the EVCS.

Additionally, IoT technologies can be used to connect EVCS to other systems, such as smart grid infrastructure and payment systems, allowing for seamless integration and automation of charging and payment transactions. The use of IoT technologies in EVCS also enables remote monitoring and management of the charging process, allowing for the detection and resolution of issues, as well as the collection of usage data for analysis and decision making.

Overall, the integration of IoT technologies in EVCS improves the user experience and increases the efficiency of the charging infrastructure”

Reviewer#1, Concern #4:

4- Some specific comments in page number: line number

2:58 DL is technically a subset of ML strictly speaking

Authors response: The authors agree on the comment, and we were referring to the Deep learning methods used in the IDS problem, so Deep learning is used in the context and not to classify it apart from the Machine learning.

 

2:64 What is transport protocol?

Authors response: Here we are generic to any protocol used as a transport layer protocol. Like TCP protocol or any other transport protocol.

3:73 I would suggest refraining from including literature synthesis and state of play from the specific objectives of the paper

Authors response: removed the generic contributions and specified the main contribution only specific to the objective of the paper.

2:92 Background could be enhanced by referencing more recent works in the charging protocol and open communication standardization in addition to SCADA, which is little broader and umbrella term. Something specific and related to EVCS is recommended to include and update

Authors response: Done as per concern#3

3:113 Since we are dealing with an interconnected or system of systems, exactly how to distinctly label the possible attacks as evcs, user, and power grid is little unclear

Authors response: The comment is valid, but we detailed the security challenges for each type of system. We agree that one challenge in one system can affect other systems, but we are talking here specifically about the attack vector for each system.

Authors action:  The whole section highlighting the attacks on the EVCS was restructured

4:128 battery degradation being labeled as a user attack is a stretch.

Authors response: We were highlighting the impact that can eventually happen if the attack is successful and left undetected for long time. Remember Stuxnet attack, were a very small variance led to a total failure in the system. It is the same analogy here, if a malware persists on the EVCS and changed the Voltage/current values, it will eventually damage the car battery. This attack can be used by EVCS competitors.

Authors action: The whole section highlighting the attacks on the EVCS was restructured

4:138 power grid attacks will affect supply demand linkages, not necessarily something that could be linked to EVCS, which is just one of the plethora of end-use demand

Authors response: Attacks on the power grid is the most dangerous attacks that could happen in the Energy sector. If the attacker gain access through the EVCS network and controlled the EVCSMS and start to control the demand and supply, then the effect will be very harmful on the power grid.

Authors action: The whole section highlighting the attacks on the EVCS was restructured

4:--B and C have multiple sentence structuring and typos as well as technical inconsistencies. Please read and revise as needed. "discharge of an EV also called V2G"..discharge happens also when driving

Authors action: the whole section highlighting the attacks on the EVCS was restructured

4:152 It is just improbable to impossible to perceive an EVCS hack affecting power plant generation because we are dealing at the secondary distribution level whereas the generation is way upstream. Also, you need millions of EVs to even make a noticable impact even assuming in some roundabout way, EVCS hack impacting upstream generation.

Authors action: the whole section highlighting the attacks on the EVCS was restructured

5:226 not sure why medical applications is being listed here

Authors response: That was a reference paper in the literature to examine different IoT ML where it was focusing on the usage of the ML in IoT, where the application was as medical application. We were not interested in the application as we were interested in the ML algorithm used in the IoT.

Fig 4: not exactly an efficient use of figure to just mention three % shares

Authors action: Removed the figure and renumbered the other figures

9:-- experimental approach lacks details how the proposed IDS is uniquely applicable to EV/EVSE ecosystem.

Authors response: Added clarification in the experimental approach that the IDS will be placed at the EVCSMS (central point) to monitor the traffic between the EVCSs and the EVCSMS.

9:-- the training and testing models needs more clarification and explanation in relation to the 124000 flows and the attack/benign traffic split.

Authors response: Added more clarification on the number of flows, and the attack/benign traffic split.

Author Response File: Author Response.doc

Reviewer 2 Report

The paper approaches an interesting and timely research question, but its originality is not obvious. The methodology is convincing but not completely innovative. The findings seem in line with previous similar studies. The discussion is lacking. Furthermore, a significant and conclusive contribution to research literature does not stand out.

· The purpose of the study is adequately reported in the “1. Introduction” section, but the motivations lack: Why you have done this piece of work? Which gaps in the current literature do you want to address in your research?

· Intrusion detection systems have been investigated in other research. Please, highlight in the Introduction Section which is the novelty (if any) of this paper with regard to other studies.

· “4. Experimental Approach” section: What are the innovative/original aspects of the proposed approach?

· “5. Simulation results” section: The discussion of the results is very brief and does not even offer a cursory description of the high-level findings. More exploration is required here

· A discussion section is lacking in the article and it should be integrated before the “Conclusions” section. This section should address a general and critical evaluation of the proposed method, stressing its application domain, advantages, and limitations.

· Reading the paper, it’s not evident any significant and conclusive contribution to the research literature. How does this paper add to the literature on intrusion detection systems? 

 

· Line 329: "Figure 8" instead of "Figure 4". 

· "References" section: Journal name for the first reference is missing.

 

Author Response

Reviewer#2, Concern #1:

1· The purpose of the study is adequately reported in the “1. Introduction” section, but the motivations lack: Why you have done this piece of work? Which gaps in the current literature do you want to address in your research?

Authors response: The Authors would like to thank the reviewer for the comment and agree on the lack of motivation in the introduction. Although enough motivation on the Cybersecurity challenges in the EVCS is listed, and the need for an efficient and accurate IDS was mentioned. But we’ve added more clarification on the gaps in the literature that we want to address.

Authors action: Added more clarification in Introduction section on the driver for the research and the gaps we try to address.

Added section in the Introduction: There is a clear gap in the research for securing the EVCS systems. That is why, in this research we focus on the proposed methods to secure the EVCS ecosystem using a machine learning based Intrusion detection system to be used in anomaly detection with high accuracy and low false positive rates. There is little to no proposals to secure the EVCS ecosystem.

Reviewer#2 Concern #2:

2- Intrusion detection systems have been investigated in other research. Please, highlight in the Introduction Section which is the novelty (if any) of this paper with regard to other studies.

Authors response: We would like to thank the reviewer for this comment and would like to emphasis that the novelty is coming from using the IoT-23 dataset with limited number of training data in training the machine learning based IDS which is used to address a vulnerable application like the EVCS. To the best of our knowledge, there was no research paper till now addressed this problem

Authors action: Restructured the contribution of the paper to focus on the novelty of the study

Reviewer#2 Concern #3:

3- “4. Experimental Approach” section: What are the innovative/original aspects of the proposed approach?

Authors response: The proposed approach is the standard approached used in the standard machine learning problems, but it was mentioned for the reader to know what was the approach used. The authors believe that highlighting the approach is important for the completeness of the experiment.

Reviewer#2 Concern #4:

4 “5. Simulation results” section: The discussion of the results is very brief and does not even offer a cursory description of the high-level findings. More exploration is required here

Authors response: we’d like to thank the reviewer for this comment which will enrich the content of the paper

Authors action: added more details in the results

Added section in the simulation results section : “The filtered classifier algorithm is considered to be better than the decision table classifier algorithm in certain situations because it can handle large amounts of data and it is able to handle missing attribute values. Additionally, the filtered classifier algorithm can also handle noisy data, which can often lead to more accurate classification results. The decision table classifier algorithm, on the other hand, may not perform as well on large datasets or when there are missing attribute values or noisy data. The filtered classifier algorithm is generally faster than the decision table classifier algorithm for several reasons. One reason is that the filtered classifier algorithm uses a subset of the features (attributes) to make predictions, whereas the decision table classifier algorithm uses all the features. Using a subset of features can reduce the amount of computation required to make predictions, which can make the filtered classifier algorithm faster. Additionally, filtered classifier algorithm can leverage machine learning techniques like feature selection and ensemble methods, to improve the performance of the classifier which can lead to faster predictions. On the other hand, decision table classifier algorithm uses all the features and can be slow when dealing with large and complex data sets”

Reviewer#2 Concern #5:

5- A discussion section is lacking in the article, and it should be integrated before the “Conclusions” section. This section should address a general and critical evaluation of the proposed method, stressing its application domain, advantages, and limitations.

Authors action: Added a new section of discussion and limitation

Discussions and Limitations

The issue of EVCS security is a genuine industrial concern. If exploited by malicious actors and state-sponsored attack groups, a cyberattack on the EVCS may have disastrous effects. Due to the limited number of EVCSs already deployed and the growing number of Electric vehicles with short battery range, any outage in a single EVCS has the potential to disrupt the travel plans of several EV users. In addition, an entire power grid can be shut down by a cyberattack, which can have a direct impact on the economy. In order to limit this danger, a precise and effective intrusion detection system is required. In this study, the use of machine learning to construct the IDS engine is explored. To accurately evaluate the suggested IDS, a dataset that accurately reflects the actual traffic and assaults may be required. This study evaluates two machine learning (ML) based intrusion detection system (IDS) classifier methods using the IoT-23 dataset, which is comprised of native IoT network traffic. Each classifier's theory of operation is based on a distinct set of premises. We observed from the findings that the filtered classifiers perform exceptionally well in terms of accuracy and other metrics on the testing data. Therefore, it can be utilized to protect the EVCS network against DDoS attacks.

However, the following limitations are present in our research:

  • Although Deep Learning (DL) is widely employed in a variety of application domains, such as image pre-processing and language translation, it is beyond the scope of this work.
  • Without installing a physical EVCS system, we trained and assessed the ML algorithms offline via virtual simulation. However, it is crucial to understand how this IDS handles Intrusion in real-time by detecting internet threats.
  • When conducting an intrinsic evaluation, many datasets should be compared. In this study, however, we solely used the IoT-23 dataset to train and assess various ML algorithms. We intend to compile our own dataset from an actual EVCS system and evaluate multiple datasets in order to develop a viable intrusion detection algorithm.

 

Reviewer#2 Concern #6:

6- Reading the paper, it’s not evident any significant and conclusive contribution to the research literature. How does this paper add to the literature on intrusion detection systems?

Authors response: We’d like to thank the reviewer for the comment and would like to clarify that most of the IDSs currently running are of the type of signature based. Very few IDSs are running with anomaly based due to lack of accuracy and high number of false positives. That is why this paper point out that the anomaly detection can reach very high accuracy using the filtered classifier algorithm which can be used in the anomaly based IDSs.

Authors action: Clarified the significance of this work in the conclusion section.

Reviewer#2 Concern #7:

7- Line 329: "Figure 8" instead of "Figure 4".

Authors action:  Thanks, figure number corrected to reflect the right figure.

Reviewer#2 Concern #8:

8· "References" section: Journal name for the first reference is missing.

Authors action:

Added in the correct format: Suriya, N., and S. Vijay Shankar. "A novel ensembling of deep learning based intrusion detection system and scroll chaotic countermeasures for electric vehicle charging system." Journal of Intelligent & Fuzzy Systems Preprint: 1-13.

Author Response File: Author Response.doc

Round 2

Reviewer 1 Report

Authors have reasonably addressed earlier raised queries.

Author Response

Please see attachment below.

Author Response File: Author Response.pdf

Reviewer 2 Report

The authors have addressed adequately the comments I raised in my previous review. 

Author Response

Please see attachment

Author Response File: Author Response.pdf

Back to TopTop