Tag Archives: Cybersecurity

A CESI researcher’s secondment journey to the Government – Dr Zoya Pourmirza

The year 2020 will be remembered as an extraordinary year with the news of COVID outbreak. In January 2020, I started my one-year secondment as an advisor providing technical consultation to the UK Government Office for Zero Emission Vehicles (OZEV)”.

About the Author

dsc01229

Dr Zoya Pourmirza, is a research associate at Newcastle University within the School of Electrical and Electronic Engineering. She was awarded her PhD in Information and Communication Technology (ICT) Architecture for Smart Grids from University of Manchester in 2015. Her research expertise includes Smart Grids ICT networks, cyber-security, communication energy efficiency, and data compression.

Zoya carries out a wide range of research for CESI in the area of cyber-security on energy and transport systems.

Contact:- Zoya.Pourmirza@newcastle.ac.uk

The UK Government’s Office for Zero Emission Vehicles (OZEV) is a cross-government team between the Department for Transport and the Department for Business, Energy and Industrial Strategy, supporting the transition to zero emission vehicles (ZEVs). As soon as I started, following a warm welcome from the team, I was impressed by devotion and dedication of the team. Within a few months into the role, while I was enjoying working with the team and gaining new experiences, the UK went into the lockdown. In the following months, we moved all our activities to online platforms which are known to all of us.

This secondment was planned to assist shaping a more secure EV eco-system in future. In 2019, Government consulted on cyber security requirements for smart chargepoints. There is an intention to follow with legislation mandating requirements for smart chargepoints, including cyber security, in 2021. My work was intended to help informing Government approach in 2021 legislation.

My tasks during this Secondment was to support different workstreams with OZEV and wider work in BEIS on smart energy cybersecurity. This included:

Project 1 – EVHS grant scheme

Electric Vehicle Homecharge Scheme (EVHS) is a grant provided by the OZEV, designed to offer an additional incentive to EV drivers. EV manufacturers who wish to apply for authorisation for chargepoints under EVHS should confirm they comply with EVHS technical specifications. In terms of cyber security specifications, OZEV requires chargepoints to be accessed by using the Open Charge Point Protocol (OCPP v1.6 or above). During my time at DfT I assessed how many EVHS grant applications were likely meeting or not complying with requirements on cyber security, and if these applications are considering a similar level of cyber security measures provided in the OCPP. I also recommended some specific changes to be made to the scheme requirements, which are being considered by Government.

Project 2BSI PAS review

The British Standards Institution (BSI) has been sponsored by Government to develop two PAS standards. The PAS 1878 is for Energy Smart Appliances (ESA), including smart chargepoint cyber security requirements and PAS 1879 is for a Demand Side Response (DSR) framework. The DSR framework PAS is intending to develop the ‘environment’ within which ESAs can operate. Both PAS’s involved cyber security considerations. The cyber security approaches employed in these standards are encryption and Public Key Infrastructure (PKI). The end-to-end secure framework is intended to:

  • provide secure assets, these assets are such as Energy Smart Appliance (ESA) and Consumer Energy Manager (CEM)
  • verify the actors such as Demand Side Response Provider (DSRSP)
  • provide a secure communication between ESA and CEM, and between CEM and DSRSP

During my time at BEIS, I reviewed the draft PAS standards at different stages of their development and recommended a series of changes to improve the standard and better embed cyber security within them. These comments were welcomed by the standard leads, and it is expected to be reflected in the final version.

Project 3 Cyber risk assessments – I worked along the BEIS team and the PA consulting on cyber risk assessment for smart energy systems to identify the risks and shape appropriate mitigations techniques. This work is underway within the BEIS team and will be completed in 2021. In this study we realised that as the proliferation of smart energy devices including EV smart chargepoints and associated smart energy platforms increases, the cyber security risks will grow too. These risks will become material in 2025. For example, the ability for a large number of smart energy devices to be switched on or off at the same time, which will cause a large power swing on the electricity network, is one of the main risks identified by the team.

Project 4 – Reports and recommendations

I shaped a report for the Government discussing the cyber security challenges in smart energy system and EV chargepoints, the risks and mitigation techniques, and the future roadmap. The recommendation provided in this report could potentially inform the legislation this year.

Thoughts on the experience

All these tasks were carried out to pave the way for a more secure future of the EV ecosystem. My sincere thanks to both teams at the Newcastle University and the Government who provided this unique opportunity for me to get involved in Government’s policy development and legislation process and develop new skills. This was an extremely valuable experience working at the heart of civil service to provide consultation and apply my expertise to help meet the key government objectives for EV smart charging.