More specifically, EVC is equipped with a mechanism of electronically locking and releasing the charge connector. Such locking mechanism locks the connector at the time of charging and delivers a secure electronic key to the EV driver. The connector is unlocked only by the person who holds the secure electronic key. The secure electronic key is a globally unique key for each charging event. The DUEC-KEY is generated by the proposed DUEC mechanism in the form of encrypted Bar Code, QR Code, or any state of the art secure encrypted code, and we refer this key as DUEC-KEY. The electronic lock may exist either in EVC (if the connector and cable is the part of EV, and Receptacle is in the EVC), or in the connector (if the connector and cable is the part of EVC, and Receptacle is in the EV), and locks in a way the connector cannot be released even on pressing the release connector button. The overall concept is presented in Figure 1, and the entities proposed to accomplish the purpose are as shown in Figure 2 below.
2.1. Connector Security Server (CSS)
CSS is located in the service provider’s network. (In contrast, the CSC is a part of EVC and is distributed throughout the service area. CSS and CSC communicate over any available state of the art communication systems, i.e. wireless (LTE, WiMAX), or wireline systems (Optical fiber, or Ethernet, BPL etc.). Their ability to communicate provides several attractive features, for example:
a. Remote charging status query:- The EV driver can send a “charging status query” to CSS geographically from anywhere by providing the DUEC-KEY in the request message, and will get a response. This feature will be helpful to know the EV charging status or any other relevant information without physically visiting the location.
b. Remote EV claim:- The EV driver can deactivate the locking mechanism by providing the DUEC-KEY in the message from anywhere to release connector. This feature will be helpful to authorize EV Driver’s proxy to claim the EV, without having the EV owner/driver physically visiting the location. Thus EV may be dropped by one family member and picked up by the other, if authorized by the DUEC-KEY holder remotely.
c. Transmission of DUEC-KEY over the air to unlock the connector under potential hazardous or emergency situations such as
i. The legitimate EV driver lost the DUEC-KEY and wants to unlock the Connector, or
ii. There is potential hazard due to surrounding environment (e.g. fire etc,) while the EV driver is away and law enforcement agencies needs immediate removal of the connector/EV, or
iii. System malfunctions and denies to accept the DUEC-KEY, or
iv. Any unforeseen reason that mandates to unlock the connector without presenting the DUEC-KEY to the system
For the above features, the EV driver (or the system administrator) may send message, directly to either (a) the CSS, or (b) the CSC. Each option has pros and cons e.g., (a) offers better security and system control, whereas (b) reduces system signaling overhead, system messaging efficiency, and response delay etc. The paper supports both the options. The System Administrative may be a human being or a Voice Activated/Speech Recognition intelligent system, capable of authenticating and authorizing the event generators.
2.2. Connector Security Client (CSC)
CSC is located in EVC. Upon authentication of the EV driver’s credentials (for billing purpose) CSC will electronically lock the connector, and establish the security association between the EVC locking mechanism and the EV driver’s credentials. The security association will result in generating a unique, encrypted, secure digital key called DUEC-KEY for the every charging event. The DUEC-KEY would be delivered by the CSC to the EV driver before starting the EV charging. The CSC will require the same DUEC KEY to unlock the EV charging connector. Without presentation of DUEC-KEY, the CSC will not unlock the EV charging connector. Thus CSC will prevent Unethical unplugging of unattended EV already being charged.
Following four sub-functional entities assist the CSC in performing its functions. These entities comprise of hardware and, software to perform the tasks pertinent to the present paper. The hardware may, for example, comprise of central processing unit (CPU), memory unit, scanner/printing unit, connector locking mechanism, liquid crystal display (LCD), bus(es) for internal communication, wireless or wireline channels for external communication, and relays/switches, etc. The software may comprise of code, algorithm and protocols, etc.
These functional entities work in coordination to:
(a) Electronically lock the Connector
(b) Establish the security association between the EV driver’s credentials and the connector locking mechanism
(c) Generate the DUEC-KEY
(d) Deliver the DUEC-KEY to the EV driver
(e) Demand at the same DUEC-KEY to unlock and relinquish the connector, and
(f) Unlock the connector on successful presentation and validation of the DUEC-KEY.
Unlocking of the connector can be triggered either (a) by the EV driver at any time during or upon completion of the charging process, or (b) by the CSC upon 100% completion of the charging.
The DUEC-KEY may be generated in the form of encrypted Bar Code, QR Code, or any state of the art secure encrypted security Code. The delivery of DUEC-KEY to the EV driver may take any one or any combination of the followings:
a. Deliver to the EV driver on a passive device (e.g. physical tag/RFID tag without a battery). Thus DUEC Mechanism has capability of printing and dispatching DUEC-KEY on a tag using any existing or evolved state of the art mechanism. The holder of the passive tag can only deactivate the locking mechanism and get the connector released by presenting the tag to EVC. Physical possession of the passive tag and physical presence of tag holder near EVC is required by the system.
b. Deliver to the EV driver on an active device (that requires battery e.g. mobile communication device as soft key), Thus DUEC mechanism has the capability of delivering DUEC-KEY using any existing or evolved state of the art short Range Communication, e.g. Near Field Communication (NFC). If the DUEC-KEY is delivered to the EV driver’s mobile communication device over Near Field Communication (NFC), the holder of the DUEC-KEY can deactivate the lock and get the connector released by presenting the DUEC-KEY to EVC in the following two ways
i. Presenting the DUEC-KEY to EVC over NFC. NFC, is a short-range wireless technology, typically requiring a distance of 4 cm or less. NFC operates at 13.56 MHz and at rates ranging from 106 kbit/s to 848 kbit/s. NFC always involves an initiator (Mobile Device in this case) and a target (EVC in this case). Physical possession of the active device and physical presence of the DUEC-KEY holder is required to claim the EV.
ii. Presenting the DUEC-KEY to EVC over local or wide area network (WLAN, WiMAX, LTE, wireline, or any state of the art network). Physical possession of the active device is required but physical presence of the DUEC-KEY holder at site is not required. Thus the owner of EV may authorize his proxy to claim the vehicle.
The EV driver’s mobile device may also generate an RF field to read the DUEC-KEY from a passive tag, and deactivate the lock using his mobile device as noted in (a) and (i) above. However, in such a scenario, (i.e. CSC issued DUEC-KEY on a passive device, and presentation of DUEC-KEY from an active device), additional security measures may be required.
c. Associate with the EV driver’s Biometrics. Thus KGVF memorizes the DUEC-KEY, at least till the EV charging event is over and/or EV is delivered to its driver by presenting the same biometrics. Thus the proposed mechanism has the capability of scanning fingerprint, retina or face, and memorizing the images using any state of the art biometrics technologies. If the DUEC-KEY is associated with the EV driver’s Biometrics, physical presence is required to claim the EV by presenting the same combination of biometrics. (In case of Biometrics, it is encouraged implementing combination and or scan of state issued ID card. It would discourage the possibility of dodging the system by using contact lens, gloves, or any other masking means, etc.).
d. Associate with the EV driver’s Card (e.g. credit card, pre-paid card, gift card, membership card, license, or any other card). Thus KGVF memorizes the DUEC-KEY, at least till the EV charging event is over and/or EV is delivered to its driver by presenting the same Card. Thus the proposed mechanism has capability of reading cards and memorizing the information using existing or evolved state of the art Card Reading technologies. If the DUEC-KEY is associated with the EV driver’s Credit Card, memorized by the EVC, physical swipe of the same card is required to claim the EV.
In a charge-status query mode, the DUEC-KEY may be presented over local or wide area network (WLAN, WiMAX, LTE, wireline, or any state of the art network) to enquire the status of charging. CSC or CSS, in response, will send the charging status (such as for example fully (100%) charged at time HH:MM:SS on date MM/DD/YYYY, or half (50%) charged at time HH:MM:SS on date MM/DD/YYYY, or any other format most meaningful for the EV driver. (Deactivation of lock from remote may require confirmation to avoid accidental deactivation of the lock, e.g. the user did not intend to unlock the vehicle but just wanted to know the charging status).
CSC consists of following logical functions. These are shown in Figure 2
Coupling/Decoupling Assurance Function (CDAF)
Key Generation and Validation Functions (KGVF)
2.2.1. Coupling/Decoupling Assurance Function (CDAF)
The CDAF is a key part of CSC and is housed in EVC. It communicates with the CSS (located in the service providers’ network), as well as local entities (located in the EVC) to perform and assure connector lock/release related tasks. Communication with CSS may be over any state of the art long distance wireless or wireline communication system, whereas the communication with local entities may be over any short range communication system (such as wireless personal area networks, wireless local area networks, or any other state of the communication link). Before the mechanism unlocks the connector, CDAF makes sure that all the electrical circuits are completely disconnected and high level of shielding and sealing is in place. This offers a hazard free disconnect.
2.2.2. Key (DUEC-KEY) Generation and Validation Function (KGVF)
KGVF is another major part of CSC and is housed in EVC. It communicates with the CSS (located in the service provider’s network) as well as local entities (located within the EVC) to perform connector lock/release related tasks. The communication with CSS may be over any state of the art long distance wireless or wireline communication system, whereas the communication with local entities may be over any short range communication system (such as wireline or wireless personal area networks, wireless local area networks, or any other state of the communication link).
KGVF is responsible for establishing a security association between the EV driver’s credentials and the locking mechanism for any charging event, and consequently generating a DUEC-KEY. The DUEC-KEY may be generated based on time stamp, charging node’s civic address/GPS coordinates, IP address, EVC identity number, a random key generator, user’s credentials (from credit card/membership card, biometrics ), any other parameters, and/or any state of the art security key generation algorithm, that ensure a strong security association. (EVC IP address may be either encrypted or clear text depending on the service provider’s business model and security requirements).
The DUEC-KEY can be successfully decoded by any CSC to provide information that may be useful for the EV driver. For example if the EV driver parked the EV for charging at location “X” and presents the DUEC-KEY at location “Y”. In such an event, the KGVF may take three actions:
(a) Search its own log/database and informs the EV driver that the DUEC-KEY was not issued from this location, and
(b) Take an additional step i.e. send a query to CSS and get the correct location (civic address) from where the DUEC-KEY was issued. This would be beneficial if the EV driver forgot where he parked his car for charging. However, it may raise security concern. i.e. stolen/lost-found DUEC-KEY may be used to find the EV driver’s car, which may not be desirable. Thus this feature may be optionally turned on or off.
(c) Take an additional step i.e. send a query to CSS and get the updated information (e.g. EV is at xx location and yy% charge, or EV had already been claimed at HH:MM:SS on MM/DD/YYYY.
Following local entities assist CDFA and KGVF achieve the DUEC objectives:
• User Interface and Display (UID):
• Connector Lock/Release Function (CLRF)
• Key Dispatch Function (KDF):
• Electrical Supply (On/off) Switch (ESS)
The Functions of CDAF, KGVF, UID, CLRF, KDF and ESS can be easily understood by considering the scenarios presented in Figure 3, Figure 4 and Figure 5 in section 2.2.3, 2.2.4, and 2.2.5.
2.2.3. DUEC-KEY Issuance and Recharging Start Event
Figure 3 below (followed by the description) shows the steps involved in DUEC-KEY Issuance and Recharging Start Event.
DUEC-KEY Issuance and Recharging Start Event Description (per Figure 3)
a = CRR informs CDAF that Connector is coupled.