Vector adds security tests to CANoe EV package

Vector Informatik has recently enhanced its CANoe Test Package EV by incorporating security tests for charging communication, marking a significant shift in EV validation towards cybersecurity in addition to functional compliance. This update is specifically designed to assist car manufacturers, Tier 1 suppliers, and infrastructure developers in identifying vulnerabilities at an earlier stage in the development process.

For readers of eeNews Europe, this development holds relevance as charging communication is increasingly becoming a complex aspect of EV system design, particularly with the rise of Plug & Charge, ISO 15118, and encrypted communication. It also underscores the growing demand for testing tools that seamlessly integrate into automated development and validation workflows rather than relying on standalone manual checks.

Security Integration in EV Testing Processes

The latest extension from Vector focuses on automated security validation for charging communication, a critical area as electric vehicles and charging stations exchange a greater volume of data and depend on standardized communication protocols. This entails ensuring not only interoperability and protocol adherence but also evaluating the resilience of implementations against malformed messages, protocol misuse, and transport-layer issues.

Vector highlights that manual security testing can be time-consuming, challenging to replicate, and ill-suited for Continuous Integration/Continuous Deployment (CI/CD) environments. This poses a dilemma for teams seeking to incorporate cybersecurity assessments into regular software and system validation processes, leading to additional overhead in documenting outcomes and maintaining customized test configurations over time.

By incorporating dedicated security features into the CANoe Test Package EV, Vector is positioning charging communication testing as an integral part of a more continuous and structured development approach, rather than a specialized task relegated to the later stages of the process.

Comprehensive Coverage Including ISO 15118 and TLS Testing

The CANoe Test Package EV – Security now encompasses vehicle-to-grid communication fuzzing with real-time system monitoring, in addition to TLS fuzzing, TLS protocol assessments, and interfaces for tailored security evaluations. Supported standards include ISO 15118-2, ISO 15118-20, TLS 1.2, and TLS 1.3.

This comprehensive offering makes the package particularly valuable for developers working on EVs, charging controllers, and backend-connected charging functionalities, especially in scenarios involving secure certificate-based communication. Notably, Plug & Charge stands out as a key application area, given its reliance on secure and trusted communication between the vehicle and charger.

Vector emphasizes that the package is designed for seamless integration into existing development and integration workflows, with automated execution and systematic documentation aimed at reducing manual intervention. For engineering teams, the significance lies not in replacing specialized security analyses but in simplifying the repetition and scalability of routine charging communication security tests across various development initiatives.