Next Article in Journal
A Classifier-Guided Diffusion Model-Based Key Sample Augmentation Method for Power System Transient Stability
Next Article in Special Issue
Short-Term Load Forecasting in the Greek Power Distribution System: A Comparative Study of Gradient Boosting and Deep Learning Models
Previous Article in Journal
Recent Progress in the Synthesis of Layered Double Hydroxides and Their Surface Modification for Supercapacitor Application
Previous Article in Special Issue
Advances in Energy Storage, AI Optimisation, and Cybersecurity for Electric Vehicle Grid Integration
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Energies
Volume 18
Issue 18
10.3390/en18184847
energies-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Systematic Review

Securing the Electrified Future: A Systematic Review of Cyber Attacks, Intrusion and Anomaly Detection, and Authentication in Electric Vehicle Charging Infrastructure

by
Lukasz Pawlik
1,*,
Jacek Lukasz Wilk-Jakubowski
1,2,*,
Pawel Tomasz Grabski
3 and
Grzegorz Wilk-Jakubowski
2,4
1
Department of Information Systems, Kielce University of Technology, 7 Tysiąclecia Państwa Polskiego Ave., 25-314 Kielce, Poland
2
Institute of Crisis Management and Computer Modelling, 28-100 Busko-Zdrój, Poland
3
Department of Automotive Engineering and Transport, Kielce University of Technology, 7 Tysiąclecia Państwa Polskiego Ave., 25-314 Kielce, Poland
4
Institute of Internal Security, Old Polish University of Applied Science, 49 Ponurego Piwnika Str., 25-666 Kielce, Poland
*
Authors to whom correspondence should be addressed.
Energies 2025, 18(18), 4847; https://doi.org/10.3390/en18184847
Submission received: 19 August 2025 / Revised: 3 September 2025 / Accepted: 8 September 2025 / Published: 11 September 2025
(This article belongs to the Special Issue The Future of Energy Systems: Integration of Energy Technologies in Distribution Grids)
Browse Figures
Versions Notes

Abstract

The growing popularity of electric vehicles (EVs) necessitates a robust and secure charging infrastructure. This review article analyzes the current state of cybersecurity challenges within EV charging ecosystems, focusing on vulnerabilities affecting charging stations, communication protocols, and grid integration technologies such as vehicle-to-grid (V2G). Based on a systematic literature review, common cyber threats are categorized, including data manipulation, authentication bypass, infrastructure failures, and attacks on backend systems and the power grid. Furthermore, this paper synthesizes existing and emerging risk mitigation strategies, encompassing intrusion detection systems (IDS), secure communication protocols, authentication frameworks, and anomaly detection techniques utilizing machine learning and blockchain technologies. By analyzing literature published between 2017 and 2024, this study aims to provide a comprehensive overview of cybersecurity issues that are critical to ensuring the resilience and reliability of the evolving EV charging infrastructure. The scope of this review is centered specifically on cyber attacks, intrusion and anomaly detection, and authentication mechanisms within EV charging infrastructures, rather than on the broader cybersecurity domain.

1. Introduction

Electromobility is now a visible pillar of climate policy. In the European Union’s roadmap, internal combustion engine vehicles are expected to be phased out of urban traffic by 2050, with electric vehicles (EVs) taking their place [1]. Beyond the well-known environmental gains, deployment at scale hinges on a charging ecosystem that is not only efficient and interoperable but also secure and resilient [2]. In this context, the review does not cover the entirety of cybersecurity research, but instead emphasizes three core domains: cyber attacks, intrusion and anomaly detection, and authentication.
A central challenge is the tight coupling between charging infrastructure and modern power systems. Vehicle-to-grid (V2G) capabilities expand this coupling by enabling bidirectional energy flows, which improves balancing but also broadens the attack surface of the grid–communication stack [2,3]. References often point to complementary energy topics—such as photovoltaic (PV)-assisted charging and self-consumption optimization—as part of infrastructure planning [3,4], and to energy recuperation gains at the vehicle level [3]. Constraints on batteries, their cost and aging, as well as mass-related impacts on energy use, remain relevant background factors for infrastructure planning and user adoption [1,5,6]. These considerations persist, yet the decisive differentiator for dependable scaling is cybersecurity.
Electric vehicle charging stations (EVCSs), back-end platforms (CSMSs) and the protocols that connect vehicles, stations and aggregators are exposed to data manipulation, authentication bypass, denial-of-service and malware propagation, with operational impacts that range from local downtime to distribution-level instability [7,8,9,10]. Research responds with several lines of defense: authentication frameworks [8], intrusion detection systems (IDS) and anomaly detection in communication streams [9,11], and safeguards for metering and billing integrity [10]. Recent studies strengthen this picture with machine-learning-based anomaly detection—including generative adversarial network (GAN)-based detectors in EV charging data pipelines [8]—and deep recurrent controllers that mitigate sophisticated, time-varying disturbances in EVCS cyber–physical loops [12]. Work on the ISO 15118 family underscores both its role in secure, interoperable V2G handshakes and concrete vulnerability classes that demand careful engineering and conformance testing [11,13]. Models of large-scale coordinated attacks, including stochastic distributed denial of service (DDoS) traffic, aimed at stations and their networks, quantify service delays and stability risks and motivate robust protective capacity [14]. Parallel efforts explore decentralized authentication and settlement using blockchain to remove single points of failure and enhance privacy in V2G transactions [15,16,17,18]. Additionally, studies on price-signal manipulation demonstrate how adversaries could steer charging/discharging behavior and stress distribution feeders if defenses are weak [19]. Emerging EVCS stacks that rely on 5G connectivity further raise the bar for traffic inspection and learning-based IDS to spot covert false data injection (FDI) and DDoS patterns in near real time [20].
Against this backdrop, the aim of this review is to consolidate current knowledge about cybersecurity in EV charging ecosystems with an emphasis on communication protocols, cryptography, anomaly and intrusion detection, and grid integration risks. The review synthesizes literature from 2017–2024 and maps threats and countermeasures across charging points, back-end systems and V2G interfaces. It highlights where defenses are mature and where evidence still rests on simulations rather than field data [2,11]. To keep the discussion grounded in deployment realities, the article also retains the broader infrastructure context referenced above—PV integration, operational constraints and user-level factors—while treating them as boundary conditions for secure design rather than as the primary focus [3,6].
The paper is structured as follows. Section 2 outlines the materials and methods used for the literature selection and classification. Section 3 surveys cybersecurity themes (authentication and cryptography, attacks, intrusion/anomaly detection, blockchain) alongside enabling technologies and infrastructure. Subsequent sections synthesize trends and open gaps, and discuss implications for the secure, scalable integration of EV charging with smart grids [1,2,3,4,7,8,9,10,11,14].

2. Materials and Methods

This study employed a systematic review approach focused on analyzing scientific literature published from 2017 to 2024. The selection of publications was based on search results from the Scopus database, with queries restricted to the fields of engineering, computer science, and energy. A total of 102 publications were included in the final analysis. These documents met our defined language, topical, and formal criteria, while literature from non-technical domains was excluded. The documents were classified manually based on their full content, taking into account the type of methodology used, such as experimental studies, literature reviews, case studies, or conceptual modeling.
Additionally, the publications were assigned to four main thematic categories within the domain of cybersecurity and infrastructural technologies for electric vehicles. For qualitative analysis, keywords and a taxonomy were applied based on the occurrence of concepts such as “intrusion detection,” “authentication,” “charging infrastructure,” and “vehicle-to-grid.” Special attention was paid to the geographical distribution of the publications and the temporal dynamics in the development of specific algorithmic classes.
In the context of the growing popularity of electric vehicles (EVs) and ongoing advancements in the development in modern charging systems, we conducted a literature analysis to address the following seven key research questions:
  • Which anomaly detection techniques are most effective in securing EV charging infrastructure?
  • To what extent does blockchain enhance the resilience of EV systems against cyber attacks?
  • Which authentication protocols dominate vehicle-to-grid communication, and how do they impact overall system security?
  • Does the type of infrastructure (public vs. private) determine the level of cybersecurity protection implemented?
  • What are the operational consequences of attacks on charging stations, such as tariff manipulation or grid destabilization?
  • To what extent are real-world versus simulated data used in EV cybersecurity research?
  • Which regions are leading EV cybersecurity research, and what are the driving factors behind this trend?

2.1. Document Retrieval and Selection

The literature review was conducted using the Scopus database, based on a systematic search methodology inspired by the PRISMA guidelines. Publications from the years 2017–2024 written in English were included in the analysis. These works focused on cybersecurity, deep learning (DL), neural networks (NN), and statistical methods in the context of electric vehicles (EVs). Particular emphasis was placed on studies related to energy consumption forecasting, predictive vehicle control systems, battery resource management, and the integration of electric vehicles with smart power grids.
The selection of literature was carried out based on the thematic relevance of the publications included in the source files, taking into account methodological diversity and the noticeable increase in the number of publications between 2021 and 2024, which confirms the growing global interest in this area. The search was based on a logical combination of keywords related to data analysis methods, electromobility, cybersecurity and charging infrastructure. The following search query was applied:
“TITLE-ABS-KEY(Electric AND Vehicles AND (“Charging” OR “Power Grids” OR “Embedded Systems”)) AND PUBYEAR > 2016 AND PUBYEAR < 2025 AND (EXCLUDE (SUBJAREA,“AGRI”) OR EXCLUDE (SUBJAREA,“NEUR”) OR EXCLUDE (SUBJAREA,“BIOC”) OR EXCLUDE (SUBJAREA,“BUSI”) OR EXCLUDE (SUBJAREA,“MULT”) OR EXCLUDE (SUBJAREA,“CHEM”) OR EXCLUDE (SUBJAREA,“ECON”) OR EXCLUDE (SUBJAREA,“MEDI”) OR EXCLUDE (SUBJAREA,“CENG”) OR EXCLUDE (SUBJAREA,“SOCI”) OR EXCLUDE (SUBJAREA,“ARTS”) OR EXCLUDE (SUBJAREA,“PHAR”) OR EXCLUDE (SUBJAREA,“PSYC”) OR EXCLUDE (SUBJAREA,“HEAL”) OR EXCLUDE (SUBJAREA,“EART”) OR EXCLUDE (SUBJAREA,“ENVI”) OR EXCLUDE (SUBJAREA,“MATE”) OR EXCLUDE (SUBJAREA,“PHYS”) OR EXCLUDE (SUBJAREA,“DECI”) OR EXCLUDE (SUBJAREA,“MATH”)) AND (EXCLUDE (DOCTYPE,“cr”)) AND (LIMIT-TO (LANGUAGE, “English”)) AND (LIMIT-TO (EXACTKEYWORD, “Cyber-attacks”) OR LIMIT-TO (EXACTKEYWORD, “Cyber Attacks”) OR LIMIT-TO (EXACTKEYWORD, “Intrusion Detection”) OR LIMIT-TO (EXACTKEYWORD, “Intrusion Detection Systems”) OR LIMIT-TO (EXACTKEYWORD, “Intrusion Detection System (IDS)”) OR LIMIT-TO (EXACTKEYWORD, “Anomaly Detection”) OR LIMIT-TO (EXACTKEYWORD, “Attack Detection”) OR LIMIT-TO (EXACTKEYWORD, “Authentication”))”
In the methodology section, a detailed justification for the original search query was added. It was explained that the query was deliberately constructed with precision to select publications specifically related to EV charging in the context of cyber attacks, intrusion and anomaly detection, and authentication.
The next stage of literature selection was based on the results of the query conducted in the Scopus database, which yielded a total of 102 publications meeting the defined criteria. To ensure high relevance, full-text scientific publications were analyzed for the presence of terms related to electric vehicles and charging infrastructure in the context of cybersecurity and embedded systems.
The time range was limited to publications from 2017 to 2024, written in English and classified under subject areas such as engineering, computer science, and energy. The classification process was supported by exclusion criteria targeting non-technical fields (e.g., medicine, psychology, arts), in accordance with the recommendations of previous review studies.
In the methodology section, the justification for selecting specific subject areas was provided. The restriction to key domains was intended to capture the most relevant and directly related publications. This approach minimized the risk of including articles from fields that were not the focus of the analysis, such as social sciences or psychology, and allowed the study to remain concentrated on technical and engineering literature directly addressing the cybersecurity of electric vehicle charging infrastructure.
Based on keyword analysis, the publications were assigned to two primary thematic categories:
(1)
Cybersecurity, including authentication, cryptography, intrusion and anomaly detection, and blockchain technologies;
(2)
Technologies and infrastructure, focusing on charging systems, integration with the electrical grid (including V2G), and EV onboard systems.
Special attention was also given to research methodology—publications were classified as experimental studies, literature reviews, case studies, or conceptual papers, based on author declarations or content analysis of abstracts.
An additional manual review phase was carried out, covering 196 articles. During this selection, 94 papers were excluded due to not meeting the technical requirements or lacking direct relevance to the research topic, resulting in a final set of 102 publications. In the categorization process, some papers were assigned to more than one group, reflecting the multidimensional nature of the issues addressed in the texts.
The geographical analysis revealed a significant concentration of authors in countries such as China, the United States, India, Germany, and the United Kingdom, with fewer publications from Brazil, Iran, and South Korea. The documents were primarily journal articles or conference papers. Additionally, the analysis incorporated visualizations and data generated using VOSviewer, version 1.6.20 [21], which enabled mapping of keyword relationships and facilitated the identification of key thematic clusters within the analyzed dataset.
A graphical summary illustrating the stages of literature selection, the applied filtering criteria, and the main classification directions is presented in Figure 1, which also depicts the thematic distribution of the analyzed publications.

2.2. Classification Criteria

A total of 102 scientific publications were selected for analysis based on predefined thematic and formal criteria, covering the years 2017–2024 and written in English. These publications were retrieved from the Scopus database using a query that targeted titles, abstracts, and keywords containing terms related to electric vehicles, power grids, charging, and embedded systems. The final list of documents was narrowed down from an initial set of 196 by excluding items that did not meet the subject area, language, or document type criteria. For further analysis, each document was assigned to five main classification categories: (1) Two thematic groups (cybersecurity and technologies and infrastructure); (2) country of author affiliation; (3) document type; and (4) research methodology.
The classification process was conducted manually based on the analysis of metadata, abstract content, and full-text documents available in English. Where applicable, translated versions were also reviewed.
The first classification group referred to the research focus of the publications, identifying two overarching thematic groups: Cybersecurity and technologies and infrastructure.
Within the cybersecurity group, four specific thematic categories were distinguished, as follows:
  • Authentication and cryptography (e.g., authentication, cryptography);
  • Cyber attacks (cyber attacks, computer crime, denial of service);
  • Intrusion and anomaly detection (intrusion detection systems, anomaly detection);
  • Blockchain technologies (blockchain).
The second thematic group addressed technological and infrastructural aspects of electromobility. It included three main subcategories, as follows:
  • Electric vehicle charging (electric vehicle charging, charging infrastructure);
  • Grid integration (smart grids, V2G, energy transfer);
  • Vehicle systems (battery management, embedded systems, vehicular networks, internet of things).
The second classification axis concerned the country of author affiliation. This information was obtained from the bibliographic metadata provided by the Scopus database. Eleven countries were identified as having the highest number of affiliations: United States, China, Canada, Germany, India, Australia, Italy, United Kingdom, Brazil, South Korea, and Turkey. The remaining countries were placed in the “Other” category.
The third classification referred to the document type, which included the following:
  • Journal articles (48 studies);
  • Conference papers (52 studies);
  • Other (e.g., reviews, book chapters; 2 studies).
The fourth classification dimension was based on the research methodology, which was assessed by analyzing the substantive content of the documents and the nature of the conducted studies. Four methodological approaches were identified, as follows:
  • Experimental studies, based on original measurements and testing procedures;
  • Literature-based analyses, including systematic reviews and meta-analyses;
  • Case studies, focusing on implementations and practical applications;
  • Conceptual works, involving mathematical models and proposals for new system architectures.
The assignment of categories was conducted according to a predefined classification framework. The data structure was validated using a graphical model representing individual research aspects and their subdivisions. This structure enabled a multi-dimensional and comparative analysis of scientific studies in the field of electromobility, with particular emphasis on cybersecurity threats and integration aspects related to energy infrastructure.
This detailed classification allowed for an in-depth, multi-perspective analysis of the current body of scientific literature concerning energy consumption forecasting and control in electric vehicles.

2.3. Data Processing and Analysis

The bibliographic data, which included 102 scientific publications that met the predefined thematic, linguistic, and temporal criteria, were standardized and prepared for further analysis. First, a manual verification of titles, abstracts, and keywords was performed. Each publication was then assigned to one or more classification categories based on the structure outlined in the source documents. These categories were associated with two primary thematic areas: Cybersecurity and technologies and infrastructure.
For data analysis, the Python 3.12 programming environment was used and the following libraries were applied: Pandas 2.2.2 for tabular data processing, Matplotlib 3.8.4 and Seaborn 0.13.2 for data visualization, and NumPy 1.26.4 for numerical operations. To streamline data filtering and aggregation, all records were imported into a local PostgreSQL 16.2 relational database. Dedicated tables were created to manage bibliographic information, including authors, affiliations, keywords, year of publication, and DOI. The use of structured SQL queries enabled cross-sectional thematic analyses and comparisons across classification categories.
Publications were classified according to the following criteria:
  • Technology of infrastructure (cybersecurity, deep learning, neural networks, statistical methods);
  • Application area (battery systems, charging infrastructure, power grids, predictive control);
  • Research methodology (experimental study, literature review, case study, conceptual work);
  • Country of author affiliation;
  • Document type (journal article, conference paper, other).
Particular attention was given to geographical analysis, which made it possible to determine the distribution of publications by country and identify the most active research centers. According to the classification framework, the most frequently represented countries included the United States, China, Canada, Germany, India, Australia, Italy, the United Kingdom, Brazil, South Korea, and Turkey.
A temporal analysis was also conducted, covering the years 2017–2024, allowing for the identification of trends and research dynamics related to data-driven approaches in the context of electromobility and energy management. To visualize relationships between key concepts, network graphs were generated using the VOSviewer tool.
By integrating programming tools, database systems, and manual classification, a deeper understanding of the structure and research directions concerning the security and integration of electric vehicle charging infrastructure with smart energy grids was achieved.

2.4. Review Protocol and Publication Quality

To ensure transparency and reproducibility, the literature review was conducted following a structured protocol inspired by the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines. The diagram outlines the four main stages of the systematic review process, as follows:
  • Identification: 196 records identified in the Scopus database.
  • Screening: After removing duplicates (n = 0), the remaining 196 records were screened, with 94 being excluded by applying an additional keyword filter: “LIMIT-TO (EXACTKEYWORD, “Electric Vehicles”).” To ensure the robustness of the screening process, the Scopus query was extended to include a broader set of synonyms related to electric vehicles and charging infrastructure (EVSE, PEV, EVCS, charge point, CSMS), in addition to the term electric vehicles. The extended query took the following form:
    • AND (LIMIT-TO (EXACTKEYWORD, “Electric Vehicles”) OR LIMIT-TO (EXACTKEYWORD, “EVSE”) OR LIMIT-TO (EXACTKEYWORD, “PEV”) OR LIMIT-TO (EXACTKEYWORD, “EVCS”) OR LIMIT-TO (EXACTKEYWORD, “charge point”) OR LIMIT-TO (EXACTKEYWORD, “CSMS”)).
    • The extended search yielded the same number of publications (n = 102) as the original query. This outcome reflects the fact that Scopus does not rely solely on author-supplied keywords, but instead applies its own standardized indexing. As a result, articles in which authors provided alternative terms (e.g., EVSE, PEV, EVCS) were nevertheless indexed under the unified keyword Electric Vehicles. Accordingly, the synonym expansion did not alter the dataset but confirmed the completeness of the initial screening strategy.
3.
Eligibility: The full texts of the remaining 102 publications were assessed for eligibility and no further exclusions were made at this stage.
4.
Included: A final set of 102 publications was ultimately included in the review.
The flow diagram illustrating this process is presented in Figure 2. It is important to note that no duplicates were identified in the Scopus database after applying the initial filters, as the database itself ensures their absence. However, all records were additionally imported into a PostgreSQL database, where their uniqueness was verified based on DOI identifiers and titles. The exact dates of the searches and data exports were provided, and the Supplementary Materials include the detailed queries used in the process to ensure full reproducibility.
The second classification focused on research topics, which were determined through keyword extraction. Text mining tools, such as VOSviewer, were used to identify dominant terms and their co-occurrence across the reviewed publications. Two primary thematic axes were distinguished: cybersecurity-related issues and electric vehicle technologies and infrastructure.
Within the cybersecurity group, the following thematic categories were identified:
  • Authentication and cryptography;
  • Cyber attacks;
  • Intrusion and anomaly detection;
  • Blockchain.
The second thematic group included topics related to the following:
  • Vehicle charging;
  • Grid integration;
  • Vehicle systems, such as battery management systems (BMS), vehicle-to-vehicle (V2V) communication, and vehicular networks.
The geographical classification was performed based on the country of author affiliation. The analyzed dataset was dominated by publications originating from China, India, Germany, the United States, the United Kingdom, Japan, Saudi Arabia, Italy, Canada, and South Korea. Countries with single publication entries were grouped under the category “Other.” This approach enabled the identification of geographic centers of research activity in the application of ML/DL/SA methods within electromobility.
Publications were also classified by document type, using a basic division into the following:
  • Journal articles (published in peer-reviewed journals);
  • Conference papers;
  • Other formats.
These classifications were based on metadata provided directly by the Scopus database.
Additionally, the research methodology was evaluated based on abstract content and full-text analysis. Four categories were distinguished, as follows:
  • Experimental studies (involving measurements, prototypes, or implementations);
  • Literature reviews (focused on surveying existing knowledge);
  • Case studies (presenting specific real-world implementations);
  • Conceptual papers (theoretical or model-based works proposing new approaches).
For the purposes of this classification, the collected data were manually reviewed by two independent evaluators, who assessed each publication based on predefined criteria. In cases of disagreement, a consensus-based approach was adopted through joint discussion. To quantify inter-rater agreement, Cohen’s κ will be computed for the screening and classification stages and reported with a 95% confidence interval. This procedure ensured consistency and enabled a multidimensional analysis of the literature, covering technical, geographical, and methodological aspects. As part of the review protocol, a dedicated quality appraisal step was introduced to evaluate the methodological soundness and relevance of the included studies. A tailored checklist was applied, covering clarity of research objectives, transparency of methodology, robustness of data analysis, and replicability of results. Each publication was assessed independently, and the appraisal scores were used to weight the conclusions drawn from the review. In practice, findings supported by higher-quality studies were given greater interpretative weight, while evidence from lower-quality or less transparent sources was treated with appropriate caution.
The classification categories were determined not only by the presence of relevant terms but also by their frequency and prominence within the keyword co-occurrence structure. This analysis was visualized using a keyword density map (Figure 3). The resulting visualization enabled the identification of the most frequently addressed topics and their interrelationships, highlighting areas of intensive research activity as well as gaps that warrant further exploration.
Figure 4 presents a detailed keyword co-occurrence network based on the analyzed publications, forming a thematic map of conceptual linkages within the literature on electric vehicles and related technologies. Each node represents a keyword or concept appearing in the dataset, and its size reflects the frequency of occurrence. The larger the node, the more central its role in the research structure.
Node colors indicate membership in specific thematic clusters, automatically generated using a clustering algorithm. Each cluster groups terms that frequently co-occur across publications, reflecting their logical and topical coherence. For example, the red cluster (top-left area of the map) is focused on cybersecurity issues, including terms such as “cyber-attacks,” “cyber attacks,” “computer crime,” “denial-of-service attack,” and “intrusion detection.” This terminology indicates a high volume of research dedicated to protecting EV infrastructure from digital threats.
At the center of the map, the largest and most dominant node is “electric vehicles,” which serves as the primary anchor for surrounding topics. It is surrounded by terms such as “charging (batteries),” “charging station,” “battery management systems,” and “vehicle-to-vehicle communication.” These are grouped in the yellow cluster, representing a combined focus on infrastructural, technological, and operational aspects of EV energy management and charging systems.
The green cluster, located in the lower section of the map, includes terms related to power grid systems and their integration strategies with EVs. Terms such as “smart power grids,” “electric power system control,” “transmission networks,” “power grids” and “electric power transmission” indicate strong research interest in the integration of electric vehicles with smart grid technologies and bidirectional energy flow concepts, such as vehicle-to-grid (V2G).
On the right-hand side of the map, the blue cluster focuses on data and identity security, featuring terms like “authentication,” “blockchain” and “cryptography.” Its linkage with other clusters—through terms like “vehicle-to-grid” and “Internet of things”—demonstrates the intersection of security issues with technological and infrastructural dimensions.
The thickness of the edges (links) between nodes indicates the strength of co-occurrence; thicker edges represent higher frequencies of joint appearance. The dense network of connections between clusters suggests a high level of interdisciplinarity, bridging topics across energy systems, computer science, control, and cybersecurity.
This network visualization enables the identification of dominant research areas, as well as gaps and potential directions for further exploration. For instance, the relatively weak linkage between “blockchain” and “battery management systems” may signal an underexplored area in leveraging distributed ledger technologies for EV energy management. Thus, Figure 4 provides a valuable visual perspective on the structure and complexity of the reviewed literature and supports intuitive navigation through the interrelated research domains.
In the following work, literature items ranging from 11 to 112 were analyzed.

3. State of the Art

The rapid growth of electromobility is shaping a complex digital environment where electric vehicles are becoming part of smart grid systems. This new connectivity presents exciting opportunities but also brings notable security risks. It is crucial to protect the integrity and data privacy that moves between vehicles, charging points, and the grid. For this reason, modern research combines cybersecurity with the advancement of electromobility technologies and infrastructure, creating a new field that needs robust protection. This review examines 102 selected publications, sorting them into two primary areas: Cybersecurity (Section 3.1) and technologies and infrastructure (Section 3.2).

3.1. Cybersecurity

This section is structured around the three primary areas that form the focus of this review: authentication, cyber attacks, and intrusion/anomaly detection. The development of electromobility and related digital technologies brings both enormous opportunities and significant challenges related to cybersecurity. Authentication and cryptography mechanisms play a particularly important role, ensuring confidentiality, integrity, and non-repudiation of communication during electric vehicle charging processes and integration with grid infrastructure. As the scale and complexity of energy systems grow, so does the threat of cyber attacks, including denial-of-service attacks, which can destabilize both local charging stations and entire power grids. A key area of research is detecting intruders and anomalies, enabling early response to security breaches in critical systems. Blockchain is also gaining importance, with applications in energy transaction settlement, vehicle-to-grid (V2G) systems, and ensuring data transparency and immutability.

3.1.1. Authentication and Cryptography

The article presents new authentication methods in distributed systems, focusing on minimizing delays in the login process. The authors emphasize the importance of lightweight authentication protocols in the context of devices with limited computing power [8].
The paper analyzes biometric solutions as authentication tools in information systems, highlighting the potential of combining biometrics with classical cryptographic methods [9]. The authors discuss the use of single sign-on (SSO) protocols in large computer networks and propose mechanisms to increase their resilience against spoofing attacks [10]. The article presents the application of post-quantum cryptography in protecting sensitive data, emphasizing the resilience of proposed solutions to future threats posed by quantum computers [11]. The study describes the implementation of homomorphic encryption in cloud systems, pointing out that this technology enables operations on encrypted data without the need for decryption [22]. Finally, research analyzes the use of elliptic curve cryptography in mobile communication systems, indicating that this method ensures a high level of security while requiring minimal resources [15].

3.1.2. Cyber Attacks

The article analyzes the growing scale of cyber attacks targeting critical infrastructure, emphasizing the need for developing global response standards [13]. Within the EV ecosystem, such attacks directly translate into risks for charging stations and control backbones, where manipulation of communication can disrupt open charge point protocol (OCPP) sessions or ISO 15118 handshakes. Advanced persistent threats (APTs), known for persistence and strategic data theft, may target central charging station management systems (CSMSs) to compromise authentication data or disrupt charging coordination [23]. Case studies of ransomware incidents in other critical domains, such as healthcare [14], illustrate how similar techniques could be applied to electric vehicle supply equipment (EVSE) operators. These attacks could encrypt charging management servers and prevent access to billing or session data. Likewise, the evolution of DDoS attacks using IoT botnets [24], demonstrates a clear parallel: large-scale traffic floods can be directed at charging networks, overloading OCPP message queues and causing widespread service denial. Attacks on Supervisory Control and Data Acquisition (SCADA) systems [25], while originally documented in industrial contexts, highlight vulnerabilities relevant to EVSE–grid integration, where tampering with telemetry could destabilize load management. This is a risk particularly highlighted by security standards like IEC 62351-7:2017, which [25] aims to extend. Financial cybercrime [26] and social engineering [27], although often analyzed outside the EV context, point to attack vectors against payment platforms and user accounts linked with EV charging services. Legal harmonization challenges [28] and psychological factors behind cybercrime [29] may be secondary, but they underscore the persistent global nature of these threats. DoS attacks against banking systems [30] and DDoS campaigns in campus networks [31] are valuable by analogy, as they demonstrate the effectiveness of overload strategies that can be repurposed against EVSE authentication servers or CSMS APIs, leading to significant disruption of mobility services.

3.1.3. Intrusion and Anomaly Detection

The article analyzes signature-based intrusion detection systems (IDSs), emphasizing that this method is effective against known attacks but has limited capability to detect new threats [32]. In the EV charging context, this limitation is particularly relevant for OCPP and ISO 15118, where novel manipulation of handshake or tariff messages may bypass legacy IDS signatures.
Hybrid intrusion detection systems combining signature analysis with behavioral methods demonstrate improved detection accuracy and reduced false alarms [33], which is applicable to identifying abnormal CSMS traffic patterns. IDS solutions for industrial networks [34] directly inform EVSE protection, as integration with grid protocols demands anomaly detection that accounts for both power and data flows. Machine learning-based IDS [35] enhance adaptability to new threats, a necessity for dynamic EV environments involving wireless or roaming charging. IDS approaches in cloud environments [20] and IoT networks [36] are highly relevant, as CSMS platforms are increasingly cloud-hosted and connected to heterogeneous IoT devices. Deep learning-based IDS solutions [19] show promise in reducing false positives when applied to large-scale EVSE telemetry. Research on IDS for autonomous vehicles [16] offers transferable insights into vehicular communication patterns, which overlap with EVSE data flows.
Integrated firewall–IDS solutions [37] and flow-based detection [38] provide additional layers of defense suitable for protecting charging stations and backend APIs. Banking sector IDS applications [39], while sector-specific, highlight transferable approaches for fraud detection in EV payment platforms. Telemetry-based solutions [40] are directly applicable to the real-time monitoring of EVSE devices, while phishing detection [41], mobile app security [42], and anomaly detection in industrial [43] or grid systems [44] all highlight methodological tools that can be tailored to EVCS environments. Statistical traffic analysis [45], deep neural networks [46], and IoT anomaly detection [47] further demonstrate techniques that can be adapted to detect misuse of OCPP or ISO 15118 traffic channels. Medical IDS applications [48], although contextually different, underscore the broader utility of anomaly detection in protecting safety-critical systems, reinforcing the case for their application to EVSE networks.

3.1.4. Performance Comparisons and Methodological Limitations

When comparing the families of algorithms listed in Table 1 and Table 2, several trade-offs emerge that matter for EVSE/CSMS intrusion and anomaly detection. Linear and polynomial regression provide strong baselines for forecasting (e.g., load and price sensitivity) due to their interpretability and low latency. However, they struggle with non-linear, regime-shifting behaviors typical of charging sessions and are sensitive to multicollinearity. Over-parameterized polynomial models may fit historical dynamics but generalize poorly under novel operating conditions, leading to unstable residual-based alarms.
Support Vector Machines (SVMs) with appropriate kernels often deliver competitive accuracy on medium-sized, high-dimensional feature sets and handle margin maximization well under modest label noise. Their drawbacks include expensive training for large datasets, limited native support for incremental/online updates, and comparatively opaque decision boundaries. Latency on embedded targets may also constrain real-time deployment unless models are carefully pruned.
Tree-based ensembles (Decision Trees, Random Forest, Gradient Boosting) typically offer strong out-of-the-box performance, robustness to heterogeneous features, and useful by-product explanations (feature importance, split logic). Random Forests handle variance well but may underfit fine-grained temporal signatures. Boosting methods capture subtle interactions yet risk overfitting without careful regularization and early stopping. Both families can be brittle under concept drift (e.g., firmware updates, tariff changes), requiring periodic retraining or drift-aware adaptation. Native online learning support is limited in many off-the-shelf implementations.
Neural networks (ANN/DNN) excel when abundant labeled data are available and can learn non-linear couplings among electrical, protocol, and contextual signals. Recurrent variants (RNN/LSTM/GRU) are particularly effective on session sequences and OCPP/ISO-15118 message streams. Their costs include data hunger, higher latency/energy use, and sensitivity to hyperparameters. Black-box behavior complicates incident response unless paired with post-hoc or inherently explainable mechanisms. Regularization (dropout, weight decay), calibration, and careful thresholding are essential to control false alarms in volatile operating conditions.
Unsupervised methods cover distinct roles. K-means clustering supports quick clustering and coarse segmentation but presumes spherical clusters and is sensitive to scaling and initialization. It may confuse transient load ramps or maintenance modes with attacks. Principal Component Analysis (PCA) reduces dimensionality and can stabilize downstream models, yet information loss may suppress weak but security-relevant signals. T-Distributed Stochastic Neighbor Embedding (t-SNE) is valuable for visualization but is non-parametric and not suited for production inference. In all unsupervised settings, threshold selection (e.g., on reconstruction error or cluster distance) strongly governs the precision–recall trade-off and must be tuned per site and season.
Federated learning addresses data-sharing constraints by training across stations or operators without centralizing raw data, often improving cross-site generalization. Practical limitations include communication overhead, client heterogeneity (non-independent and identically distributed (non-IID) data, intermittent connectivity), and potential privacy leakage through gradients unless combined with secure aggregation and differential privacy. Convergence can degrade when local datasets are small or highly imbalanced.
Generative Adversarial Networks (GANs) can augment rare attack samples and stress-test detectors; they help rebalance training but introduce risks of mode collapse, synthetic–real distribution gaps, and inadvertent bias amplification. Synthetic data should be validated with fidelity metrics and ablation studies, and results reported separately from purely real-world training to avoid overstating operational performance.
Hybrid approaches (e.g., SVM + fuzzy rules) often reduce false positives by encoding domain constraints (grid limits, charger nameplate power) alongside a statistical margin. Their limitations are engineering overhead and rule drift: as tariffs, firmware, or market products evolve, fuzzy rulebases require maintenance to remain aligned with operational realities.
Across all families, reporting should reflect class imbalance (attacks are rare) and the operational cost of errors. Beyond accuracy and ROC-AUC (Receiver Operating Characteristic—Area Under the Curve), precision–recall curves, F1/F_β, Matthews correlation coefficient, and calibrated expected cost are appropriate. Windowed detection latency and throughput (edge vs. cloud execution) should be provided for ISO 15118/OCPP use cases. Because many studies rely on simulated or lab datasets, external validity should be established via cross-site testing, temporal holdout, and, where available, field-grade telemetry. Finally, practitioners should document drift handling (retraining cadence, online adaptation), threshold governance (per-site calibration, seasonal profiles), and explainability provisions so that alarms translate into actionable, auditable responses in real deployments.

3.1.5. Blockchain

Blockchain technologies are increasingly applied to secure EV charging ecosystems, particularly in the context of transaction integrity, decentralized authentication, and V2G energy exchanges. Studies highlight how blockchain can ensure transparency and immutability in charging sessions, preventing tampering with OCPP billing data or ISO 15118 contract certificates [49]. Research on blockchain in supply chains [50] and healthcare [51], while from different sectors, provides transferable models of decentralized trust management that can be adapted to EVSE–CSMS environments.
Smart contracts [52] show promise in automating tariff agreements between EV owners and charging providers, ensuring secure execution without reliance on centralized intermediaries. However, scalability and latency issues [53] remain critical, as charging sessions require near real-time validation to avoid service delays. The integration of blockchain with edge computing [54] and IoT security [55] is particularly relevant, since EVSEs are distributed devices that must securely interact with central management systems. Privacy-preserving techniques in blockchain [56] further support secure handling of user credentials and payment data during charging sessions. While applications in banking [57] and e-government [58] demonstrate broader utility, their adaptation to EVSE/CSMS systems illustrates how blockchain can underpin resilient, transparent, and secure charging infrastructures.

3.2. Technologies and Infrastructure

This section dives into the technological backbone and infrastructure of the electromobility ecosystem. While Section 3.1 focused on the cybersecurity aspects, this part explores the physical and systemic components that make up the modern electric vehicle landscape. The review will examine the advancements in charging technology, the crucial integration with smart grids, and the in-vehicle systems that are key to the functionality and security of EVs.

3.2.1. Vehicle Charging

The article discusses fast-charging techniques for electric vehicle batteries, emphasizing that the use of dynamic control algorithms can reduce cell degradation [58]. The paper focuses on wireless charging methods, with studies confirming that inductive charging systems can achieve high efficiency when properly calibrated [59]. The authors analyze the problem of cell overheating during fast charging and propose a cooling system based on dielectric fluids [60].
The article investigates the impact of different charging methods on EV battery lifespan, showing that algorithmically optimized charging increases the number of operational cycles [61]. The paper describes a charging management system based on artificial intelligence, highlighting its potential to balance grid loads effectively [62]. The study focuses on the interoperability of different charging protocols, underlining the importance of standards such as ISO 15118 for the advancement of electromobility [63].
ISO 15118 is a key standard supporting the development of electromobility [64]. In practice, ISO 15118-2 has been the baseline implementation, providing message structures for AC and DC charging sessions, including support for Plug & Charge and Smart Charging. The newer ISO 15118-20 refines this further by improving session renegotiation, supporting bidirectional power flow (V2G), and extending functionalities such as price communication and advanced load control [65]. One of the most critical aspects is the cryptographically secured handshake, which relies on a Public Key Infrastructure (PKI) with contract certificates and station certificates. This mechanism enables Plug & Charge, where the electric vehicle authenticates seamlessly without requiring RFID cards or mobile apps. Known implementation pitfalls include the complexity of certificate lifecycle management, backward compatibility with legacy standards (DIN SPEC, IEC 61851), and ensuring resilience in case of expired or corrupted certificates. ISO 15118-20 addresses several of these challenges by strengthening the diagnostic and security mechanisms, ensuring interoperability in heterogeneous charging environments.
Complementary to ISO 15118, the Open Charge Point Protocol (OCPP) 2.0.1 has become the de-facto standard for communication between charging stations and central management systems (CSMS). The 2.0.1 release introduces the Device Model for consistent station inventories, the new TransactionEvent structure for flexible session handling, and native support for ISO 15118 certificate management workflows. Importantly, OCPP 2.0.1 defines three distinct security profiles that prescribe TLS (Transport Layer Security) configurations and mutual authentication methods suitable for different deployment contexts. It also introduces secure firmware updates (signed firmware), a Security Event Log, and explicit certificate management messages (e.g., SignCertificate, CertificateSigned, Get15118EVCertificate, InstallCertificate), which allow CSMS operators to manage the entire lifecycle of certificates used in ISO 15118 Plug & Charge [64]. These enhancements significantly reduce the risk of unauthorized access, tampered firmware, and data integrity attacks.
While OCPP remains the dominant implementation today, ongoing international standardization efforts in IEC 63110 and IEC 63119 are expected to shape future deployments. IEC 63110 addresses charging management, including V2G operations, roaming, metering, and maintenance, while IEC 63119 standardizes roaming interfaces between e-mobility service providers (eMSPs) and charge point operators (CPOs). Together, they aim to harmonize EVSE–CSMS and CSMS–market communication at a global scale. Importantly, telemetry and monitoring requirements defined in IEC 63110 and IEC 63119 can be aligned with the monitoring and information exchange mechanisms of IEC 62351-7, which is already referenced in the conclusions of this work [25]. This linkage highlights how secure interoperability can be extended beyond station-level communication to encompass market and grid services.
To provide a concise overview, Table 1 maps the key communication interfaces in the EV charging ecosystem to their respective protocols, trust anchors, common threats, and recommended security controls. The article examines the design of high-power charging stations, stressing the necessity of advanced cooling and energy management systems [66]. The paper describes the architecture of charging stations powered by renewable energy sources, noting that integration with photovoltaic panels reduces grid load [67]. The authors present a model of a charging station equipped with an energy storage system, with research confirming that buffer batteries enhance station stability [68].
The article analyzes the economic aspects of building charging stations, pointing out that profitability depends on location, energy tariffs, and infrastructure utilization rates [69]. The paper discusses dynamic power allocation systems for simultaneous multi-vehicle charging, showing that this solution minimizes the risk of grid overload [70]. The article investigates the impact of EV charging on CO2 emissions depending on the energy mix, with results indicating that renewable energy significantly reduces emissions [71]. The study examines the availability of charging stations in urban areas, highlighting that infrastructure density is a key factor for EV user adoption [72]. The article focuses on the cybersecurity of charging stations, with findings showing that the lack of encrypted communication protocols exposes systems to manipulation [73]. The paper discusses the development of national-level charging infrastructure, emphasizing the need for strategic planning and collaboration between the public and private sectors [74].

3.2.2. Grid Integration

The article discusses the concept of V2G as a tool for stabilizing the power grid, emphasizing that vehicles can act as decentralized energy storage units [75]. The paper analyzes the impact of V2G on battery lifespan, with results showing that appropriate control algorithms minimize battery degradation [76]. The authors present a mathematical model assessing V2G efficiency in urban conditions, with simulations demonstrating its ability to reduce peak load demand [77].
The article focuses on the impact of EV charging on transmission networks, highlighting that uncontrolled mass charging can lead to overloads [78]. The paper presents methods for forecasting loads in transmission networks within the context of electromobility, showing that predictive algorithms improve system stability. The study analyzes EV integration with smart grids, proving that bidirectional communication enables effective energy management [79]. The article discusses the role of smart grid technologies in reducing transmission losses, noting that the deployment of smart meters improves energy balance [80]. The paper presents a smart grid architecture supporting EV charging, proposing decentralized control algorithms [81]. The article examines the development of smart energy networks in Europe, underlining the importance of standardization and interoperability [82].
The study analyzes the resilience of smart grids to cyber attacks, stressing the need for IDS systems and secure communication [83]. The article presents control methods for power systems under fluctuating demand, emphasizing the role of adaptive algorithms in stabilizing the grid [84]. The paper focuses on energy flow management in hybrid RES–EV (Renewable energy sources EV) systems, showing that dynamic load management increases efficiency [85].
The study discusses the impact of electromobility on power grid reliability, noting the risks of local overloads [86]. The article analyzes the necessity of modernizing transmission networks for the development of electromobility, highlighting investments in automation and digitalization [87]. The paper describes the potential of energy sharing between vehicles and the grid within V2G, proving that this approach supports renewable energy integration [12].
The article presents a business model for V2G services, pointing to new revenue opportunities for both grid operators and EV owners [88]. The study analyzes the implementation of V2G in Japan and Europe, emphasizing the key role of regulatory frameworks in its development [89]. The paper focuses on communication in V2G systems compliant with ISO 15118, underlining the importance of secure vehicle and station authentication [90]. The article discusses methods of peer-to-peer energy transfer between vehicles, highlighting that this approach supports decentralized energy models [91]. The study analyzes real-time energy transfer technologies in V2G networks, with findings showing high transmission efficiency when using dynamic communication protocols [92].

3.2.3. Vehicle Systems

The article discusses the role of embedded systems in electric vehicles, highlighting that their miniaturization and energy efficiency are crucial for the development of electromobility [93]. The study analyzes embedded system architectures in the context of security, emphasizing that hardware module isolation enhances resilience against cyber attacks [94].
The article presents methods for battery health diagnostics in Battery Management System (BMS), showing that artificial intelligence algorithms improve prediction accuracy [95]. The paper describes the development of BMS with cell-balancing functions, demonstrating that active balancing extends battery lifespan [96]. The study focuses on BMS safety, underlining the importance of protection mechanisms against overcharging and overheating [97].
The article analyzes vehicle-to-vehicle (V2V) communication as a tool for improving traffic safety, showing that information exchange between vehicles helps prevent collisions [98]. The paper focuses on communication standards for V2V systems, stressing the importance of protocols designed for low-latency transmission [99]. The article discusses the integration of electric vehicles with public transportation systems, showing that such solutions improve urban mobility efficiency [100]. The study analyzes the architecture of autonomous vehicle systems, highlighting the importance of redundancy in control and sensor systems [101]. The article presents the use of vehicular networks in traffic management, showing that dynamic data exchange reduces congestion [102]. The paper analyzes the security of communication in vehicular networks, warning that the lack of encryption in vehicle-to-everything (V2X) protocols creates risks of transmission interception [103].
The article discusses fleet management of electric vehicles using predictive systems, showing that machine learning algorithms enhance operational efficiency [104]. The study focuses on route optimization for EV fleets, demonstrating that intelligent planning algorithms reduce energy consumption [105]. The article analyzes the domain architecture of electric vehicles, showing that function integration within domains improves system management efficiency [106].
The paper describes challenges related to consolidating control units in vehicles, emphasizing the importance of standardizing communication interfaces [107]. The article discusses the impact of electromobility on transportation systems, showing that EV integration with public transport requires expansion of charging infrastructure [108]. The study focuses on the sustainable development of transportation systems, highlighting the role of EVs in reducing CO2 emissions [109].
The article analyzes the integration of IoT with electric vehicles, showing that real-time connectivity enables continuous vehicle monitoring [65]. The paper focuses on IoT security in vehicle environments, stressing the need for encryption and device authentication [110]. The study discusses IoT applications in EV fleet management, showing that IoT systems optimize logistics processes and monitor energy consumption [111].

3.3. Summary

Overall, the research demonstrates the convergence of security and infrastructure, emphasizing the necessity of strong authentication and cryptographic mechanisms. These mechanisms, such as Plug & Charge and ISO 15118, must balance low latency with privacy protection. Based on the conducted analysis, the following findings can be drawn:
  • The threat landscape encompasses DoS/DDoS, MITM/replay, data manipulation, and backend protocol vulnerabilities (e.g., OCPP). Coordinated load attacks may escalate from charging stations to the entire power system.
  • Intrusion and anomaly detection systems increasingly rely on ML/DL approaches (LSTM, autoencoders), hybrid designs, and edge/federated solutions. These are used to monitor vehicle buses, EVSE, and 5G-EVCS with low latency and fewer false positives.
  • Blockchain and smart contracts support settlements, access control, and energy traceability (including in V2G and dynamic charging). However, they require lightweight consensus mechanisms and careful balancing of scalability and costs.
  • On the technological side, rapid and wireless charging, modular EVCS, and integration with RES and storage are advancing; integration with the grid (V2G, Smart Grid, advanced control) improves stability but expands the attack surface.
In vehicle systems, AI enhances BMS and diagnostics, V2V/V2X and IoT improve fleet and transport management. Overall progress depends on standardization, formal verification, segmentation/zero-trust, continuous monitoring, and response readiness to ensure secure, resilient, and privacy-preserving electromobility.
Table 2 provides a comprehensive review of the most frequently applied machine learning algorithms in the field of electromobility, highlighting representative use cases and corresponding references. Regression-based methods are primarily employed for forecasting energy consumption and optimizing charging schedules, whereas neural networks and hybrid approaches facilitate the modeling of highly dynamic processes and enable adaptive power management. Tree-based algorithms and support vector machines (SVMs) are widely utilized for pattern classification, peak demand prediction, and grid overload risk assessment. Unsupervised learning techniques contribute to user segmentation and dimensionality reduction, while federated learning enables the construction of distributed models with strict preservation of data privacy. Furthermore, generative adversarial networks (GANs) have emerged as powerful tools for generating synthetic datasets, detecting rare anomalies, and evaluating model robustness under adverse conditions. Collectively, the literature indicates that the judicious selection and integration of machine learning methods significantly enhance energy management, improve system security, and optimize the development of electromobility infrastructures.
Table 3 presents the diverse applications of machine learning algorithms in electric vehicle energy management and grid integration. In the area of charging management, algorithms such as neural networks, SVM, and k-NN support demand forecasting, optimization of charging schedules, and dynamic pricing strategies. In vehicle energy management, decision trees, boosting, and recurrent neural networks are applied to optimize battery usage, predict loads, and control BMS. In the area of user and data security, autoencoders, Isolation Forest, and federated learning are employed for anomaly detection, access control, and privacy protection. Grid integration relies on LSTM algorithms, ensemble learning, and deep reinforcement learning, enabling power flow control, availability forecasting, and load balancing. Finally, V2X communication systems leverage Bayesian networks, CNNs, and Random Forest to optimize protocols, enhance transmission efficiency, and detect interference.

4. Statistical Overview

This article summarizes 102 scientific publications, divided into two time periods: 2017–2020 (26 publications) and 2021–2024 (76 publications). A significant intensification of research activity has been observed in recent years, which may indicate the growing importance of cybersecurity and digital technologies in the context of electromobility. The percentage of publications from 2021–2024 was over 74%.
Figure 5 presents document types, with the dominance of two main publication forms: scientific articles (Articles) and conference papers (Conference Papers). A total of 26 papers were published between 2017 and 2020—including 15 as conference papers and 11 as articles. In the 2021–2024 period, the number of these documents increased significantly—as many as 37 publications were assigned to each of these categories. Additionally, there are two publications classified as “Other,” which may include reports, review, or other non-standard forms. This means that conference proceedings and peer-reviewed articles accounted for over 98% of the total publication output. It can therefore be concluded that research was presented primarily in formats that have the greatest impact on the development and dissemination of knowledge—at scientific conferences and in professional journals. The increase in the number of scientific articles from 11 to 37 may indicate the maturation of topics and the transition from the exploratory phase to established knowledge.

4.1. Research Trends and Dynamics

Figure 6 focuses on digital cybersecurity and is structured into four primary thematic categories, each exhibiting distinct growth dynamics:
  • Authentication and Cryptography: The number of publications increased from 21 to 27, indicating a stable yet moderate development in this area. It is noteworthy that this category was dominant during the earlier time period and maintained a high level of academic interest in subsequent years;
  • Cyber Attacks: This category experienced a sharp increase in publication volume—from 6 to 35 articles—making it the fastest-growing research area among the four. This surge likely reflects the rising cybersecurity threats associated with the proliferation of networked charging systems and the integration of electric vehicles (EVs) into digital infrastructures.
  • Intrusion and Anomaly Detection: The number of publications grew from 3 to 19, suggesting a growing relevance of behavioral detection techniques and increased interest in machine learning (ML)-based solutions for cybersecurity challenges in EV ecosystems.
  • Blockchain: Publications in this category rose from 3 to 11, which may indicate expanding research opportunities in the application of blockchain technologies for transaction security, identity verification, and access management in electric vehicles.
The particularly dynamic growth in the areas of Cyber Attacks and Intrusion and Anomaly Detection suggests a trend in which traditional cryptographic approaches are being increasingly complemented—or even supplanted—by predictive and adaptive security systems. The analysis of research types revealed a clear shift in the nature of studies conducted over the analyzed period. Specifically:
  • Experimental Studies: The number of publications increased from 15 to 46, representing a 207% growth. This trend indicates a transition from theoretical investigations toward practical implementation and hypothesis testing in real-world or simulated environments.
  • Literature Analyses: A rise from 6 to 26 publications was observed, reflecting a growing interest among researchers in synthesizing existing knowledge and identifying prevailing trends within the field.
  • Case Studies: No publications of this type were recorded between 2017 and 2020. However, since 2021, seven case studies have been published, suggesting an increasing demand for application-oriented research, particularly in commercial deployments or pilot implementations of charging infrastructure.
  • Conceptual Research: Conceptual studies rose from 20 to 48 publications, highlighting continued efforts in design and development aimed at introducing new models for energy management and cybersecurity alongside empirical validation.
This methodological distribution suggests that the field is reaching a higher level of maturity, supporting both theoretical exploration and the practical deployment of machine learning (ML) models. Figure 7 shows the number of scientific publications by research methodology in two time periods: 2017–2020 and 2021–2024. The second half of the decade (2021–2024) saw a significant increase in publications across all categories, particularly in experimental research (from 15 to 46) and conceptual research (from 20 to 48). It is also worth noting the emergence of case studies after 2020, which may indicate a growing interest in practical implementation.
The classification of studies by application domains (Figure 8) revealed three dominant research areas:
  • Vehicle Charging: This was the most frequently investigated topic across both analyzed periods, with the number of publications increasing from 21 to 63. This trend likely reflects the growing need for optimization of charging strategies and flexible energy cycle management in electric vehicle (EV) systems.
  • Grid Integration: The number of studies increased from 16 to 35, indicating a rising focus on Vehicle-to-Grid (V2G) interactions, dynamic pricing models, and energy balancing within power systems involving EVs.
  • Vehicle Systems: Publications in this category grew from 7 to 29, suggesting increased research interest in onboard energy and safety management systems. This is particularly relevant to the deployment of embedded machine learning (ML) algorithms and edge computing within EV architectures.
These findings confirm that the most significant advancements in research have occurred in areas directly related to EV operation and their integration with external infrastructure systems.
Table 4 presents a detailed analysis of the distribution of scientific publications by cybersecurity topic and their relationship to technologies, infrastructure, and research methodology. Four main categories of security issues are considered: Authentication and Cryptography, Cyber Attacks, Intrusion and Anomaly Detection, and Blockchain. Additionally, a statistical analysis was performed using the chi-square test in two groups: (1) technologies and infrastructure, and (2) research methodology.
A total of 102 publications were included in the analysis, distributed as follows:
  • Authentication and Cryptography: 48 studies;
  • Cyber Attacks: 41 studies;
  • Intrusion and Anomaly Detection: 22 studies;
  • Blockchain: 14 studies.
Authentication and Cryptography emerged as the most represented category (47% of all publications), confirming the critical role of traditional security mechanisms in electromobility systems. At the same time, the significant share of publications addressing Cyber Attacks highlights the increasing vulnerability of EV systems and energy infrastructure in open network environments.
The distribution of publications by technological and infrastructural domains revealed the following patterns. This was the most frequently studied domain, with 84 total publications. With in this area:
  • Authentication and Cryptography appeared in 41 studies.
  • Cyber Attacks in 32 studies.
  • Intrusion and Anomaly Detection in 18 studies.
  • Blockchain in 9 studies.
This distribution indicates a high level of complexity and associated risk in charging interfaces, which serve as a critical point of interaction between users and the network. These systems require robust authentication, anomaly detection, and transaction-level security mechanisms.
A total of 51 publications addressed this domain:
  • Authentication and Cryptography: 25 occurrences.
  • Cyber Attacks: 23 occurrences.
  • Intrusion and Anomaly Detection: 9 occurrences.
  • Blockchain: 6 occurrences.
Integration of EVs with power grids requires secure bidirectional exchange of data and energy, as well as resilience against external attacks, particularly within dynamic grid environments.
This domain included 36 publications, with a more balanced distribution:
  • Authentication and Cryptography: 15 studies;
  • Cyber Attacks: 16 studies;
  • Intrusion and Anomaly Detection: 8 studies;
  • Blockchain: 8 studies.
This even distribution suggests that all four cybersecurity aspects are considered equally critical in onboard systems, with particular emphasis placed on protection against direct attacks and internal threats.
The analysis of methodological approaches revealed a strong presence of conceptual and experimental studies, alongside limited use of case studies:
  • Experiments dominated in each security category, especially in Authentication and Cryptography (30 studies) and Cyber Attacks (27 studies). In the case of Blockchain, 9 experimental studies were identified, indicating growing efforts to implement this technology in practical settings.
  • Literature Analyses were primarily conducted for Authentication and Cryptography (14 studies) and Cyber Attacks (14 studies), suggesting a well-established theoretical foundation in these areas.
  • Case Studies were limited to only 7 publications overall, with 4 in Cyber Attacks and 3 in Intrusion and Anomaly Detection, indicating a relatively low degree of real-world deployment or documented implementations.
  • Conceptual Studies were dominant in Authentication and Cryptography (37 studies) and Cyber Attacks (23 studies), and notably present in Blockchain (12 studies), reflecting the ongoing development of theoretical models and architectures in these areas.
Table 4 provides a comprehensive statistical overview of the 102 publications included in the review, categorized according to document type, cybersecurity domain, technological and infrastructural area, and research methodology.
In terms of document type, conference papers (52; 50.98%) and journal articles (48; 47.06%) dominate the dataset, while other formats account for only a marginal share (2; 1.96%). Within the cybersecurity categories, Authentication and Cryptography emerges as the most frequently studied area, represented in 48 publications (47.06%). This is followed by Cyber Attacks (41; 40.20%), Intrusion and Anomaly Detection (22; 21.57%), and Blockchain (14; 13.73%).
From the perspective of technologies and infrastructure, the majority of studies focus on Vehicle Charging (84; 82.35%), while Grid Integration (51; 50.00%) and Vehicle Systems (36; 35.29%) are also well represented, confirming the strong research emphasis on charging processes as the primary interface between users and the network.
Methodologically, Conceptual works (68; 66.67%) and Experimental studies (61; 59.80%) dominate, supported by Literature analyses (32; 31.37%) and a limited number of Case studies (7; 6.86%). This distribution reflects a field that combines strong theoretical development with increasing tendencies toward practical validation, while still showing relatively few real-world implementation studies.
The results of the chi-square tests, presented in parentheses in Table 4, indicate whether the observed distributions differ significantly across categories. The analysis shows no statistically significant differences for document type (χ2 = 1.16, df = 2, p = 0.56), technologies and infrastructure (χ2 = 1.62, df = 2, p = 0.45), or research methodology (χ2 = 3.74, df = 3, p = 0.29). However, a significant difference is observed for cybersecurity categories (χ2 = 12.38, df = 3, p = 0.01), suggesting that research efforts are unevenly distributed across security domains, with a clear predominance of authentication- and cryptography-related studies. Similarly, this result suggests no statistically significant differences in research methodologies applied across the various security categories. This implies that the choice of research approach was relatively balanced regardless of the topic area.
The statistical analyses based on χ2 tests reported were performed using the categorical distributions presented in Table 4. This table provides the raw counts of publications assigned to specific categories (e.g., Authentication and Cryptography, Cyber Attacks, Intrusion and Anomaly Detection, Blockchain, etc.), which allows for full replication of the test setup. The reported χ2 values, degrees of freedom, and p-values were calculated directly from these category counts. Since the underlying frequencies are included in the tables, the results can be independently verified and reproduced without additional preprocessing.
Based on the conducted analysis, the following conclusions can be drawn:
5.
Authentication and Cryptography remains the most frequently studied security domain. However, there is a noticeable increase in research activity related to Cyber Attacks and Anomaly Detection, indicating an expanding focus on behavioral and adaptive security mechanisms.
6.
Charging infrastructure has been identified as the most critical area in terms of cybersecurity concerns. This domain accounts for the highest number of studies and experimental implementations, underscoring its importance as a user-network interface vulnerable to various threats.
7.
Blockchain, although currently less represented in the dataset, shows increasing potential and is beginning to be investigated not only in vehicle-level applications but also in infrastructure-level contexts. This suggests an emerging trend of exploring decentralized and transparent security frameworks.
8.
The absence of statistically significant differences across categories may reflect the maturity of the field, where research is distributed evenly with respect to both methodology and technological context. This balanced distribution may indicate a well-established foundation for interdisciplinary and multi-domain research efforts in the area of electromobility cybersecurity.
The collected data revealed that a total of 26 studies were published between 2017 and 2020, while 76 publications appeared during the period from 2021 to 2024, representing an increase in research activity of nearly 192%. This growth can be interpreted as a direct reflection of the rising global importance of electromobility and cybersecurity as interrelated areas of scientific and technological interest.

4.2. Geographic Distribution and Statistical Analysis

Figure 9 and Table 5 present a detailed analysis of the geographical distribution of publications. The highest number of publications was attributed to:
  • The United States, which increased its output from 11 publications in the initial period to 22 in the subsequent one. This accounted for 32.35% of the total body of work, thereby maintaining its dominant position as the leading research hub in the field.
  • China, which recorded a substantial increase—from 2 to 17 publications—resulting in a total share of 18.63%, positioning it as the second-largest contributor. This growth may be interpreted as a consequence of national policies promoting research in advanced transportation and digitalization.
  • Canada, whose contribution also grew significantly, from 5 to 13 publications, representing 17.65% of the total.
  • Germany, the only European country with relatively stable output across both periods—5 publications prior to 2020 and 6 afterward—contributing 10.78% overall.
  • India, Brazil, South Korea which was unrepresented in the first period, produced 10 publications between 2021 and 2024, thereby securing the fifth position globally.
  • Australia, Italy, the United Kingdom, and Turkey all exhibited activity exclusively during the 2021–2024 period, each publishing between 4 and 5 studies.
  • Brazil was the only country whose contributions were limited solely to the 2017–2020 period (4 publications), potentially indicating a decline in research initiatives or a shift in national priorities.
  • South Korea expanded its research activity moderately, with 1 publication before 2020 and 2 after this time.
  • Turkey expanded its research activity moderately, with 1 publication.
  • The “Other” category, representing additional countries, included a total of 11 publications—3 from the first period and 8 from the second—indicating the internationalization of the topic and the growing involvement of emerging academic and industrial centers.
To determine whether the changes in the number of publications across the analyzed years and countries were statistically significant, a chi-square test was performed (Table 5):
  • Chi-square value (χ2): 26.1
  • Degrees of freedom: 11
  • p-value: 0.01
Since the p-value was less than 0.05, a statistically significant relationship was observed between the year of publication and the country of origin. In other words, the variation in publication distribution was not random and may be attributed to political, financial, or infrastructural conditions that supported research activities in specific countries.
In summary, the United States maintained its leading position in the field of electromobility and digital security research. China and Canada demonstrated a marked increase in research activity after 2020, which may be attributed to the implementation of aggressive national technology strategies. A significant rise in publication volume was also observed in India, as well as in countries such as the United Kingdom, Australia, Italy, and Turkey, which had previously not been represented in this research domain. Germany exhibited a stable publication output, reinforcing its long-standing commitment to engineering and energy-related research. Conversely, Brazil was the only country that did not continue its publishing activity beyond 2020, potentially indicating a shift in research priorities or funding. The chi-square statistical analysis confirmed that the observed geographic redistribution of publications was statistically significant and likely reflects deliberate research policies and national initiatives aimed at advancing innovation in the domains of electric vehicles and cybersecurity.

4.3. Methodological and Thematic Relationships

Figure 10 presents a detailed analysis of the distribution of research methods used in scientific publications in the field of cybersecurity in the context of electromobility.
The data were structured along two dimensions: the type of research methodology applied (horizontal axis) and the security-related thematic category (vertical axis). The analysis incorporated four primary methodological approaches:
  • Experiment;
  • Literature Analysis;
  • Case Study;
  • Conceptual;
As well as four thematic categories:
  • Authentication and Cryptography;
  • Cyber Attacks;
  • Intrusion and Anomaly Detection;
  • Blockchain.
The Authentication and Cryptography thematic area accounted for the largest number of publications, with 81 studies divided into:
  • 37 conceptual works;
  • 30 experimental studies;
  • 14 literature reviews;
  • 0 case studies.
This distribution indicates a strong theoretical foundation in the domain of authentication and cryptographic mechanisms, accompanied by a substantial volume of experimental research. The relatively high number of experimental publications suggests that authentication and encryption algorithms are actively being tested and deployed within real-world EV system environments. The absence of case studies may reflect a limited number of institution-specific implementations documented through in-depth field analysis.
The category of Cyber Attacks encompassed a total of 68 publications, distributed as follows:
  • 27 experimental studies;
  • 23 conceptual papers;
  • 14 literature analyses;
  • 4 case studies.
This area demonstrates a strong focus on applied research, particularly through experimental approaches, which is justified by the need to validate security mechanisms against real-world attack scenarios. The presence of case studies, although limited in number, suggests that specific incidents or implementations have been analyzed in detail, providing valuable insights into actual system vulnerabilities and defense strategies.
In the thematic category of Intrusion and Anomaly Detection, 35 publications were identified, derived in a manner:
  • 14 conceptual studies
  • 13 experimental studies
  • 5 literature analyses
  • 3 case studies
Compared to the other categories, Intrusion and Anomaly Detection exhibits a moderate methodological distribution. The relatively high number of conceptual and experimental studies indicates an ongoing phase of active development and testing of anomaly detection algorithms. In contrast, the limited number of case studies suggests that the implementation of these technologies remains at an early stage in real-world systems.
The Blockchain category was the least represented topic category, containing 25 publications, including:
  • 12 conceptual studies
  • 9 experimental studies
  • 2 literature reviews
  • 0 case studies
The field of Blockchain is characterized by a strong dominance of theoretical research, suggesting that its application to electromobility security is still in the preliminary development stage, with limited practical implementation (as evidenced by the absence of case studies). Nevertheless, the presence of experimental studies indicates initial attempts at integrating blockchain with transaction systems or charging infrastructure.
In summary, the Authentication and Cryptography and Cyber Attacks categories are characterized by the largest number of experimental studies, which highlights their technological maturity and advanced level of practical application. In contrast, Blockchain and Intrusion and Anomaly Detection remain dominated by conceptual research, indicating that these areas are still being formulated and tested and are less frequently deployed in actual EV systems.
The case study methodology was minimally represented across all categories, suggesting a need for further documentation of real-world implementations and comparative analyses between different deployment environments. Literature reviews were most frequently applied in traditional security domains (e.g., Authentication and Cyber Attacks), which reflects a well-developed knowledge base and the existence of a large body of prior research in these areas. Overall, the methodological matrix points toward a shift from conceptual research to experimental validation, which may indicate the increasing maturity of machine learning and cybersecurity technologies within the electromobility domain.
Figure 11 presents a heat map matrix illustrating the relationship between cybersecurity categories and technological/infrastructural domains in the context of electromobility. For each intersection between a technological area and a security category, the matrix indicates the number of publications that addressed both topics simultaneously. This visualization allows for a clearer assessment of the technical contexts in which issues such as authentication, cyber attacks, anomaly detection, and blockchain have been most frequently studied.
The Vehicle Charging category emerged as the most represented in the literature, underscoring its significance as a critical node within the electromobility infrastructure. Within this group, the following distribution of publications was observed:
  • 41 publications focused on Authentication and Cryptography;
  • 32 related to Cyber Attacks;
  • 18 addressed Intrusion and Anomaly Detection;
  • 9 covered Blockchain.
These high values indicate that charging stations represent a highly sensitive element of the EV system from a cybersecurity perspective. This context requires robust mechanisms for both user and vehicle authentication, as well as protection against attacks such as spoofing, denial-of-service (DoS), and malware. The moderate representation of Blockchain suggests that this technology is being explored for identity verification, energy transaction settlement, and traceability applications.
The second most frequently studied area involved the integration of EVs with the power grid (V2G—vehicle-to-grid). This area featured the following number of publications:
  • 25 focused on Authentication and Cryptography;
  • 23 related to Cyber Attacks;
  • 9 addressing Intrusion and Anomaly Detection;
  • 6 concerning Blockchain.
This distribution highlights the critical need to secure the communication between electric vehicles and the grid. Ensuring confidentiality and integrity of real-time data exchange is essential, along with protection against manipulation in energy accounting and scheduling. The relatively lower presence of anomaly detection algorithms and blockchain applications suggests that these are still emerging areas of research rather than fully implemented technologies.
In onboard systems, i.e., those located directly within electric vehicles (EVs), the total number of publications was lower, yet the distribution was more balanced:
  • 15 publications addressed Authentication and Cryptography;
  • 16 focused on Cyber Attacks;
  • 8 were related to Intrusion and Anomaly Detection;
  • 8 discussed Blockchain.
This relatively even distribution suggests a comprehensive approach to securing the internal layers of the vehicle, where multiple layers of protection must be implemented simultaneously. Onboard systems—such as the Battery Management System (BMS), motor control units, and user interfaces—are vulnerable to both physical tampering and remote Cyber attacks. Blockchain is gaining traction as a potential platform for permission management and logging of diagnostic and service operations.
Table 6 highlights the methodological distribution of studies across four cybersecurity domains. Authentication and Cryptography (81 publications) and Cyber Attacks (68 publications) dominate, with conceptual and experimental works prevailing in both categories. In contrast, Intrusion and Anomaly Detection (35 publications) and Blockchain (25 publications) remain less developed, showing more balanced but still emerging research profiles with limited case study evidence. Across all three categories, Authentication and Cryptography remained the most prevalent topic, clearly confirming that identity, data, and access protection are fundamental requirements in all electromobility architectures. The use of Blockchain remains moderate but steadily increasing, indicating that its full potential has yet to be fully exploited. Future research may further explore this technology as a component for data transparency and non-repudiation.
In Section 4, a detailed quantitative analysis of the scientific literature on cybersecurity in electromobility was conducted. This analysis was based on the data presented in tabular format and corresponding visualizations, categorized by two time periods: 2017–2020 and 2021–2024. Additionally, chi-square tests were applied to assess the statistical significance of changes in data distributions.
The first step involved examining the overall trends in the number of scientific publications. Both the table and the corresponding bar chart revealed that the number of publications increased from 26 in 2017–2020 to 76 in 2021–2024. This represents an almost threefold increase in research activity, confirming growing interest in digital security in the context of EV development. This rise was deemed significant, and its statistical relevance was confirmed in subsequent analyses.
Further classification was performed according to document types. The chart indicates that journal articles and conference proceedings were the most frequently published formats. A total of 11 journal articles were recorded before 2020, compared to 37 after 2020. Likewise, conference papers increased from 15 to 37 over the same periods. Although other document types remained marginal, their appearance in the more recent period may reflect a diversification of knowledge sources within this emerging research domain.
Another classification focused on the thematic scope of the analyzed publications. Four main categories were identified: Authentication and Cryptography, Cyber Attacks, Intrusion and Anomaly Detection, and Blockchain. The most significant increase in the number of publications was observed in the area of Cyber Attacks, which grew from 6 to 35 publications. While Authentication and Cryptography experienced a less dynamic rise (from 21 to 27), it remained the most frequently represented category. This distribution is considered logical given the increasing risk of attacks in intelligent transportation systems and the ongoing development of defensive mechanisms.
The subsequent methodological analysis addressed the type of research approach used. The largest increase was observed in experimental studies, which rose from 15 to 46 publications, and in conceptual papers, which increased from 20 to 48. Literature reviews also grew, from 6 to 26, while case studies appeared only after 2020, totaling 7 publications. This trend suggests growing research maturity in the field, alongside a stronger focus on practical implementation and validation efforts.
A significant portion of the analysis also addressed the technological and infrastructural context. The highest number of publications was related to vehicle charging, increasing from 21 to 63, highlighting the central role of this area. Grid integration grew from 16 to 35 publications, and vehicle systems from 7 to 29. These trends indicate that cybersecurity concerns must be considered both in localized contexts (e.g., the EV itself) and at the infrastructure level (i.e., energy networks and charging stations).
The geographic analysis revealed that the highest number of publications originated from the United States (33 in total), followed by China (19 in total) and Canada (18 in total). An increase in publications was also noted in countries previously unrepresented in the literature, including India, Australia, Italy, and Turkey. This increase was confirmed to be statistically significant, as evidenced by a chi-square test result of χ2 = 26.1 with 11 degrees of freedom and a p-value of 0.01. This indicates that the changes in publication distribution over time and across countries were not random, but likely influenced by national research policies and strategic investments.
Further analyses provided insight into the relationships between research methodologies and thematic categories, as well as between technological areas and cybersecurity domains. In the context of Authentication and Cryptography, conceptual and experimental approaches predominated. In contrast, studies on Cyber Attacks employed a diverse array of methods, including case studies, which highlights the applied and practical nature of this topic.
In terms of infrastructure, cybersecurity was most frequently addressed in the context of vehicle charging, as confirmed by a total of 100 publications in this area. While less research attention was dedicated to grid integration and vehicle systems, both areas also showed notable increases in scholarly interest.
In conclusion, based on the analyzed tables and visualizations, it can be stated that recent years have witnessed a marked increase in research related to cybersecurity in electromobility. These studies have grown in complexity, demonstrated broader engagement from emerging economies, and revealed strong connections to technical infrastructure. The application of chi-square testing confirmed that these changes were statistically significant, thus reflecting genuine developmental trends in the scientific literature.

5. Discussion

This review set out to synthesize where cybersecurity risks concentrate across the EV ecosystem and which countermeasures the literature treats as credible at today’s deployment scale. Across the corpus, the charging interface emerges as the primary exposure point: it couples users, vehicles, backend services and the distribution grid, and it concentrates authentication, metering and payment flows. Quantitatively, publication activity after 2020 accelerated and shifted from foundations (crypto, access control) toward attack modelling and intrusion/anomaly detection, which is consistent with the sector’s move from pilots to operation at scale. The dataset shows a near-threefold rise in publications from 26 (2017–2020) to 76 (2021–2024), with charging, grid integration and onboard systems all trending upward in security coverage.

5.1. What the Evidence Says About the Threat Surface

Three layers concentrate risk:
  • Protocol and session layer (EV–EVSE–backend). Work dissecting ISO 15118 highlights weaknesses around certificate lifecycle, session take-over and availability of Plug & Charge when misconfigured; wireless access proposals (WAS) add new benefits but also new abuse paths if proximity and signaling are not robustly verified [11,13]. Schemes hardening mutual authentication with PUF and lightweight crypto reduce cost/latency and raise spoofing resistance in dynamic and wireless charging [36], while zero-knowledge proof (ZKP) approaches target privacy of use-patterns without involving a central authority [25,48].
  • Operations and market layer. Work on tariff and billing integrity shows how manipulation of metering/price signals or free-riding during wireless charging can distort settlements or incentivize abusive behaviors; blockchain-backed contracts (and proof-of-behaviour (PoB)-type consensus) are explored to ensure auditability and deter misuse while preserving user confidentiality [16]. Architectural reviews of Electric vehicle supply equipment (EVSE) platforms point to gaps in security monitoring and incident response that keep recurring across brands and operators [26].
  • Grid-coupling layer. Several studies model coordinated attacks that exploit the aggregate flexibility of EV fleets. Examples include distributed denial-of-service (DDoS) on EVSE control backbones or mobile apps, false data injection attacks (FDIA)on state estimation, and modal/oscillatory forcing against coordinated charging that propagates into frequency/voltage control; the literature reports material stability and latency impacts in simulation and co-simulation settings [14,33,34,41,43,45]. In vehicle-to-grid (V2G) scenarios, adversarial price manipulation can steer charging/discharging to harm feeders in IEEE test networks [19].

5.2. Defenses That Scale with Deployment

Defensive themes coalesce around four families:
  • Hardened authentication and crypto. Beyond ISO 15118’s Public Key Infrastructure (PKI), the trend is toward hardware-rooted identities, short-lived credentials and context-bound sessions (location, proximity, Radio Frequency (RF) traits). Lightweight, post-quantum-ready designs are called for at the edge where compute and energy are tight [11,15,36,42].
  • Detection and response. Intrusion/anomaly detection blends physics-aware features with learned behaviors. Results favor deep models (autoencoders, LSTM/GRU) and edge/fog deployment to push latency down and resilience up; hybrid schemes combining signatures with behavior improve coverage against novel patterns [28,37,43,46].
  • Privacy-preserving settlement. Blockchain and smart contracts appear whenever transparency, non-repudiation and privacy of mobility traces must be balanced; zero-knowledge proofs (ZKP) and pseudonymous protocols reduce traceability while keeping audits feasible [16,25,42,48].
  • Architecture and zero-trust. The literature and our quantitative split both point to architectures that assume every interface can be hostile: verify each request end-to-end, segment control from metering and payments, and instrument runtime monitoring compliant with IEC 62351-7-style telemetry [25].

5.3. Methods, Data and Where the Evidence Is Thin

Methodologically, the field leans on experimental and conceptual work, with case studies still scarce. That imbalance matters: simulated datasets and lab prototypes can overstate detector performance and understate integration/operational friction. The geographic split (rise of US/China/Canada; new entrants like India, Australia, Italy, Turkey) suggests targeted public investment is steering output rather than random drift (χ2 analysis reported in Section 4). It should be noted that the χ2 analyses reported earlier can be replicated directly from the category counts shown in Table 3 and Table 4, as these tables provide the complete underlying distributions used in the tests.
Throughout the article, and particularly in the sections presenting analysis and conclusions, the text indicates whether the evidence discussed originates from simulation-based studies or from real-world implementations. This distinction helps clarify the strength and applicability of the findings, as simulation results may not fully capture the practical challenges of deployment, while field evidence provides direct insights into operational contexts. By noting the type of underlying data, the synthesis ensures that readers can interpret the recommendations with appropriate consideration of their evidentiary basis.

5.4. Practical Implications

The analysis highlights that electric vehicle (EV) charging infrastructures constitute a critical vulnerability point within the broader smart grid ecosystem. Attacks targeting these infrastructures not only threaten service continuity but also risk cascading effects on distribution networks and consumer trust. To strengthen resilience, practical measures must be adopted by different stakeholder groups. For DSOs (Distribution System Operators) and TSOs (Transmission System Operators), ensuring the integrity of control signals to EVSE fleets is essential. Public Key Infrastructure (PKI)-based authentication should be implemented to prevent malicious command injection [81,114]. Monitoring load curves through feeder-level anomaly detection allows for early identification of synchronized charging events that may stem from coordinated botnet attacks [115,116]. Stress-testing tariff broadcast and demand-response systems using penetration testing techniques ensures robustness against spoofing and replay attacks [14,117]. Further, blockchain-enabled auditing frameworks can support transparent verification of load balancing commands and pricing adjustments [118]. Simulation studies demonstrate how improper communication security may destabilize the grid [119], while field evidence from smart grid pilots confirms that authenticated, encrypted control channels reduce operational risks [120]. DSOs should also leverage intrusion detection tailored to cyber–physical energy systems, which combine anomaly recognition with real-time telemetry [121]. Finally, cross-domain lessons from industrial control systems and healthcare infrastructures highlight the importance of harmonized standards and continuous monitoring in preventing cascading failures [19,122]. CPOs (Charge Point Operators) and eMSPs (e-Mobility Service Providers) must automate certificate lifecycle management, using OCPP 2.0.1 certificate provisioning to reduce manual errors and enable rapid revocation of compromised devices [123,124]. Rate-limiting and API protection mechanisms should be systematically applied to mitigate denial-of-service (DoS) attacks [125]. Telemetry auditing—including charging duration, energy flow, and billing logs—can detect mismatches indicative of fraud or data tampering [11]. Proximity-based authentication, such as Wi-Fi Access Systems (WAS) or Ultra-Wideband (UWB), must be reinforced with secondary cryptographic verification via ISO 15118 Plug & Charge to ensure robust identity validation [126]. Field studies have shown that insecure APIs in charging management systems can be exploited for fraudulent session initiation, underlining the need for layered defenses. Research into blockchain-based settlement demonstrates the feasibility of tamper-resistant billing and roaming authentication mechanisms that directly support eMSPs in managing contractual obligations [47]. Experience from campus networks and banking systems further illustrates the risk of overload strategies and fraudulent access patterns, both of which are transferable to EVSE contexts [127]. Thus, operators should incorporate anomaly detection modules trained on domain-specific datasets to strengthen fraud prevention and ensure continuity of mobility services [128].
Original Equipment Manufacturers (OEMs) and Tier Suppliers must embed secure hardware roots of trust, such as Trusted Platform Modules or Secure Elements, to guarantee that only authenticated firmware can be executed on EVSE or vehicle components [129]. Secure boot processes reduce exposure to unauthorized firmware injection, while explainable intrusion detection systems enhance operator situational awareness by issuing interpretable alerts (e.g., “unauthorized firmware flash detected”) instead of generic fault codes. Minimalist ISO 15118 stack implementations, combined with regular third-party code audits, are crucial to avoid vulnerabilities arising from unnecessary complexity [123]. Blockchain can also be adopted at the OEM level to maintain transparent firmware update histories and to manage distributed trust across multiple suppliers [118]. Lessons learned from anomaly detection in IoT and autonomous vehicles suggest that adaptive, machine learning-based IDS should be incorporated into EV architectures to capture evolving threats [47,121]. Finally, cross-referencing security practices from adjacent sectors—such as financial services and critical infrastructure—demonstrates the importance of standardized certification schemes and coordinated disclosure processes [122,127].
Together, these measures emphasize that cybersecurity in EV charging infrastructure cannot be addressed in isolation. Practical safeguards must combine strong cryptographic foundations, robust anomaly detection, and transparent auditing mechanisms, applied consistently across DSOs/TSOs, CPOs/eMSPs, and OEMs/Tier suppliers.

6. Conclusions

Cybersecurity is no longer a side constraint in electromobility; it defines whether charging networks can scale without eroding grid stability, user trust or market integrity. The literature mapped in this review converges on the following consistent points:
  • The attack surface grows with interoperability. As EVSE density rises and V2G matures, coordinated abuse of scheduling, pricing and control channels becomes plausible at system scale [14,19,33,43].
  • The most credible defense posture combines robust, hardware-anchored authentication with continuous, physics-aware anomaly detection, and with privacy-preserving settlement. This looks like a zero-trust stance applied to a cyber–physical grid: verify identities and intents at each hop; offer the least privilege; monitor continuously; and fail safely.
  • Quantitatively, research attention has shifted from basic crypto to attacks and IDS, mirroring deployment realities, while case-based evidence remains limited and deserves priority in the next wave of studies.
The practical value of these findings spans operators, manufacturers and service providers: enforcing identity and session hardening at the edge, instrumenting EVSEs for runtime monitoring, and making settlement auditable without leaking mobility patterns are all tractable near-term steps. The barriers are equally concrete: computational cost at the edge, DDoS susceptibility of backend and field networks, inconsistent standards across stacks, and the immaturity of explainable AI for anomaly response.
The following avenues remain valid: Lightweight cryptographic and authentication algorithms (including post-quantum solutions) to secure communication in resource-constrained environments [8,9,10,11,15,22]; advanced anomaly and attack detection leveraging deep neural networks, federated learning and edge/fog computing [16,19,20,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48]; blockchain and smart contracts for transparent settlements, and to access control and privacy [17,49,50,51,52,53,54,55,56,57]; integration with smart grids and expansion of V2G services [12,18,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92]; secure V2X/IoT communication with low-latency, zero-trust standards [65,98,99,100,101,102,103,104,105,106,107,108,109,110,111]. These avenues should be undertaken with an emphasis on operational pilots and interoperability so that results transfer across vendors and regions.
Given the evidence synthesized in the articles, we recommend prioritizing the following: hardening ISO 15118 stacks and certificate workflows; evaluating WAS/UWB proximity only with multi-factor checks [11,13,47]; privacy-preserving authentication and billing using ZKP/PUF and selective-disclosure contracts to curb traceability and free-riding [16,36,42,48,81]; and grid-aware IDS tuned for EV-induced oscillations, FDIA and price-manipulation in V2G [14,19,33,34,43,45]. The findings presented reflect only those aspects of cybersecurity directly related to attacks, anomaly detection, and authentication in EV charging systems, without extending to the broader cybersecurity landscape.
Finally, the evidence base needs more field-grade datasets and open, standardized telemetry—preferably aligned with IEC 62351-7—to allow operators to benchmark detectors, share indicators and automate response without vendor lock-in.

Supplementary Materials

The following supporting information can be downloaded at: https://www.mdpi.com/article/10.3390/en18184847/s1, scopus.csv (raw Table S1. Scopus query results), Table S2. table4.csv and Table S3. table4_chi.csv (data and statistical analysis for Table 4), Table S4. table5.csv and Table S5. table5_chi.csv (data and statistical analysis for Table 5).

Author Contributions

Conceptualization, G.W.-J.; methodology, G.W.-J.; software, L.P.; validation, L.P.; formal analysis, J.L.W.-J.; investigation, P.T.G. and L.P.; resources, L.P.; data curation, L.P.; writing—original draft preparation, L.P., J.L.W.-J. and G.W.-J.; final writing—review and editing, P.T.G.; visualization, L.P.; supervision, J.L.W.-J., G.W.-J. and L.P.; project administration, J.L.W.-J. and L.P.; funding acquisition, J.L.W.-J. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding. This is the waiver paper. No APC.

Data Availability Statement

The original contributions presented in this study are included in the article. Further inquiries can be directed to the corresponding author.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Christoforidis, C.; Christakis, I.; Kotzasavva, F.; Fousekis, G.; Rimpas, D. Electric Vehicles Charging Stations and Their Influence on the Electricity Utility Grid. Arch. Automot. Eng. Arch. Motoryz. 2025, 107, 102–126. [Google Scholar] [CrossRef] [PubMed]
  2. Dhandapani, S.; Raja, T.; Murugan, V.; Selvaraj, J.; Rathinasamy, V. Comprehensive Review on Evolution, Progression, Design, and Exploration of Electric Bicycle. Arch. Automot. Eng. Arch. Motoryz. 2024, 105, 5–43. [Google Scholar] [CrossRef]
  3. Lučić, M.; Lukić, J.; Grujić, I. Statistical Analysis of Trends in Battery Electric Vehicles: Special Reference to Vehicle Weight Reduction, Electric Motor, Battery, and Interior Space Dimensions. Arch. Automot. Eng. Arch. Motoryz. 2024, 104, 63–96. [Google Scholar] [CrossRef]
  4. Małek, A.; Marciniak, A.; Bartnik, G. The Selection of an Electric Vehicle for the Existing Photovoltaic System—Case Study in Polish Climatic Conditions. Arch. Automot. Eng. Arch. Motoryz. 2024, 103, 38–56. [Google Scholar] [CrossRef]
  5. Małek, A.; Marciniak, A. Selection of the Photovoltaic System Power for the Electric Vehicle. Arch. Automot. Eng. Arch. Motoryz. 2023, 100, 44–61. [Google Scholar] [CrossRef]
  6. Szumska, E.; Skuza, A.; Jurecki, R. The Analysis of Energy Recovered by an Electric Vehicle during Selected Braking Manoeuvres. Arch. Automot. Eng. Arch. Motoryz. 2023, 99, 18–29. [Google Scholar] [CrossRef]
  7. Kieracińska, A.; Piórkowski, P. Analysis of the Reasonableness of Using Electric Drives in Motor Vehicles. Arch. Automot. Eng. Arch. Motoryz. 2016, 74, 47–58. [Google Scholar] [CrossRef]
  8. Lin, Q.; Li, T.; Zhao, Y.; Guan, J.; Zhang, W.; Wang, X. Research on Charging Infrastructure Related Detection Technology Based on GAN. In Proceedings of the 2023 2nd International Conference on Clean Energy Storage and Power Engineering (CESPE), Xi’an, China, 15–16 December 2023; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2023; pp. 57–62. [Google Scholar]
  9. Mousavian, S.; Erol-Kantarci, M.; Wu, L.; Ortmeyer, T. A Risk-Based Optimization Model for Electric Vehicle Infrastructure Response to Cyber Attacks. IEEE Trans. Smart Grid 2018, 9, 6160–6169. [Google Scholar] [CrossRef]
  10. Hamied, M.H.A. Authentication of the Electric Vehicle with the Charging Station Using AAA Framework. In Proceedings of the 2023 3rd International Conference on Computing and Information Technology (ICCIT), Tabuk, Saudi Arabia, 13–14 September 2023; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2023; pp. 186–191. [Google Scholar]
  11. Jakó, Z.; Knapp, Á.; Sayed, N.E. Wireless Authentication Solution and TTCN-3 Based Test Framework for ISO-15118 Wireless V2G Communication. Infocommunications J. 2019, 11, 39–47. [Google Scholar] [CrossRef]
  12. Basnet, M.; Ali, M.H. Deep Learning-Based Intrusion Detection System for Electric Vehicle Charging Station. In Proceedings of the 2020 2nd International Conference on Smart Power & Internet Energy Systems (SPIES), Bangkok, Thailand, 15–18 September 2020; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2020; pp. 408–413. [Google Scholar]
  13. Bao, K.; Valev, H.; Wagner, M.; Schmeck, H. A Threat Analysis of the Vehicle-to-Grid Charging Protocol ISO 15118. Comput. Sci. Res. Dev. 2018, 33, 3–12. [Google Scholar] [CrossRef]
  14. Aljohani, T.; Almutairi, A. Modeling Time-Varying Wide-Scale Distributed Denial of Service Attacks on Electric Vehicle Charging Stations. Ain Shams Eng. J. 2024, 15, 102860. [Google Scholar] [CrossRef]
  15. Li, Z.; Sun, Z. A Cross-Domain Authentication Scheme for Electric Vehicle Intelligent Charging for Multiple Power Service Providers. In Proceedings of the 2023 13th International Conference on Communication and Network Security, Fuzhou, China, 6–8 December 2023; Association for Computing Machinery: New York, NY, USA, 2023; pp. 26–31. [Google Scholar]
  16. Zhang, X.; Liu, C.; Chai, K.K.; Poslad, S. A Privacy-Preserving Consensus Mechanism for an Electric Vehicle Charging Scheme. J. Netw. Comput. Appl. 2021, 174, 102908. [Google Scholar] [CrossRef]
  17. Sharma, G.; Joshi, A.M.; Mohanty, S.P. sTrade: Blockchain Based Secure Energy Trading Using Vehicle-to-Grid Mutual Authentication in Smart Transportation. Sustain. Energy Technol. Assess. 2023, 57, 103296. [Google Scholar] [CrossRef]
  18. Cirimele, V.; Diana, M.; Bellotti, F.; Berta, R.; El Sayed, N.; Kobeissi, A.; Guglielmi, P.; Ruffo, R.; Khalilian, M.; La Ganga, A.; et al. The Fabric ICT Platform for Managing Wireless Dynamic Charging Road Lanes. IEEE Trans. Veh. Technol. 2020, 69, 2501–2512. [Google Scholar] [CrossRef]
  19. Yin, H.; Liu, D.; Weng, J. Risk Analysis of Cyber Physical Distribution System Considering Cyber Attacks on V2g System. In Proceedings of the 10th Renewable Power Generation Conference (RPG 2021), Online, 14–15 October 2021; Institution of Engineering and Technology: Stevenage, UK, 2021; Volume 2021, pp. 841–846. [Google Scholar]
  20. Basnet, M.; Ali, M.H. Exploring Cybersecurity Issues in 5G Enabled Electric Vehicle Charging Station with Deep Learning. IET Gener. Transm. Distrib. 2021, 15, 3435–3449. [Google Scholar] [CrossRef]
  21. van Eck, N.J.; Waltman, L. Software Survey: VOSviewer, a Computer Program for Bibliometric Mapping. Scientometrics 2010, 84, 523–538. [Google Scholar] [CrossRef]
  22. Kanz Abdillah, H.; Wildan Rizkia, N.A.H.; Sidharta, S. Exploring the Role of Artificial Intelligence in Enhancing Battery Performance and Mitigating Cybersecurity Threats in Electric Vehicles: A Systematic Literature Review. Procedia Comput. Sci. 2024, 245, 155–165. [Google Scholar] [CrossRef]
  23. Pazos-Revilla, M.; Alsharif, A.; Gunukula, S.; Guo, T.N.; Mahmoud, M.; Shen, X. Secure and Privacy-Preserving Physical-Layer-Assisted Scheme for EV Dynamic Charging System. IEEE Trans. Veh. Technol. 2018, 67, 3304–3318. [Google Scholar] [CrossRef]
  24. Gabay, D.; Akkaya, K.; Cebe, M. Privacy-Preserving Authentication Scheme for Connected Electric Vehicles Using Blockchain and Zero Knowledge Proofs. IEEE Trans. Veh. Technol. 2020, 69, 5760–5772. [Google Scholar] [CrossRef]
  25. Reghunath, R.; Sayed, M.A.; Sarieddine, K.; Atallah, R.; Jafarigiv, D.; Kassouf, M.; Assi, C.; Ghafouri, M. A Real-Time Monitoring Architecture for Enhanced Cybersecurity in the EV Ecosystem. In Proceedings of the IECON 2024—50th Annual Conference of the IEEE Industrial Electronics Society, Chicago, IL, USA, 3–6 November 2024; IEEE Computer Society: Washington, DC, USA, 2024. [Google Scholar]
  26. Ronanki, D.; Karneddi, H. Electric Vehicle Charging Infrastructure: Review, Cyber Security Considerations, Potential Impacts, Countermeasures, and Future Trends. IEEE J. Emerg. Sel. Top. Power Electron. 2024, 12, 242–256. [Google Scholar] [CrossRef]
  27. Sepehrzad, R.; Faraji, M.J.; Al-Durra, A.; Sadabadi, M.S. Enhancing Cyber-Resilience in Electric Vehicle Charging Stations: A Multi-Agent Deep Reinforcement Learning Approach. IEEE Trans. Intell. Transp. Syst. 2024, 25, 18049–18062. [Google Scholar] [CrossRef]
  28. Basnet, M.; Ali, M.H. Deep-Learning-Powered Cyber-Attacks Mitigation Strategy in the EV Charging Infrastructure. In Proceedings of the 2023 IEEE Power & Energy Society General Meeting (PESGM), Orlando, FL, USA, 16–20 July 2023; IEEE Computer Society: Washington, DC, USA, 2023. [Google Scholar]
  29. Fard, M.F.; Huo, X.; Liu, M. Exploration of For-Purpose Decentralized Algorithmic Cyber Attacks in EV Charging Control. In Proceedings of the 2023 IEEE 32nd International Symposium on Industrial Electronics (ISIE), Helsinki/Espoo, Finland, 19–21 June 2023; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2023. [Google Scholar]
  30. Sarkar, A.; Ray, S.K. Smart Contract-Based Electric Vehicle Charging: A Practice-Based Economy of Things Application. In Proceedings of the Pacific Asia Conference on Information Systems (PACIS 2020), Dubai, United Arab Emirates, 22–24 June 2020; Association for Information Systems: Atlanta, GA, USA, 2020. [Google Scholar]
  31. Yaqub, R. Architecture and Protocols for Toll-Free Electric Vehicle Charging. World Electr. Veh. J. 2019, 10, 10. [Google Scholar] [CrossRef]
  32. Guo, S.; Chen, H.; Rahman, M.; Qian, X. DCA: Delayed Charging Attack on the Electric Shared Mobility System. IEEE Trans. Intell. Transp. Syst. 2023, 24, 12793–12805. [Google Scholar] [CrossRef]
  33. Gumrukcu, E.; Arsalan, A.; Muriithi, G.; Joglekar, C.; Aboulebdeh, A.; Zehir, M.A.; Papari, B.; Monti, A. Impact of Cyber-Attacks on EV Charging Coordination: The Case of Single Point of Failure. In Proceedings of the 2022 4th Global Power, Energy and Communication Conference (GPECOM), Cappadocia, Turkey, 14–17 June 2022; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2022; pp. 506–511. [Google Scholar]
  34. Zhou, Y.; Xu, H.; Liu, W.; Li, Y. Malicious Mode Attack on Electric Vehicle Coordinated Charging and Its Defense Strategy. Sustain. Energy Grids Netw. 2024, 39, 101440. [Google Scholar] [CrossRef]
  35. Chen, C.-M.; Miao, Q.; Khan, F.; Srivastava, G.; Kumari, S. Sustainable Secure Communication in Consumer-Centric Electric Vehicle Charging in Industry 5.0 Environments. IEEE Trans. Consum. Electron. 2024, 70, 1544–1555. [Google Scholar] [CrossRef]
  36. Alshaeri, A.; Younis, M. Lightweight Authentication and Authorization Protocol for Dynamic Charging of Electric Vehicles. In Proceedings of the 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 8–11 January 2022; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2022; pp. 550–556. [Google Scholar]
  37. Feng, Q.; Li, H.; Zhou, Y.; Feng, D.; Wang, Y.; Su, Y. Review of Electric Vehicles’ Charging Data Anomaly Detection Based on Deep Learning. In Proceedings of the 2022 Power System and Green Energy Conference (PSGEC), Shanghai, China, 25–27 August 2022; Li, G., Li, Z., Eds.; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2022; pp. 337–341. [Google Scholar]
  38. Wang, Y.; Zhao, Z.; Qi, B.; Cheng, Y.; Tang, K.; Li, B. Vulnerability Analysis of an Electric Vehicle Fleet for Car-Sharing Service under Cyber Attacks. Sustain. Energy Grids Netw. 2024, 37, 101207. [Google Scholar] [CrossRef]
  39. Fahim, S.R.; Atat, R.; Kececi, C.; Takiddin, A.; Ismail, M.; Davis, K.R.; Serpedin, E. Generalized FDIA Detection in Power Dependent Electrified Transportation Systems. In Proceedings of the 2024 32nd European Signal Processing Conference (EUSIPCO), Lyon, France, 26–30 August 2024; IEEE: Washington, DC, USA, 2024; pp. 1851–1855. [Google Scholar]
  40. Wadi, M.; Shobole, A.; Elmasry, W.; Kucuk, I. Load Frequency Control in Smart Grids: A Review of Recent Developments. Renew. Sustain. Energy Rev. 2024, 189, 114013. [Google Scholar] [CrossRef]
  41. Attia, M.; Senouci, S.M.; Aglzim, E.-H. New Optimization and Security Approaches to Enhance the Smart Grid Performance and Reliability. In Proceedings of the 2016 7th International Conference on the Network of the Future (NOF), Búzios, Brazil, 16–18 November 2016; Duarte, O.C.M.B., Secci, S., Rubinstein, M.G., de Amorim, M.D., Eds.; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2017. [Google Scholar]
  42. Li, H.; Dan, G.; Nahrstedt, K. Portunes+: Privacy-Preserving Fast Authentication for Dynamic Electric Vehicle Charging. IEEE Trans. Smart Grid 2017, 8, 2305–2313. [Google Scholar] [CrossRef]
  43. Sarieddine, K.; Sayed, M.A.; Torabi, S.; Atallah, R.; Assi, C. Edge-Based Detection and Localization of Adversarial Oscillatory Load Attacks Orchestrated by Compromised EV Charging Stations. Int. J. Electr. Power Energy Syst. 2024, 156, 109735. [Google Scholar] [CrossRef]
  44. Peng, X.; Duan, S.; Sankavaram, C.; Jin, X. Unsupervised Adaptive Fleet Battery Pack Fault Detection with Concept Drift under Evolving Environment. IEEE Trans. Autom. Sci. Eng. 2024, 21, 2276–2288. [Google Scholar] [CrossRef]
  45. Kern, D.; Krauß, C. Analysis of E-Mobility-Based Threats to Power Grid Resilience. In Proceedings of the 5th ACM Computer Science in Cars Symposium, Ingolstadt, Germany, 30 November 2021; Spencer, S.N., Ed.; Association for Computing Machinery Inc.: New York, NY, USA, 2021. [Google Scholar]
  46. Lin, Z.; Li, J. FedEVCP: Federated Learning-Based Anomalies Detection for Electric Vehicle Charging Pile. Comput. J. 2024, 67, 1521–1530. [Google Scholar] [CrossRef]
  47. Rinaldi, S.; Depari, A.; Ferrari, P.; Flammini, A.; Mondini, E.; Pasetti, M.; Sisinni, E. An Evaluation of UWB for Location-Based Hands-Free Authentication Charging of Electric Vehicles. In Proceedings of the 2022 IEEE 31st International Symposium on Industrial Electronics (ISIE), Anchorage, AK, USA, 1–3 June 2022; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2022; pp. 696–701. [Google Scholar]
  48. Gabay, D.; Cebe, M.; Akkaya, K. Poster: On the Overhead of Using Zero-Knowledge Proofs for Electric Vehicle Authentication. In Proceedings of the WiSec’19: 12th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Miami, FL, USA, 15–17 May 2019; Association for Computing Machinery, Inc.: New York, NY, USA, 2019; pp. 347–348. [Google Scholar]
  49. Wei, F.; Lin, X. Cyber-Physical Attack Launched from EVSE Botnet. IEEE Trans. Power Syst. 2024, 39, 3603–3614. [Google Scholar] [CrossRef]
  50. Sureshkumar, V.; Chinnaraj, P.; Saravanan, P.; Amin, R.; Rodrigues, J.J.P.C. Authenticated Key Agreement Protocol for Secure Communication Establishment in Vehicle-to-Grid Environment with FPGA Implementation. IEEE Trans. Veh. Technol. 2022, 71, 3470–3479. [Google Scholar] [CrossRef]
  51. Zhang, L.; Zhu, Y.; Ren, W.; Wang, Y.; Choo, K.-K.R.; Xiong, N.N. An Energy-Efficient Authentication Scheme Based on Chebyshev Chaotic Map for Smart Grid Environments. IEEE Internet Things J. 2021, 8, 17120–17130. [Google Scholar] [CrossRef]
  52. Mavikumbure, H.S.; Cobilean, V.; Wickramasinghe, C.S.; Phillips, T.; Varghese, B.J.; Carlson, B.; Rieger, C.; Pennington, T.; Manic, M. Physical Anomaly Detection in EV Charging Stations: Physics-Based vs. ResNet AE. In Proceedings of the 2023 IEEE 32nd International Symposium on Industrial Electronics (ISIE), Helsinki, Finland, 19–21 June 2023; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2023. [Google Scholar]
  53. Linnartz, P.; Winkens, A.; Ulbig, A. Analysis of Malicious Operation of Electric Vehicle CHARGING stations to Disrupt Stable Operation of Distribution Grids. In Proceedings of the CIRED Porto Workshop 2022: E-Mobility and Power Distribution Systems, Porto, Portugal, 2–3 June 2022; Institution of Engineering and Technology: Stevenage, UK, 2022; Volume 2022, pp. 990–994. [Google Scholar]
  54. Babu, P.R.; Amin, R.; Reddy, A.G.; Das, A.K.; Susilo, W.; Park, Y. Robust Authentication Protocol for Dynamic Charging System of Electric Vehicles. IEEE Trans. Veh. Technol. 2021, 70, 11338–11351. [Google Scholar] [CrossRef]
  55. Soares, A.A.Z.; Mattos, D.M.F.; Lopes, Y.; Medeiros, D.S.V.; Fernandes, N.C.; Muchaluat-Saade, D.C. An Efficient Authentication Mechanism Based on Software-Defined Networks for Electric Vehicles. In Proceedings of the 2019 IEEE 28th International Symposium on Industrial Electronics (ISIE), Vancouver, BC, Canada, 12–14 June 2019; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2019; pp. 2471–2476. [Google Scholar]
  56. Kern, D.; Krauß, C.; Hollick, M. Detection of Anomalies in Electric Vehicle Charging Sessions. In Proceedings of the 39th Annual Computer Security Applications Conference, Austin, TX, USA, 4–8 December 2023; Association for Computing Machinery: New York, NY, USA, 2023; pp. 298–309. [Google Scholar]
  57. Kilic, A. TLS-Handshake for Plug and Charge in Vehicular Communications. Comput. Networks 2024, 243, 110281. [Google Scholar] [CrossRef]
  58. Kilari, V.T.; Yu, R.; Misra, S.; Xue, G. Robust Revocable Anonymous Authentication for Vehicle to Grid Communications. IEEE Trans. Intell. Transp. Syst. 2020, 21, 4845–4857. [Google Scholar] [CrossRef]
  59. Khan, O.G.M.; Elghitani, F.; Youssef, A.; Salama, M.; El-Saadany, E.F. Real-Time Congestion-Aware Charging Station Assignment Model for EVs. IEEE Internet Things J. 2024, 11, 11723–11736. [Google Scholar] [CrossRef]
  60. Akbarian, A.; Bahrami, M.; Vakilian, M.; Lehtonen, M. Vulnerability of EV Charging Stations to Cyber Attacks Manipulating Prices. In Proceedings of the 2023 International Conference on Future Energy Solutions (FES), Vaasa, Finland, 12–14 June 2023; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2023. [Google Scholar]
  61. Nguyen, T.-V.; Sun, H.; Wang, H.; Hu, R.Q. Authentication and PHY-Security Schemes for Electric Vehicle Dynamic Wireless Charging. IEEE Trans. Veh. Technol. 2024, 73, 1698–1712. [Google Scholar] [CrossRef]
  62. Afrin, S.; Kwasinski, A. A Privacy-Preserving Method with Flexible Charging Schedules for Electric Vehicles in the Smart Grid. In Proceedings of the 2017 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Bhubaneswar, India, 17–20 December 2017; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2018; pp. 1–6. [Google Scholar]
  63. Yazdanipour, S.; Arani, M.F.M.; Jahromi, A.A. Investigating Cyberattacks Against Off-Grid Solar-Powered Electric Vehicle Charging Stations. In Proceedings of the 2024 IEEE/PES Transmission and Distribution Conference and Exposition (T&D), Anaheim, CA, USA, 6–9 May 2024; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2024. [Google Scholar]
  64. ISO 15118-20:2022(En); Road Vehicles—Vehicle to Grid Communication Interface—Part 20: 2nd Generation Network Layer and Application Layer Requirements. International Organization for Standardization. International Electrotechnical Commission: Geneva, Switzerland, 2022. Available online: https://www.iso.org/obp/ui/en/#iso:std:iso:15118:-20:ed-1:v1:en (accessed on 1 September 2025).
  65. Plappert, C.; Jäger, L.; Irrgang, A.; Potluri, C. Secure Multi-User Contract Certificate Management for ISO 15118-20 Using Hardware Identities. In Proceedings of the 18th International Conference on Availability, Reliability and Security, Benevento, Italy, 29 August–1 September 2023; Association for Computing Machinery: New York, NY, USA, 2023. [Google Scholar]
  66. Yang, Y.; Li, J. Electric Vehicle Charging Anomaly Detection Method Based on Multivariate Gaussian Distribution Model. In Proceedings of the 2022 Asia Conference on Electrical, Power and Computer Engineering, Shanghai, China, 22–24 April 2022; Association for Computing Machinery: New York, NY, USA, 2022. [Google Scholar]
  67. Fattahi, J. A Federated Byzantine Agreement Model to Operate Offline Electric Vehicle Supply Equipment. IEEE Trans. Smart Grid 2024, 15, 2004–2016. [Google Scholar] [CrossRef]
  68. Jahangir, H.; Lakshminarayana, S.; Poor, H.V. Charge Manipulation Attacks Against Smart Electric Vehicle Charging Stations and Deep Learning-Based Detection Mechanisms. IEEE Trans. Smart Grid 2024, 15, 5182–5194. [Google Scholar] [CrossRef]
  69. Kapassa, E.; Themistocleous, M.; Christodoulou, K.; Iosif, E. Blockchain Application in Internet of Vehicles: Challenges, Contributions and Current Limitations. Future Internet 2021, 13, 313. [Google Scholar] [CrossRef]
  70. Chen, C.-M.; Hao, Y.; Wu, T.-Y. Discussion of “Ultra Super Fast Authentication Protocol for Electric Vehicle Charging Using Extended Chaotic Maps” . IEEE Trans. Ind. Appl. 2023, 59, 2091–2092. [Google Scholar] [CrossRef]
  71. Eghtessad, S.; Hasanli, T.; Huynh, R.; Workneh, K.; Ibrahem, M.I.; Fouda, M.M. A Survey on Privacy Preservation Methods in Future Vehicular Networks. In Proceedings of the 2023 11th International Conference on Information and Communication Technology (ICoICT), Melaka, Malaysia, 23–24 August 2023; IEEE: Washington, DC, USA, 2023; pp. 319–325. [Google Scholar]
  72. Van Den Brink, H. The Need for Cybersecurity within the Electric Vehicle Infrastructure. In Proceedings of the EVS—International Electric Vehicle Symposium and Exhibition, Stuttgart, Germany, 9–11 October 2017; Landesmesse Stuttgart GmbH: Stuttgart, Germany, 2017. [Google Scholar]
  73. Albanese, E.; Terruggia, R. Secure and Resilient Iot and Cloud-Based Infrastructure for Electric Vehicles Recharge Systems. IET Conf. Proc. 2023, 2023, 2059–2063. [Google Scholar] [CrossRef]
  74. Bourass, A.; Cherkaoui, S.; Khoukhi, L. Secure Communication Scheme for Electric Vehicles in the Smart Grid. In Proceedings of the GLOBECOM 2017—2017 IEEE Global Communications Conference, Singapore, 4–8 December 2017; IEEE: Washington, DC, USA, 2017; pp. 1–5. [Google Scholar]
  75. Kern, D.; Krauß, C.; Hollick, M. Attack Analysis and Detection for the Combined Electric Vehicle Charging and Power Grid Domains. In Proceedings of the 19th International Conference on Availability, Reliability and Security, Vienna, Austria, 30 July–2 August 2024; Association for Computing Machinery: New York, NY, USA, 2024. [Google Scholar]
  76. Girdhar, M.; Hong, J.; Lee, H.; Song, T.-J. Hidden Markov Models-Based Anomaly Correlations for the Cyber-Physical Security of EV Charging Stations. IEEE Trans. Smart Grid 2022, 13, 3903–3914. [Google Scholar] [CrossRef]
  77. Patel, T.; Jhaveri, R.H.; Sidana, S.; Benedetto, F. Empowering Energy Transition: Detecting Cyber Threats in EV Charging Infrastructure through ML and XAI Analysis. In Proceedings of the 2024 International Conference on Sustainable Energy: Energy Transition and Net-Zero Climate Future (ICUE), Pattaya City, Thailand, 21–23 October 2024; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2024. [Google Scholar]
  78. Garg, S.; Kaur, K.; Kaddoum, G.; Gagnon, F.; Rodrigues, J.J.P.C. An Efficient Blockchain-Based Hierarchical Authentication Mechanism for Energy Trading in V2G Environment. In Proceedings of the 2019 IEEE International Conference on Communications Workshops (ICC Workshops), Shanghai, China, 20–24 May 2019; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2019. [Google Scholar]
  79. Streubel, T.; Kattmann, C.; Eisenmann, A.; Rudion, K. Detection and Monitoring of Supraharmonic Anomalies of an Electric Vehicle Charging Station. In Proceedings of the 2019 IEEE Milan PowerTech, Milan, Italy, 23–27 June 2019; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2019. [Google Scholar]
  80. Li, M.; Ni, M.; Tong, H.; Ru, Y.; Xu, J.; Wu, Y. Risk Analysis of Electric Vehicles Connected to the Cyber-Physical Power System. In Proceedings of the 2021 IEEE Sustainable Power and Energy Conference (iSPEC), Nanjing, China, 23–25 December 2021; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2021; pp. 4203–4208. [Google Scholar]
  81. Sarieddine, K.; Sayed, M.A.; Torabi, S.; Attallah, R.; Jafarigiv, D.; Assi, C.; Debbabi, M. Uncovering Covert Attacks on EV Charging Infrastructure: How OCPP Backend Vulnerabilities Could Compromise Your System. In Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, Singapore, 1–5 July 2024; Association for Computing Machinery, Inc.: New York, NY, USA, 2024; pp. 987–999. [Google Scholar]
  82. Li, P.; Ou, W.; Liang, H.; Han, W.; Zhang, Q.; Zeng, G. A Zero Trust and Blockchain-Based Defense Model for Smart Electric Vehicle Chargers. J. Netw. Comput. Appl. 2023, 213, 103599. [Google Scholar] [CrossRef]
  83. Sayed, M.A.; Atallah, R.; Assi, C.; Debbabi, M. Electric Vehicle Attack Impact on Power Grid Operation. Int. J. Electr. Power Energy Syst. 2022, 137, 107784. [Google Scholar] [CrossRef]
  84. Yang, F.; Yang, Y.; Wang, X.; Ouyang, X.; Shuai, C. Electric Bikes Charging Anomaly Detection from Alternating Current Side Based on Big Data. Eng. Appl. Artif. Intell. 2024, 136, 109042. [Google Scholar] [CrossRef]
  85. Nisar, F.; Ramachandran, G.; Vilathgamuva, M.; Jurdak, R. Manipulation of Actual Demand in Electric Vehicles (MaD EV): A Cyber-Security Perspective. In Proceedings of the 2022 IEEE 7th Southern Power Electronics Conference (SPEC), Nadi, Fiji, 5–8 December 2022; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2022. [Google Scholar]
  86. ElGhanam, E.; Ahmed, I.; Hassan, M.; Osman, A. Authentication and Billing for Dynamic Wireless EV Charging in an Internet of Electric Vehicles. Futur. Internet 2021, 13, 257. [Google Scholar] [CrossRef]
  87. Rahman, S.; Aburub, H.; Mekonnen, Y.; Sarwat, A.I. A Study of EV BMS Cyber Security Based on Neural Network SOC Prediction. In Proceedings of the 2018 IEEE/PES Transmission and Distribution Conference and Exposition (T&D), Denver, CO, USA, 16–19 April 2018; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2018. [Google Scholar]
  88. Bourass, A.; Cherkaoui, S.; Khoukhi, L. Secure Optimal Itinerary Planning for Electric Vehicles in the Smart Grid. IEEE Trans. Ind. Inf. 2017, 13, 3236–3245. [Google Scholar] [CrossRef]
  89. Girdhar, M.; Hong, J.; Yoo, Y.; Song, T.-J. Machine Learning-Enabled Cyber Attack Prediction and Mitigation for EV Charging Stations. In Proceedings of the 2022 IEEE Power & Energy Society General Meeting (PESGM), Denver, CO, USA, 17–21 July 2022; IEEE Computer Society: Washington, DC, USA, 2022. [Google Scholar]
  90. Kilic, A. Plug and Charge Solutions with Vehicle-to-Grid Communication. Electr. Power Comp. Syst. 2023, 51, 1786–1814. [Google Scholar] [CrossRef]
  91. Mookherji, S.; Odelu, V.; Prasath, R. Secure Ultra Fast Authentication Protocol for Electric Vehicle Charging. Comput. Electr Eng. 2024, 119, 109512. [Google Scholar] [CrossRef]
  92. Xu, J.; Yu, X.; Tian, L.; Wang, J.; Zhou, L.; Liu, C. A Lightweight Security Authentication Method for the Charging Protocol of Smart Charging Pile. In Proceedings of the 2020 International Conference on Aviation Safety and Information Technology, Weihai, China, 14–16 October 2020; Association for Computing Machinery: New York, NY, USA, 2020; pp. 376–382. [Google Scholar]
  93. Shao, H.; Ma, Y.; Shao, B. A Lightweight Privacy-Preserving Authentication Scheme for Vehicle-to-Grid. In Proceedings of the 2024 6th Asia Energy and Electrical Engineering Symposium (AEEES), Chengdu, China, 28–31 March 2024; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2024; pp. 278–282. [Google Scholar]
  94. Singh, N.; Agarwal, R. Intrusion Detection System for Smart Vehicles Using Machine Learning Algorithms. In Proceedings of the 2023 International Conference on Communication, Security and Artificial Intelligence (ICCSAI), Greater Noida, India, 23–25 November 2023; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2023; pp. 749–753. [Google Scholar]
  95. Kaur, K.; Kaddoum, G.; Zeadally, S. Blockchain-Based Cyber-Physical Security for Electrical Vehicle Aided Smart Grid Ecosystem. IEEE Trans. Intell. Transp. Syst. 2021, 22, 5178–5189. [Google Scholar] [CrossRef]
  96. Tiwari, P.; Ronanki, D. Cyber-Resilient Grid-Interactive Renewable Powered Wireless Charging of Electric Vehicles. In Proceedings of the 2022 IEEE International Conference on Power Electronics, Drives and Energy Systems (PEDES), Jaipur, India, 14–17 December 2022; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2022. [Google Scholar]
  97. Liu, Y.; Ardakanian, O.; Nikolaidis, I.; Liang, H. False Data Injection Attacks on Smart Grid Voltage Regulation with Stochastic Communication Model. IEEE Trans. Ind. Inf. 2023, 19, 7122–7132. [Google Scholar] [CrossRef]
  98. Gandhi, K.; Morsi, W.G. Impact of the Open Charge Point Protocol Between the Electric Vehicle and the Fast Charging Station on the Cybersecurity of the Smart Grid. In Proceedings of the 2022 IEEE Canadian Conference on Electrical and Computer Engineering (CCECE), Halifax, NS, Canada, 18–20 September 2022; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2022; pp. 235–240. [Google Scholar]
  99. Sayed, N.E. A Prototypical Implementation of an ISO-15118-Based Wireless Vehicle to Grid Communication for Authentication over Decoupled Technologies. In Proceedings of the 2019 AEIT International Conference of Electrical and Electronic Technologies for Automotive (AEIT AUTOMOTIVE), Turin, Italy, 2–4 July 2019; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2019. [Google Scholar]
  100. Wang, W.; Han, Z.; Alazab, M.; Gadekallu, T.R.; Zhou, X.; Su, C. Ultra Super Fast Authentication Protocol for Electric Vehicle Charging Using Extended Chaotic Maps. IEEE Trans. Ind. Appl. 2022, 58, 5616–5623. [Google Scholar] [CrossRef]
  101. Alshaeri, A.; Younis, M. A Blockchain-Based Energy Trading Scheme for Dynamic Charging of Electric Vehicles. In Proceedings of the 2021 IEEE Global Communications Conference (GLOBECOM), Madrid, Spain, 7–11 December 2021. [Google Scholar]
  102. Roman, L.F.A.; Gondim, P.R.L.; Lloret, J. Pairing-Based Authentication Protocol for V2G Networks in Smart Grid. Ad Hoc Netw. 2019, 90, 101745. [Google Scholar] [CrossRef]
  103. Mohammadi, M.; Mohasefi, J.B. Availability-Based and Risk-Less Optimization Model for Electric Vehicles Optimal Itinerary Planning in Smart Grid. Sustain. Energy Grids Netw. 2022, 30, 100642. [Google Scholar] [CrossRef]
  104. Grgic, D.; Podobnik, V.; Capuder, T. EV Charging Station Monitoring Framework—A Case Study of Croatia: Performance Analysis and Anomaly Detection under Pandemic Situation. Int. J. Electr. Power Energy Syst. 2022, 141, 108095. [Google Scholar] [CrossRef]
  105. Yang, B.; Guo, L.; Ye, J. Physics-Based Attack Detection for Traction Motor Drives in Electric Vehicles Using Random Forest. In Proceedings of the 2021 IEEE Applied Power Electronics Conference and Exposition (APEC), Phoenix, AZ, USA, 14–17 June 2021; Institute of Electrical and Electronics Engineers Inc.: Interlaken, Switzerland, 2021; pp. 849–854. [Google Scholar]
  106. Sayed, M.A.; Ghafouri, M.; Debbabi, M.; Assi, C. Dynamic Load Altering EV Attacks Against Power Grid Frequency Control. In Proceedings of the 2022 IEEE Power & Energy Society General Meeting (PESGM), Denver, CO, USA, 17–21 July 2022; IEEE Computer Society: Washington, DC, USA, 2022. [Google Scholar]
  107. Yazdanipour, S.; Oruganti, V.S.R.V.; Son, J.; Arani, M.F.M.; Williamson, S.S. State-of-the-Art in Cyber-Physical Security for Dynamic Wireless Charging of Electric Vehicles. In Proceedings of the IECON 2024—50th Annual Conference of the IEEE Industrial Electronics Society, Chicago, IL, USA, 3–6 November 2024; IEEE Computer Society: Washington, DC, USA, 2024. [Google Scholar]
  108. Parameswarath, R.P.; Gope, P.; Sikdar, B. A Privacy-Preserving Authenticated Key Exchange Protocol for V2G Communications Using SSI. IEEE Trans. Veh. Technol. 2023, 72, 14771–14786. [Google Scholar] [CrossRef]
  109. Babu, P.R.; Reddy, A.G.; Palaniswamy, B.; Das, A.K. EV-PUF: Lightweight Security Protocol for Dynamic Charging System of Electric Vehicles Using Physical Unclonable Functions. IEEE Trans. Netw. Sci. Eng. 2022, 9, 3791–3807. [Google Scholar] [CrossRef]
  110. Zhao, X.; Lin, J.; Li, H. Privacy-Preserving Billing Scheme against Free-Riders for Wireless Charging Electric Vehicles. Mob. Inf. Syst. 2017, 2017, 1–9. [Google Scholar] [CrossRef]
  111. Hussain, R.; Son, J.; Kim, D.; Nogueira, M.; Oh, H.; Tokuta, A.O.; Seo, J. PBF: A New Privacy-Aware Billing Framework for Online Electric Vehicles with Bidirectional Auditability. Wirel. Commun. Mob. Comput. 2017, 2017. [Google Scholar] [CrossRef]
  112. Małek, A.; Kośko, M.; Łusiak, T. Urban Logistics of Small Electric Vehicle Charged from a Photovoltaic Carport. Arch. Automot. Eng. Arch. Motoryz. 2018, 82, 63–75. [Google Scholar] [CrossRef]
  113. Małek, A.; Taccani, R. Long-Term Test of an Electric Vehicle Charged from a Photovoltaic Carport. Arch. Automot. Eng. Arch. Motoryz. 2019, 86, 55–63. [Google Scholar] [CrossRef]
  114. Li, M.; Xu, H.; Xu, J.; Ding, Z.; Liu, Q.; Yin, Z. Risk Assessment of Cyber Physical Power System Considering Attack Model. In Proceedings of the 2022 IEEE 5th International Electrical and Energy Conference (CIEEC), Nanjing, China, 27–29 May 2022. [Google Scholar]
  115. Team, P.M. EV Cybersecurity & ISO 15118 for Secure Charging Infrastructure. PlaxidityX. 29 May 2025. Available online: https://plaxidityx.com/blog/blog-post/iso-15118-ev-cybersecurity-guide/ (accessed on 1 September 2025).
  116. Driivz. Glossary: ISO 15118. Available online: https://driivz.com/glossary/iso-15118/ (accessed on 1 September 2025).
  117. Zhou, M. Anomaly Detection in Smart Distribution Grids with Deep Neural Network. Master’s Thesis, University of Alberta, Edmonton, AB, Canada, 2022. [Google Scholar]
  118. Explainable Anomaly Detection for Electric Vehicles Charging Stations. Available online: https://arxiv.org/html/2507.15718v1 (accessed on 1 September 2025).
  119. Stress Testing by Large Financial Institutions: Current Practice and Aggregation Issues; BIS: Basel, Switzerland, 2000; ISBN 978-92-9131-601-4.
  120. European Central Bank. Stress Testing with Multiple Scenarios: A Tale on Tails and Reverse Stress Scenarios; Publications Office: Luxembourg, 2024. [Google Scholar]
  121. Grid Operators: TSO and DSO Explained—gridX. Available online: https://www.gridx.ai/knowledge/what-is-a-grid-operator (accessed on 1 September 2025).
  122. CORPORATIVA, I. DSO, ¿cómo Transformar La Gestión de Redes Hacia Un Modelo Más Inteligente? Available online: https://www.iberdrola.com/about-us/our-innovation-model/distribution-system-operation (accessed on 1 September 2025).
  123. Complete Guide to EV Charging Protocols (OCPP, OICP, OHCP). Available online: https://solidstudio.io/blog/ev-charging-protocols (accessed on 1 September 2025).
  124. Coppoletta, G.; Gjomemo, R.; Kaur, A.; Valizadeh, N.; Rana, O.; Venkatakrishnan, V. OCPPStorm: A Comprehensive Fuzzing Tool for OCPP Implementations. In Proceedings of the Symposium on Vehicle Security & Privacy, San Diego, CA, USA, 26 February 2024; Internet Society: San Diego, CA, USA, 2024. [Google Scholar]
  125. How to Increase Charging Session Money Collection and EV Driver Satisfaction with AMPECO Data Validation Feature. Available online: https://www.ampeco.com/blog/ampeco-session-data-validation-feature/ (accessed on 1 September 2025).
  126. Unlocking the Future: How UWB Is Reshaping Secure Access in the Connected World. Available online: https://www.qorvo.com/design-hub/blog/unlocking-the-future-how-uwb-is-reshaping-secure-access-in-the-connected-world (accessed on 1 September 2025).
  127. Stevens, B. Implementing Secure Boot with a Root of Trust; Semiconductor Engineering: Silicon Valley, CA, USA, 2021. [Google Scholar]
  128. Secure Boot—Silicon Labs. Available online: https://www.silabs.com/security/secure-boot (accessed on 1 September 2025).
  129. Position Papers & Regulation—CharIN. Available online: https://www.charin.global/technology/knowledge-base/ (accessed on 1 September 2025).
Energies 18 04847 g001
Figure 1. Data collection and preparation workflow. The blue background indicates the Search in Scopus phase, while the yellow background represents the Defining Categories phase.
Figure 1. Data collection and preparation workflow. The blue background indicates the Search in Scopus phase, while the yellow background represents the Defining Categories phase.
Energies 18 04847 g001
Energies 18 04847 g002
Figure 2. PRISMA flow diagram illustrating the literature selection process, including the stages of identification, screening, eligibility assessment, and final inclusion of publications in the review.
Figure 2. PRISMA flow diagram illustrating the literature selection process, including the stages of identification, screening, eligibility assessment, and final inclusion of publications in the review.
Energies 18 04847 g002
Energies 18 04847 g003
Figure 3. Term density map (VOSviewer). The yellow color indicates the highest density of keywords, signifying the most central and frequently co-occurring topics.
Figure 3. Term density map (VOSviewer). The yellow color indicates the highest density of keywords, signifying the most central and frequently co-occurring topics.
Energies 18 04847 g003
Energies 18 04847 g004
Figure 4. Term co-occurrence network map visualizing interrelationships and thematic clusters identified in the analyzed publications.
Figure 4. Term co-occurrence network map visualizing interrelationships and thematic clusters identified in the analyzed publications.
Energies 18 04847 g004
Energies 18 04847 g005
Figure 5. Number of publications by document type.
Figure 5. Number of publications by document type.
Energies 18 04847 g005
Energies 18 04847 g006
Figure 6. Digital cybersecurity.
Figure 6. Digital cybersecurity.
Energies 18 04847 g006
Energies 18 04847 g007
Figure 7. Research methodology.
Figure 7. Research methodology.
Energies 18 04847 g007
Energies 18 04847 g008
Figure 8. Division of research by application areas.
Figure 8. Division of research by application areas.
Energies 18 04847 g008
Energies 18 04847 g009
Figure 9. Number of publications by country and period.
Figure 9. Number of publications by country and period.
Energies 18 04847 g009
Energies 18 04847 g010
Figure 10. Heatmap of the scope of cybersecurity in the context of electromobility.
Figure 10. Heatmap of the scope of cybersecurity in the context of electromobility.
Energies 18 04847 g010
Energies 18 04847 g011
Figure 11. Heat map illustrating the relationship between cybersecurity categories and technologies/infrastructure in the field of electromobility.
Figure 11. Heat map illustrating the relationship between cybersecurity categories and technologies/infrastructure in the field of electromobility.
Energies 18 04847 g011
Table 1. Communication interfaces, protocols, threats, and recommended controls in EV charging infrastructures.
Table 1. Communication interfaces, protocols, threats, and recommended controls in EV charging infrastructures.
InterfaceProtocolsTrust Anchors/CredentialsCommon ThreatsRecommended Controls
EV ↔ EVSEISO 15118-2/ISO 15118-20 (Plug & Charge, Smart Charging, V2G)EV contract certificates, EVSE station certificates, PKI root CAsImpersonation of EV/EVSE, MITM during handshake, expired certificates, renegotiation failuresPKI validation with OCSP checks, strict TLS, lifecycle management of certificates, ISO 15118-20 diagnostic/security extensions
EVSE ↔ CSMSOCPP 2.0.1 (JSON over WebSocket, Device Model, TransactionEvent)TLS certificates (per OCPP security profiles), signed firmware keysMITM on OCPP channels, malicious firmware, manipulation of transaction records, key compromiseOCPP Security Profiles, signed firmware validation, Security Event Log, certificate lifecycle management (15,118 workflows)
CSMS ↔ Market/Grid/RoamingToday: OCPP-based APIs; Emerging: IEC 63110 (charging management), IEC 63119 (roaming)Operator-issued PKI credentials, roaming contracts, TLS channel certificatesInteroperability failures, weak inter-operator security, inconsistent telemetry, replay attacksStrong TLS with mutual authentication, harmonization with IEC 63110/63119, monitoring aligned with IEC 62351-7
Table 2. Machine learning algorithms in electromobility.
Table 2. Machine learning algorithms in electromobility.
Algorithm TypeExample ApplicationsSelected Sources
Linear and polynomial
regression		Forecasting energy consumption, optimizing charging schedules[4,32]
Neural networks (ANN, DNN)Prediction of energy demand, adaptive control of charging power[20,36,45]
Decision Trees, Random Forest, Gradient BoostingIdentification of key features affecting energy consumption, detection of unusual charging patterns[36,42]
Support vector machines (SVM)Classification of charging patterns, prediction of peak hours, assessment of overload risk[37,43]
Unsupervised learning
(k-means, t-SNE, PCA)		Segmentation of charging station users, dimensionality reduction of telemetry data[11,32]
Federated learningPrivacy-preserving anomaly detection, distributed predictive models[16,19]
Generative Adversarial Networks (GANs)Synthesizing energy data, detecting rare anomalies, testing model robustness[2,32]
Hybrid systems
(SVM + fuzzy logic)		Complex demand modeling, network congestion prediction[8,14]
Table 3. Application of machine learning algorithms in electric vehicle energy management and grid integration.
Table 3. Application of machine learning algorithms in electric vehicle energy management and grid integration.
Application AreaObjective/FunctionApplied ML AlgorithmsExample Publications
Electric vehicle charging managementCharging optimization, demand forecasting, dynamic pricingArtificial Neural Networks, Support Vector Machines, K-Nearest Neighbors[3,8,112]
In-vehicle energy managementBattery usage optimization, load prediction, BMS controlDecision Trees, Gradient Boosting, Recurrent Neural Networks[3,6,9]
User and data securityAnomaly detection, access control, privacy protectionAutoencoders, Isolation Forest, Federated Learning[4,8,113]
Grid integrationPower flow control, availability prediction, grid balancingLong Short-Term Memory, Ensemble Learning, Deep Reinforcement Learning[5,7,10]
Vehicle communication systemsV2X protocol optimization, transmission efficiency, interference detectionBayesian Networks, Convolutional Neural Networks, Random Forest[1,11,22]
Table 4. Publications by year in all categories.
Table 4. Publications by year in all categories.
Name2017–20202021–2024All YearsShare [%]Chi–Square
Total2676102100.0
Document Type
Conference Paper15375250.98χ2 = 1.16
(df = 2, p = 0.56)
Article11374847.06
Other0221.96
Cybersecurity
Authentication and Cryptography21274847.06χ2 = 12.38
(df = 3, p = 0.01)
Cyber Attacks6354140.2
Intrusion and Anomaly Detection3192221.57
Blockchain3111413.73
Technologies and Infrastructure
Vehicle Charging21638482.35χ2 = 1.62
(df = 2, p = 0.45)
Grid Integration16355150.0
Vehicle Systems7293635.29
Research Methodology
Experiment15466159.8χ2 = 3.74
(df = 3, p = 0.29)
Literature Analysis6263231.37
Case Study0776.86
Conceptual20486866.67
Table 5. Publications by year in Countries.
Table 5. Publications by year in Countries.
Country2017–20202021–2024All YearsShare [%]Chi–Square
All countries2676102100.026.1
( d f = 11 ,   p = 0.01 )
United States11223332.35
China2171918.63
Canada5131817.65
Germany561110.78
India010109.8
Australia0554.9
Italy1454.9
United Kingdom0554.9
Brazil4043.92
South Korea1343.92
Turkey0443.92
Other381110.78
Table 6. Publications by cybersecurity in other categories.
Table 6. Publications by cybersecurity in other categories.
NameAuthentication and CryptographyCyber AttacksIntrusion and Anomaly DetectionBlockchainTotal
Total48412214102
Technologies and Infrastructure
Vehicle Charging413218984
Grid Integration25239651
Vehicle Systems15168836
Research Methodology
Experiment302713961
Literature Analysis14145232
Case Study04307
Conceptual3723141268
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Pawlik, L.; Wilk-Jakubowski, J.L.; Grabski, P.T.; Wilk-Jakubowski, G. Securing the Electrified Future: A Systematic Review of Cyber Attacks, Intrusion and Anomaly Detection, and Authentication in Electric Vehicle Charging Infrastructure. Energies 2025, 18, 4847. https://doi.org/10.3390/en18184847

AMA Style

Pawlik L, Wilk-Jakubowski JL, Grabski PT, Wilk-Jakubowski G. Securing the Electrified Future: A Systematic Review of Cyber Attacks, Intrusion and Anomaly Detection, and Authentication in Electric Vehicle Charging Infrastructure. Energies. 2025; 18(18):4847. https://doi.org/10.3390/en18184847

Chicago/Turabian Style

Pawlik, Lukasz, Jacek Lukasz Wilk-Jakubowski, Pawel Tomasz Grabski, and Grzegorz Wilk-Jakubowski. 2025. "Securing the Electrified Future: A Systematic Review of Cyber Attacks, Intrusion and Anomaly Detection, and Authentication in Electric Vehicle Charging Infrastructure" Energies 18, no. 18: 4847. https://doi.org/10.3390/en18184847

APA Style

Pawlik, L., Wilk-Jakubowski, J. L., Grabski, P. T., & Wilk-Jakubowski, G. (2025). Securing the Electrified Future: A Systematic Review of Cyber Attacks, Intrusion and Anomaly Detection, and Authentication in Electric Vehicle Charging Infrastructure. Energies, 18(18), 4847. https://doi.org/10.3390/en18184847

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop