Unsupervised Detection of SOC Spoofing in OCPP 2.0.1 EV Charging Communication Protocol Using One-Class SVM

Abstract

The electric vehicles (EVs) market keeps growing globally; thus, it is critical to secure the EV charging communication protocols in order to guarantee reliable and fair charging operations among the customers. The Open Charge Point Protocol (OCPP) 2.0.1 supports the communication between the Electric Vehicle Supply Equipment (EVSE) and Charging Station Management Systems (CSMSs); therefore, it becomes vulnerable to several types of attacks, which aim to jeopardize smart charging, billing, and energy management. Specifically, OCPP 2.0.1 allows the self-reporting of the State of Charge (SOC) values, which makes it vulnerable to spoofing-based cyberattacks, which target manipulating the scheduling priorities, distorting the load forecasts, and extending the charging sessions in an unfair manner. In this paper, we try to address this type of attack by providing a comprehensive analysis of the SOC spoofing attacks and introducing a novel unsupervised detection framework based on the One-Class Support Vector Machine (OCSVM) algorithm. Specifically, two types of attack scenarios are analyzed (i.e., priority manipulation and session extension) by deriving engineered features that capture the nonlinear relationships under normal charging behavior. Detailed simulation-based results are derived by utilizing the DESL-EPFL Level 3 EV charging dataset. Our results demonstrate high F1-score and recall in identifying spoofed SOC values and that the proposed OCSVM model demonstrates superior performance compared to alternative clustering and deep-learning based detectors.

1. Introduction

Electric vehicles (EVs) are a paradigm shift for people, the automobile sector, and the electricity industry. According to Bloomberg New Energy Finance reports, EV sales will account for 35% of all vehicle sales by 2040 [1]. Consequently, as the market for EV charging stations (EVCS) is expanding rapidly, it is expected to reach USD 12.1 billion by 2030 from USD 7.3 billion in 2024 [2]. Although the rapid expansion of EV charging infrastructure is necessary to support rising energy demands from electric vehicles, it also brings considerable operational challenges. Aggregators and charging station operators are not only responsible for coordinating a growing number of vehicles and aligning charging schedules with grid constraints but also for ensuring smooth communication across different charging protocols and platforms. Furthermore, as the scale and heterogeneity of EV fleets increase, so does the complexity of managing charging sessions, predicting energy needs, and allocating limited charging resources in real time. Without effective management and accurate information required for proper management, this complexity can result in long queueing times, charger underutilization, unpredictable charging durations, user frustration and and non-profitable operation of charging station aggregators [3]. More critically, as the infrastructure becomes larger and more interconnected, the attack surface also expands. Thus, building a dependable EV charging ecosystem that meets consumer demands while ensuring protection from potential cyberattacks is necessary. Otherwise, the system can become vulnerable to cyber threats, including denial of service attacks [4,5], false data injection and hijacking attacks [6], and coordinated switching attacks [7]. Building upon these known vulnerabilities, this work focuses on another highly consequential attack, that is, spoofing attacks, specifically, State of Charge (SOC) spoofing attacks. Abbreviations used throughout the paper are listed in

Table 1. List of abbreviations.

Abbreviation	Description
AUC	Area Under the Curve
DR	Demand Response
EDR	Emergency Demand Response
EV	Electric Vehicle
EVCS	Electric Vehicle Charging Station
EVSE	Electric Vehicle Supply Equipment
MITM	Man-in-the-Middle
OCPP	Open Charge Point Protocol
OCSVM	One-Class Support Vector Machine
PCA	Principal Component Analysis
PKI	Public Key Infrastructure
RBF	Radial Basis Function
ROC	Receiver Operating Characteristic
SOC	State of Charge
SVM	Support Vector Machine
TLS	Transport Layer Security
V2G	Vehicle-to-Grid

.

1.1. Implications of Spoofing SOC

In this section, we analyze the consequences of inaccurate SOC values. Inaccurate or falsified SOC reporting can result in major consequences, including inaccurate and unfair scheduling of vehicle charging, charging station congestion, and most critically, inaccurate load forecasting, which can result in grid instability.

1.1.1. Unfair Scheduling

Efficient charging scheduling is essential in modern EV ecosystems because it enables coordinated allocation of limited charging resources while satisfying multiple objectives. EV charging scheduling frameworks generally seek to maximize one or more of the following: (i) power grid-oriented objectives (e.g., peak load shaving, voltage deviation minimization, and frequency regulation); (ii) aggregator-oriented objectives (e.g., profit maximization, energy procurement costs reduction, as well as improved station utilization); and (iii) user-oriented objectives (e.g., battery degradation minimization through smart charging strategies) [8]. To achieve these goals, scheduling algorithms rely on accurate information, including, but not limited to, arrival time, requested charging time, charging power limits, and state of charge. Thus, SOC spoofing can disrupt the optimal charging scheduling by feeding false information into the scheduling algorithms that rely on SOC to determine when and how much each electric vehicle should be charged [9,10]. When an EV falsely reports a low arrival SOC, the scheduler assumes a larger energy deficit and prioritizes that vehicle ahead of others; thus, it allocates unnecessary charging power or earlier time slots. This event results in inefficient utilization of the available grid capacity, violating grid-oriented objectives and introducing delays to the vehicles that genuinely require charging, thus violating the user objectives.

1.1.2. Charging Station Congestion

SOC spoofing can significantly contribute to congestion at charging stations by disrupting the accurate estimation of charging duration. When EVs falsely report a lower SOC, especially towards the end of the charging session, they may bypass the charging cutoff. Many charging stations or aggregators enforce a charging session cutoff once the EV’s SOC crosses the threshold (e.g., 85%) [11]. Such threshold-based session cut-off can be enforced since the charging rate drops significantly beyond this threshold (e.g., 85% SOC); consequently, the time required to gain each SOC percentage increment is disproportionately high. If this policy can be bypassed, the vehicle may charge up to its full capacity by occupying the Electric Vehicle Supply Equipment (EVSE) for a prolonged period. This prolonged occupancy of the charger beyond the scheduled time, particularly in high-demand public or workplace charging environments, can result in station congestion, causing customer dissatisfaction. Charging station aggregators rely on accurate SOC and time estimates to manage reservations, allocate time slots, and optimize plug-in/plug-out turnover. Thus, SOC spoofing can result in financial loss stemming from operational inefficiencies as well as customer dissatisfaction. Over time, widespread SOC spoofing can not only reduce charging availability and aggregator revenue but can also force operators to adopt conservative overbooking strategies or impose stricter access policies, reducing system flexibility and scalability.

1.1.3. Inaccurate Load Forecasting

A key component of modern power grid management is load forecasting. It provides valuable insights into the expected levels of energy consumption at different times and locations. Demand response programs were utilized by U.S. utilities to shift or reduce roughly 4.5% of their peak load capacity in 2018. By 2030, this percentage is expected to rise to 20%, saving more than USD 15 billion annually [12]. Demand response programs rely on accurate load forecasting to shift demand towards off-peak hours. Spoofing a vehicle’s SOC directly undermines the reliability of load forecasting and severely disrupts demand response strategies. When an EV fraudulently reports a lower SOC, the charging system and aggregators may assume it needs more energy than it actually does, resulting in the predicted energy demand curve becoming artificially inflated. Furthermore, profits in the energy market rely on accurate load forecasting; hence, inaccurate load forecasting can result in serious consequences for the market participants, including aggregators who are tasked with managing EV charging stations. There are typically two bidding phases in modern energy markets like CAISO [13], including Day-Ahead (DA) bidding and Real-Time (RT) bidding. In the first bidding, the participants (e.g., energy providers and aggregators) submit bids a day before actual power delivery. These bids specify how much electricity they plan to buy or sell and at what price, based on their forecasted demand for the next day. After the Day-Ahead market clears and locational marginal prices (LMPs) are set, participants move into the Real-Time market. In this phase, they adjust their bids to reflect actual conditions on the grid, such as unexpected changes in demand, renewable generation, or system constraints. If an aggregator’s real consumption or delivery deviates from what they committed in the Day-Ahead market and they cannot correct it in real time, they may incur financial penalties or even risk losing access to the market [14].

2. Related Work on EV SOC-Based Frameworks and Their Challenges

In this section, we present prior research that leverages SOC information as a key parameter in optimizing charging scheduling, energy allocation as well as grid interaction. Because such methods inherently assume the authenticity of SOC data reported by EVs, their performance and reliability can be severely be affected by inaccurate or falsified SOC information. The current literature concerning the security threats in EV charging networks due to manipulation of SOC reporting can be divided into three major categories: (i) inaccurate EV charging scheduling and optimization, (ii) degraded demand response program, and (iii) unreliable V2G and ancillary services. In this section, we present how EV SOC-based frameworks proposed in the literature can result in the aforementioned security threats.

2.1. Charging Scheduling and Optimization

An optimal charge scheduling policy is introduced in [9], where scheduling for charging EVs is performed by the charging station aggregators based on the EV’s charging urgency (e.g., EVs with lower SOC have higher charging urgency, thus higher charging priority). The proposed two-level scheduling strategy demonstrated a minimized drift in demand response, ultimately enhancing user satisfaction. Similarly, in [10], a scheduling scheme is proposed that prioritizes EVs based on the SOC. Through MATLAB (MathWorks, USA)-based simulation results, the proposed scheduling demonstrated decreased wait times as well as improved queue lengths. While considering the grid’s condition, the scheduling scheme proposed in [15] also considers user needs (i.e., users’ perspectives). Specifically, EVs adjust their charging profiles by adjusting the charging power to the optimal charging power. The optimal charging power for each time period is shaped by the electricity price (i.e., a higher electricity price results in a lower charging power, and vice versa). The authors formulate the scheduling problem as a cost minimization problem with the constraint of satisfying the SOC requirements. The proposed scheduling demonstrated reduced charging duration as well as charging cost. Ref. [16] presents an integrated data-driven regression model-based smart charging method. Through this method, both charging efficiency and EV user experience are improved. The improvements are achieved through the maximization of the average SOC for multiple EVs charging simultaneously at an EVSE. In [17], both real-time and day-ahead (prescheduling) strategies are developed by considering the SOC and the distance between charging stations in an urban setting. Unlike conventional studies that prioritize vehicles solely based on SOC, this work also accounts for vehicle type, distinguishing between emergency and regular EVs. Accounting vehicle types allow for emergency vehicles to get priority in prescheduled and in real-time scheduling. Furthermore, while most existing approaches rely mainly on proximity or cost, Ref. [18] introduces a user-centric charging selection strategy that incorporates multiple factors such as waiting time, SOC, charging duration, cost, and nearby amenities. Collectively, these scheduling and optimization frameworks underscore the importance of precise SOC reporting for effectively managing the complexity and dynamism of EV charging networks.

2.2. Demand Response Program

To get the best results from demand response (DR) programs, it is crucial to address the uncertainties in power prices, load forecast errors, and EV behavior, including plug-in/out times, SOC, and charging rates (Ref. [19]), all of which have dependency on accurate SOC reporting. As a result, there has been ongoing research to deal with the uncertainties of the SOC. In [20], EV load and initial SOC scenarios were generated using the Monte Carlo approach. In [21], uncertainties in SOC and EV connection times were handled through sampling. The authors of [22] developed a two-stage stochastic model for ordered EV charging, whereby Markov Chain and Monte Carlo methods were used for scenario development and EV usage pattern modeling under uncertainty. Under SOC uncertainty, DR programs operate to guide user behavior through dynamic pricing and/or incentives [23]. Authors of [23] propose a dynamic pricing mechanism to reduce electric vehicle charging impacts on peak and off-peak demands through machine learning-based demand response. Similarly, to guide user’s energy consumption and EV charging behavior, in [24], a dynamic pricing mechanism for DR programs combining time-of-use and real-time pricing is proposed. Given the dependence of DR programs on accurate EV user behavior and load profile, spoofing SOC, especially while participating in DR programs can only lead to degraded performance and even failure of the system. Furthermore, because EV charging stations are widely distributed and consume enormous amounts of energy, they are considered as good candidates to take part in Emergency Demand Response (EDR) programs. In EDR programs, charging stations receive control signals from the electricity grid during peak or emergency conditions and are required to curtail their power consumption below a specified threshold to alleviate grid stress and maintain system reliability. In exchange for this temporary reduction, stations are compensated by grid operators through monetary incentives or market credits. However, enforcing such consumption limits during EDR events can conflict with the need to meet individual EV charging requirements, especially when vehicles have tight departure schedules or low battery levels [25]. This tension between grid-level constraints and user-level expectations may incentivize strategic falsification of SOC.

2.3. V2G and Ancillary Services

Although EVs are typically viewed as additional loads on the electrical grid, they can also support the grid, when required, via V2G technology. This covers ancillary services like black start, frequency control, and grid voltage regulation, among others. For such services, there is also a need for proper scheduling. SOC is one of the numerous variables that affect EV scheduling. In [26], an optimal priority-based V2G scheduling is proposed with the goal of reducing grid load variance. Based on the EV’s SOC, the charging/discharging is shaped to schedule the EVs. Scheduling of EVs is also required for coordinating the charging/discharging process of the EV fleet equipped with V2G capabilities for coordinated grid support. The authors of [27] propose a self-organizing agent network to facilitate decentralized coordination among EVs for coordinated charging and discharging. The authors first introduce the problem of identifying the subset of EVs that can participate in discharging and determine their corresponding maximum discharge power within a fixed time horizon, taking into account the current SOC, the expected (dis)charging duration, and the desired final SOC. After establishing the set of vehicles available for charging or discharging, appropriate utility functions are defined to quantify the marginal charging benefits and marginal discharging costs to define a welfare maximization problem. The proposed self-organizing solution scheme enables the EV fleet to solve the welfare maximization problem. In [28], the possibilities of black start ancillary services through V2G and its dependencies are explored. The authors study the SOC level that needs to be maintained throughout a duration (e.g., a week) to allow the EVs to potentially provide black start services. If EVs are relied upon for black starting, falsified SOC may result in failure of emergency black starting in blackout events.

2.4. Contributions

While the aforementioned studies demonstrate the effectiveness of SOC-based charging scheduling, demand response participation, and V2G coordination, they share a common underlying assumption: that the reported SOC information is accurate and trustworthy. Existing works primarily focus on handling stochastic uncertainty in SOC due to forecasting errors, user behavior variability, or measurement noise, often through probabilistic modeling or scenario-based approaches. However, these methods do not consider adversarial manipulation of SOC values, where an EV user may intentionally falsify its reported SOC to gain unfair charging priority, bypass policy constraints, or influence grid-level control decisions. As a result, current SOC-based frameworks are inherently vulnerable to spoofing attacks, as maliciously crafted SOC reports can undermine scheduling fairness, degrade demand response effectiveness, and compromise the reliability of V2G and ancillary services. To the best of our knowledge, systematic detection of SOC spoofing attacks in EV charging networks has not been explicitly addressed in prior work. Motivated by the consequences stemming from inaccurate SOC reporting, in this paper, we analyze SOC spoofing attacks and methods to detect such attacks. Our contributions are outlined as follows.

• We identify and define two SOC spoofing attacks (i.e., Priority Manipulation Attack and Session Extension Attack) and explain how adversaries can manipulate SOC values to obtain unfair charging priority, get around charging cutoff policies, and cause inaccurate wait time estimation, charging station congestion, and even grid instability.
• Building on our preliminary studies on SOC-based spoofing attacks presented in [29], where we only achieved an F1 score of 87% with an autoencoder-based attack detection model without engineered features, in this paper, we focus on deriving engineered features and present the need for the specific features that we engineered.
• We propose an unsupervised learning-based spoofing attack detection model based on One-Class SVM (OCSVM), which can detect both spoofing attacks with high accuracy.
• We compare the performance of our proposed OCSVM-based attack detection model with alternative unsupervised learning and deep learning-based attack detection models and present a detailed tradeoff analysis of precision and recall in terms of the two defined spoofing attacks and their consequences.

The remainder of this paper is organized as follows. In Section 3.1, we introduce the fundamentals of OCPP 2.0.1, followed by the attack scenario based on OCPP 2.0.1 payload manipulation in Section 3.2. In Section 4, we introduce the proposed unsupervised learning-based attack detection mechanism, and its performance evaluation is presented in Section 5. Finally, the paper’s conclusion and our future work directions are provided in Section 6.

3. Background and Threat Model

3.1. OCPP 2.0.1 Overview

The Open Charge Point Protocol (OCPP) is emerging as a widely accepted solution for facilitating communication between the charging stations’ EVSE and the Charging Station Management System (CSMS) [30]. OCPP manages communication flows across functional domains, such as authorization, transaction management, diagnostics, and firmware updates. Compared to earlier versions (e.g., OCPP 1.6j), OCPP 2.0.1 introduces significant enhancements, including improved security mechanisms, by introducing robust security profiles and end-to-end encryption via TLS/WSS. Specifically, OCPP 2.0.1 mandates the use of secure transport mechanisms such as TLS with certificate-based authentication. It incorporates standardized support for public key infrastructure (PKI), enabling stronger mutual authentication, secure certificate management, and improved trust establishment between charging stations and central systems. OCPP 2.0.1 also provides enhanced device management capabilities, smart charging features, and support for ISO 15118-based Plug & Charge operations [31]. Communication between an EVSE and the CSMS is structured around a set of standardized message payloads grouped into functional profiles such as Authorization (e.g., Authorize), Reservation (e.g., ReserveNow, StatusNotification), Transactions (e.g., TransactionEvent), Metering (e.g., MeterValues), Billing (e.g., CostUpdated), Diagnostics (e.g., LogStatusNotification, and FirmwareStatusNotification) [32]. Among these, for the spoofing attacks presented in this paper, we are particularly interested in TransactionEvent and MeterValues. In OCPP 2.0.1 protocol, the SOC of a connected EV can be periodically transmitted to the CSMS through the TransactionEvent or MeterValues payload. This allows keeping the CSMS informed about the EV’s SOC throughout the charging session, including the initial SOC, the instantaneous SOC updates, as well as the final SOC prior to EV disconnection, provided the optional state of charge measurand field is filled out in TransactionEvent or MeterValues payload when transmitting to the CSMS.

3.2. Threat Model

In this work, we consider a threat model in which EV SOC values are communicated by the EVSE to the CSMS via OCPP 2.0.1. Assume the EVSE sends the initial and final SOC values through the TransactionEvent payload for eventType = Started and eventType = Ended, respectively, along with other meter values during the start and end of the charging session. We consider a rational adversary (an insider and/or a man-in-the-middle (MITM)) aiming to manipulate/falsify communicated SOC values of the EV connected to the EVSE via the EVSE. The adversary can (i) tamper an EV’s app/firmware to falsely report tampered SOC at any point during a session (e.g., beginning, during, or at the end of the charging session) (while not within the scope of our paper, such tampering eventually results in Scenario 1 shown in Figure 1); (ii) compromise an EVSE (Scenario 1 in Figure 1) or (iii) compromise the CSMS (Scenario 2 in Figure 1) to modify application-layer payloads (e.g., TransactionEvent or MeterValues). In this paper, we specifically focus on (ii) and (iii), as shown by scenario 1 and 2 in Figure 1. In Scenario 1, the adversary compromises the EVSE, thus, the EVSE reports a falsified SOC value to the CSMS. In Scenario 2, the adversary compromises the CSMS; hence, even though the EVSE sends correct SOC values, the SOC values read at the CSMS are incorrect due to tampering. These scenarios allow the adversary to tamper with payloads when endpoints are weak, even though transport security (i.e., TLS) was enabled. Attackers know the limits of the protocol and make sure the falsified SOC values stay within the ranges that the CSMS will accept and, thus, will not trigger any alarms. More specifically, the attacker exploits semantic plausibility rather than syntactic violations. Furthermore, we assume that the EVSE and CSMS are implemented correctly and in line with the standards. In other words, we do not depend on implementation bugs or misconfigurations. Under these assumptions, we design two concrete attacks, the Priority Manipulation Attack and the False Session Extension Attack, to reveal the feasibility of SOC falsifications and the corresponding impacts of such SOC falsification.

• Priority Manipulation Attack: In this attack, the adversary falsifies its SOC upon arrival, commonly referred to as the arrival SOC. By falsely reporting a significantly lower arrival SOC than the true value, it may appear that the EV requires charging immediately. This deception can mislead the charging station or aggregator into prioritizing the EV for immediate or accelerated charging [9,10], granting it unfair access to resources ahead of others. Such manipulation disrupts optimal scheduling mechanisms and can make the charging infrastructure less reliable overall. Since aggregators may unknowingly allocate excess resources to malicious users while neglecting genuinely low-SOC vehicles, if such vulnerability persists over time, the charging station/aggregator may start losing user trust and may lead to financial losses for charging service operators.
• Session Extension Attack: In this attack, the adversary falsifies the SOC near the end of the charging session, reporting it as lower than its true value. Typically, charging stations or aggregators enforce a cutoff of the charging session once the SOC exceeds a predefined threshold (e.g., around 85%) [11], since charging efficiency declines sharply beyond this point due to a lower charging rate. Specifically, each additional percent of SOC requires disproportionately more time. By falsifying its SOC, the attacker can bypass this cutoff policy since the station believes further charging may be required, thus, allowing the EV to remain connected to charge. This can lead to charging station congestion because the charging station miscalculates the wait times. Inaccurate wait times can cause customer dissatisfaction as other customers may stay in the queue longer than it was promised, overall degrading the reliability of the charging infrastructure. The consequences of the Session Extension attack extend beyond congestion at the individual charging stations, as the inaccurate wait times may propagate delays across the entire charging network when EVs start moving to other charging stations. The effects may propagate faster in urban environments, where the EV density is typically higher. This cascading effect will cause serious degradation and trust of customers in EV charging stations. Furthermore, falsified SOC data can corrupt the load forecast, which can, in a result, disrupt load balancing. This can potentially lead to voltage fluctuations and grid instability, where the consequences can be significant during peak demand periods.

4. One-Class SVM-Based Anomaly Detection

4.1. One-Class SVM Background

One-Class SVM was proposed by Schölkopf et al. [33] and is based on the Support Vector Machine (SVM) but for unlabelled data. OCSVM has become popular for anomaly detection in various applications. The authors of [34] proposed an OCSVM-based detection of railway track geometrical defects to monitor railway track conditions. Applications of OCSVM for detection of malware in IoT applications has been explored in [35]. Anomaly detection in brain MRI white matter hyperintensities is studied in [36]. OCSVM maps input data into a high-dimensional feature space using a kernel function and constructs a separating hyperplane for classification [22]. This mapping makes the transformed data more linear, facilitating the distinction between normal and anomalous samples. Based on the decision function $g\left(x\right)$$={\displaystyle \sum _{i=1}^N}{\alpha }_{i}K(x_i,x)-\rho$, where $x_i$ are the support vectors, ${\alpha }_i$ are the learned coefficients, $K(.)$ is the kernel function and $\rho$ is the bias term [33], the OCSVM model classifies a test point x as either as an anomaly or as normal. The performance and behavior of OCSVM are significantly influenced by several key hyperparameters, kernel, $\gamma$, and $\nu$. The RBF kernel is widely used. The hyperparameter $\gamma$ is used primarily with RBF or polynomial kernels, and it defines how far the influence of a single training sample reaches. A small $\gamma$ value corresponds to a broader influence by allowing each support vector to influence a larger region of the feature space. This results in a smoother decision boundary. On the contrary, larger values of $\gamma$ result in more localized influence and a more tightly fitting boundary. The hyperparameter $\nu$ controls the fraction of data points that lie outside the decision boundary (i.e., considered anomalies) and sets an upper bound on the fraction of training errors by directly controlling the offset $\rho$ and shifting the decision function. As a result, a small value restricts the model to classify fewer points as anomalies (leading to a tighter boundary), while a large value allows more points to be treated as outliers. This makes $\nu$ particularly influential when balancing sensitivity and specificity in anomaly detection tasks [33]. More specifically, this parameter is important in the context of anomaly detection, as it determines how aggressively deviations from nominal SOC behavior are classified as attacks.

4.2. Dataset Construction and Feature Engineering

For the proposed OCSVM model, we employ the DESL-EPFL dataset [37]. This dataset is a compilation of level 3 EV charging sessions that took place between 12 April 2022 and 4 July 2023 in a charging station situated in southwestern Switzerland. The dataset consists of the time the EV arrived, the time the EV departed, the SOC at the time of arrival, the SOC at the time of departure, the energy imported during the charging session, alongside other features that were not utilized in this work. We examine the correlation among these features and identify derived features that will assist in the anomaly detection. Figure 2 presents the Spearman correlation heatmap among the original (with the original names of the columns in [37]) and engineered features where the derived features are defined as follows.

• $delta\_SOC=SOCdeparture-SOCarrival$
• $Wh\_per\_min={\displaystyle \frac{Energy\left(Wh\right)}{Stay\left(min\right)}}$
• $Wh\_per\_SOC={\displaystyle \frac{Energy\left(Wh\right)}{delta\_SOC}}$
• $Ef ficiency={\displaystyle \frac{delta\_SOC}{Enegy\left(Wh\right)}}$

Figure 2. Correlation analysis with engineered features.

Figure 2. Correlation analysis with engineered features.

A comparatively strong correlation is observed between $SOCdeparture$ and $Stay\left(min\right)$, as well as between $Energy\left(Wh\right)$ and $Stay\left(min\right)$. In contrast, weaker associations are present between $Energy\left(Wh\right)$ and $SOCarrival$ (with a negative sign indicating an inverse relationship), between $SOCarrival$ and $SOCdeparture$, and between $SOCdeparture$ and $Energy\left(Wh\right)$. Furthermore, strong monotonic associations such as $Energy\left(Wh\right)$ vs. $delta\_SOC$ ($\rho =0.75$), $Stay\left(min\right)$ vs. $delta\_SOC$ ($\rho =0.70$), and $Pmax\left(W\right)$ vs. $Wh\_per\_min$ ($\rho =0.89$) reflect consistent physical relationships in normal charging behavior (e.g., longer sessions with higher energy transfer typically yield greater SOC change and power output). These structured correlations help the OCSVM, as they form the manifold of normal operation that the model aims to enclose in feature space. Deviations from these established monotonic relationships can signal anomalous behavior, making the correlation structure an essential guide for both feature validation and interpretability of the anomaly detection results.

Table 2. Performance comparison of OCSVM with and without engineered features.

Model Configuration	F1-Score (%)	False Negatives	True Positives
Without Engineered Features	87	56	345
With Engineered Features	90	40	361

captures the OCSVM model performance comparisons with and without engineered features. The model using engineered features achieves stronger detection performance, correctly classifying 361 spoofed samples versus 345 without engineered features. The reduction in false negatives highlights that the derived features, though correlated, provide valuable nonlinear relationships that improve the OCSVM’s capacity to capture nuanced deviations in feature space. Furthermore, the number of false alarms decreases from 56 to 40, further proving the importance of the derived features. Overall, the inclusion of engineered variables improved anomaly detection by increasing the F1-score and reducing false negatives.

5. Performance Evaluation

5.1. Experimental Setup

The proposed OCSVM-based attack detection model was trained and tested using the DESL-EPFL dataset [37]. First, we perform data normalization of the feature space using scikit-learn’s StandardScaler, as part of the pre-processing phase. StandardScaler effectively transforms the data to match a standard normal distribution by scaling the data with a mean of 0 and a standard deviation of 1. This is crucial because, if the units of the features such as $Energy\left(Wh\right)$, $SOCarrival$, $SOCdeparture$, and $Stay\left(min\right)$, are not in the same scale, the impacts of one feature could outweigh that of the other. Random data samples from the dataset were injected with a 50% lower $SOCarrival$ for the priority manipulation attack injection (e.g., if the SOC of the EV upon arrival was 70%, it reports 35%). Next, random data samples from the dataset were injected to have a 25% lower $SOCdeparture$ for the session extension attack. The magnitudes of SOC manipulation used in the two attack scenarios were selected to reflect realistic yet impactful adversarial behavior. For the priority manipulation attack, the reported SOC arrival was reduced by 50%, representing a substantial falsification that would materially affect charging priority while remaining within plausible reporting ranges observed in practice. For the session extension attack, the reported SOC departure was reduced by 25%, modeling a more subtle manipulation intended to bypass charging cutoff policies without triggering obvious inconsistencies. It is noted that the attack injections were carried out exclusively of one another (i.e., the data samples injected for the priority manipulation attack were not injected for the session extension attack, and vice versa). The final dataset used for evaluation contains 1878 charging sessions in total. Of these, 1077 sessions (57.35%) remain clean, while 801 sessions (42.65%) are injected with SOC spoofing attacks. The target during dataset construction was to obtain an approximately balanced split between attack-free and spoofed samples (roughly 60–40%) to enable reliable evaluation of detection performance. Following the aforementioned data pre-processing, injection, and feature engineering (Section 4.2), we conduct a grid search for hyperparameter optimization of OCSVM with RBF Kernel with resulting hyperparameters $\nu =0.09$ and $\gamma =1$. The proposed system’s training and evaluation were performed on an Intel Core i7-14700 processor with 64 GB RAM and a 64-bit Windows 11 Enterprise operating system.

5.2. Performance Evaluation of OCSVM for Spoofing Attack Detection

Although OCSVM provides a default decision boundary at zero in its score space, this boundary does not necessarily yield optimal classification performance for a given dataset. To address this, we employed a custom score threshold determined via an exact F1 sweep on the validation set that contains clean and spoofed samples. Specifically, we evaluated the F1 score at all possible decision thresholds taken as the midpoints between consecutive unique decision scores on the validation set. Let $s\left(x\right)\in \mathbb{R}$ denote the decision score produced by the OCSVM model for input sample x, where lower scores indicate a higher likelihood of being a spoofed sample. Now, let $\mathcal{S}={\left\{s\left(x_i\right)\right\}}_{i=1}^N$ denote the set of decision scores on the validation set. We define candidate thresholds as the midpoints between consecutive unique sorted scores $s_{\left(1\right)}\le s_{\left(2\right)}\le \dots \le s_{\left(N\right)}$ as: $\mathcal{T}=\left\{{\displaystyle \frac{s_{\left(j\right)}+s_{(j+1)}}{2}}\right\}\cup \{-\infty ,+\infty \}$. For each candidate threshold $\tau \in \mathcal{T}$, predictions are obtained as ${\widehat{y}}_i\left(\tau \right)=0$ if $s\left(x_i\right)\le \tau$, and otherwise ${\widehat{y}}_i\left(\tau \right)=1$. The corresponding F1($\tau$) score is evaluated on the validation set, and the optimal threshold is selected as ${\tau }^{\ast }=\mathrm{arg\; max}$ F1($\tau$). This exhaustive search identifies the threshold that maximizes the F1 score on validation data. This selected threshold ${\tau }^{\ast }$ will then be applied to the held-out test set for final evaluation. In order to justify the need for the custom thresholding we provide a comparison with and without the custom score threshold in terms of the resulting confusion matrices, as presented in Figure 3a,b. It can be seen that without the custom score thresholding, there is a larger number of false alarms. On the other hand, with the custom score thresholding, there are less false alarms, with slightly deteriorated true positive detection. Thus, we proceed with the OCSVM with custom score thresholding. The detection performance of the OCSVM model with the custom threshold is summarized through the confusion matrix in Figure 3 and the decision score distribution shown in Figure 3. Since the model was trained only on clean samples, it learns a decision boundary representing normal operating conditions and flags deviations as anomalies. The confusion matrix indicates that the model correctly identifies 361 out of 401 spoofed samples, achieving a recall of 90.0% and resulting in an F1-score of approximately 89.6%. This demonstrates strong detection capability. Furthermore, the OCSVM demonstrates a precision of 89.1%. The false positives (44 clean samples misclassified as spoofed) reflect the typical trade-off in anomaly detection where sensitivity to attacks is prioritized over minimizing false alarms. The decision score distribution further confirms the model’s discriminative ability, with clean samples clustered around higher (more normal) scores and spoofed samples concentrated at significantly lower scores. The limited overlap between the distributions explains the small number of misclassifications and suggests opportunities for threshold tuning or feature enhancement. Overall, these results validate OCSVM as an effective unsupervised approach for detecting spoofed SOC in OCPP 2.0.1 communications.

5.3. Comparative Evaluation

The proposed unsupervised-based attack detection OCSVM model is compared with alternative machine learning-based anomaly detection mechanisms, specifically, with an alternative unsupervised machine learning-based anomaly detection model and a deep learning-based anomaly detection model.

5.3.1. K-Means Clustering for Spoofing Attack Detection

We compare the performance of OCSVM with K-means clustering trained exclusively on clean training data (i.e., data that did not contain samples injected for SOC spoofing). The anomaly score for a sample was defined as its Euclidean distance to the nearest cluster center, where larger distances indicate a higher likelihood of spoofing. To determine the optimal model complexity, we performed a grid search over the number of clusters $k\in \{2,3,4,9,10,11\}$. For each k, an exact F1-based threshold sweep was conducted across all possible distance thresholds to identify the decision boundary that maximized validation F1. As shown in Figure 4, performance improves steadily as k increases from 2 to 10, with the best validation F1 score achieved at $k=10$. Based on this trend, intermediate values k = 5–8 were not evaluated separately, as they are expected to yield intermediate performance and would not affect the location of the optimum. Increasing the number of clusters beyond this point does not yield further improvement and results in a slight degradation at $k=11$. Based on this trend, we select $k=10$ as the final model configuration. The selected model was then evaluated on the held-out test set. This resulted in 86.21% F1 score, which is lower than OCSVM performance. The confusion matrix is presented in Figure 4. To aid interpretation, training, validation and predictions were projected into two dimensions via principal component analysis (PCA) in Figure 4.

5.3.2. Autoencoder for Spoofing Attack Detection

The proposed OCSVM is also compared with a deep learning-based anomaly detection, specifically autoencoder. The autoencoder model employed is a fully connected symmetric autoencoder consisting of an encoder with two hidden layers, followed by a four-dimensional bottleneck layer ($18\to 12\to 4$) with L1 regularization. The decoder mirrors the encoder and has a linear output layer that reconstructs the input features. The symmetric decoder ensures stable reconstruction. ReLU activations are used in all hidden layers, and the model is trained using the mean absolute error loss. We found this configuration to provide strong empirical performance for our anomaly detection application while remaining lightweight and easy to train.

We perform a grid search to determine the best hyperparameters, including optimizer, learning rate, and epochs. The resulting optimal hyperparameters includes 120 epochs for $0.001$ learning rate with Adam optimizer. The resulting autoencoder-based anomaly detector was evaluated using the same dataset, and the resulting confusion matrix and reconstruction distribution are shown in Figure 5. Unlike the OCSVM, the autoencoder learns a compressed latent representation of clean meter values and reconstructs them during inference, with reconstruction error used as the anomaly score. Based on the selected threshold, the model correctly classified 351 out of 401 spoofed samples, yielding a recall of 87.5% for the spoofed class. It also achieved 190 true negatives, correctly identifying the majority of clean samples, with only 26 false alarms (93% precision). The resulting F1-score is 90%. Compared to OCSVM, the autoencoder exhibits slightly lower recall but higher precision, thus, fewer false positives.

Furthermore, the performance of the two models, OCSVM and autoencoder, for SOC spoofing detection was evaluated using Receiver Operating Characteristic (ROC) curves, as shown in Figure 6. OCSVM achieved an Area Under the Curve (AUC) of 0.936, while the autoencoder model attained an AUC of 0.924. Both models demonstrate strong discriminative capabilities, with OCSVM performing slightly better in distinguishing between normal and spoofed instances. The marginally higher AUC value of OCSVM indicates that it achieves a more favorable trade-off between true positive and false positive rates. Nonetheless, the autoencoder also exhibits robust detection performance, suggesting that both approaches are suitable for spoofing anomaly identification in SOC environments.

The comparison between the OCSVM and autoencoder-based approaches reveals a clear trade-off between recall and precision, each aligning with different operational priorities. The OCSVM achieves a higher recall (90%) for spoofed samples, meaning it is more effective at detecting manipulated SOC values even at the cost of increased false positives. This behavior is desirable in scenarios where grid stability, load management, or forecasting accuracy are critical because missing spoofing events may lead to incorrect aggregate load estimates, destabilized control decisions, or cascading effects across interconnected charging infrastructure. In such cases, it is safer to over-flag and investigate potential anomalies rather than allow spoofed values to pass through undetected. In contrast, the autoencoder yields a higher precision (93.1%) and lower false positive rate, making it more suitable for deployments where billing accuracy, user trust, or customer-facing operations are the primary concern. By reducing unnecessary alerts, the autoencoder minimizes disruptions for users and operators but does so at the cost of a slightly lower recall (87.5%), meaning that some spoofed values may go undetected. Since the implications of SOC spoofing extend beyond financial fraud and undetected anomalies may mislead energy management systems and interfere with coordinated charging strategies, for proper resource management in charging applications and accurate load forecasting, OCSVM’s higher recall makes it the preferred choice.

6. Conclusions

In this paper, we present the implications of misreporting State-of-Charge (SOC) of electric vehicles, and present two SOC spoofing attack scenarios (i.e., Priority Manipulation Attack and Session Extension Attack). Through these attacks, the adversary falsifies SOC levels to obtain benefits, including accelerated charging priority, and bypassing of charging cutoff policies. We propose an unsupervised learning attack detection model based on One-Class SVM. The attack detection model detects SOC spoofing attacks with 89.6% F1 score and 90% recall, leaving a very small number of attacks undetected. While the alternative attack detection model based on autoencoders achieves 90% F1 score, the resulting recall is lower (i.e., 87.5%). Since the implications of SOC spoofing extend beyond immediate consequences, such as financial fraud, and can potentially lead to energy mismanagement and interfere with coordinated charging strategies, for proper resource management in charging applications and accurate load forecasting, OCSVM’s higher recall makes it the best solution. Part of our future work is to explore the incorporation of nonlinear engineered features derived from SOC time-series behavior to further enhance model robustness and generalization capability. Examples of such features include charging rate dynamics, temporal consistency metrics, and higher-order statistics that capture deviations from expected incremental SOC patterns over time. Investigating how such nonlinear and temporal features affect detection performance may provide additional gains, particularly in more complex or adaptive attack scenarios. In addition, we intend to test the developed OCSVM in large-scale commercial charging stations, enabling a comprehensive analysis of detection performance under real-world operating conditions, diverse user behaviors, and realistic system noise.