When charging stations become part of the firewall

Chris Löwer Chris Löwer

21 January 2026 - 15:57

3 min

Greater connectivity in charging infrastructure also expands the attack surface, from authentication gaps to insecure communication paths.

Dekra

EV charging points could evolve from simple energy suppliers into active security nodes. Integrated into vehicle security architectures, they may help detect and stop cyberattacks long before threats reach the car or backend systems.

Connected electric vehicles exchange data continuously, rely on cloud backends and receive frequent over-the-air updates. As vehicles turn into rolling software platforms, cybersecurity requirements are rising sharply. One part of the ecosystem, however, has so far received comparatively little attention: the charging infrastructure.

Yet charging stations may soon play a far more active role than simply delivering electricity. Researchers and technology providers are increasingly exploring the idea of turning chargers into distributed security nodes within a Vehicle Security Operations Center (VSOC). In this setup, the charging point becomes a first line of defence at the network edge.

Who is leading the shift to bidirectional charging?

As EVs evolve into flexible home and grid storage units, more manufacturers are adopting bidirectional charging. Here is how leading OEMs approach the technology — and what opportunities it opens for customers and energy systems.

ADT editorial team

Charging points are well positioned for security roles

The logic behind this approach is straightforward. Charging stations sit at a critical intersection between vehicle, user and backend systems. According to Rainer Ehrentraut, Product Field Manager at ETAS, a Bosch subsidiary specialising in vehicle software platforms, this makes them ideally suited to detect suspicious behaviour early.

A possible scenario involves a manipulated communication request, such as a forged firmware update attempt, targeting a vehicle while it is connected to a charger. If the charging station is integrated as a SOAR node — Security Orchestration, Automation and Response — unusual communication patterns can be identified immediately. The station can then isolate the connection, interrupt data transfer and alert both the operator and a central VSOC before malware reaches the vehicle or backend systems.

In this model, attacks are stopped at the plug rather than inside the car or deep within cloud infrastructure. However, the approach cuts both ways: charging points themselves also represent potential attack surfaces.

How Porsche brings inductive charging to market maturity

Porsche is developing a wireless charging system for electric cars: From 2026, the new Cayenne Electric will be able to charge inductively via a base plate with up to eleven kW, making the charging process more convenient in everyday life.

Götz Fuchslocher

A growing attack surface at the charging interface

As charging infrastructure becomes more connected, vulnerabilities multiply. Weak authentication between vehicle, charger and backend, insufficiently protected communication interfaces, insecure OTA processes or proprietary implementations in vehicle-to-grid environments all increase exposure. Even simple threats such as QR-code manipulation aimed at stealing payment credentials are becoming relevant.

A compromised charging station could serve as a launch point for various attacks — from injecting malicious commands during charging sessions to gaining access to charge point management systems, potentially affecting entire networks. In extreme cases, compromised chargers could even be misused as botnet nodes targeting energy providers or other critical infrastructure. The systemic risk is significant: depending on architecture and security maturity, a single compromised charger can have far-reaching consequences.

From risk to opportunity: chargers as security edge nodes

Despite these risks, charging infrastructure offers unique advantages. Charging points can observe data traffic at the network edge — a vantage point vehicles themselves do not have. Acting as decentralised security nodes, chargers could not only report anomalies but actively respond by enforcing policies, quarantining vehicles or interrupting sessions.

Research initiatives such as EVSOAR outline architectures in which charging stations function simultaneously as sensors, firewalls and mitigation nodes. During a charging session, telemetry data could be analysed for abnormal patterns such as manipulation attempts or malware communication. Countermeasures could be triggered locally, while relevant security events are forwarded to a central VSOC for correlation and fleet-wide analysis.

In this layered model, cybersecurity becomes a shared responsibility across vehicle, infrastructure and cloud. Vehicles are no longer required to perform all security analyses themselves. Stationary chargers, with greater computing resources, can correlate incidents across thousands of charging events and identify attack patterns invisible at vehicle level.

Electric CLA shows strengths and weaknesses in Norway

Few countries are as committed to electromobility as Norway. It is here that the new electric Mercedes-Benz CLA faces its trial - on winding roads, in clear air, and with views of fjords and mountains.

Ronja Schmiedchen

Open questions across a fragmented ecosystem

Despite the promise, significant challenges remain. OEMs must decide which diagnostic data charging stations are allowed to access and which countermeasures are acceptable. Charge point operators face the question of whether they want — or are able — to offer security services in addition to energy delivery. Mobility service providers may need to integrate cybersecurity assessments into their offerings, while energy providers must ensure that security interventions never compromise grid stability.

Regulators also enter the picture. As charging infrastructure operators increasingly act as digital energy service providers, cybersecurity requirements are likely to tighten. In Germany, for example, authorities have indicated that future regulation may impose explicit security obligations on manufacturers and operators of charging infrastructure once a critical scale is reached. At the same time, industry voices are warning against regulatory overreach. “It is critical to ensure that regulations allow the ecosystem to evolve, especially by avoiding double taxation and enabling easy metering models. However, we must avoid over-regulation to give the market room to develop,” cautions Alexander Funke, Expert Energy Markets at BMW.

From a technology perspective, further hurdles include heterogeneous standards, fragmented responsibilities and the need for secure hardware, long-term software maintenance and compliant data handling. Cost allocation remains another open issue: security by design at scale requires sustained investment.

Charging infrastructure as part of the security perimeter

Despite these uncertainties, the direction of travel is clear. Charging stations are gradually moving from passive endpoints to active participants in automotive cybersecurity. If open standards, cross-industry cooperation and clear regulatory frameworks can be established, chargers could become preventive and reactive security nodes — strengthening the resilience of the entire electric mobility ecosystem. In such a future, charging infrastructure would no longer merely power vehicles. It would help protect them.