Topology-Aware Prioritized Patching for EV Charging Infrastructure Vulnerabilities

Roland Plaka; Mikael Asplund; Simin Nadjm-Tehrani

doi:10.5220/0013293300003941

Topology-Aware Prioritized Patching for EV Charging Infrastructure Vulnerabilities

Roland Plaka, Mikael Asplund, Simin Nadjm-Tehrani

2025

Abstract

Modern critical infrastructures are becoming increasingly complex and exposed to cyber-attacks. As with any digitalized system, these systems suffer from vulnerabilities that threaten overall system security. As a result, eliminating vulnerabilities is imperative for security analysts to counteract potential future attacks. However, vulnerability management is time-consuming and expensive because it requires testing, verification, and validation for the patches. Therefore, there is a need to prioritize which vulnerabilities to fix first in an efficient manner. This paper introduces a patching strategy by identifying the attack path that poses the most severe system risk and the patches with the highest potential to mitigate this risk. The risk assessment is based on novel metrics incorporating dynamic exploitability, impact scores, and the network topology. The method is evaluated on a case study based on electric vehicle charging infrastructures. We collect information on vulnerabilities, exploits, and available patches for this domain and instantiate a realistic network model with relevant components, some of which contain vulnerabilities. Our results show that the proposed method outperforms baseline methods to reduce overall system risk.

Download

Paper Citation

in Harvard Style

Plaka R., Asplund M. and Nadjm-Tehrani S. (2025). Topology-Aware Prioritized Patching for EV Charging Infrastructure Vulnerabilities. In Proceedings of the 11th International Conference on Vehicle Technology and Intelligent Transport Systems - Volume 1: VEHITS; ISBN 978-989-758-745-0, SciTePress, pages 113-124. DOI: 10.5220/0013293300003941

in Bibtex Style

@conference{vehits25,
author={Roland Plaka and Mikael Asplund and Simin Nadjm-Tehrani},
title={Topology-Aware Prioritized Patching for EV Charging Infrastructure Vulnerabilities},
booktitle={Proceedings of the 11th International Conference on Vehicle Technology and Intelligent Transport Systems - Volume 1: VEHITS},
year={2025},
pages={113-124},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013293300003941},
isbn={978-989-758-745-0},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 11th International Conference on Vehicle Technology and Intelligent Transport Systems - Volume 1: VEHITS
TI - Topology-Aware Prioritized Patching for EV Charging Infrastructure Vulnerabilities
SN - 978-989-758-745-0
AU - Plaka R.
AU - Asplund M.
AU - Nadjm-Tehrani S.
PY - 2025
SP - 113
EP - 124
DO - 10.5220/0013293300003941
PB - SciTePress