AN-2586: Powering Confidence and Ensuring Authenticity in EV Batteries

Abstract

As the demand for electric vehicles (EVs) continues to surge, ensuring the authenticity and security of EV batteries becomes paramount for safety and performance. This application note explores the importance and benefits of secure authentication of EV batteries, addressing concerns such as battery fraud, battery traceability, safety and performance risks, and original equipment manufacturer (OEM) revenue and reputation protection. This application note also discusses techniques such as symmetric or asymmetric challenge-response authentications, unique identification codes, and embedded authentication chips, highlighting their effectiveness in protecting against counterfeit batteries.

Introduction

The automotive trend toward electrification is clear and irreversible, which will undoubtably yield benefits to a sustainable environment by creating less pollution and reducing consumption of fossil fuels. Hastening this trend, current technologies provide equal or better acceleration performance with comparable range on a battery charge compared to a full tank of fuel for an internal combustion engine car. With about 100 million new vehicles produced annually across the globe, the unprecedented scale of lithium-ion battery usage will present new challenges that must be addressed by electric vehicle (EV) manufacturers. First, safety is always of primary concern, not only for vehicle occupants, but equally for pedestrians and people in other vehicles. Second, sustainable energy and environmental concerns must be considered with the scale of finite usable lifetime batteries deployed in vehicles. Finally, EV batteries are high-value vehicle components with high replacement costs. This may encourage theft and black markets for stolen batteries. Without carefully addressing these three issues, automotive original equipment manufacturers (OEMs) can encounter negative impacts to their brand reputation as well as lost revenue for selling genuine OEM replacement batteries. Secure authentication of EV batteries is a method that can help address these issues. Analog Devices also offers solutions for wired battery management system (BMS) topologies. This application note focuses on wired-BMS applications and the automotive secure authenticators that can add security to EV batteries.

Contact your Analog Devices representative if you are interested in implementing battery authentication along with Wireless Battery Management Systems (wBMS) solutions. Battery modules using an authenticator such as the DS28C40 provide security right to the source.

Safety and security often go hand-in-hand. In the automotive context, if mission-critical systems are not secure, then safety is vulnerable to compromise. An example with lithium-ion batteries is the risk of fires and explosions caused by manufacturing defects.1 Batteries manufactured by an unauthorized source may be offered at a price discount compared to OEM-approved products, but they are more likely to include lower quality construction and testing. Even if most batteries do not cause fires, the degraded performance can indirectly cause brand reputation problems for OEMs. For genuine batteries, once they have completed their useful life in the car, they often have the ability to serve a “second life” and can be redeployed into stationary energy storage centers. To prevent genuine OEM batteries from being redeployed to a second car, they should be decommissioned following a nonreversible expiration process. Digital authentication is a method that enables cars to identify genuine batteries connected to the system, while discarding the counterfeited ones. Analog Devices’ DS28C40 and DS28E40 authenticators are example devices that not only provide authentication functions, but traceability of battery history in a secure memory. Key information such as manufacturing, service information, and decommission status can be readily stored in the secure one-time programmable (OTP) memory digitally signed by the device.

As lithium-ion batteries age, they encounter degradation in the amount of energy stored on a single charge as well as peak current that can be sourced. This translates to shorter drive distance per charge and lower all-round battery performance, With tens to hundreds of millions of battery packs eventually being decommissioned per year, second life is a way to improve energy sustainability.2 Stationary storage centers are especially useful for capturing energy and leveling out the ability to supply power from renewable sources such as wind and solar, which have an unpredictable variation. Decommissioned EV batteries are well-suited to be redeployed into these stationary storage centers. Traceability is still important to track the history of when batteries were added to the center and any performance metrics of the battery.

Figure 1. EV batteries life cycle.

Most EV battery packs today are not easily accessible and therefore are not a prime target for theft. On the other hand, some OEMs have proposed a strategy for easily swappable battery packs.3 Creating a network of power swap stations with pre-charged battery packs and equipment to access the packs enable drivers to get a fresh charge very quickly in less time than it takes to refuel an internal combustion engine (ICE) car today. As EV batteries are such a high value item, this approach invariably provides perverse incentive for thieves. Batteries paired to specific vehicles using an authenticator effectively block the thieves from removing a battery from one vehicle and successfully installing it in the second. To accomplish this, the authorized power swap stations that routinely swap battery backs must have the ability to connect to the battery electronic control unit (ECU) and initiate a pairing process with the authorized battery. The service stations equipment likely entail a cloud connection to provide an audit path back to the automotive OEM to provide a record of legitimate pairing operations. The infrastructure for this approach is quite extensive. So, it remains to be seen if OEMs advocating this strategy press forward with this approach.

Implementing EV Batteries Authentication

Benefits of Challenge-Response Authentication


Having explored the different motivations for authenticating EV batteries and decommissioning them to prevent their unauthorized reuse in electrical vehicles, let us define an implementation strong enough to truly ensure user safety, vehicle performances, also protecting revenue and brand reputation for car OEMs.

Intuitive means such as serial number tracking or storing data in unsecure memory can be easily defeated and are not robust enough: it generally takes less than half a day for a hacker with moderate skills and low-cost equipment to bypass such security measures. The strength of the authentication method should be in line with the challenges at stake. Strong authentication calls for cryptographic means, and for many applications, challenge-response authentication has proven to be the technique of choice for equipment or spare parts authentication.

Figure 2. With challenge-response authentication, the battery is authenticated without exposing any secret.

Challenge-Response Authentication with Symmetric and Asymmetric Schemes


Challenge-response authentication must be sustained by strong algorithms. Analog Devices’ DS2478, DS28C40, and DS28E40 support:

  • Secure hash algorithm (SHA) based on a shared secret between the car’s BMS and the battery cells. This is a symmetric scheme.
  • An asymmetric scheme based on the elliptic curve digital signature algorithm (ECDSA) algorithm using a private key in the module and a public key on the car side’s BMS. 

Figure 3. Challenge-response authentication with SHA-256-based symmetric scheme.
Figure 4. Challenge-response authentication with ECDSA-based asymmetric scheme.

ECDSA and SHA algorithms are recognized as strong by the community of cryptographic experts and are standardized by the national institute of standards and technology (NIST).

The DS2478, DS28C40, and DS28E40 are automotive AEC-Q100 grade and tailored for subsystems or spare parts authentication by supporting the essential features set for this purpose as opposed to over-engineered solutions available in the market.

Both SHA-256 and ECDSA computations are supported by hardware accelerators in these secure ICs.

Let us now explore the advantages and limitations of the symmetric and asymmetric authentication methods.

The main advantage of the symmetric scheme based on SHA-256 is performance. Although SHA-256 is a strong algorithm, it has moderate complexity. As a result, the computation is fast, and it takes approximately 5ms to run the challenge-response authentication for a module.

This scheme requires that a given car and all battery modules on board share the same secret.

A possible way to install such shared secret is the following:

The battery supplier and the OEM (and approved garages/facilities) initially share a primary secret.

Using the unique ID provided by the DS28C40 or DS28E40, and the primary secret, the battery supplier on one side and the installation facility on the other side compute a unique derived shared secret for a given module. The SHA-256 algorithm is used to compute the said derived secret. This computation is performed by the DS28C40/DS28E40 on the battery module side and optionally with the DS2478 on the car/battery management.

Figure 5. Derived secret computation.

The challenge here is that the tier-1 primary secret shall be always protected. This often requires secure facilities at every stage of the supply chain, and it might be difficult and expensive to implement. Analog Devices can program the primary secret on behalf of its OEM or tier-1 customer, and thus relieve them from the burden of physically securing their facilities and overcoming one of the major weaknesses of a symmetric crypto approach.

On the other hand, the main advantage of ECDSA-based asymmetric authentication scheme is indeed to avoid sharing secrets. Furthermore, a certificate-based scheme enables unique key pairs per battery module.

Figure 6. Onboard key pair generation and certificate installation during manufacturing.
Figure 7. Certificate-based authentication.

One main benefit of this scheme is that the modules can be authenticated using the unique private key per module that has never left the secure memory of the DS28C40 or DS28E40. Obviously, the risk of having the private key compromised is much lower than in a shared secret scheme. The only operation requiring facility security is the certificate signing by the certification authority private key. It can be implemented by the OEM or battery supplier with a reasonable effort using a so-called hardware security module, which does not require physical security for the whole facility. The key pair generation and certificate signing can also be delegated to Analog Devices, so that the OEM or battery supplier receive parts that can be seamlessly integrated.

The price to pay for this flexibility is the need to run two ECDSA verification operations for each battery authentication, resulting in an increased authentication execution time. In a configuration where modules are daisy chained, the scheme becomes impractical due to the duration of the authentication at each engine start.

To overcome this drawback, while still considering benefits of SHA-256-based authentication and its performance, an alternative way of provisioning shared keys is to leverage the asymmetric cryptography capability of the DS28C40: the DS28C40 supports the elliptic curve Diffie-Hellman (ECDH) algorithm. This algorithm allows to compute a shared secret for two mutually authenticated entities.

Figure 8. Establishing a shared secret using the Diffie-Hellman algorithm.

In this scheme, keys and certificates are installed separately in the battery and vehicle. Certificates are trusted by relevant certification authorities. Multiple battery suppliers’ certification authorities as well as multiple battery management controller tier-1s can be involved.

At the time of installation, following the ECDSA mutual authentication of the car and the battery module, a shared secret is computed both on the car battery management controller (BMC) and battery module using the ECDH algorithm. Computation happens on board the DS2478 on the BMC side and on the DS28C40/DS28E40 on the battery module side; the resulting shared secret is stored in the secure memory of the DS28C40 or DS28E40, and it can be further used to run the HMAC/SHA-256 authentication every time the operation is required. The time-consuming asymmetric authentication and shared secret computation needs to happen only once during installation and the performance is not affected during battery authentication. As a result, there is benefit from the performance of SHA-256 at car startup and there is no secret exposure throughout the supply chain.

Thanks to the flexibility offered by asymmetric cryptography and certificates, the scheme described above can be adapted to more complex supply chain organizations. Contact an Analog Devices representative for more information about all possible variants.

The public key certificate storage capability allows car OEMs to:

  • Manage OEM and tier-1 keys by leveraging their existing public key infrastructure (PKI).
  • Implement pairing between the vehicle and battery modules.

Secure memory stores and protect sensitive data such as traceability, manufacturing data, and life cycle information.

Combination with ADI Battery Management System

Wired Battery Management Systems


In the Analog Devices wired BMS, the battery management controller communicates with the battery modules through ISO SPI. The ISO SPI protocol allows serial peripheral interface (SPI) communication between two isolated devices. ISO SPI has I2C tunneling capability, allowing connectivity with the DS28C40 as shown in Figure 9. Thanks to this communication media, the BMC can individually authenticate every battery module. More information about ISO SPI can be found here.

Figure 9. Wired battery management system.

Wireless Battery Management Systems


While Analog Devices wBMS solutions have built-in security, it might still make sense to authenticate the battery modules themselves. Contact an Analog Devices sales representative if interested in such solutions.


Decommissioning Using Secure Authenticators


As described in the first part of this application note, redeploying decommissioned EV batteries in stationary storage centers is essential to take up the environmental challenges of tomorrow.

To make this happen, make sure that decommissioned batteries are never reused in this context after their performance becomes too poor for their use in electrical vehicles. In other words, decommission the battery modules for EV in an irreversible, secure way. In addition to battery module authentication, the DS28C40, DS28E40, and DS2478 also support secure decommissioning. It is quite intuitive that a magic value (that is, an arbitrary but known advance value) stored in the chip attached to the battery module can tell us if this module can be used in electrical vehicles or if it is already decommissioned. This simple method makes sense only if:

  • It is impossible for a nonauthorized entity to change the memory content.
  • The value read out from the memory can be trusted and is not modified when read from the memory.

Otherwise, by changing the memory content either at programming or reading stages, an attacker can easily defeat the mechanism and refurbish the battery modules that are tentatively decommissioned.

The DS28C40 or DS28E40, with an optional DS2478, offers mechanisms to enable trust in the memory content. The protection of the user pages of the 6kb of on-board one-time program (OTP) can be customized. More specifically, it is possible to protect the pages against unauthorized writing by setting the protection to “Authenticated Write.”

To authenticate the write operation, a hash message authentication code (HMAC) is appended to the payload data. The HMAC is a function of the payload data and shared secret. Thanks to the SHA-256 mathematical property, one cannot forge the HMAC without knowing the secret. Hence, it is sure that only the BMC of the vehicle or the authorized service center is allowed to program the memory page storing the magic value. An attacker cannot modify the magic value once it is programmed in the on-board chip memory.

When reading memory content, the DS28C40 or DS28E40 also appends an HMAC based on the secret stored in the IC, also guaranteeing that the value read out of the memory can be trusted. There as well, an attacker cannot replace the value extracted from the memory because the attacker does not know the shared secret.

Figure 10. Programming and reading a magic value to ensure secure decommissioning.

Conclusion

Analog Devices has been providing authentication solutions for more than 35 years to different vertical markets and applications. Analog Devices’ proven technologies secure medical accessories and consumables and thus enable patient health and safety by protecting them from the use of low-quality goods. These technologies are now available to address the major challenges of electrical vehicles and environment.

Analog Devices’ secure authenticators enable crypto strong solutions avoiding complex or over-engineered, expensive solutions.

参考电路

1. Lithium-ion battery fires are happening more often. Here's how to prevent them | CNN Business

2. Electric vehicles, second life batteries, and their effect on the power sector | McKinsey

3. Innovative Smart Power Service Solution