
Case
Plug and Charge – sounds easy, but it's not.
Park. Charge. Pay. umlaut makes the dream of the future come true.
It’s Monday evening – end of work, quickly heading to the gym for a workout. Meanwhile the car shall be charged at the parking. Best case, that means easily finding a charging station in front of the gym, plugging in the cable, charging and paying automatically. After sport driving home fully recharged.
This would make charging electric cars even easier than filling up a conventional combustor. But such and similar scenarios are still a dream of the future in the e-mobility industry in many places.
In reality, owners of electric vehicles are confronted with several obstacles like needing diverse identification cards for different charging stations and having compatibility issues between car and stations.
Only Tesla does currently manage to offer its customers simple and fast charging with proprietary Superchargers.
The Plug and Charge technology is intended to make charging and paying uncomplicated and above all, safe for the customers of all electric car manufacturers. 'The customer then no longer needs to use a payment card or app to start the charging process. Instead, the vehicle identifies itself directly at the charging station and billing is done automatically based on previously concluded contracts', says Michel Voßkuhle, Development Engineer e-Mobility at umlaut. Therefore, all relevant stakeholders must work together. umlaut tries to get them all around the table. The status quo:
Complex interaction of various stakeholders and systems
It is obvious that vehicle manufacturers (OEMs), charge point operators (CPOs) and mobility operators (MOs) need to coordinate their efforts to ensure a smooth charging experience for end-consumers. Similar to online banking, the focus primarily lies on IT security. The implementation described in the underlying standard ISO 15118 is based on an X.509 public key infrastructure (PKI). This technology is comparable to HTTPS protocol, which is widely used in web browsers: It ensures that information comes from a trustworthy source - for example, from your own bank’s server - and that communication with this partner is encrypted.
The decisive difference to charging an electric vehicle: Unlike HTTPS, where the provider wants to prove its authenticity to the user, Plug and Charge requires that each user, or rather the vehicle, must be able to prove its authorization at the charging station. On the one hand, this requires that the OEM equips each vehicle with an individual digital certificate (the so-called OEM Provisioning Certificate) and thus assumes the tasks of a certification authority (CA). On the other hand, information about these vehicle certificates and about concluded charging contracts must be accessible to all players. This is done via two certificate pools, the CCP and the PCP, i.e. two additional actors in the context of Plug and Charge. An organisation may well perform several of the roles described above.
The complex network of many stakeholders and systems involved results in a multitude of challenges for development and testing. This is where umlaut comes into play: Thanks to years of experience in E2E testing of electric vehicles and in-depth technical expertise, we support our customers in the end-to-end validation of electric mobility.

Michel Voßkuhle, Development Engineer e-Mobility at umlaut
The main challenges are the interfaces and the technical complexity. All hardware and software components have to interact and communicate with each other in a secure way. This requires different BUS systems and PLC, OCPP and proprietary protocols - all of them mostly encrypted. In addition, the various interests of all players must be brought together. ‘Our umlaut know-how in all areas of this multifaceted complex of topics enables us to keep track of the way information needs to flow to let development run smoothly’, declares Voßkuhle. ‘This allows us not only to detect errors through our tests, but also to identify the root cause, and to troubleshoot with all parties involved.’
Global transfer of knowledge
Our customers are planning to launch Plug and Charge according to ISO 15118 not only in Europe but also in the USA. When COVID-19 travel restrictions prevented entry into the USA, we were able to ensure testing together with our colleagues on site. The transfer of knowledge within the umlaut group ran smoothly and our American colleagues were fully operational after a very short time. With our support via video telephony, they were even able to independently produce replacements for the equipment that was blocked by customs. Our US colleagues will be able to take over tests quickly and resource-efficiently also in the future.
Implementation in vehicles and a new focus on IT security
umlaut not only manages to harmonize the different stakeholders and roles with project expertise and technical knowledge. Our specialists benefit from a cross-sector network and the urge to dig into technical details. In all questions, IT security in the vehicle is the top priority. After all, charging during shopping or a visit to the gym should not only be quick and easy, but the payment process must also be secured to the highest possible degree.
In order to implement Plug and Charge, it is first necessary to determine which control unit should store the highly safety-relevant vehicle certificate and communicate with the charging station. It must also be ensured that each vehicle receives an individual certificate. Implementation begins, as soon as we have designed a system architecture together with the OEM and suppliers have been commissioned.
Plug and Charge poses completely new challenges, especially with regard to IT security. The vehicle and contract certificates are key pairs based on an asymmetric encryption procedure. They thus consist of a secret part - private key - and a non-secret part - public key, which, inter alia, may be stored on servers. For the security of this system it is essential that the private key cannot be read out, but is only used in the designated control unit. Otherwise a knowledgeable hacker could use this information to charge at the expense of the actual certificate holder.
Therefore, state-of-the-art IT security methods are in use. Recommendations of EVITA on the topology of hardware security modules and of the BSI on cryptographic procedures (BSI TR-02102) are considered. Moreover, it must be ensured that the component that stores the certificates is protected against theft. These additional requirements can only be given to the commissioned supplier in an abstract form. The concrete implementation depends on the hardware used and the selected software architecture. It must be agreed in detail with the OEM's security experts and be evaluated by them.
Speaking one language - and keeping the big picture in mind
We at umlaut support the OEM experts for these coordination processes and the step-by-step, targeted concretisation of the requirements. We speak the same language, understand their needs and are able to coordinate with the suppliers efficiently.

If problems occur, we immediately assess the consequences and necessary adjustments and, thanks to our good networking with the experts at the OEM, we organise prompt support for the solution. In doing so, we still never lose the overview. If unforeseen challenges occur, we can point out possible effects on the timeline, which may be several years. Together with our customer, we then work out solutions that guarantee timely implementation.
Representation of interests in standardisation committees
The development of electric mobility is by no means finished with Plug and Charge. Innovations such as inductive charging and charging robots are just about to start.
Standardisation has an interest in integrating these new technologies into existing standards. If this fails, competing charging standards - such as the Chinese-Japanese joint project ChaoJi - could replace existing standards.
Previous investments would not pay off and, in the worst case, achievements such as the high security standard of payment systems would be lost.
For this reason, representatives of OEMs and charging station manufacturers, but also of energy network operators and other interest groups, are constantly working on updating and further developing existing standards. Backwards compatibility must not be ignored. Customers would have little sympathy if their vehicle suddenly could no longer charge at charging points that implement a new version of the standard. It is therefore essential that OEMs participate in standardisation committees so that their hardware and software solutions will be taken into account.
The connecting link
Our umlaut e-mobility experts represent the interests of our customers in the standards committees and report on current discussions. ‘We coordinate change proposals with the OEM departments involved and, if necessary, organise meetings to jointly work out a uniform attitude to current questions regarding adjustments in the standards,’ Voßkuhle explains.
In this way, we mediate between the various stakeholders and prioritise the OEMs' issues in order to drive and secure development on all sides. For maximum interoperability and simultaneously freedom for all stakeholders in the implementation design. If this is successful, charging in front of the gym could soon become a nice side effect while working out.
Get in touch with our experts!

