Date Published: July 14, 2023
Comments Due:
Email Questions to:
Author(s)
James McCarthy (NIST), Nakia Grayson (NIST), Joseph Brule (MITRE), Tom Cottle (MITRE), Alan Dinerman (MITRE), John Dombrowski (MITRE), Josie Long (MITRE), Karen Quigg (MITRE), Michael Thompson (MITRE), Anne Townsend (MITRE), Hillary Tran (MITRE), Nikolas Urlaub (MITRE)
Announcement
This Cybersecurity Framework Profile (Profile) has been developed for the Electric Vehicle Extreme Fast Charging (EV/XFC) ecosystem and the subsidiary functions that support each of the four domains: (i) Electric Vehicles (EV); (ii) Extreme Fast Charging (XFC); (iii) XFC Cloud or Third-Party Operations; (iv) and Utility and Building Networks. The document provides a foundation that relevant parties may use to develop profiles specific to their organization to assess their cybersecurity posture as a part of their risk management process. This non-regulatory, voluntary profile is intended to supplement, not replace, an existing risk management program or the current cybersecurity standards, regulations, and industry guidelines that are in current use by the EV/XFC industry.
Purpose
The EV/XFC Cybersecurity Framework Profile is designed to be part of an enterprise risk management program to aid organizations in managing threats to systems, networks, and assets within the EV/XFC ecosystem. The EV/XFC Cybersecurity Framework Profile is not intended to serve as a solution or compliance checklist. Users of this profile will understand that its application cannot eliminate the likelihood of disruption or guarantee some level of assurance.
Use of the Profile will help organizations:
- Identify key assets and interfaces in each of the ecosystem domains.
- Address cybersecurity risk in the management and use of EV/XFC services.
- Identify the threats, vulnerabilities, and associated risks to EV/XFC services, equipment, and data.
- Apply protection mechanisms to reduce risk to manageable levels.
- Detect disruptions and manipulation of EV/XFC services.
- Respond to and recover from EV/XFC service anomalies in a timely, effective, and resilient manner.
Join the Community of Interest
If you have expertise in EV/XFC and/or cybersecurity, consider joining the Community of Interest (COI) to receive the latest project news and announcements. Email the team at evxfc-nccoe@nist.gov declaring your interest or complete the sign-up form on our project page.
This document is the Cybersecurity Framework Profile (Profile) developed for the Electric Vehicle Extreme Fast Charging (EV/XFC) ecosystem and the subsidiary functions that support each of the four domains: (i) Electric Vehicles (EV); (ii) Extreme Fast Charging (XFC); (iii) XFC Cloud or Third-Party Operations; (iv) and Utility and Building Networks. This Profile provides a foundational profile that relevant parties may use to develop profiles specific to their organization to assess their cybersecurity posture as a part of their risk management process. The profile is intended to supplement, not replace, an existing risk management program or the current cybersecurity standards, regulations, and industry guidelines that are in current use by the EV/XFC industry.
This document is the Cybersecurity Framework Profile (Profile) developed for the Electric Vehicle Extreme Fast Charging (EV/XFC) ecosystem and the subsidiary functions that support each of the four domains: (i) Electric Vehicles (EV); (ii) Extreme Fast Charging (XFC); (iii) XFC Cloud or Third-Party...
See full abstract
This document is the Cybersecurity Framework Profile (Profile) developed for the Electric Vehicle Extreme Fast Charging (EV/XFC) ecosystem and the subsidiary functions that support each of the four domains: (i) Electric Vehicles (EV); (ii) Extreme Fast Charging (XFC); (iii) XFC Cloud or Third-Party Operations; (iv) and Utility and Building Networks. This Profile provides a foundational profile that relevant parties may use to develop profiles specific to their organization to assess their cybersecurity posture as a part of their risk management process. The profile is intended to supplement, not replace, an existing risk management program or the current cybersecurity standards, regulations, and industry guidelines that are in current use by the EV/XFC industry.
Hide full abstract
Keywords
Cybersecurity Framework; electric vehicle; EV/XFC ecosystem; extreme fast charging; Framework; Mission Objectives; Profile; risk management; security controls
Control Families
None selected
