There is a newer version of the record available.

Published May 15, 2026 | Version v3

HotWire: Real-World Impersonation and Discharge Attacks on Electric Vehicle Charging Systems (USENIX WOOT '26 Artifact)

  • 1. ROR icon National Taiwan University of Science and Technology

Description

HotWire is a bidirectional testbed for the DIN 70121 and ISO 15118-2 vehicle-to-grid charging protocols. It implements both sides — a rogue EVSE (charging station) and a rogue PEV (electric vehicle) — plus two concrete attacks: (A1) Autocharge EVCCID impersonation, and (A2) forced discharge via fabricated PreChargeRes voltage claims.

This archive accompanies the USENIX WOOT '26 paper "HotWire: Real-World Impersonation and Discharge Attacks on Electric Vehicle Charging Systems". It contains the full Python implementation, a Docker-based CI test harness (240 unit + integration tests), parametric simulation scripts, hardware design and recovery documentation, safety notes, an Artifact Evaluation Committee (AEC) verification entry-point, and the historical Luxgen N7 forced-discharge bench logs cited as A2 evidence.

The artifact can be evaluated entirely inside Docker plus IPv6 loopback simulation — no real charging station, no real vehicle, and no PLC modem are required. See ARTIFACT.md in the archive root for the AEC evaluation path.

Source repository: https://github.com/sickcell6000/HotWire
License: GNU GPL-3.0 (inherited from upstream pyPLC).

Files

HotWire-woot26-artifact-rc1.zip

Files (2.6 MB)

Name Size Download all
md5:59de7f9820fc57b2c2afdb4cdd77fb4a
2.6 MB Preview Download

Additional details

Related works