Social media posts have been abuzz with viral clips depicting BAT-BMS, a Chinese application that can remotely disable e-rickshaws by connecting to them via Bluetooh.
Netizens have also cautioned against using such an application as it may adversely affect the livelihood of e-rickshaw drivers and cause danger on the roads.
NDTV Profit queried Kunal Bhogal, chief executive officer of IIRIS Consulting, to break down how the application functions, which vehicles are vulnerable and how to safeguard against them.
Origins And Intended Use
BAT-BMS was developed by Chinese firm Shenzhen Grenergy Technology, as per Bhogal. Its intend purpose was to undertake diagnostics of battery management system (BMS) without opening the battery case, The application can read charge, voltage, current, temperature and cell health remotely.
The application was originally developed as a legitimate battery-monitoring tool built for solar, marine and off-grid lithium battery systems rather than e-rickshaws. Due to these EVs running on battery systems, it made them an unwitting target of the application.
"The problem is that these apps are blindly commissioned without going much into capabilities of the apps, thus, most of the settings are left unattended and exposed," Bhogal said.
How It Works
Unlike previous reports, that stated that the application requires a specific battery ID to connect, the application can connect through a Bluetooth Low Energy (BLE) system to any compatible BMS within 15 metres. However, it can only connect to thate are broadcasting openly with no password set.
Once it connects, it sends a command to the discharge MOSFET or the battery's output switch, which cuts power to the motor controller and halting the vehicle.
"This is a built-in battery-protection function being misused not a “hack” in the internet sense," Bhogal said.
Safeguards And Safety Measures
Major automotive-grade EVs are not vulnerable to BAT BMS as they use encrypted, authenticated, multi-layered security, according to Bhogal. Lead-acid vehicles and proprietary or password-protected BMS systems are also immune to the application.
In order to protect themselves against such digital interference, drivers from their end can disable Bluetooth on their vehicles if not required for operations. Drivers can also check if the battery pack has a Bluetooth-enabled BMS, they can do this by scanning for open BLE devices near the vehicle.
"If it appears connectable via BAT-BMS or similar apps with no password prompt, it's exposed," Bhogal said.
Lithium packs with unbranded or low-cost BMS units are the highest risk according to the cybersecurity expert.
ALSO READ: Tesla Shares Slump Even As EV Deliveries Smash Street Estimates
Bhogal stated e-rickshaw manufactuers have a responsibility to set a strong BMS password or authentication before handing the vehicle over to the driver. He further recommended sourcing BMS units with encrypted, authenticated communication systems.
He also called on regulators to mandate BMS security as a registration requirement, similar to India's EV telematics mandate in March 2023.
Essential Business Intelligence, Sharp Market Insights, Practical Personal Finance Advice, Daily Fuel, Gold and Silver Prices and Latest Stories — On NDTV Profit.