 So welcome to the seminar speaker today is Jay Johnson from the security. By the way, his company CEO is also here. Tom step down for a moment. CEO is also here. So he's going to talk about cyber security want to bring these for challenges. I'm walking everybody. Okay, I would like to remind everyone that the next seven is next week. Next Thursday. I'll send out a reminder for those who are joining us all night. For some reason the chat is now working. So he was the Q&A feature. So questions and questions will be addressed and answer at the end of the presentation. A quick introduction. Jay is a CTO at DL security. This is a staff company focused on DL communication, power operations and security. Jay was a distinguished member of technical staff at Sandia National Lab. When he led research projects totaling $25 million in power system control. Jay received a special in mechanical engineering from the University of Missouri. And his master in mechanical engineering from Georgia Tech in 2009. So without further delay, I'll let Jay share your share of the funds. Thank you. Do a quick scene change here. All right, awesome. I need to stand back a little. Can you hear me online? I'll always try to get folks on this side viewing angles. All right. It's really awesome to be here talking about cybersecurity for EV chargers. As was said, it's a relatively new area, but there's a lot of interesting work that's gone on over the last decade or so in this space. So I'm going to talk a little bit about that plus some personal work that I've done in this space. I spent 13 years at Sandia National Laboratories and really that's the beginning portion of this talk is talking about a lot of the electric vehicle penetration testing work that we were doing. And then the latter portion of the presentation, I'll be talking about DR security Corp and where we're going in terms of the defenses for EV chargers and other distributed energy resources, the DR and security Corp. So talk a little bit about background where we stand with EV charging rollout. As I'm sure everybody here is well aware there's more and more EV chargers every day. Different attack vectors for these EVSEs or electric vehicle supply equipment. So if you see EVSE just think EV charger potential impacts. That's both on the power system, financial impacts, impacts to reputation, etc. And then some guidance that's out there in terms of how to do this stuff. As many of you know, EV chargers, there's a tremendous demand for it back in 2021 we had about 46,000 we're up to 62,000 I just checked with the website, putting together these slides, but we have a demand for 600,000 chargers here in 2030. And so the Biden administration with their bipartisan infrastructure law have put in a tremendous amount of funding to roll out these EV chargers, especially on interstates. And the objective is to put 500,000 chargers out there and make sure that there's a EV charging DC fast EV charger every 50 miles of interstate highway across the country. Right. So as part of that, each of the states submit their plans for how to do these rollouts and in those submissions are guidance or recommendations in terms of cybersecurity for those states or their strategy to approach it. And what you'll find is those tend to be pretty light in terms of their security recommendations and guidance and their approach to it. And so that's one of the areas I'll talk about here at the end is how we could do better in terms of coming up with uniform recommendations for the country on how to do better in the space. So there. So maybe people in their head are thinking, okay, you know, level one level to charger it's in my garage I plug in my car at night. Okay, that's nice. Now we're talking about much larger systems in general, or the work that I've been doing. And so 350 kilowatt systems, megawatt charging is coming. And so there's a lot of talk about this from the Charin group. So you can see the megawatt charging system standard is being developed now. Here you've got a large DC charging station where you've got, you know, semi class seven and eight trucks. You've got school buses. There's a big push now for electrifying school buses. And how you deliver this much power, if we're talking about multiple megawatts in a very tight area is difficult for several reasons. But one of the big things is the total load on the power system at that location. You pretty much need to place this right next to a substation, or you're going to get pretty, pretty massive swings in terms of the voltage there. And so you can kind of see the architectures of a lot of these things that you put a substation. And what they're going to do is most likely co locate battery storage or energy storage systems there so that they can reduce the total demand on the grid at those locations. So think about, you know, middle of nowhere and, you know, Kansas or, or pick a Midwest state, and you've got a relatively weak power system week grid there along the interstate highways. So how are you going to manage that if you've got a bunch of tractor trailers, all charging at the same time. And so those are some of the concerns that they have and dealing with this with this local capability. So, what are what are these things made of, if you tear off the panels and take a look at it. Okay. Typically, you'll have a couple of DC couplers. So here's a chat about a CCS coupler inside this thing you're going to find generally a cell connection. So cellular backhaul network or run from the top of this thing. There is an internal network that could be can or some other protocol running there, oftentimes in the clear. Then you've got an HMI given machine interface or the place that you press buttons and tell it what you want and what you want to do, maybe RFID swipe or credit card swipe. And behind what you don't see in a lot of these things, and this one in particular right is there's there's a place where there's actually the energy conversion. And so the stuff that's coming here out of these couplers is actually DC power. So the connection to the power grid AC side is in these large power cabinets. Sometimes like the charge points you've got, you get a stack of these power conversion devices at the bottom, but in a lot of the larger ones like the electrify America ones, the kind of 250 kilowatt and larger. You're going to see these things set back, like go to go to the Walmarts and the other places and you'll see these big boxes right next to the chargers. And so that my screens. And so the way that you deliver the power to the vehicle is actually through like fiber optic communications here and then DC lines that run beneath it and then you get these power stages here and often they have several different power conversion devices that you can pull out. So, all those, why am I telling you all this? Well, that's where we're about to go right now is all the vulnerabilities associated with these. Okay, so, if you've been watching the news recently, you've probably heard a lot about FBI talking about the threats on the power grid threats to our critical infrastructures from various nation states. Here you can see some distributed energy resources related news articles that are out there. We'll talk about some of these, but it's kind of putting this back in the general context of the national dialogue and what's going on. And so some of the vulnerabilities I'll be talking about here are related to a paper that we published in energies and then actually was discussed in a wired article and some other news outlets. So if you are curious about the technical details, you can dive in there. And if you want just a more general sense of what's going on, please take a look at that wired article. It's a pretty good one. Okay, so four primary interfaces that we're going to talk about. First one is the colors, the actual connection to the vehicle. Next one is user terminals. So I'm the EV driver. I come up to it. I have to swipe a credit card. I have to beat my RFID tag. I have to do something. That is also a vulnerable interface. Network connections, internet-based connections, often with that either Wi-Fi connection, EVSE, EVSE connections, or the backhaul network, so cellular network, and then maintenance terminals. And these things are generally never exposed. In some rare cases, we've seen that. But typically you have to tear off the panel and actually connect to JTAG ports or USB ports inside it. And so for each of these, we'll talk a little bit about some of the things you can do. All right, so here's where we get into it. So first one, a couple of amazing papers from the University of Oxford have come out in the last couple of years. The first one is some work that they did where they used software-defined radios to pick up RF broadcast. I guess I need to back up a little bit. So when you plug in a CCS connector, the combo charging thing, there's kind of like the AC thing, and then you see the two DC ports, mainly for U.S. manufacturers, different from the Chatham-OX one. I don't know if anybody, hopefully you've looked at these. So Chatham-O uses Canvas. So that runs in the clear. You can sniff that traffic if you tap into it. The CCS actually puts a communication protocol stack on that communications, and they use it using Home Plug Green Fire. Home Plug Green Fire is a similar technology to power line communications where you can have these modules where you like plug one in on this side of your house and plug one in on that side so you can actually run internet through the electrical cables in your home. And so it's very similar to that where you're actually communicating over the conductors in the charger. And so when you're broadcasting Home Plug Green Fire, you can pick up an RF signal from them, and you can sniff that. And so any of the session IDs or information that's being passed over that you can sniff. Now what gets interesting is these things are right for PII, personally identifiable information, and billing information, and charging levels, and who the vehicle is, and so forth. So sniffing that is a somewhat big deal. Now, what got very interesting is the University of Oxford took it a step further, not just sniffing, but actually actively broadcasting noise to essentially deny charging for these systems. And so you plug in, say, alright, it looks like it's running, step away. And what they did is they broadcast an RF signal that would terminate that charging session. You can see some of the stopped charging pictures here for the chargers. And that's what their setup looks like. And so you can, you know, they were theorizing about different ways that this could be used or weaponized. So you could have a drive by attack where you have a car broadcasting this message and you just stop all the chargers everywhere that you go. In the kind of blast radius, which turns out to be they tested at 47 meters, you could be nearby. You could you could actually be across the street. So it's that remote attack. It really scared us at the at the National Labs is thinking about in these areas where you have large depots, say, like a UPS, or if you had, you know, FedEx or something and you're charging 800 vehicles overnight. And you did something like this next day, all the vehicles aren't charged. And so that's a huge disruption to that system operations. So still on the EV connectors. There's some other things that you can do here on the CCS thing. And so because you have that communication protocol, you can actually tap in to that connector and direct traffic back up through the home plug green by card at the top of the device and into the brains of the system, which is typically attached to the back by the human machine interface. And so what what has been done and shown is potential risk. So whatever software is parsing that those protocols that are reaching the brains of the operation. If there's a vulnerability associated with that, you have a way to inject traffic. So log for Jay other vulnerabilities associated with that X, X, XE attacks, XML related things could be potentially done on that on that connection. So interesting story here. So I was leading a the red team effort for this joint lab project funded by the DOE cyber office where we had I and L developing a blue team defensive strategies and stand the appointment of the bad guys. And so we were we were working on on coming up with several exploits here. And one of the things we hypothesize is that you can actually, you know, connect to these charging connectors and get traffic in there but we never really close the loop and got the home plug green by transmissions working. And this guy Jake, who worked at I and L, he comes out as we're as we're demoing some of this stuff. And he's like I think I got this working check this out. And so he does the thing where you can actually get traffic to the brains of the system SSH through the connector. And it was very impressive because we're, you know, all the red teamers are hanging out and Jake intern shows up and just goes to show you, you know, the young kids will show the old guys any day of the week. How to do this. Salary. Huh. It wasn't my decision probably showed up. All right, so next up. User authentication mechanism so driver shows up to this thing. How are you going to tell the charger that you should be built. Well, you can do a few things you swipe a credit card. Okay, that's, that's well known you get skimmers shimmers things like that that can track it. No different really from normal gas pumps. Then you've got your RFID tags. So, like, you seem like a charge point or other RFID tag you go bleep. And that it's time to your credit card information. So the problem here is RFID is not very secure. Even your phones can do like near field communications right if you check into a hotel and you're like, okay, you know, give me my car key or room key and you hit the button and can hold it up to the door and I'll unlock it for you. And then you can be done here where you just clone those things. So like there's, there's these hacker tools like proxmark three other things where you can clone that RFID tag and if it's tied to your credit card. Basically somebody could just go charge their vehicle on your credit card. So, have to worry about that phones often will use some sort of API call to the back end. The APIs are tend to be very, there have been a lot of exploits and vulnerabilities discussed in the API world so there were 16 vehicle manufacturers I think that were recently notify that there were problems with their APIs after after somebody did a pretty short assessment of this. And so, yes, your, your, your large auto manufacturers but also your charging companies have these things where you don't properly secure that and and prevent people from enumerating all the devices out there. And basically, ensuring that every transaction is appropriately authenticated and authorized. You get into some of these problems and then plug in charge. That's this beautiful idea that you can plug in your charger. There's cryptographic information on your EV charger. There's cryptographic information on your vehicle that talks and they say okay we know who's who we know you're you you're you. Okay, it's tied to your billing account done in tons and tons of turmoil and arguments about how to make this interoperability work along with the public infrastructure associated with. So, there's there's challenges there as well. So that that might be in the end one of the better ways to go about this. All right, so internet interfaces so this is the back back call communications connection through the cell network. They've got cross site scripting issues, you know, basically all your web based issues that you hear in the news all the time about various websites being compromised. These things also exist for these devices. And so Tony Nasser from Concordia University up in Montreal is doing a lot of work on these things and discover that there were quite a few issues. Actually, I have it on the next slide here. So some of the manufacturers there are several of these vehicle charging systems on the internet and they were able to find that a large number of them had these types of problems associated with them. Also, I know did some awesome early work, I think 2000. No, yeah, about 2018, I think they published this work where there were problems with missing authentication when connecting to the device. There were login credentials being passed in the clear so you could actually sniff those if you're monitoring the traffic on sanitize login fields were. You could you could do SQL injection attacks which would actually dump databases associated with the SQL database and and you could hijack sessions and so forth. So those are some of the problems. And what they what Tony Nasser found in his in his master's thesis was that he identified that about 92% of these charging system management. Start start charging station management systems were were vulnerable to remote exploitation and could could give you access to the underlying ev systems. But that's actually a pretty staggering number. I'm surprised to hear that, but here's a kind of a mapping of these systems. The vendors and which vulnerabilities they had some critical high and medium and you can see several several of the devices that he found on the internet had critical vulnerabilities associated with them, and he found about 14,000 hosts online. All right. So next up are more internet related issues so some some problems associated with these make maintenance terminals and local inner internet connection so imagine you've got a device here. There's, you know, some sort of communication inside that you can plug into the ethernet jack there's often switches and then communicate to the devices that way. So I now found that you connect to us be drive to one of those maintenance terminals and it would just dump out the firmware to you for free. In other cases, it actually dumped. Let's see is that one here. Yeah, it dumps other information when connecting it very handy for debugging but not very secure. Modifying firmware of the devices authorization or firmware signing that's actually very common and then firmware downgrade attacks. And so this this picture off to the right here is the structure for doing code signing, which essentially ties a particular binary typically binary to the author of that through as a. A public key infrastructure and associated sign and probably don't have enough time to go through that. So we'll move on. All right, so here's a great example of malicious firmware updates and supply chain vulnerabilities. So, in the very beginning couple of weeks of the Ukraine Russia conflict. There was some EV chargers along the M 11 four door that runs from Moscow to St. Petersburg I want to say if I remember right. And so these EV chargers had some components in them that were outsourced to Ukrainian company to be manufactured. So they said okay you know, I don't know some component inside this device that does, you know maybe the credit card swipes. So they're going to, you know, manufacture this, and then they maintain a persistent connection to those EV chargers, most likely for like for more updates and other things but once the conflict broke out, they decided okay well we're going to just update these devices to prevent any charging and also display pro Ukraine anti Putin messages. And so there's this great video online of somebody, you know, in Russian saying, I don't know what's going on it says you know, down with Russia glory to Ukraine and I can't charge here what's going on. That's, that's what happened there. All right, so more maintenance interfaces. I'm just going to tell two quick stories here one is the front hopper. Their research institute out of Germany, they basically discovered that they could plug in a USB and it would copy awesome logs that included very sensitive information including authentication tokens from previous users. And the other thing is, PEN test partners. They've got some awesome like PC shows and you can watch them online and they found a number, several several problems, but my absolute favorite is this situation where you have an EV charger. That's basically a Raspberry Pi in a box. And that's this EO hub. And so if you take the panel off this thing, you see this board in here, and that board, you may recognize as a Raspberry Pi. So hobbyist, a small single board computer. Problem with those is everything associated with that device is on a micro SD card sitting right there. Just pull that out. You have everything you can doubt you see the entire structure of the Linux file structure you've got access to everything you can add your own username, you can then log into it, and you can do whatever you want you can dump FTP credentials, etc. Keep touching the touch board. And so this is this is a major problem right so very, very simple way to gain access to very sensitive information and imagine you're a homeowner right maybe you got this thing outside. You tell that okay connect to the internet so I can get data back and see my charging and how things are going. Now you've got your home Wi-Fi stored on that card. And somebody comes by pops it up scans it now they've got your home Wi-Fi and they can do delicious things, or even worse, this is on like a corporate network. And so now you've got access to the corporate network and you can steal it was fairly as being hodge corporate as being hodge stealing and doing various with with corporate systems. You ever hear about the casino that was hacked through the fish tank in Vegas. And so this is kind of one of the problems with the IoT devices right so they don't have things devices, smart thermostat smart refrigerators. There's a hotel in Las Vegas that have a smart fish tank thermometer called you know make sure the fish are alive and all that they put it on their corporate network. You can hack into that through that to get onto that network and then steal a high roll of data. The very similar things here can happen. All right, so what's all this mean I've been blabbing on and on and on you guys are falling asleep. Okay, so what does this mean. I've told you about all these historical problems told you about various interfaces that can be exploited. So for it. Well, what it means at the ground level is a couple of things one is you can disable a single device. Probably very frustrating but these things go down all the time and so maybe not as big a deal but what gets much worse is if you're disabling entire fleets, or you're controlling at kind of a national level. There's a lot of load changes and so that'll get down here to the grid side of things. You can prevent charging. So, denial of charging and what's really concerning to the federal government. And I think, rightly so, is as we electrify more of our critical services that can be medical vehicles. Law enforcement FBI vehicles. If we are unable to charge that will shut down the ability of those critical functions in the US government and so there's a lot of interest right now in preventing these types of things from propagating into other adjacent critical transportation, of course, which is on all. You also have financial and privacy things I talked a lot about PII like your Wi-Fi passwords, etc. billing information, credit card information, etc. Corporate espionage we talked about that safety and just looking at the clock. So, there are a couple of interesting safety things here. One is for these large DC fast chargers, you've got typically it's two helical cooling lines that run down the length of it. The heat exchanger because you're delivering a tremendous amount of average, a lot of current to the vehicle. And so you have to cool it actually reduces the weight of this really heavy cable it's already heavy enough by by cool liquid cooling. So the weight of the water is actually reduces the weight of the metal needed to carry the same electric power to the vehicle. So, if you disable the pump, or you disable something associated with that cooling system that cable gets very warm, it'll derate typically, but it's still, you know, hot to touch. So that's one thing and then there's there's a lot of talk about okay are you going to like blow up the batteries or do something there that's that's actually extremely difficult to do, because there are safety systems on both sides of the charger side and the vehicle and you would have to compromise both those. So it's actually that is fortunately very, very difficult but in theory, you disabled such protections. And some of these are quite mechanical, then you could you could cause issues there. And then I'm going to go into the grid side and a little bit more detail to really put you asleep. But there's there's protection issues and there's also local and bulk. I mean, transmission level problems that the distribution level. What does distribution mean? How many power engineers in place? Anyone? Oh, I think this is the first audience I've ever talked to this and there's no power engineers. All right, well, how does the power system work right? Well, it's changing, but in general, you have very large typically thermal generators, you know, gas power plants, oil, coal, nuclear power plants, etc. Step up transformer goes a very high high voltages goes a very long way step down in your local area to a substation that then as a distribution substation attached to that. And then that distribution substation radiates kind of a radial pattern to all the homes at 12 or 7 12.47 kilovolts or down to like 480 and then then your plug outlets here at 120. So it steps down and on that radial branch. If you have an electric vehicle, and it is charging, it's, it's allowed and it's going to pull down your voltage. And if you inject power into it, if it's like a bi-directional charger or solar other, it'll push up the water. And so it kind of think of it from the substation is like a folk room here. So if you put a very large EV charger at the end of this thing, like those examples I was talking about like out in Kansas, where you don't have a very strong grid, it's very weak moves around, you can move that voltage significantly. And so we ran some simulations here for, let's say nine 250 kilowatt chargers at the end of a feeder, feeding a distribution circuit, and showed how far that could swing. And if you use reactive power, I'm just gonna, let's just say you can move the voltage a lot. And we'll get into the details. And the grid operators are required to maintain that voltage between ANSI range, a limits, which are plus and minus five percent. So why does this matter? We've heard pumps that can do other things. So at the distribution level, grid support functions are great if they're used appropriately and can be dangerous if they're used inappropriately, because they can move that voltage significantly. The bulk system level, the transmission level, there's a lot that can go on as well. And so we were meaning myself and really the PNL team that was running this project did several different studies using a WEC simulation. So the Western Interconnect, the U.S. grid is actually like three grids in Western Interconnect, Eastern Interconnect, and then Texas or cotton. And so if you take the west one, the WEC, and you run simulations, we were looking at what happens if you simultaneously shut off a bunch of these EV chargers, you get this huge load drop event. And what we found is even for 10 gigawatts, nothing really happened. Great. Okay. But we then said, okay, why don't you coordinate this thing where you actually cause some of these things to oscillate across this north-south mode here. And so this is an issue that happens in power systems where you get these inner area oscillations where it kind of vibrates against each other at about, I think, the north-south mode. A is like 1.17 hertz, so like every five seconds, something like that, pretty slow. But you get these kind of oscillations that's caused blackouts in the past. Actually, Sandia, as an aside, designed a controller to, there's a huge DC link between up here where all the hydro plants are in Washington and Oregon down to San Diego. And we, Sandia designed a controller to modulate the DC connection at a little level to dampen out those inner area oscillations. It was a big success. Anyway, so these inner area oscillations, if you swing the loads against one another, you can actually, only 500 megawatts, you start to get a 3x multiplier on the California, Oregon intertie here. And this can cause some issues. What we found is you get a little bit of low drop based on the power protection issues, but no generation was tripped. And so it's not going to have a blackout, but we start to see some challenges there. So you say, okay, okay, well, that's interesting, but that's going to be really difficult for a nation state or somebody else to pull off. Yes, absolutely. But that brings me to a couple of stories here. And I'm looking at the time so I'm going to try to be quick here. But the idea here is that electric vehicle supply equipment is an industrial Internet of Things device. These connections, if you have common mode vulnerabilities, meaning the same issue can propagate across the entire fleet, you get into really scary territory. And that is precisely what this guy Sebastian demonstrated this last December at the Chaos Communication Congress in Hamburg. Not really, yes, but for a micro inverter company called the Hoy miles here where he developed an exploit that that triggered a logic bomb to actually change the way our stage on this device worked. And so he could operate the AC rate relay open and closing in. Good. In my shadow. You could produce reactive power to harmonic distortion, etc. And so, let me show you actually what this looks like. I don't think I have. Fortunately, I don't know if audience work, but we'll try. But let me set the stage. Like an hour long talk really encourage you to watch it if you're curious about this type of thing. But essentially here he goes through this long explanation about having to compromise these devices he gains remote access. And then he actually changes the firmware of the device to do various things. So the first, first example play here. And I don't. Yeah, I don't think we're going to have audio. That's all right. So the 1st example is he's going to actuate the AC relay on this micro inverter. So. A little bit different than an electric field charger, but it's essentially the same concept. You got some communication interface and a power stage. And see is click, click, click, click, click, click, click, click, click, click, click, click, click, click, click, click, click. It's obviously terrible for the power system, right? Because you're basically cycling. I don't know, like, maybe 0.5 Hertz. This. The AC relay on this device. Next up, he tries to modify the pulse with modulation control signal to the H bridge so that in this case MOSFETS not I GPT. And to heat this thing up, right? So he wants to heat up the device to see if it'll like derate or do something else. And what happens? Sitting there bang, you hear a lot of bang. Imagine it goes bang and applause. And then applause. And so they're like, okay, well that's interesting what just happened. So he walks over opens up his breaker panel and realizes the AC breaker has been tripped. So he updated the control firmware, and he demonstrates how this could be done remotely, by the way, in a way that it actually triggered protection in his home. And so you can kind of imagine doing this very similar things for electric vehicle chargers across like a very large geographic area. And so now you're not just like turning off the device right you're actually impacting people's home power. And if you're not, you know, right there and know what's going on and it does it every time you turn the thing on. It's going to, yeah, it's going to upset a lot of people. Okay, so let's let's bring this back to you. Risks. So I'll go very briefly over this. But if you if you want to talk about risk, typically the way that you do it is you talk about the likelihood times the consequence. So in terms of power systems, the likelihood of something happening, almost certainly is really easy stuff, you know, script kitty stuff, you know, any old hacker downloads it off GitHub runs the code. Okay. And so this tends to be this is bad, almost certain right really easy to do, and then severe outage blackouts. So you make this this chart and so if it's rare meaning really difficult to do. So that's your, you know, nation states that take several years, hundreds of millions of dollars to develop some exploit. If it's insignificant doesn't actually infect anything that's that's fine that's green, but if it can cause severe outage for an extended period of time that's read, and then almost certain here. We did this analysis we found nothing was almost certain. That's good. And nothing really fit over here because the penetration levels of electric beetle charges just weren't enough to disrupt transmission level things. But we did did start to see some things here based on our experience and all these penetration testing works. And so, you know, just kind of plotting this up and putting it in context. I think is helpful. So I know we want to do a few minutes of q amp a. I will I will do maybe to try to get through the next few slides. This next section very, very quickly. We'll bring it to some questions. So a lot of guidance out there and how to do this. A lot, a lot, a lot of papers. There's there's some great work out of the Netherlands there's work from the national labs there's work from the joint office DOE DOT. There's there's work at like I and L this this project that I was talking about. And then the EBSC paper that we wrote at Sandy also has a lot of research areas where improvements could be made and I highlight here, EBSC network based and through the detection systems and mitigation and here's a chart if you'd like to look it up that Sandy put together for best practices. But I'm going to jump into two things. Actually, I'm just going to jump should have done this in a different order. Okay, we're almost done promise. See what I'm going to say. So a couple of things. One is we have an awesome new project. We Caesar funded $5 million project to work with the partners you see on the right to do anomaly detection and response for these types of attacks. So if there's anything going on nefariously on the communication networks, especially at the head end systems in the cloud. We're going to run that decrypt the traffic analyze the traffic using several different tools here to look for physical abnormalities or anomalies. Looking at antivirus rules are rules detonating them in a sandbox that represents their back end systems and then applying some AI ML technologies. And so this is this is kind of what this looks like. If you draw it out, as you've got charging depots, your, your public chargers runs through the internet and then our DER SEC detective here. We have intrusion detection capabilities. We've got our security orchestration automation and response tool that based on the detection will remediate that many blocking IPs maybe even taking systems offline temporarily and reflashing firmware, etc. And then logging that appropriately in a security information and event management system. And then you've got your back end system over here. From from a technical standpoint, all those pieces fit into this broad classification so the packet level analysis stateful detection digital twins and AI classification. So we're focused in right on this left side for now, but we're working our way right to do digital twinning where we replicate the operations of the device. Compare that to the physical operations and if there's a deviation of a significant amount we can we can flag that as anomalous. And then the machine learning work. A lot of great classifiers out there to detect when there's various operations on networks and with systems. So, in conclusion, looking at the time here. Security researchers have done a tremendous job of identifying issues associated with TV chargers continuous process. Right. You've got white hat hackers black hat that are exposed, find problems report those to the manufacturers and manufacturers need to respond appropriately and aggressively to solve those issues and remediate those problems bug bounty programs and responsible policies, of course, help with that. State and federal government is working very hard to come up with better policies. And I know there's some management folks in the room and I didn't talk much policy but actually a very interesting debate nationally about how to do this appropriately states versus federal who gets involved what authorities should be, you know, consulted and which authorities have the right to apply certain rules for the roll out. So anyway, interesting, interesting policy discussions there, but it's very similar to what you see in distributed energy resources, meaning solar battery systems, etc. And so our install base is going to continue to increase. We know that for sure. If it does the bridge between it systems and it systems gets more and more critical and we can see the risk, you know, the impacts, starting to be more, more devastating in terms of power system impacts and other other impacts if you get these common probabilities that we're talking about. And then a lot of a lot of really interesting work, which unfortunately I didn't get as much time to talk about as I would have liked on anomaly detection and intrusion detection systems automating that incident response with these playbooks that can that can trigger based on certain rules. Alright, so with that, I'm done and look forward to the questions. Thank you.