Bidirectional Charging Is a Software Problem: ABB E-mobility, V2G, and the Case for Backend Red-Teaming
ABB E-mobility's Power2Drive booth was built around bidirectional DC charging. Every V2G flow is also a new authentication and control path — and that's where we come in.

Booth C6.550, Hall C6, Power2Drive Europe. ABB E-mobility — spun out of ABB in 2022 and now one of the top three DC-charger vendors globally — used its Munich footprint to make a single point loudly: the future of fast charging is bidirectional, and the future of bidirectional charging is defined in software. Their live demo cycled a parked EV between grid-support and vehicle-charging modes on a two-minute loop, coordinated end-to-end through OCPP 2.0.1 and ISO 15118-20.

The threat model shifted while nobody was looking
For a decade, EV-charging cybersecurity discussions have centered on the charger's local interfaces: OCPP over unauthenticated WebSockets, exposed maintenance ports, weak Wi-Fi provisioning. Those are largely solvable problems and the industry is closing them.
The 2026 threat surface is different. It is the *backend*. A modern DC fast-charger is a thin client that authenticates to a Charge Point Operator (CPO) cloud, which in turn talks to a Mobility Service Provider (MSP), a Distribution System Operator (DSO), a payment processor, a smart-charging optimizer, and — increasingly — a bidirectional-charging dispatch engine that decides, minute by minute, whether energy flows into the car or out of it. Every one of those hops is a trust decision.
ISO 15118-20 formalizes the plug-and-charge and V2G handshakes. OCPP 2.0.1 formalizes the charger-to-CPO channel. Neither standard, on its own, says anything about the AI-driven optimizer that may sit above them. That is the gap.
Three concrete failure modes
1. LLM-assisted operator tooling in the CPO backend
Every large CPO we spoke to at Power2Drive is either piloting or shipping an LLM-based copilot for their NOC: "why is site 214 offline, and what's the fastest fix?" The copilot ingests ticket text, vendor advisories, weather feeds and — critically — messages from the DSO. Indirect prompt injection through any of those channels is not hypothetical; it is the OWASP LLM Top 10's number-one entry for the third year running.
2. Dispatch-engine manipulation
A V2G optimizer that decides when to discharge parked fleets into the grid is, economically, a trading agent. Manipulate its inputs — price feed, weather forecast, state-of-charge reporting — and you manipulate its output. In a market with negative prices and imbalance settlement, the payoff for such manipulation is not small.
3. Cross-tenant leakage in shared platforms
Multi-tenant CPO platforms increasingly share model infrastructure across customers. The 2024–2025 wave of "EchoLeak"-style disclosures against Microsoft 365 Copilot showed that cross-tenant boundaries in AI-integrated SaaS are harder to hold than most vendors initially assumed. The same class of bug in a CPO backend leaks customer charging patterns — and, in a V2G world, revenue.
Where a TrendGuru partnership lands
The conversation with the ABB E-mobility team was not about their hardware, which is very good. It was about the backend software estate around it. Specifically:
- Backend LLM red-teaming. Continuous, versioned indirect-injection test suites against NOC copilots, mapped to OWASP LLM Top 10 categories.
- Optimizer input integrity. Signed, provenance-tracked price and forecast feeds into V2G dispatch, with anomaly detection on optimizer outputs.
- Tenant-isolation assurance. Structured tests for cross-tenant data leakage in shared model infrastructure.
- Standards alignment. Evidence packages that map controls to ISO/SAE 21434 (automotive), IEC 62443-3-3 SL2+ (OT), and NIS2 Annex I obligations for essential entities — the framework CPOs are now operating under across the EU.
Why this matters beyond one vendor
ABB E-mobility is a natural anchor for a conversation like this because their footprint spans hardware, backend and — via ABB — grid infrastructure. But the pattern applies across every serious Power2Drive exhibitor: Alpitronic, Kempower, ads-tec Energy, Compleo, Wallbox. The industry has, in three years, quietly become a software business with a hardware appendix. The security stack has not caught up.
When the car can push power back into the grid, the authentication path is a safety-critical control loop. Treat it like one.

