Basics of ISO 15118 | What is it? What are the Use cases & Challenges

WHAT IS ISO 15118?

A number of different protocols and standards govern communications between hardware and software in the electric vehicle (EV) charging ecosystem. One of them is ISO15118.

ISO 15118-2 – and its more recent iteration ISO 15118-20 - is an international standard for communication between an electric vehicle (EV) and a charging station. It enables a functionality called “Plug & Charge” whereby an EV can arrive at a charging station, plug in, and communicate directly with the charging station. In this communication the vehicle automatically identifies and authorizes itself to receive energy and then charging automatically commences.

The driver will not need to do anything else, such as use an RFID card or mobile application, to start charging. It also enables bi-directional charging and discharging of energy to the battery and back to the grid. To ensure privacy and security, communications between the vehicle and charger take place through digital certificates secured through a Public Key Infrastructure (PKI).

The standard only covers communication between vehicle and charger, not with other Charging Point Operator (CPO) or E-Mobility Service Provider (MSP) backend systems.


• An internationally recognized, consistent/universal standard for vehicle- charger communication.

• Ease of use for EV drivers and vehicles in ISO compliant systems - authentication and authorization take place simply by plugging in a charging cable.

• Security through the use of digital certificates to protect the privacy of information. Such PKIs are considered among the most secure digital communication methods available today and are already used by other industrial sectors.

• Smart charging enabled – the standard supports bi-directional communication between the vehicle and charger. The vehicle shares its battery state of charge, thus allowing the central energy management system in the charger to make the best decisions for load management. It can find the best balance between mobility needs of the vehicle and price of energy or other system benefits.


• Ongoing issues with IEC and ISO mean that the standard is not settled yet and could still take a long time to finalize (no sooner than summer 2021);

• The work on the PKI is ongoing and it would need to be in place, functional, and reliable in order to be introduced to the broader EV charging ecosystem at scale;

• It will be important to establish an independent Certificate Authority to guarantee drivers’ data security. How the standard will support multiple Root Certificate Authorities and how this is supposed to work, are also outstanding questions.

• The PKI for this standard was not created by a neutral body with input from throughout industry and reflects the specific interest of the creators. It is also managed privately and therefore risks not being universally acceptable. This can impact on security and privacy, and choice for consumers

• For businesses, infrastructure, or operators to actively participate in the Plug & Charge ecosystem they need to set up the corresponding business processes and implement the interfaces to other market roles in this interconnected system architecture. Minor players will not have the necessary digital infrastructure to manage the requirements of the complete process, creating a technological barrier into the competitive scenario.

• Plug&Charge recognizes the car, not the driver - that implies that the “value chain” of the charging service will be led by OEMs who will integrate their own “digital certificate” as a bundled and non-modifiable solution – sometimes seen in digital sector. In addition, the uploading of certificate to a vehicle is under the control of the OEM which makes it challenging for OEM-independent MSPs to operate.

• The challenges lie in the implementation of the standard and legislation should ensure a level-playing field and no lock-in of e-mobility services providers in the car to ensure freedom of choice for the driver.


• It was originally published in parts between 2013 and 2015 by the International Organization for Standards (ISO). It was later adopted by the International Electrotechnical Commission (IEC). A joint working group of IEC and ISO continues the further development of the standard (leading to updated versions, such as ISO15118-20).

• Companies which want to use the ISO system then create their own or a compliant PKI network.

Disclosure: This article was drafted and first published by

No comments

Powered by Blogger.