Cybersecurity in Electric Vehicles and IoT Devices
Science & Technology
- PYQs8
- Articles1
Background
This concept is crucial for understanding the evolving landscape of technology, its societal impact, and the regulatory challenges in sectors like transportation and energy. It links directly to national security, public safety, and the development of critical infrastructure in the digital age.
Cybersecurity in the context of Electric Vehicles (EVs) and Internet of Things (IoT) devices refers to the protection of these connected systems from unauthorized access, manipulation, or disruption. As EVs become increasingly integrated with digital technologies, including sophisticated Battery Management Systems (BMS), ensuring their cybersecurity is critical to prevent operational failures, data breaches, and safety hazards.
Facts & tables
- Vulnerability Exploited
- Remote disabling of e-rickshaw batteries via mobile apps, exploiting vulnerabilities in Battery Management Systems (BMS) of Lithium-ion batteries.
- Regulatory Gap
- Current e-rickshaw testing and certification standards lack specific cybersecurity requirements.
- Impact
- Leads to public safety risks, operational disruption, and potential for criminal misuse in connected vehicles.
- Government Action
- Union government ordered blocking of identified malicious battery management apps.
| Type | Reference |
|---|---|
| Conceptual area | Cybersecurity |
| Conceptual area | Electric Vehicles (EVs) |
| Conceptual area | Internet of Things (IoT) |
| Body | Role |
|---|---|
| Ministry of Electronics and Information Technology (MeitY) | Regulates |
| Ministry of Road Transport and Highways (MoRTH) | Regulates |
Prelims angle
Prelims angle: Statement-based questions
Prelims angle: Factual recall
- Remote disabling of e-rickshaw batteries via apps.
- Vulnerability in Battery Management Systems (BMS).
- Absence of cybersecurity standards in EV certification.
- Risks: public safety, extortion, operational disruption.
- Government action: blocking of malicious apps.
| Year | Framing tags |
|---|---|
| 2026 | Statement-based questions, Factual recall |
| 2025 | Multi-statement analysis, Factual recall |
| 2025 | Statement-based questions, Factual recall |
| 2025 | Factual recall, Multi-statement analysis |
| 2022 | Factual recall, Conceptual understanding |
| 2019 | Multi-statement analysis, Factual recall |
| 2018 | Conceptual understanding, Terminology-based question |
| 2017 | Factual recall, Multi-statement analysis |
Timeline
-
Cybersecurity
Conceptual area
-
Electric Vehicles (EVs)
Conceptual area
-
Internet of Things (IoT)
Conceptual area
-
Prelims 2017
Factual recall, Multi-statement analysis
-
Prelims 2018
Conceptual understanding, Terminology-based question
-
Prelims 2019
Multi-statement analysis, Factual recall
-
Prelims 2022
Factual recall, Conceptual understanding
-
Prelims 2025
Multi-statement analysis, Factual recall
-
Prelims 2025
Statement-based questions, Factual recall
-
Prelims 2025
Factual recall, Multi-statement analysis
-
Prelims 2026
Statement-based questions, Factual recall
-
Centre orders blocking of battery management apps used to turn off e-rickshaws
The incident of e-rickshaws being remotely disabled via apps underscores critical cybersecurity gaps in EV and IoT device regulation, particularly concerning Battery Management Systems, leading to safety risks and criminal exploitation.
See also
Past papers
2017–2026 · 8 questions
In the news
Centre orders blocking of battery management apps used to turn off e-rickshaws
The incident of e-rickshaws being remotely disabled via apps underscores critical cybersecurity gaps in EV and IoT device regulation, particularly concerning Battery Management Systems, leading to safety risks and criminal exploitation.
Try these PYQs
GPS-Aided Geo Augmented Navigation (GAGAN) uses a system of ground stations to provide necessary augmentation. Which of the following statements is/are correct in respect of GAGAN?
I. It is designed to provide additional accuracy and integrity.
II. It will allow more uniform and high quality air traffic management.
III. It will provide benefits only in aviation but not in other modes of transportation.
Select the correct answer using the code given below.
✅ Statement I: Correct
*GAGAN is an Indian SBAS developed by ISRO and AAI to enhance GPS accuracy and integrity, crucial for aviation safety.* ✅ Statement II: Correct
*It improves GPS reliability and accuracy, enabling better air traffic management and safer, efficient navigation.* ❌ Statement III: Incorrect
*GAGAN’s benefits extend beyond aviation to railways, roadways, maritime, agriculture, and disaster management.* Correct Answer: Only Statements I and II are correct.
In the context of wearable technology, which of the following tasks is/are accomplished by wearable devices?
1. Location identification of a person
2. Sleep monitoring of a person
3. Assisting the hearing impaired person
Select the correct answer using the code given below:
Statement 1 is correct. Wearable devices can perform several tasks, and out of given options, all three are achievable.
Many smartwatches and wearables with GPS functionality can track a person's location. This can be helpful for navigation, fitness tracking, or safety purposes. Statement 2 is correct. Wearable sleep trackers can monitor sleep patterns, including sleep duration, sleep stages (deep sleep, light sleep, REM sleep), and sleep quality. Statement 3 is correct. Some wearables can function as hearing aids, amplifying sounds and improving hearing for people with hearing loss. Therefore, the correct answer is 1, 2, and 3.
With reference to Unmanned Aerial Vehicles (UAVs), consider the following statements:
I. All types of UAVs can do vertical landing.
II. All types of UAVs can do automated hovering.
III. All types of UAVs can use battery only as a source of power supply.
How many of the statements given above are correct?
Unmanned Aerial Vehicles (UAVs) are aircraft systems operated without a human pilot onboard. Their capabilities depend on design type (like fixed-wing, multirotor, or hybrid) and power source. ❌ I. Vertical landing – Only VTOL and multirotor drones can do vertical landings. Fixed-wing UAVs cannot. ❌II. Automated hovering – Only multirotor drones and advanced hybrids can hover. Fixed-wing UAVs cannot hover at all. ❌ III. Battery-only power – Not all UAVs use batteries. Larger ones may use fuel, hybrid, or solar power. None of the statements are correct.
Consider the following communication technologies:
1. Closed-circuit Television
2. Radio Frequency Identification
3. Wireless Local Area Network
Which of the above are considered Short-Range devices/technologies?
Out of the listed communication technologies, all three can be considered short-range devices/technologies. Closed-Circuit Television (CCTV): CCTV systems primarily use cables or wireless connections with a limited range, typically within a building or a designated area. Radio Frequency Identification (RFID): RFID uses radio waves to identify objects. The reading range of RFID tags depends on the specific technology but generally falls within the short-range category, from a few centimetres to a few meters. Wireless Local Area Network (WLAN): WLANs, commonly known as Wi-Fi networks, typically operate within a range of tens of meters indoors and up to hundreds of meters outdoors depending on factors like signal strength and frequency band. While the range might be slightly larger than the others on this list, WLANs still fall under the short-range classification compared to technologies like cellular networks or satellite communication.
Consider the following statements:
I. Indian Railways have prepared a National Rail Plan (NRP) to create a future ready railway system by 2028.
II. 'Kavach' is an Automatic Train Protection system developed in collaboration with Germany.
III. 'Kavach' system consists of RFID tags fitted on track in station section.
Which of the statements given above are **not** correct?
❌ Statement I: Incorrect
The National Rail Plan targets 2030 for a future-ready railway, not 2028. ❌ Statement II: Incorrect
Kavach is an indigenous Automatic Train Protection system developed under 'Make in India', not with Germany. ✅ Statement III: Correct
Kavach uses RFID tags on tracks in station sections to track train location and speed continuously. Therefore, Statements I and II are incorrect, and Statement III is correct.
Show 3 more PYQs
In India, it is legally mandatory for which of the following to report on cybersecurity incidents?
1. Service providers
2. Data centres
3. Body corporate
Select the correct answer using the code given below:
In India, section 70-B of the Information Technology Act, 2000 (the IT Act) gives the Central Government the power to appoint an agency of the government to be called the Indian Computer Emergency Response Team. Further, it is legally mandatory for service providers, data centres and body corporates to report on cybersecurity incidents as outlined in the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013, which were notified under the Information Technology Act, 2000.
Consider the following statements about Mission Sudarshan Chakra of India:
1. It aims to enhance India's air defence, ballistic missile defence and aerial offensive capabilities.
2. This Mission is being designed to enhance rapid, precise, and powerful defence responses, reinforcing India's strategic autonomy.
3. One of the aims of this Mission is to cover all public places of India by an expanded nationwide security shield by 2035.
Which of the statements given above is/are correct?
Statement 1 is Correct: Mission Sudarshan Chakra is designed as a multi-domain security umbrella. It explicitly aims to enhance India's air defence, ballistic missile defence, and aerial offensive capabilities, acting as both a defensive shield and an offensive sword. Statement 2 is Correct: The mission integrates advanced technologies like AI, space-based sensors, and directed energy weapons to ensure rapid, precise, and powerful defence responses. This indigenous development (incorporating projects like Project Kusha) is specifically aimed at reinforcing India's strategic autonomy and self-reliance in the defence sector. Statement 3 is Correct: A major distinguishing feature of this initiative is its expanded scope. Announced as a 10-year national security initiative, a stated goal of the mission is to bring all public places (including hospitals, railways, and religious/cultural sites) under an expanded nationwide security shield by 2035, moving beyond the conventional protection of just military and strategic installations. Therefore, the correct option is A.
When the alarm of your smartphone rings in the morning, you wake up and tap it to stop the alarm which causes your geyser to be switched on automatically. The smart mirror in your bathroom shows the day's weather and also indicates the level of water in your overhead tank. After you take some groceries from your refrigerator for making breakfast, it recognises the shortage of stock in it and places an order for the supply of fresh grocery items. When you step out of your house and lock the door, all lights, fans, geysers and AC machines get switched off automatically. On your way to the office, your car warns you about traffic congestion ahead and suggests an alternative route, and if you are late for a meeting, it sends a- message to your office accordingly.
In the context of emerging communication technologies, which one of the following term best applies to the above scenario?
The scenario described involves various devices (smartphone, geyser, smart mirror, refrigerator, car, etc.) communicating with each other and with the user, and automatically performing tasks based on certain triggers. This is characteristic of the Internet of Things (IoT). Option B is correct: Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. Option A is incorrect: Border Gateway Protocol is a protocol used to exchange routing information across the internet and is not relevant to the scenario described. Option C is incorrect: Internet Protocol is a set of rules for sending and receiving messages at the Internet address level, but it doesn't cover the broad range of device intercommunication described in the scenario. Option D is incorrect: A Virtual Private Network is a technology for using the internet or another intermediate network to connect computers to isolated remote computer networks that would otherwise be inaccessible, which also doesn't fit the scenario.