ISO 15118 is the International Organization for Standardization's communication standard between electric vehicles and charging stations. It enables Plug and Charge (PnC) — the ability to simply plug in your EV and have it automatically authenticate and start charging, with no app, RFID card, or credit card needed. The ISO 15118-20 revision (2022) extends the standard with full bidirectional / V2G support.
Think of it as the EV equivalent of tapping your phone to pay — except you just plug in the cable.
How Plug and Charge Works
- Driver plugs in the charging cable
- Vehicle and charger establish a TLS-secured communication channel
- Vehicle presents its digital certificate (installed by the manufacturer or eMSP)
- Charger forwards the certificate to the CSMS for validation
- CSMS validates the certificate chain and authorizes the session
- Charging begins automatically — no user interaction needed
- Billing is handled via the contract associated with the vehicle's certificate
The entire process takes 2-5 seconds from plug-in to charging.
ISO 15118 and OCPP
Core OCPP 1.6 does not support ISO 15118. It lacks the message types needed for vehicle-side certificate provisioning (no Get15118EVCertificate). The optional OCPP 1.6 Security Whitepaper edition 2 does add SignCertificate, CertificateSigned, InstallCertificate, DeleteCertificate, and GetInstalledCertificateIds for CSMS-charger certificate management, but it does not include the EV-contract-certificate flow that Plug & Charge requires.
OCPP 2.0.1 has full ISO 15118 support including:
Get15118EVCertificate— Vehicle requests a new charging contract certificate (2.0.1-only)CertificateSigned— CSMS installs certificates on the charger (also in 1.6 Security Whitepaper edition 2)SignCertificate— Charger requests its own security certificate (also in 1.6 Security Whitepaper edition 2)- Certificate management for the entire PKI (Public Key Infrastructure) chain
| Feature | OCPP 1.6 | OCPP 2.0.1 |
|---|---|---|
| Plug and Charge | Not supported (no Get15118EVCertificate) |
Full support |
| CSMS-charger certificate management | Available via Security Whitepaper edition 2 (opt-in) | Complete PKI integration in core |
| Vehicle Communication | Not available | ISO 15118-2 and 15118-20 |
| Bidirectional Charging | Not supported | V2G ready |
Vehicle-to-Grid (V2G)
ISO 15118 also enables Vehicle-to-Grid (V2G) — the ability for EVs to send power back to the grid during peak demand. This requires:
- Bidirectional chargers (DC)
- ISO 15118-20 support (the latest revision)
- Grid operator integration
- OCPP 2.0.1 for backend communication
V2G turns every parked EV into a potential grid battery, helping utilities manage peak loads and enabling EV owners to earn money by selling electricity back.
Testing ISO 15118 with OCPPLab
Testing Plug and Charge is complex because it involves:
- Certificate chain validation (Root CA → Sub-CA → Leaf certificates)
- TLS handshake between vehicle and charger
- OCPP 2.0.1 certificate management messages
- Multiple failure scenarios (expired certs, revoked certs, unknown CAs)
OCPPLab simulates the complete ISO 15118 flow including certificate exchange, allowing you to test Plug and Charge without physical vehicles or chargers.
Frequently Asked Questions
Which EVs support Plug and Charge?
As of 2025, Tesla, BMW, Mercedes-Benz, Ford, Porsche, and Volkswagen support Plug and Charge on select models. The list is growing rapidly.
Is Plug and Charge secure?
Yes. ISO 15118 uses TLS encryption and PKI (Public Key Infrastructure) with X.509 certificates — the same security model used for HTTPS on the web.
Do I need OCPP 2.0.1 for Plug and Charge?
For the backend (CSMS) side, yes. OCPP 2.0.1 is required to manage certificates and process ISO 15118 authentication. The charger itself communicates with the vehicle via ISO 15118 directly.
