Skip to main content

OCPP Command Implementations, Versions and Compliance for EV Charge Points

Share This Article


The Open Charge Point Protocol (OCPP) was created to aid in the linking and interaction between electric vehicle charging points and a central management system. It was created by the Open Charge Alliance (OCA), a global consortium of public and private electric vehicle infrastructure companies dedicated to creating an open and flexible EV charging infrastructure.

Main Functions of OCPP


OCPP enables different brands and types of charging stations and central management systems to communicate with each other. This interoperability is crucial for creating a cohesive, user-friendly EV charging network that can support a variety of vehicles and services.


The protocol supports various charging scenarios, including but not limited to, public charging, home charging, and workplace charging. It is designed to be flexible enough to accommodate future developments in EV charging technology.


OCPP covers a wide range of functionalities necessary for effective EV charging station management. These include remote start and stop of charging sessions, status reporting, firmware management, error notification, and meter value collection.


As the protocol has evolved, it has incorporated more robust security features to protect communication between charging stations and the central system. This includes secure authentication and the encryption of data to prevent unauthorised access and ensure user privacy.


By providing a standardised protocol that various manufacturers and service providers can adopt, OCPP helps reduce development and implementation costs. This standardisation can lead to more affordable EV charging solutions and greater adoption of electric vehicles.

Version Evolution:

Since its introduction, OCPP has undergone several updates, with each version introducing improvements and new features. For example, OCPP 1.6 added better support for smart charging, while OCPP 2.0 further enhanced security measures, introduced more efficient message handling, and supported advanced features like transaction event triggers and tariff and cost information.


The protocol is designed to support EV charging infrastructure at any scale, from a single charger to a vast network of charging stations, making it suitable for various applications and business models.

OCPP’s open nature and comprehensive feature set have made it a key component in the growth and development of the global EV charging infrastructure. By ensuring compatibility and facilitating sophisticated management capabilities, OCPP plays a crucial role in advancing the adoption and convenience of electric vehicles.

Overview of the Purposes of OCPP Commands

OCPP commands serve a multitude of purposes, all aimed at facilitating efficient, reliable, and interoperable communication between Electric Vehicle (EV) charging stations (Charge Points) and a central management system (Central System). Here are the primary purposes of OCPP commands:

Operational Management

OCPP commands enable the remote management of charging stations. This includes tasks like starting or stopping charging sessions, monitoring the status of the Charge Point and its connectors, and performing resets or reboots. These operations help ensure that charging services are available to users when needed and that any issues can be resolved promptly.

Configuration and Update

They allow for the remote configuration and updating of Charge Points. This includes changing settings, updating firmware, and managing charging profiles. This capability ensures that charging stations can be updated with the latest software for improved functionality and security, and that operational parameters can be adjusted according to the needs of the network operator or to comply with grid requirements.

Authorisation and Security

OCPP commands play a crucial role in managing user authentication and authorising charging sessions. This includes managing local lists of authorised users (in cases where network connectivity is unavailable) and handling user authentication for each charging session. Ensuring secure and authorised access to charging services is critical for user trust and for preventing unauthorised use.

Monitoring and Reporting

They enable the monitoring of Charge Point status and the reporting of events and meter values. This allows network operators to monitor the health and usage of their charging infrastructure, perform remote diagnostics, and collect data necessary for billing and analysis. Efficient monitoring and reporting ensure that operators can optimise the usage and availability of their charging stations.

Smart Charging

OCPP commands support smart charging capabilities, allowing network operators to manage the charging speed or scheduling based on various factors such as grid demand, electricity prices, and renewable energy availability. This helps in optimising energy consumption, reducing costs, and minimising the impact on the electrical grid.


By standardising the communication between Charge Points and Central Systems, OCPP commands ensure interoperability across different manufacturers and network operators. This standardisation facilitates a diverse and competitive market for EV charging solutions, making it easier for site hosts to integrate charging stations from various vendors into their networks.

Error Handling and Diagnostics

OCPP commands provide mechanisms for error reporting and diagnostics, allowing for the remote troubleshooting of issues at charging stations. This helps in quickly identifying and resolving problems, reducing downtime, and improving the reliability of the charging service.

In summary, OCPP commands are designed to ensure that EV charging networks are efficient, user-friendly, secure, and adaptable to future needs and technologies. They facilitate the complex interactions between charging stations and central management systems, enabling a scalable and sustainable EV charging infrastructure.

Some Principal Types of OCPP Commands

OCPP provides a comprehensive set of commands, also known as messages, which are divided into two main categories: actions initiated by the Charge Point (CP) and actions initiated by the Central System (CS). These commands facilitate a wide range of operations, from basic charging station management to advanced features like smart charging and transaction handling. Here is an overview of the main command sets in OCPP:

Charge Point-initiated Commands

BootNotification: Sent by the Charge Point to the Central System upon startup or reconnection, providing details about the Charge Point model, version, and configuration.

Heartbeat: Regularly sent by the Charge Point to inform the Central System that it is still connected and operational.

StatusNotification: Communicates changes in the status of the Charge Point or an individual connector, such as availability, fault conditions, or occupancy.

MeterValues: Transmits meter values for energy consumption and other relevant data, useful for billing and monitoring purposes.

StartTransaction: Indicates the start of a charging session, providing details such as the ID tag of the user and meter start value.

StopTransaction: Marks the end of a charging session, including the final meter value and transaction ID.

DataTransfer: Allows for the exchange of vendor-specific data that is not covered by standard OCPP messages.

DiagnosticsStatusNotification: Informs the Central System about the status of a diagnostics file transfer.

FirmwareStatusNotification: Notifies the Central System about the status of a firmware update process.

Central System-initiated Commands

ClearCache: Requests the Charge Point to clear its authorisation cache, forcing it to revalidate ID tags with the Central System.

ChangeConfiguration: Instructs the Charge Point to change its configuration settings.

GetConfiguration: Requests the Charge Point to provide certain configuration settings.

RemoteStartTransaction: Requests the Charge Point to start a charging session for a specified ID tag.

RemoteStopTransaction: Requests the Charge Point to stop an ongoing charging session.

UnlockConnector: Instructs the Charge Point to unlock the connector, usually to allow a vehicle to be disconnected.

UpdateFirmware: Commands the Charge Point to update its firmware using a specified URI for the firmware file.

Reset: Requests the Charge Point to perform a soft or hard reset.

SendLocalList: Instructs the Charge Point to update its local list of authorised ID tags for offline validation.

Advanced Commands in OCPP 2.0 and Beyond

With the introduction of OCPP 2.0, additional advanced commands were added, including:

RequestStartTransaction: Allows the Central System to request the start of a transaction based on certain conditions, such as the availability of green energy.

RequestStopTransaction: Enables the Central System to request the termination of a specific transaction.

SetChargingProfile: Instructs the Charge Point to apply a specific charging profile, which can be used for smart charging applications.

GetTransactionStatus: Requests information about the status of a specific transaction.

These commands facilitate a wide array of functionalities necessary for managing EV charging stations, from basic operational tasks to complex management and smart charging capabilities. By standardising these command sets, OCPP ensures interoperability and flexibility across different charging station vendors and network operators.

OCPP Commands and User Authentication & Authorisation

OCPP commands play a critical role in managing user authentication and authorising charging sessions in electric vehicle (EV) charging systems. This process is essential for ensuring that charging services are accessible to authorised users while preventing unauthorised use. Here’s how OCPP commands facilitate these functions:

User Authentication

Identify Validation: OCPP commands are used to validate the identity of the user attempting to initiate a charging session. This can be achieved through various methods, such as RFID cards, mobile apps, or plug and charge capabilities, depending on the system’s setup.

Authentication Messaging: When a user presents their identification (e.g., swiping an RFID card or using a mobile app), the Charge Point sends an authentication request to the Central System using specific OCPP commands, such as Authorise. The Central System then checks the provided credentials against its database to verify the user’s identity and authorisation status.

Local Authorisation List: OCPP also supports maintaining a local list of authorised users directly on the Charge Point. This enables the Charge Point to authenticate users even when it is temporarily offline. The Central System uses OCPP commands to manage this list, adding or removing users as needed.

Authorising Charging Sessions

Authorisation Confirmation: Once the user is authenticated, the Central System sends a response back to the Charge Point, indicating whether the charging session can proceed. This decision can be based on several factors, including the user’s subscription status, account balance, or specific charging policies.

Start/Stop Transaction: With the user successfully authenticated and the charging session authorised, OCPP commands such as StartTransaction and StopTransaction are used to manage the lifecycle of the charging session. These commands help in tracking session duration, energy consumption, and cost calculation.

Dynamic Authorisation Control: Throughout the charging session, the Central System can continue to use OCPP commands to manage session parameters dynamically. This could involve adjusting charging speeds, pausing, and resuming charging based on grid demand, or even terminating the session if necessary (e.g., if a payment fails).

Security and Compliance

Secure Communication: OCPP 1.6 and later versions support secure communication channels between the Charge Point and the Central System, ensuring that user data and authentication details are transmitted securely.

Compliance and Standardisation: By following the OCPP standard, charging stations and management systems ensure they comply with industry-wide practices for user authentication and charging authorisation, facilitating interoperability and user confidence in the charging infrastructure.

OCPP commands are vital for managing the access control and operational integrity of EV charging stations. They ensure that charging services are provided securely and efficiently, enhancing the user experience while protecting the charging infrastructure from unauthorised access and misuse.

OCPP Security Mechanisms

OCPP supports secure communication between the Charge Point and the Central System through several mechanisms, especially with the introduction of version 1.6, which added enhanced security features. OCPP 2.0 and later versions further improve these security measures. Here’s how OCPP supports secure communication:

Secure WebSockets (OCPP 1.6J and later)

TLS (Transport Layer Security): OCPP 1.6J (JSON over WebSocket) introduced the use of TLS for encrypting data transmitted over the network. TLS ensures that all communication between the Charge Point and the Central System is encrypted, protecting it from eavesdropping and tampering.

Security Profiles (OCPP 2.0 and later)

OCPP 2.0 introduced comprehensive security profiles that include several features to enhance security further:

Improved Authentication: It supports enhanced mechanisms for authenticating both the Charge Point and the Central System, ensuring that both parties are verified before any data exchange.

Message Signing: This feature allows for the digital signing of messages, ensuring the integrity and authenticity of the messages exchanged between the Charge Point and the Central System. This prevents man-in-the-middle attacks and ensures that messages are not tampered with during transit.

Encryption of Sensitive Data: Apart from the overall encryption provided by TLS, OCPP 2.0 allows for the encryption of specific sensitive data fields within messages. This double layer of protection ensures that sensitive information, such as user authentication details, is kept confidential.

Security Event Logging: OCPP 2.0 enables the Charge Point to log security-related events, which can be reviewed by the Central System for potential security breaches or anomalies. This feature aids in identifying and mitigating security threats.

Security Recommendations for OCPP Implementations:

Regular Software Updates: Both the Charge Point and Central System should regularly update their software to incorporate the latest security patches and enhancements.

Secure Configuration: It is recommended to use secure configurations for both Charge Points and Central Systems, including strong passwords, secure network setups, and the principle of least privilege for system access.

Certification Authorities: Utilising trusted certification authorities for TLS certificates helps prevent man-in-the-middle attacks by ensuring that the Charge Point and Central System are communicating with the legitimate counterpart.

Compliance and Interoperability

OCPP Compliance: By adhering to the OCPP specifications, manufacturers and operators ensure that their equipment and software meet the required security standards, facilitating interoperability and enhancing user trust in the system.

Interoperability Testing: Participating in OCPP interoperability testing sessions can help identify and rectify potential security vulnerabilities, ensuring that different implementations can securely communicate with each other.

In summary, OCPP supports secure communication between the Charge Point and the Central System through encryption, secure authentication, message signing, and additional security features introduced in later versions of the protocol. These mechanisms are crucial for protecting user data, ensuring the integrity of charging transactions, and maintaining the reliability and security of the EV charging infrastructure.

Best Practices of OCPP Implementations

Implementing OCPP securely requires adherence to a set of recommended practices. These practices not only ensure the secure operation of electric vehicle charging infrastructure but also protect against potential cyber threats. Here are the key security practices recommended for implementing OCPP:

Use the Latest Version of OCPP

Upgrade to OCPP 2.0 or later: Newer versions of OCPP offer improved security features, including enhanced authentication, message signing, and secure firmware updates. Upgrading ensures access to the latest security measures.

Secure Communication Channels

Implement TLS for Data Encryption: Use Transport Layer Security (TLS) to encrypt all communication between the Charge Point and the Central System. This prevents eavesdropping and tampering with the transmitted data.

Secure WebSockets (WSS): For OCPP 1.6J and later, use Secure WebSockets to provide an additional layer of security on top of TLS.

Authentication and Authorisation

Strong Authentication Mechanisms: Implement strong authentication mechanisms to verify the identity of the Charge Point and the Central System. OCPP 2.0 and later support enhanced authentication methods.

Role-Based Access Control (RBAC): Define roles and permissions to control access to different functions and data based on the principle of least privilege.

Message Integrity and Confidentiality

Message Signing: Utilise message signing features available in OCPP 2.0 to ensure the integrity and authenticity of the messages exchanged.

Encrypt Sensitive Data: Beyond encrypting the communication channel, encrypt sensitive data within the messages to protect user privacy and payment information.

Regular Software Updates

Firmware and Software Updates: Regularly update the Charge Point and Central System software to patch vulnerabilities and enhance security features. OCPP 2.0 provides mechanisms for secure firmware updates.

Security Event Logging and Monitoring

Implement Logging and Monitoring: Log security events and monitor for unusual activities that could indicate a security breach. Analyse logs regularly to detect and respond to threats promptly.

Secure Configuration and Installation

Default Settings: Change default passwords and configurations to secure settings before deploying Charge Points and Central Systems.

Physical Security: Ensure physical security measures are in place to protect against unauthorised access to the Charge Points.

Compliance and Interoperability Testing

OCPP Compliance: Follow the OCPP specification closely to ensure compliance and interoperability, which includes adhering to its security standards.

Interoperability Testing: Participate in interoperability testing sessions to identify and address potential security issues, ensuring that different implementations can securely communicate with each other.

Security Certifications

Adhere to Security Standards: Follow established cybersecurity standards and frameworks relevant to EV charging infrastructure and IoT devices.

Security Training: Provide security awareness and technical training for staff involved in the deployment and operation of OCPP infrastructure to recognise and mitigate security risks.

By implementing these recommended security practices, organisations can enhance the security of their OCPP-based electric vehicle charging infrastructure, protect against cyber threats, and ensure a secure and reliable service for users.

The Need to Implement the Latest Versions of OCPP

Upgrading to the latest version of the Open Charge Point Protocol (OCPP) brings several benefits, particularly in the context of implementing secure electric vehicle (EV) charging infrastructure. Here are the key advantages:

Enhanced Security Features

Upgrading to the latest version of OCPP is a strategic investment in the security, reliability, and future-readiness of electric vehicle charging infrastructure. It not only addresses current cybersecurity challenges but also lays the foundation for accommodating the evolving demands of EV charging services.

The latest versions of OCPP, especially OCPP 2.0 and beyond, introduce advanced security features that are not available in earlier versions. These include improved authentication mechanisms, secure firmware updates, and message signing, significantly enhancing the overall security posture of the EV charging infrastructure.

Improved Authentication and Authorisation: What is OCPP 2.0?

OCPP 2.0 introduces more robust authentication and authorisation capabilities, allowing for better verification of charge point and central system identities. This reduces the risk of unauthorised access and ensures that only authenticated users and devices can interact with the system.

Support for Secure Firmware Updates

The ability to securely update charge point firmware is a critical component of maintaining the security of any connected device. The latest OCPP versions provide mechanisms for secure firmware updates, ensuring that updates are authenticated and integrity-checked before installation, protecting against malicious firmware.

Enhanced Privacy Protection

With increased focus on data privacy, the latest OCPP versions include features designed to protect user privacy better. This includes the encryption of sensitive information and potentially personally identifiable information (PII) transmitted between the charge point and the central system.

Message Signing and Encryption

OCPP 2.0 and later versions support message signing, which ensures the integrity and non-repudiation of the messages exchanged between the charge point and the central system which when combined with TLS encryption significantly reduces the risk of attacks and data tampering.

Improved Interoperability

Upgrading to the latest OCPP version enhances interoperability between different manufacturers’ equipment and software systems. This is critical for creating a seamless, user-friendly EV charging network that can accommodate various EV models and charging technologies.

Compliance with Latest Standards

The latest versions of OCPP are designed to comply with current industry standards and regulations regarding cybersecurity and data protection. This compliance helps operators of EV charging infrastructure to meet legal and regulatory requirements, reducing the risk of penalties, and enhancing trust among users.


By adopting the latest OCPP version, operators are better positioned to adapt to future technological advancements and security challenges. It ensures that the infrastructure is scalable, flexible, and capable of integrating with next-generation EVs and charging technologies.

Enhanced Monitoring and Diagnostics

Advanced monitoring and diagnostic features in the latest OCPP versions enable operators to detect, analyse, and respond to security incidents more effectively. This proactive approach to security management helps in maintaining the reliability and availability of the EV charging infrastructure.

How Does OCPP Guarantee a Reservation Slot?

OCPP can guarantee a reservation slot for a particular vehicle at an individual EV charge point:

Reservation Request: The process usually starts with a reservation request. This can be initiated by the EV driver through a mobile app, or a web interface provided by the charging service operator. The request includes details such as the identification of the vehicle (which can be tied to an RFID card, a mobile app, or any other identification method), the desired start time and duration of the reservation, and the specific EV charge point if desired.

Communication to Charging Station: The central management system, upon receiving the reservation request, communicates with the specified EV charging point via OCPP. OCPP supports specific messages for handling reservations, such as ReserveNow. This message includes the identifier for the reservation, the connector ID at the charging station to reserve, the idTag of the user (linking to the vehicle), and the reservation start and end time.

Reservation Confirmation: The charging station responds to the ReserveNow request with a status indicating whether the reservation has been successfully accepted, rejected, or faulted for some reason (e.g., already reserved, out of order). If accepted, the charging station blocks the specified connector for the requested period, ensuring that no other vehicle can start a charging session on it during the reserved time slot.

Reservation Status Update: The charging station can update the central management system about the status of the reservation through OCPP messages. This includes whether the reserved slot is still available, has been occupied by the vehicle that made the reservation, or has been cancelled.

Charging Session Initiation: When the vehicle arrives and is ready to charge, the driver or vehicle identifies themselves using the pre-agreed method (RFID, app, etc.). The charging station verifies this against the reservation details. If the identification matches the reservation details, the charging session is allowed to start.

Cancellation or Modification: Both the EV driver and the charging station operator can cancel or modify the reservation. This is again facilitated through OCPP messages, ensuring that the charging point becomes available for other users if the reservation is no longer needed.

This process ensures that a charging slot at an EV charge point is reserved for a particular vehicle, providing convenience to EV drivers, and helping manage the charging station’s capacity efficiently. OCPP’s flexibility and standardisation support various use cases around EV charging, including reservations, which are critical for ensuring EV drivers have access to charging when and where they need it.

What Key Information is Exchanged?

A reservation request typically includes several key details to ensure the charging station can properly reserve a slot for the specific vehicle. These details facilitate communication between the EV charging station management system and the charging station itself, allowing for a seamless reservation process. Here are the main details included in a reservation request:

Connector ID: This specifies which connector at the charging station is being requested for reservation. Charging stations may have multiple connectors, and this ID ensures the reservation is made on the correct one.

IdTag: The identification tag of the user or vehicle making the reservation. The IdTag is a unique identifier that links the reservation to a specific user or vehicle, allowing the charging station to authenticate the user/vehicle when they arrive to charge.

Reservation ID: A unique identifier for the reservation itself. This helps in managing and tracking reservations within the charging station management system and the charging station.

Expiry Date: The end time of the reservation. This indicates until when the reservation is valid. After this time, if the vehicle has not started charging, the reservation may be cancelled, and the slot made available for others.

Parent IdTag: (If applicable) In some cases, there might be a parent-child relationship between users (e.g., a fleet operator and individual vehicles). The Parent IdTag can be used to link reservations to a broader user account or entity.

Start Date: The start time of the reservation. This indicates when the reservation begins, ensuring the slot is only reserved from this time onwards, allowing others to use the charging point before the reservation starts if needed.

These details collectively ensure that the charging station can reserve the correct slot for the correct user or vehicle, and for the correct duration. They also facilitate the management of reservations by the central management system, providing a structured and standardised way to handle reservations across different charging stations and networks using OCPP.

Why is the Connector ID Important?

The Connector ID in a reservation request serves a crucial role in the process of reserving a charging slot for electric vehicles (EVs) at a charging station. Its main purposes are:

Specificity: It identifies the exact charging point or connector at the station that the reservation is being made for. Since many charging stations are equipped with multiple connectors, each potentially supporting different charging speeds or plug types, the Connector ID ensures that the reservation is linked to the specific connector that matches the vehicle’s requirements.

Resource Allocation: By specifying a Connector ID, the charging station management system can allocate resources efficiently. It ensures that the reserved connector is kept available for the user who made the reservation, preventing other users from occupying it during the reserved time slot.

User Convenience: For the user, knowing the Connector ID in advance helps in locating the correct charging point upon arrival at the station, streamlining the charging process and enhancing the user experience.

Operational Efficiency: From an operational perspective, the use of Connector IDs in reservation requests helps in managing the charging station’s capacity. It allows for precise control over which connectors are available at any given time and can help in optimising the station’s usage, especially during peak times.

Error Reduction: By requiring a Connector ID for reservations, the risk of errors or misunderstandings is reduced. Users are less likely to connect to the wrong charger, and the system can provide clear instructions based on the specific connector reserved.

In summary, the Connector ID is fundamental in ensuring that the reservation process is specific, efficient, and user-friendly, facilitating a seamless interaction between the electric vehicle, the charging station, and the station management system.