Working to Secure Smart Cities

Thursday, August 6, 2015 @ 01:08 PM gHale

As technology pervades into everyday lives, once simple devices have become smarter and more interconnected to the world around us. This technology is transforming our cities into “Smart Cities.”

That adoption and increased reliance on smart technologies could create or increase risks for Smart Cities.

Along those lines, the Department of Homeland Security’s Office of Cyber and Infrastructure Analysis (DHS/OCIA) created Infrastructure Risk Assessments to provide an assessment of emerging risks to critical infrastructure.

Multi-Tasking Leads to Incidents: Report
Average DDoS Attack Size on Rise
Confidence, Fear Co-Exist in Security
Cyber Incidents Down; Reporting Declines

This report focuses on the transportation systems sector, the electricity subsector within the energy sector, and the water and wastewater systems sector.

Smart Cities are urban centers that integrate cyber-physical technologies and infrastructure to create environmental and economic efficiency while improving the overall quality of life.

The goal of these new cities is to create a higher quality of life, a more mobile life and an overall increased efficient use of available resources. Some examples of smart-city technologies: Interconnected power grids reducing power waste, smarter transportation resulting in increased traffic management, and smarter infrastructures that reduce hazards and increase efficiency.

This interconnectedness of devices introduces cyber-physical technologies that connect cyber systems to physical systems, thereby removing the barrier between the cyber and physical worlds.

Some cyber-physical systems integrate at the design stage unlike more traditional legacy systems; a full-fledged cyber-physical system should work as a network of interacting elements with physical input and output instead of as standalone devices.

Smart city, in everyday use, is inclusive of terms such as “digital city” or “connected cities.”

Cyber-physical innovations feature prominently in smart cities, particularly as cyber-physical technologies increasingly add into existing infrastructure and built into newly constructed infrastructure. Removing the cyber-physical barriers in an urban environment presents a host of opportunities for increased efficiencies and greater convenience, but the greater connectivity also expands the potential attack surface for malicious actors. In addition to physical incidents creating physical consequences, exploited cyber vulnerabilities can result in physical consequences, as well.

The vulnerabilities and attack classes (such as distributed denial of service, malware, and phishing attacks) to most logical technologies such as computers and servers have undergone research over the decades and years and security researchers understand them.

Although the specifics of the attacks and potential consequences can vary, researchers understand the basic structures and general mitigations for these attacks. The same is true of the vulnerabilities and mitigation factors for physical infrastructure. However, with the introduction of Smart Cities and cyber-physical innovations the vulnerabilities, resulting mitigating factors, and potential consequences for these new technologies remain unclear.

As these new cyber-physical devices come into play, researchers will better understand the vulnerabilities, risks, threats, and consequences.

This report summarizes the insights from a technology-informed futures analysis—including a critical look at potential future vulnerabilities as a result of these cyber-physical infrastructure systems become pervasive in Smart Cities. The goal is to help Federal, State and local analysts and planners incorporate anticipatory thinking into Smart City design and continued critical infrastructure protection efforts relating to this new technology.

Click here for the analysis that focuses on specific cyber-physical technologies that represent key aspects of the future of Smart City infrastructure.