Smart City Cyber Security, Smart City Cyber Security Ontology, Smart City Ontology, Smart City Threat Model

Connected Homes, Communities and Cities Threat Environment

As Smart Cities develop, the relationship between the Home, Communities and the City as a whole will become ever more integrated and connected. Each of these can be viewed independently, paired or all together when considering the specific threat environment and landscape. By threat environment and landscape i mean the broader make up of the city and the narrower view of city assets and what is immediate to it. (I will explore the idea of the threat environment and landscapes in the further developments of Smart City Security Taxonomy, Smart City Security Ontology and a Smart City Threat Model).

To be able to understand and use a threat model for a Smart City you will need to define the context from the top down.

  • The City will have city multiple sensors, devices, services and connectivity serving specific needs or the city as a whole, have particular domains as size, geography and functions and will incorporate public and private organisations managing and delivering services.
  • A community or designated zone within a city may have specific sensors, devices, services and connectivity dedicated to serving the community, resident’s homes and businesses as well as the City.
  • The Connected Home will contain sensors, personal and fitted devices that connect via mobile or wifi and possibly new emerging connectivity to cloud, street, community and city services.

This makes for a very complex Threat Landscape. Before setting out to monitor this there will be a need to map the cities technological structure a monitoring framework and I will examine the frameworks and monitoring guidelines provided by NIST and the UK’s NCSC.

Considerations:

NCSC MonitoringSmart City
Business traffic crossing a boundary
  • Traffic passing from connected home to connected community or city service.
Activity at a boundary
  • Suspicious activity detected by connected home wifi or externally facing device
  • Suspicious activity detected by connected community sensor or device located on street or in community space.
Session activity by user & work station
  • Suspicious activity detected through the work operations of City Official performing maintenance to smart sensor or device.
  • Suspicious activity detected through the action of Resident while modifying Home device provided by Smart City or Community.

These are three examples of how at a conceptual level a framework for cyber security monitoring can be applied to Smart Cities. This would need to be further defined at a logical level before being applied to the monitoring requirements of reference data and log or event data needed to monitor and detect anomalies and suspicious activity.

Further Reading
A PDF report by IBM looking at vulnerabilities found in a range of Smart City sensors and devices

 

Unknown's avatar

Published by Tolosa

Cyber Security Consultant and Enterprise Architect with an interest in semantic systems for security, strategy and architectural development.

Leave a comment