Many cities and municipalities around the world are adopting smart technologies to improve public services and residents’ quality of life and to evolve into a safer, more efficient community. Known as Smart Cities, these metropolitan areas use various technologies to intelligently operate and control services such as street lighting, public parking, traffic signals, transportation systems, and surveillance systems.
For example, the city of Pittsburgh, Pennsylvania, implemented a system of smart traffic lights that adapt to changing traffic patterns and reduce travel times. Called Surtrac, the system was installed in 50 intersections across the city. Pittsburgh identified seven key traffic corridors where installation of Surtrac would significantly improve mobility and safety. The results are quite positive. The system reduced aggregate waiting time at intersections by 40 percent, which helped decrease vehicle emissions by 21 percent, thus leading to less driver frustration and cleaner air.
Surtrac is only one of many thousands of Smart City initiatives around the world. Other projects aim to solve urban issues such as aging infrastructure, limited resources, and increased urban density; reduce transit travel time, emergency vehicle response time, and traffic crashes; develop streets and traffic signals designed to accommodate autonomous vehicles; and much more. Technology innovation is at the heart of the possibilities of Smart City initiatives.
Smart City projects require an extensive set of information technologies and platforms—everything from smart meters and networks of sensors to informatics, cloud storage, 4G/5G communications, Big Data, and the Internet of Things. A key aspect of the control devices of a Smart City – known as the Internet of Things, or IoT – is the ability to gather data from a network of sensors in order to analyze and make use of the data through automated systems; for example, to know how many vehicles are queuing at a stoplight in order to change the signal to accommodate more traffic in an intelligent way.
The vast amount of data traversing the IoT and the wireless communication networks is a tempting target for cyber attackers. The connectivity intended to enable data collection and activity automation is also the source of concern about hacks into the systems. Smart City engineers and operators must ask themselves, who can access the data gathered by the many surveillance cameras around the city? Can someone hack the smart elevators in office buildings and hold passengers hostage, or worse, instigate an uncontrolled decent of the elevator car? How can we make sure the city’s traffic signals don’t get hacked, creating accidents all over town? Can ransomware be used to lock our critical files and cripple our systems?
Their concerns aren’t hypothetical. Serious security breaches have happened in real-life Smart City scenarios:
And that’s just the tip of the iceberg. According to the Securing Smart Cities initiative, there’s a wide range of cybersecurity problems that can affect various control systems, such as:
Cybersecurity concerns should be top of mind for the various device manufacturers. After all, the manufacturers should be building the requisite cybersecurity defenses into their devices to ensure they ship without vulnerabilities, to make them resistant to attack, to facilitate critical updates, and to ensure the devices can be actively monitored for signs of software failures and other serious conditions.
A common way to deal with security issues is to establish a Security Operations Center (SOC)—a control center where systems and devices are closely monitored by both people and technology. SOCs are common practice in the business world of information technology, but they are just now taking off as a means to closely watch over the operational technology utilized in industrial systems and Smart Cities.
To truly benefit from a SOC, the control center operators must be able to collect security metrics from every device on the network through a SIEM – a security information and event management system. The SIEM helps to correlate data from numerous sources and across lengths of time to determine if a security event is serious enough to raise an alert for a person to follow up on. For example, numerous failed login attempts to a specific device might indicate a brute force login attack is being waged against that device. A security analyst can investigate and, if necessary, put mitigating controls in place to prevent a successful attack.
One of the challenges of this approach is that – using current technologies – it’s very difficult to monitor and protect many of the devices that comprise a Smart City project. The unfortunate truth is that some devices don’t have the inherent capabilities to protect themselves from malicious intrusion, to report their security status to a SIEM/SOC, or to be remotely updated or patched to resolve vulnerabilities. In other words, such devices aren’t as “SOC-ready” as customers need them to be. Without SOC-readiness, the operator can’t take ownership of the device security.
To make that happen, municipalities need the help of device manufacturers—to integrate tools into their products which will enable the SOC to deal with threats in a quick manner, resulting in a healthier device that operates free of malware and security vulnerabilities. This will reduce downtime for the device and thus the cost to service the device and contribute to a more successful Smart City initiative.
In light of the growing demand for devices that enable Smart Cities, more device manufacturers are integrating into their products the tools that will make them SOC-ready and to make it possible for municipalities to monitor their equipment using a SOC and to effectively react to cyberattacks in a timely and cost-effective manner. Security professionals and analysts say we can expect such tools to become a standard protocol; for new devices in the near future.
March 19, 2024
Tern is an open source software composition analysis and SBOM generation tool that generates SBOMs from container images. However, upon running this tool and generating a CycloneDX SBOM, a problem arose.
Read More →March 4, 2024
As a member of the PCAST Working Group on Cyber-Physical Resilience, I was involved in crafting the recent report outlining crucial steps to fortify the intricate systems that underpin our daily lives. One of our key recommendations, "Recommendation 4B: Promote Supply Chain
Read More →December 15, 2023
Notably, the Health Information Sharing and Analysis Center (Health-ISAC) is entering into a partnership with Cybeats, a leading software supply chain intelligence company, marking a substantial advancement in healthcare cybersecurity.
Read More →