Michael Kolatchev, principal consultant/Rossnova Solutions (Belgium) and Lina Kolesnikova, consultant/Rossnova Solutions (Belgium) discuss the security threats facing the growing number of “smart cities”
Cities are the most complex objects created by humans. Modern cities face the challenge of combining competitiveness and sustainable urban development simultaneously.
The notion of a “smart city” came into our lives in 2006. Nowadays there are more than 150 definitions of the term. The International Telecommunications Union defines “smart city” as “a sustainable city… which uses ICTs to improve people’s quality of life, make urban operations and services more efficient, and boost its competitiveness, while ensuring that it meets the economic, social, environmental, and cultural needs of present and future generations”.
The growing number of urban problems pushes city authorities (not only metropolises but also medium and small cities) to look for innovative solutions to make cities resilient, sustainable and livable. In this context, the term “innovative solution” most commonly boils down to a technical solution facing a large number of people, or a technology in broad sense. That is where a smart city loaded with technical solutions to non-technical problems goes to the front. Smart cities make use of known technologies to optimise what often already exists in other forms, but maximises the outcomes to smooth the operation. In essence, the mass of input data is analyzed in (near) real-time to adjust configuration of city control systems to achieve “best currently achievable” outcomes defined using pre-defined criteria and rules.
As one can see, a smart city essentially demands the myriad of data collection input points and devices, strong capable networks delivering collected data promptly to appropriate destination(s), and the central brain that makes use of input data to adjust the environment for its users (habitants, transport, etc.). The latter immediately implies that the environment (“the smart city”) is flexibly adjustable and configurable at the most detailed level possible, down to configurability of individual devices and procedures installed at any place in the city. With such an elaborate network of devices, processing capabilities and communications, the trust in data and algorithms, access control to and usage of powerful capabilities comes to be a crucial element on its own.
When talking about smart cities, we immediately witnessed the concerns of citizens that smart cities effectively create an environment of total surveillance and control and push towards unwelcomed intrusion into personal life. For convenience, safety and perceived shielding from today’s challenges and pressures, people are readily giving away their independence and privacy. For example, the old artistic idea of TV watching people rather than people watching TV is now absolutely feasible, with subject and object exchanging places. End-user devices are continuously “listening” to their users and feeding this information to central systems to define the next actions or suggestions (even though, this intent is convenience and not spying as such). The notion of smart cities has settled firmly in conspiracy theories.
Risks and threats
Undoubtably, smart cities aim to remediate certain risks and downplay certain threats. For example, extended surveillance, fast processing and quick response units. Meanwhile, security professionals voice concern with challenges and, paradoxically, new vulnerabilities and security threats that come with smart cities, while some old ones still persist.
Vulnerability is psychological, sociological, or physical characteristics that can leave the asset unprotected or exploitable for attack. Despite our wishes and effort, there are blind spots and defects, which could be missed during risk planning and vulnerability assessments.
We find ourselves in a situation where technologies, which have their own vulnerabilities, as no technology can be 100 per cent secure, are used by players who bring their “old” vulnerabilities to the new and more complex system, and which, in their own way create new vulnerabilities for the whole system. The situation is even more difficult because the new system, smart system, can become very complex and is based on the principle of interdependency.
Cyber security
Data, information and knowledge are crucial elements of smart cities. A smart city is a hub of transformation of data into information and knowledge, further transformed to configuration adjustments and actions. We are talking here about BIG data. Such data should be collected, stored and analysed properly. Such data includes a significant amount of sensitive information as well, therefore, its protection is crucial.
Smart city technologies could be disrupted in one or more of the following dimensions: confidentiality attack, such as a privacy breach, data loss or identity theft; integrity attack, such as device hacking for planting malware or viruses, data pollution and manipulation; availability attack, such as Denial of Service, manipulated or provoked full or partial shutdown of a system; or traceability attack, such as data manipulation aiming at hiding or generating false mis-leading traces.
Either due to an intentional (attack) or unintentional (defect or human error) event, system disruptions render part or a whole of a smart system unusable, or, worse, usable for malicious purposes, leading to undesirable outcomes.
Given there are no unlimited budgets available, security of a system, smart city in our context, will likely follow best practices which are fundamentally based on security assessments, identifying and prioritising remediation efforts in function of risks and vulnerabilities.
New vulnerabilities
Vulnerabilities would be weaknesses of various sorts in systems and technologies, integrations and processes using such systems and technologies, as well as in procedures executed by humans. Some vulnerabilities are the same as those faced by any organisation today, such as weak security, inadequate data encryption and protection overall, programming bugs or elementary human errors (even though, the latter are not specifically categorised as vulnerabilities and are largely addressed by smart cities via mass automation and digitalisation).
However, there are new vulnerabilities as well. CIs in Europe, for example, often use old soft- and hardware. Such a situation creates a “bad heritage” problem, when these old technologies with their large technical debt are integrated into smart city system, a system of systems.
Smart city systems are very complex and very much interdependent. No person or organisation can say how all the things work, individually or in combination, what risks they have and how to mitigate them. Given interdependency, there is always a risk of a cascading effect in case of disruption of one of the system’s components. Building and maintaining a knowledge base in the hands of smart city architects, analysts, managers and operators, is a daunting task but shall be addressed.
Another concern is the cost of keeping infrastructure, systems and technologies, operations and personnel up-to-date and maintained. In a complex system of systems, even fully automated testing of a small patch in one of them, might be a long and effort-demanding exercise, as a correctly representative copy of a real system of systems shall be offered for best quality assurance and assessment of undesired impacts on one and all systems. With modern iterative development methods, we all know what this might lead to, provided existing and expected budgetary constraints across multiple countries. Testing might become limited in scope and depth. Building-in redundancy in the smart city system and its components is required but will also impact testing and deployments of changes.
Smart cities have many necessary physical objects (sensors, CCTV cameras, lighting systems etc) which are produced outside of a smart city, often not even in the same region, or in another country. The pandemic has shown that disruption of supply chains could be disastrous. In times of geopolitical instability, the question of having long-term vendor-user agreements is crucial but not always reachable. Therefore, redundancy in suppliers might be needed.
In ageing Europe, we risk the problem of the digital exclusion and/or digital illiteracy of many people, who could be targeted by organised criminal groups. Smart cities are not built and operated by themselves – people and institutions are doing so. The smart city and digital literacy rates are low not only among ordinary users but also among decision-makers and many stakeholders. Strong governance is needed as to define a sound foundation on which a smart city can be established, architected, constructed and operated in its entirety.