Today, the fully automated smart city may seem like a distant future — self-driving cars, smart grids, and the Internet of Things (IoT) — yet, many components of the smart city not only already exist, but are already integrated into daily city processes. The reality is these complex systems pose severe security challenges.
For example, self-driving cars are currently undergoing testing by several car manufacturers. Similarly, smart controllers such as Nest, which can analyze user trends and usage data to save energy, are already installed in many homes. These devices will eventually make up an expansive and all-encompassing IoT.
The smart city is fast approaching the mainstream, and for good reason: a 2018 United Nations study revealed that more than 55 percent of the world’s population lives in an urban environment, and the top 33 cities all have populations in excess of 10 million people. Citywide, solutions providers and city planners must work together with industry stakeholders to create a city with the technological advancements in place to support increasing population growth.
Proliferation of IoT devices means security issues
As connected devices proliferate, vulnerabilities in one area can extend into numerous other areas. In extreme cases, the consequences of a successful cyberattack could lead to disruption of crucial city services and infrastructure across health care, transportation, law enforcement, power and utilities, and residential services. Such disruptions could potentially lead to loss of life and breakdown of social and economic systems.
With the proliferation of IoT devices in smart cities, attackers now have countless entry points available to compromise a city’s systems. Making matters worse, many cities have chosen to deploy IoT sensors on top of existing systems. One example is sensors on established gas and water systems that are in turn connected to broader networks for data aggregation and analysis. Unfortunately, these sensors often have minimal security capabilities, and minimal ability to be upgraded over time as vulnerabilities are uncovered.
Data security goes hand-in-hand with smart city development. Without an integrated security solution in place at every level of the smart city infrastructure, the entire system stands at risk of collapse. For example, if the vehicle-to-everything (V2X) communication system within a self-driving vehicle is hacked, it could cause the vehicle to crash into another vehicle or object. If the V2X system for an entire manufacturing system of cars were to be hacked, it could cause accidents, pileups, and shut down city roads for days, causing serious injuries and greatly disrupting essential processes.
In order to help prepare city stakeholders and planners for the upcoming changes of the smart city, we will be releasing a series of smart city solution content. Stay tuned!
To whet your appetite, we have a case study on enterprise certificate authority (CA) for IoT device manufacturing. Check it out! And for anyone local to south Texas, I’ll be presenting Securing the Smart City: Architectural Considerations at the CyberTexas Foundation Conference in San Antonio, Texas on Tuesday, August 20 at 1:30 p.m. We hope to see you there!