Smart Cities are not safe (yet)


How to secure Smart Cities from IoT?A smart city is an urban development vision to integrate multiple solutions like Internet of Things (IoT) in a secure way to manage a city’s assets. The goal of building a smart city is to improve quality of life and to improve the efficiency of services and meet citizens’ needs, creating more resilient critical infrastructure, growing the local economy and increasing safety and security.

Why do we need to secure Smart Cities?

Given that the smart city involves sensors, systems and devices that are connected, the amount of data generated by these systems can reach a considerable size. One of the biggest concerns about smart buildings and smart cities is that the sensors in the equipment can be hacked and can send fake data — which could be used for all manner of mischief, like causing signal failures that shut down subways or allowing contaminants into the water supply.

Issues with security

Smart city technologies create a number of potential security harms for each of which also raises significant challenges to existing approaches to protecting privacy of citizens. There are two key security concerns with respect to smart cities. The first is the security of smart city technologies and infrastructures and the extent to which they are vulnerable to being hacked via a cyber attack. The second is the security of the data generated, stored and shared across such technologies and infrastructures. Smart city projects are frequently driven by mass deployment of IoT-enabled devices. However, it is known that many of these devices come equipped with little or no security measures.

Digital trust is key

The first step in securing the Smart City is to establish an effective digital trust for all connected devices and sensors within the ‘city grid’. Digital trust is a complex relationship between transparency and privacy, security, collaboration and ethics. Digital trust is achieved by properly identifying, verifying and authenticating individuals, organisations and devices before granting access to valuable assets:  data, a network, system or building.

Digital trust is key to this, without a trusted identity you can never assure that a device can be trusted. To achieve this digital identity assurance, the same processes that are used for managing identities of people can be put into place, with only a few tweaks. This will lead to a comprehensive approach using public key infrastructure (PKI), digital certificates and credential management that enable the use of trusted identities in Smart Cities to protect our future.

How to secure Smart Cities?

In October Reinoud Weijman, Managing Director of AET Europe, shared his vision during the event of Smart City 2016 in The Hague. Information and communication technology solutions are used in the smart city to improve urban space. The population in cities is increasing and sustainability regulations become stricter. The smart city comes with opportunities and challenges. To protect our future, we need trusted identities of every user, device, machine and other smart objects within the smart city and Internet of Things.