1 IT Infrastructure Services White Paper Cyber Risk Mitigation for Smart Cities
2 About the Author Abhik Chaudhuri Abhik Chaudhuri is a Domain Consultant with the Information Technology Infrastructure Services (ITIS) Global Technology Practice at Tata Consultancy Services (TCS). A specialist in cyber security and policy, he is focused on developing secure IoT systems for smart cities. Chaudhuri has more than 13 years of IT experience, and is a Chevening TCS Fellow in Cyber Security and Policy.
3 Abstract Rapid growth in global population and evolving technological, macro-economic, and environmental landscapes have fueled widespread interest in smart cities, which are, essentially, dynamic ecosystems characterized by highly advanced, intuitive, and interdependent cyber systems. As emerging digital technologies and the Internet of Things (IoT) pave the way for these smart habitats, effective risk management becomes more crucial than ever. Here is where a smart city council can play a vital role. By identifying vulnerable systems, assessing the type and magnitude of probable risks, and instituting remedial measures, these bodies can thwart cyber-attacks and create risk-resilient smart services. This article discusses the smart city concept, and how smart city councils can effectively address the information security needs of interdependent systems, to provide risk-free smart services to its citizens.
4 Contents The Rise of Smart Cities 5 Interdependent Systems: The Backbone of Smart Cities 5 Opportunities and risks 5 Why Risk Mitigation is a Top Priority for Smart Cities 6 The Role of Smart City Councils 6 Ensuring security of network and sensors 6 Building resilient systems 6 Adopting international standards 7 Performing system impact and interdependency analysis 7 Ensuring citizen compliance 8 Making Smart Cities Safe with Effective Risk Management 8
5 The Rise of Smart Cities Approximately 70% of the world's population is expected to live in cities by To meet the growing needs of this population, city councils the world over are in an expansion mode. The concept of 'smart cities' lends promise in this scenario as these cities are expected to provide superior living experience thanks to a host of cyber-enabled services. As in the case of all IT-enabled services, smart city services too should be risk-free and secure for their citizens to use. In connecting devices and users, cyber systems should ensure the highest level of confidentiality and integrity, while allowing unhindered availability. It is therefore important to proactively manage the security risks of interdependent systems of the smart city digital infrastructure. Two key features of smart cities are citizen-centricity and digitally-enabled infrastructure. Aside of having smart infrastructure, a smart city has advanced systems to manage energy, transport, traffic, water, healthcare, and education. Essentially, it is a seamless union of technology, government, and society to enable smart living, which is characterized by a booming economy, effective governance, and convenient public services. ITU-T's Focus Group on Smart Sustainable Cities (FG-SSC) defines a smart sustainable city as an innovative city that uses information and communication technologies (ICTs) and other means to improve quality of life, efficiency of urban operation and services, and competitiveness, while ensuring that it meets the needs of present and future generations with respect to economic, social, and environmental aspects. ¹ 5 Interdependent Systems: The Backbone of Smart Cities Interdependent systems are the foundation stone of smart cities, as they provide the critical infrastructure to handle major public systems and citizen services. These include water and energy generation and transmission setups, transportation frameworks, waste disposal mechanisms, street and home lighting systems, connected healthcare, surveillance, and more. Interdependent systems also enable dynamic and synergistic data gathering and analytics, which drives continuous improvements across systems. In effect, a smart city is a 'system of systems' that follows a scale-free topology to allow future expansion, but without affecting the attributes of interdependency and interconnectedness. Opportunities and risks The Internet of Things (IoT) promotes an ecosystem of smart applications and services by interconnecting everyday objects and applications, thus enhancing peoples' lives. IT-enabled interdependent systems present several opportunities to improve a citizen s lifestyle. They can help city councils take necessary actions based on real-time analysis of the data collected from various interdependent systems. For example, the city council can analyze health data of its citizens to identify adverse health scenarios such as virus attacks, at an early stage, and take necessary actions to prevent widespread outbreaks. Data integration in smart cities can also be utilized to map energy efficiency of buildings, prevent crime, and effectively manage natural disasters. In addition, it can be leveraged to monitor the city's development in areas such as housing, education, transport, medical services, and employment.  ITU-T FG-SSC, Focus Group on Smart Sustainable Cities, June 2014, accessed November 2015
6 However, these interdependent systems also pose operational challenges and security risks. If one smart service information system fails to provide relevant information to other connected smart services, it can lead to chaotic situations, which eventually may result in a complete breakdown. For example, the failure of a smart traffic management database server can cause havoc with the smart transport management system, thus inconveniencing citizens and disrupting governance. Another example could be of a smart healthcare service, where a breach in the network or in the health monitoring device can put the patient's life at risk. Why Risk Mitigation is a Top Priority for Smart Cities Due to the large number of connected devices that make up a smart city's digital infrastructure, enhanced security management for gateway devices, such as industrial control systems (ICS) and IT systems (ITS), is critical to prevent data breach or leakage. Leakage of sensitive data can lead to a lock-down of critical services. A smart city framework deals with huge volumes of data that is generated as a result of communication between various interdependent subsystems and the interactions between devices and citizens. Protection of such private and sensitive information, especially citizen data, is of utmost importance. Further, any incident of data breach or data loss can damage citizens' perception of security in a smart city. Other information security concerns include interception of wireless data in transit between senders and receivers, leakage of confidential information, and viruses in devices such as sensors. Cloud-based information services and data storage in smart cities can also be compromised through hacking and other subversive activities. The Role of Smart City Councils Risk mitigation in smart cities requires a detailed understanding of several factors. These include design and architecture of smart services, IT infrastructure support capabilities, and the knowledge of probable cyber threats. A city council should operate like a modern-day enterprise with specific goals and objectives that include planning for defending against cyber-attacks and responding to emergencies. Ensuring security of network and sensors The smart city council should secure connected systems and sensors from any physical attack or infiltration. Identity management and device authentication mechanisms should be deployed at every interface of a smart system. Digital forensic capabilities, which help trace cyber breaches and gather evidence of malicious activities for legal action, should be integrated with the overall cyber architecture, right from the design phase. Gathering and analyzing real-time data with supervisory control and data acquisition (SCADA) will help predict security failures, and thus prevent a complete lock-down of critical services. Building resilient systems As a smart city grows, the interconnections of systems and interdependencies of smart services increase manifold. This makes them more vulnerable to cyber-attacks. The smart city council should therefore aim to design riskresilient digital architecture. The architecture should possess the adaptive capability to arrest anomalies in the nascent stage, and lock down a subsystem without disturbing other live components, ensuring uninterrupted service delivery. 6
7 City councils should build resilient interdependent systems to handle cyber emergencies and restore impacted services quickly. An effective cyber resilience strategy also helps protect the various connected devices and assets in case of any eventuality. Business continuity planning (BCP) is an effective risk management initiative that can help the smart city council ensure the security and availability of smart services. Periodic BCP drills should be conducted, audited, and documented for ready reference during criticalities. This will enable smart cities to take a recovery oriented approach toward risk management. Adopting international standards The security standards and risk mitigation strategies currently being used to secure IT systems may not be adequate to safeguard the interdependent City council should establish systems in smart cities. ISO 22301:2012, the International Standard for proper communication Societal Security Business Continuity Management Systems² should be channels to respond to cyber adopted to prevent the disruption of citizen services. Proper communication threats and other management is critical for smart cities to respond to cyber threats and other emergencies exigencies. Communication channels with pre-identified points of contact should be defined, documented, and regularly updated. These documents should be made available to all stakeholders for easy reference if and when the need arises. Performing system impact and interdependency analysis Periodic system impact analysis should be performed to identify risks posed to critical interdependent systems and interconnected services, with appropriately defined recovery time and recovery point objectives. Smart cities should also have secure data receivers and data storage to collect and store data generated from the ICS and ITS components for analysis, decision making, and incident response management. The stored data should be periodically backed up. As a precautionary measure, data flow from control systems can be channelized using data diodes to prevent data contamination. Smart city councils should devise a component protection strategy to identify critical components of interdependent systems for agile risk analysis. A preliminary system interdependency analysis should be conducted to understand the requirements for information continuity at system interfaces, and to identify the critical components that enable the flow of vital information. This should be followed by a probabilistic interdependency analysis to manage the risks of high fidelity interdependent systems like smart grid, smart health monitoring systems for senior citizens and critical patients, and so on. This analysis can be helpful in enhancing the resilience of critical systems in a smart city. The CPNI Good Practice Guide for Process Control and SCADA Security³ can be used by city councils to ensure security and trustworthiness of the interdependent systems. It provides a framework based on industry best practices for process control and IT security. The framework focuses on seven key themes: 1) Understanding business risks 2) Implementing secure architecture 3) Establishing response capabilities  ISO, ISO 22301:2012, accessed November 2015  Good Practice Guide Process Control and SCADA Security, accessed November
8 4) Improving awareness and skills 5) Managing third party risks 6) Engaging projects for security measures in service design 7) Establishing ongoing governance Ensuring citizen compliance Citizens of smart cities are bound to play a crucial role in ensuring the security of interdependent systems from cyber as well as physical security perspectives. Citizens with smart devices are critical points in the cyber system framework, and can be targeted by attackers and hackers to gain entry into the system. This can be done through social engineering, spam s, data streaming, and other malicious methods. To prevent this, smart city councils should develop policies and procedures for establishment, maintenance, and operation of secure smart services. Cyber-awareness programs should be made mandatory for citizens, and penalties levied for non-compliance. Making Smart Cities Safe with Effective Risk Management Understanding and evaluating risks in smart city systems require a pragmatic approach to cyber risk management due to the high level of interconnectedness of smart services and the rapidly evolving nature of constituent systems. With smart cities projected to grow rapidly over the next few years, there is a clear need for smart city councils to focus on mitigating security concerns. Incorporating risk mitigation and developing strong security strategies in the initial planning and service design stages will enable smart city councils to provide safe, secure, and reliable services to its citizens. 8
9 About TCS IT Infrastructure Services Unit Leading organizations across industries work with TCS to realize their business transformation and innovation objectives by enhancing the availability, performance and agility of their IT infrastructure. Leveraging a combination of the cloud, new generation delivery models such as IaaS, PaaS, and SaaS, virtualization, and managed services, our offerings deliver the secure, flexible, and reliable IT infrastructure needed to power critical business applications, services and data. TCS infrastructure offerings encompass data center services, end-user computing (EUC), mobility services, cloud services and transformational solutions, converged network services, managed security services, application management services, enterprise systems management, IT service desk, and IT service management. Backed by our Assess-Build-Manage-Transform framework, extensive partner ecosystem, tools and automation frameworks, and technology Centers of Excellence (CoEs), analytics-led approach, to understand the 'as-is' state, and arrive at the 'to-be' state. As a result, you seamlessly transition from traditional infrastructure management services towards new generation delivery. Contact For more information about TCS IT Infrastructure Services, visit: Subscribe to TCS White Papers TCS.com RSS: Feedburner: About Tata Consultancy Services (TCS) Tata Consultancy Services is an IT services, consulting and business solutions organization that delivers real results to global business, ensuring a level of certainty no other firm can match. TCS offers a consulting-led, integrated portfolio of IT and IT-enabled infrastructure, engineering and TM assurance services. This is delivered through its unique Global Network Delivery Model, recognized as the benchmark of excellence in software development. A part of the Tata Group, India s largest industrial conglomerate, TCS has a global footprint and is listed on the National Stock Exchange and Bombay Stock Exchange in India. For more information, visit us at IT Services Business Solutions Consulting All content / information present here is the exclusive property of Tata Consultancy Services Limited (TCS). The content / information contained here is correct at the time of publishing. No material from here may be copied, modified, reproduced, republished, uploaded, transmitted, posted or distributed in any form without prior written permission from TCS. Unauthorized use of the content / information appearing here may violate copyright, trademark and other applicable laws, and could result in criminal or civil penalties. Copyright 2015 Tata Consultancy Services Limited TCS Design Services I M I 10 I 15