Building a Smart City project with Cybersecurity

It is essential to integrate cyber security aspects from the start of a Smart City project. Indeed, carrying it out later in the project may prove to be more complex and expensive, with the risk of not dealing with it / not being able to deal with all the risks.

This requires rethinking the organization of the project regarding data and security governance: security principles must be defined at the global project level and considered by each of the sub-projects composing the Smart City, depending on their constraints. This is particularly true as Smart Cities involve many actors with different core businesses, means and cybersecurity maturity. A global and shared vision is essential to ensure that each element processes the data with the appropriate level of security.

It is then necessary to define the main principles of architecture and interoperability, according to the constraints inherent to the Smart City, related to Edge Computing and the deployment of objects in a hostile environment. System resilience must be at the heart of safety requirements, as the fall or compromise of one element should not cause the entire system to fall.

To this end, common standards must be adopted, based on specific frameworks such as ETSI or OneM2M. These increase the chances of maintaining scalable interoperable systems. More generally, the NIST or the ISO 27002 standard are proven Cybersecurity frameworks on which it would be interesting to rely.

The development mode must be agile, integrating a long-term vision to anticipate new use cases, and with short milestones in order to quickly deliver the first services. Cybersecurity must be included in the development process, by defining Evil User Stories, enabling risks to be identified and considered each time services or the information system evolves, and by appointing cybersecurity experts in a support and validation role.

Defining and maintaining a satisfactory level of security will, more than ever, require the rigorous integration of security in all phases of the project, which may lead to greater but necessary human and technological investments.

Protecting critical and regulated data

Given the propensity of the Smart City to collect and process large amounts of data, their protection will primarily involve identifying critical data and assets.

Most of the services offered by the Smart City are aimed at citizens. Therefore, personal and potentially sensitive data will be collected. Furthermore, a loss of availability or integrity of certain services could have serious repercussions since some components of the IS have a direct hold on the physical world. Smart Cities are not exempt from regulations, in particular the General Data Protection Regulations (GDPR), but also, depending on usage, from the General Security Regulations (GSR), the Military Programming Law (MPL) or the Network and Information Security (NIS) directive, whose data protection requirements will have to be integrated into the programs.

Levels of data sensitivity classification must therefore be formalized in order to enable the prioritization of actions and the setting up of an appropriate framework for the processing of critical data such as encryption and anonymization.

The problem of access to data should also be raised. There are many actors in the Smart City and it will be necessary to segment the “vision” they may have of the IS. This will involve a preliminary phase of defining the authorization profiles, necessary to respect the principle of least privilege, combined with a regular review of their assignments to ensure that they are still legitimate.

Operating in trusted environments

The Smart City project will necessarily rely on different technical and organizational foundations. If these bases are to the Information System what foundations are to a house, it is easy to understand that it will be difficult to build anything if this base is fragile.

As always, these technical bases must be covered by fundamental security measures: implementation of trust bubbles, hardening of systems, patch management, securing of privileged accounts and their use, etc.

Furthermore, an information system with a large attack area such as the Smart City will necessarily have to break with the traditional security model known as “castle security”, by relying more on aspects of partitioning and access control of the data itself. The conformity of assets within the information system will have to be continuously evaluated using common configuration and hardening frameworks. Exposed systems and applications must be subject to controls and audits, particularly during the development phase, but also during the operational phase.

In addition, business continuity and disaster recovery will have to be at the heart of the security strategy. Plans will have to be formalized, but also tested, including both technical considerations such as the resilience of different systems, with the ability to restore systems independently of each other, and organizational considerations through crisis management exercises.

Finally, as Smart City involves many players, all stakeholders should ensure the implementation of significant means in the protection of the information systems involved and comply with the requirements of the project’s security policy. To do this, they will have to be contractually committed, at the very least by including security requirements in contracts, but also by formalizing and implementing security assurance plans, particularly for the most critical service providers. Regular controls may be commissioned to ensure that the security level is maintained over time and to address future risk scenarios.

Detecting, reacting and sharing

The Smart City cannot do without a service to detect and deal with security incidents.

It will be necessary to collect traces of activity on the systems and look for weak signals. In view of the large number of events to be processed, it will be essential to define the risks to be guarded against and to rely on correlation solutions to facilitate these searches. The use of automation tools will allow a first sorting of false positives, facilitating the work of analysts in the qualification of security alerts.

The detection and response service can be built using the PDIS and PRIS standards. Qualified external suppliers may be used for these two services as required.

The use of Cyber Threat Intelligence services will bring a significant efficiency gain in the creation and enrichment of SOC detection rules. Indeed, it will be possible to adopt a proactive detection posture by monitoring attacks that have targeted Smart Cities and the operating modes used. This will also have the advantage of improving the efficiency of the response service by saving precious investigation time.

Finally, the process of handling significant and major security incidents cannot be carried out without the formalization of a crisis management unit, composed of actors with well-defined roles and trained for this exercise. Particular attention will be paid to the external communication system, since the “severity” of a crisis depends as much on the event that caused it as on how it is perceived by the outside world.

In conclusion, and as we have seen through these two articles, the Smart City is a self-evident development in an era where demographic, ecological and economic issues are all intertwined. Its promises are seductive, but the implementation framework may give rise to some fears.

As with any digital transformation, ensuring a level of security in line with the challenges of the project will necessarily involve identifying the vulnerabilities and security risks it generates.

In the era of cyber-warfare and cyber-threats, the Smart City should be considered as a Digital Service Provider, within the meaning of the NIS directive, and be protected by security measures adapted to this status.

The provision of secure services, respectful of their users’ data, is a sine qua non condition for the success of a Smart City project, the benefits of which will only be matched by the magnitude of the impact of a successful cyberattack.

Cet article Cybersecurity issues around Smart City (2/2) est apparu en premier sur RiskInsight.

“A smart sustainable city is an innovative city that uses information and communication technologies (ICTs) and other means to improve quality of life, efficiency of urban operation, and services and competitiveness, while ensuring that it meets the needs of present and future generations with respect to economic, social, environmental and cultural aspects.», International Telecommunication Union (ITU) – United Nations Specialized Agency for Information and Communication Technologies.

Increase in the urban population, ecological emergency and energy transition, constraints on public finances, need to reinvent the link between the public service and the user, increase in the living comfort of the inhabitants, etc. All of these issues are challenges that the Smart City could help respond to and which are pushing communities to invest in this direction.

In order to meet these challenges of today and tomorrow, the Smart City will have to create a synergy between different areas such as intelligent traffic management, the development of new modes of transport, the optimization of energy consumption and waste management, the protection of goods and services, home automation, etc.

All these services can be federated around a single control center which will provide an uplink and downlink, giving the possibility of collecting information on the state of the services and/or acting directly on the infrastructure.

A new target for cyber attackers

Many cities in France and around the world have taken up the subject of the Smart City to meet the challenges set out above: large metropolises of course, but also smaller cities.

In parallel with these initiatives, it is becoming more and more frequent to observe cyberattacks targeting cities. As an illustration, in 2019, 22 US municipalities were victims of cyberattacks. The losses amount to millions. The governor of Louisiana went so far as to declare a state of emergency following attacks on several cities in the state. But these attacks are not limited to the United States, as evidenced by the attacks in France on the cities of Sarrebourg (Moselle), Sequedin (Nord), Huez (Oisans), La Croix-Valmer (Var) or even Nuits-Saint-Gorges (Côtes-d’Or).

So, the question now is why Smart Cities present a new playground for Cyber Attacks and how to protect oneself from them.

The Smart City induces a paradigm shift

Conducting a Smart City project requires changing the usual ways of proceeding by implementing a new kind of information system (IS), mixing many issues and generating new risks in terms of Cybersecurity.

A complex architecture

The Smart City is partly characterized by the new structure of its architecture. Its atypical IS compiles the constraints of a management IS, those of an industrial IS and those of an IoT IS.

Thus, its management IS will have a propensity to collect and process a large amount of data, whereas its industrial IS will have the characteristic of being directly connected to the physical world: water management, traffic lights, variable road signs, retractable bollards, intelligent lighting, autonomous car control, etc. and reconciling the challenges of these two worlds is no easy task: where the industrial world traditionally focuses on availability, the IT world will focus on the integrity and confidentiality of information and processing, considering furthermore that the Smart City will reinforce the existing IT and digital dimension of industrial systems.

Furthermore, the rationale for an IoT IS must be considered, which is to collect data as close as possible to their sources, through the deployment of connected objects, multiple entry points to the IS in potentially hostile environments. As a result, these objects will be individually exposed to physical attacks against which it was not previously necessary or easier to guard against (e.g. physical access to a serial or USB port, replacement of flash memory, etc.).

Finally, the systems that make up the Smart City must be able to evolve rapidly in order to benefit from the innovations of market players. The challenge is to succeed in building a flexible IS with the capacity to respond to uses yet unidentified today while providing systems capable of being maintained over time, on the scale of a Smart City built for decades.

The paradox of interoperability

Moreover, a Smart City approach is intended to be inclusive in order to take advantage of the strengths of all the players in the area. This implies managing heterogeneous systems, mixing new and old technological bricks, and mastering the opening of its IS.

Smart Cities polymorphism complicates the definition of global security policies. Their implementation evolves alongside the development of new technologies, making the security policies of another generation obsolete or inapplicable. This problem has already been present in the industrial world for years, where operational constraints make it sometimes impossible to evolve systems that have become vulnerable.

Beyond security policy, while interoperability between multi-generational systems makes it possible to develop new functionalities that create value for the user, it also implies using disparate protocols that can lead to security breaches. A “security by design” approach would consist in identifying the current need and its potential evolutions, in order to be able to propose specifications integrating both concrete answers to the functional need and minimum security rules allowing the service deployment with a satisfactory level of confidence. However, this is likely to oppose to the principle of inclusiveness of the Smart City.

The importance of data

An operational and political challenge

Information from the field is of paramount importance in driving the Smart City: assisting in decision-making, communicating information to citizens, planning events, and evaluating public policy. While the data itself is not necessarily critical, this is no longer true when it is aggregated into a larger whole. Errors in the collection or processing of data can lead to operational inefficiencies in services or to inappropriate choices in response to changing circumstances.

Moreover, the construction of the Smart City is done by layer. Gradually, new services appear and develop. Historically siloed, the trend is to look for synergies between the different services to create ever more added value for the user. These growing interconnections and overlapping induce such complexity that in the event of a failure, there is a risk, if we are not careful, of seeing the whole infrastructure collapse, either because of error propagation or because each service has become dependent on the others.

Security: a request coming from the citizens themselves

Elabe and Wavestone have conducted a survey on the importance of data in tomorrow’s public services, and on the challenges facing stakeholders in such projects.

Among these challenges lies the use made of the user personal data. Overall, citizens are in favor of the idea of ​​digital transformation of public services, and a fortiori of the Smart City as a public service but remain concerned about the purpose of processing their data.

However, a significant proportion of the population, between 30% and 50%, is not in favour of transferring their data even if it could save money, save time or reduce their carbon footprint. This could be due to the fact that 76% of the population surveyed believe that the administration is not currently able to ensure the security of the data it collects.

The success of the Smart City therefore also lies in the ability of stakeholders to reassure users about the use and protection of their data.

Thus, we have seen that the Smart City is inducing a paradigm shift which, combined with the high expectations of the general public on the security of its data, required an adaptation of its approach. Indeed, as the Smart City grows, urban activity becomes more and more dependent on its services, increasing its security needs, but also the interest of cyber attackers. Based on these observations, the challenge will therefore be to identify which approach to implement to take into account the risk of cybersecurity and, failing to completely eliminate it, to reduce it. We will talk about it in a second article.

Cet article Cybersecurity issues around Smart City (1/2) est apparu en premier sur RiskInsight.

Mettre en œuvre la carte CPS au travers d’un projet de gestion des identités et des accès

Le SI, tout en connaissant de profondes transformations, devient un enjeu majeur dans les hôpitaux : informatisation continue des services de soins, ouverture du SIH, dématérialisation des échanges et interopérabilité, renforcement des exigences réglementaires, etc. Ces évolutions facilitent le partage de l’information médicale mais rendent sa protection plus difficile.

La mise en œuvre d’un espace de confiance numérique pour le partage des données de santé devient alors une nécessité. Cette nécessité devient un prérequis dans le cadre du programme Hôpital Numérique et de la certification HAS (Haute Autorité de Santé).

La mise en place d’une gestion des identités et des accès, qui associe l’utilisation d’un dispositif d’authentification forte comme la Carte de Professionnel de Santé, permet de créer un espace de confiance numérique qui répond aux problématiques suivantes :

• Respecter les nouvelles règlementations ;
• Simplifier et sécuriser l’accès au SIH ;
• Accélérer les processus de gestion des droits ;
• Diminuer la charge d’administration et réduire les coûts de support.

Mener un projet de gestion des identités et des accès adapté au monde hospitalier

La gestion des identités et des accès associe des processus, des technologies et une stratégie de gestion des identités numériques et de spécification de leur usage pour accéder aux ressources informatiques de l’entreprise.

Mener un tel projet s’avère généralement plus complexe que la plupart des autres projets informatiques en raison du nombre et de la diversité des référentiels d’identités numériques, des solutions techniques mises en œuvre et des besoins des entités gouvernantes amenées à collaborer.

Notamment, les acteurs concernés par un tel projet dans le monde hospitalier sont nombreux : la Direction Générale, la Commission Médicale d’Établissement (CME), le Département d’Information Médicale (DIM), les directions gérant le personnel salarié et non salarié de l’établissement (Direction des Affaires Médicales, Direction des Ressources Humaines), le corps médical et soignant, la Direction des systèmes d’information (ou le service informatique), etc.

Par ailleurs, certains thèmes à aborder sont spécifiques aux établissements de santé :

• Comment instruire ce projet dans le cadre d’une mise en réseau de l’établissement au sein d’une ou plusieurs communautés hospitalières ?
• Faut-il limiter l’utilisation de la carte à l’accès aux postes de travail ou bien ai-je intérêt à étendre son usage comme pour l’accès aux locaux ?
• À qui dois-je la fournir ?
• Comment m’assurer que la carte CPS facilitera l’accès aux postes de travail ?
• Quelles applications dois-je prendre en compte dans mon projet ?

Un projet d’établissement nécessitant un engagement de moyens ainsi qu’une implication de tous les acteurs pour le rendre maîtrisable

Mettre en œuvre la carte CPS au travers d’un projet de gestion des identités et des accès se révèle être un projet stratégique d’établissement, porteur d’enjeux à la fois techniques, organisationnels et de conduite du changement, et à ce titre requiert une phase préalable de cadrage qui permettra :

• De définir le périmètre et évaluer la dimension du projet : état des lieux, besoins et les attentes, axes d’amélioration, périmètre fonctionnel cible, macro-évaluation charges, coûts, délais ;
• D’inscrire le projet dans une démarche globale : acteurs à mobiliser, instances de pilotage, possibilités de mutualisation.

Et vous, où en êtes-vous de la mise en œuvre de la carte de Professionnel de Santé au sein de votre établissement ?

Cet article La carte CPS : un projet d’établissement ou un projet informatique ? est apparu en premier sur RiskInsight.