Is there a way to balance the needs for frequent, but cost-effective security updates in smart cities?
Maintaining regular, secure updates is vital for the safety of smart cities and the people who populate them. In order to respond to ever-evolving threats, smart-city devices must be regularly updated, which in turn exposes them to more attack vectors. Traditionally, many update mechanisms were administered by a technician who physically connected with the device. Such an update mechanism is expensive and therefore infrequent, but fewer updates mean more risks for downtime scenarios and increased potential for compromised data.
With the proliferation of smart-city devices, Over-The-Air (OTA) update management is typically utilised, introducing additional cyber threats such as man-in-the-middle attacks. Furthermore, as secured OTA updates are focused on potential attacks and vulnerabilities to the update process itself, an already compromised device may trick the update management into think that an update was successfully received.
An automated and secure mechanism to manage remote firmware and configuration updates and install security patches and bug fixes is pivotal. In order to secure the update process and ensure reliable update-status information, smart-city devices need an embedded root of trust that will communicate with the update server. OTA update management should enforce and secure updates all the way from the server (in a cloud or on-premise) to a root of trust in the designated devices, to ensure updates were reliably received and updated.
Both the number of smart cities in existence and the number of connected devices are poised to increase significantly. Obviously, security needs to keep pace. What are the primary features a viable security solution must offer?
A viable smart city security solution must be able to process its city’s complexities, while facilitating trustworthy management, alerts, and remote OTA updates. What this means in practice is that security solutions must be able to protect, control, and monitor the smart-city edge devices distributed across many miles in a cost-effective manner, and they must be scalable over time as the smart city itself grows.
Protection should span from the Network Operations Centre to the device to ensure reliable monitoring, true status reporting, and trusted alerts. OTA updates should be secured from the server to a reliable and successful update of the device. Attack prevention mechanisms should be in place to block take-overs and facilitate a quick disaster recovery. Analytics and forensic data should be continuously collected and analysed for further threat intelligence and security improvements.
For increased security, would it be possible to combine technologies to protect smart cities?
Securing smart cities against threats is and will continue to be a massive challenge. One that requires a holistic approach and implements multiple layers of security to tackle numerous cybersecurity threats and vulnerabilities. This is what Defense in Depth (DiD) is all about. It’s a layered cybersecurity approach in which diverse and redundant defensive mechanisms are layered in order to protect the physical, technical, and administrative aspects of the network.
With zero-day vulnerabilities exploited by outsider adversaries and internal information used by malicious insiders, varied layers of security are required to detect attackers and prevent greater damage. Whenever one mechanism fails, another steps up to block an attack. From administrative controls to perimeter defenses, access measures, and data protection to in-device prevention and alerting measures, the multi-layered strategy addresses more attack vectors, reduces the single point of failure risk and increases security as a whole.
Feature image courtesy of Andrey Suslov (via Shutterstock).