Security for IoT Enabled Smart Cities

Abstract

Smart cities leverage IoT to improve citizens’ quality of life by providing better infrastructure, enhanced transportation systems, and efficient public services. With IoT-enabled smart city applications receiving traction, mechanisms must be implemented to cater to the diverse requirements of the use cases. The increasing number of connected devices increases the risk of cyber attacks and breaches. Further, smart cities rely heavily on integrating critical infrastructure such as power grids and water treatment plants. Securing these systems is crucial to protect citizens and institutions from potential harm caused by attacks. However, securing the IoT ecosystem is a challenging task. There are constraints on processing, memory, and energy consumption in addition to interoperability challenges, cost, and complexity. Designing and implementing the appropriate security controls for the devices and services requires on-ground testing and analysis. This thesis explores and analyzes the security of IoT-enabled smart cities. The work consists of two main contributions. First, IoT security requirements, potential threats, and vulnerabilities to the various layers of IoT are analyzed. Vulnerability assessment and modeling of threats are performed on the air quality monitoring vertical of the smart city deployment of IIIT-H to gain visibility into the baseline security requirements. The recommendations and state-of-the-art solutions are extensible to applications that require Wi-Fi and mobile network-based security for large-scale IoT deployments. Second, the entire smart city deployment was examined, covering applications such as air quality monitoring, water quantity management, weather monitoring, and energy monitoring. With each application operating using different hardware components, communication technologies, and software dependencies, requirements such as interoperability, scalability, resiliency, and security are essential. This study focused on the provisions of the oneM2M standard in catering to these requirements and its role in smart cities. Experiments were conducted on the OM2M platform, an implementation of oneM2M, used in the smart city deployment of IIIT-H. The recommendations are a foundation for the security of oneM2Mbased smart city applications.