A framework for cyber threat modeling and risk assessment in smart city environments

A framework for cyber threat modeling and risk assessment in smart city environments

IntroductionWith the rise of digital transformation, the concept of the smart city has emerged as a key pillar of modern urban development. However, as smart cities increasingly rely on the Internet of Things (IoT), cloud computing, and real-time data processing, they also face an expanded attack su...

Full description

Saved in:
Bibliographic Details
Main Authors: Mariya Ouaissa, Mariyam Ouaissa, Zineb Nadifi, Sarah El Himer, Yassine Al Masmoudi, Ali Kartit
Format: Article
Language:English
Published: Frontiers Media S.A. 2025-07-01
Series:Frontiers in Computer Science
Subjects:
threat modeling
STRIDE
MITRE ATT&CK
MTM
risk assessment
CVSS
Online Access:https://www.frontiersin.org/articles/10.3389/fcomp.2025.1647179/full
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:IntroductionWith the rise of digital transformation, the concept of the smart city has emerged as a key pillar of modern urban development. However, as smart cities increasingly rely on the Internet of Things (IoT), cloud computing, and real-time data processing, they also face an expanded attack surface and growing cybersecurity threats.MethodsThis paper presents a comprehensive threat modeling and risk assessment approach tailored to smart city environments. It begins by identifying the core components and data flows within a typical smart city architecture covering domains such as surveillance, transportation, and healthcare. A Data Flow Diagram (DFD) is constructed to visualize the interactions and pinpoint critical assets. The STRIDE methodology, supported by the Microsoft Threat Modeling (MTM) tool, is employed to systematically uncover threats including spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege. To enrich the analysis and align with real-world adversarial behavior, the MITRE ATT&CK framework is also utilized to map identified threats to known tactics and techniques. Each discovered threat is evaluated through a detailed risk assessment using the Common Vulnerability Scoring System (CVSS) and a 5 by 5 risk matrix, allowing a quantifiable estimation of impact and likelihood.ResultsThe analysis revealed 21 threats across smart city domains, with spoofing, tampering, and denial of service being the most frequent. Five threats were rated as critical based on CVSS, particularly targeting cloud services and web applications.DiscussionFurthermore, the paper introduces a dedicated case study involving the Internet of Vehicles (IoV), applying the Cyber Kill Chain model to demonstrate the progression of a cyber-attack targeting connected vehicle systems, with a focus on identifying less common yet critical ATT&CK techniques at each phase. The study concludes by proposing targeted mitigation strategies and architectural recommendations aimed at enhancing the cyber resilience of smart city infrastructures.
ISSN:2624-9898

Similar Items