A framework for cyber threat modeling and risk assessment in smart city environments
IntroductionWith the rise of digital transformation, the concept of the smart city has emerged as a key pillar of modern urban development. However, as smart cities increasingly rely on the Internet of Things (IoT), cloud computing, and real-time data processing, they also face an expanded attack su...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Frontiers Media S.A.
2025-07-01
|
| Series: | Frontiers in Computer Science |
| Subjects: | |
| Online Access: | https://www.frontiersin.org/articles/10.3389/fcomp.2025.1647179/full |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850096148796145664 |
|---|---|
| author | Mariya Ouaissa Mariyam Ouaissa Zineb Nadifi Sarah El Himer Yassine Al Masmoudi Ali Kartit |
| author_facet | Mariya Ouaissa Mariyam Ouaissa Zineb Nadifi Sarah El Himer Yassine Al Masmoudi Ali Kartit |
| author_sort | Mariya Ouaissa |
| collection | DOAJ |
| description | IntroductionWith the rise of digital transformation, the concept of the smart city has emerged as a key pillar of modern urban development. However, as smart cities increasingly rely on the Internet of Things (IoT), cloud computing, and real-time data processing, they also face an expanded attack surface and growing cybersecurity threats.MethodsThis paper presents a comprehensive threat modeling and risk assessment approach tailored to smart city environments. It begins by identifying the core components and data flows within a typical smart city architecture covering domains such as surveillance, transportation, and healthcare. A Data Flow Diagram (DFD) is constructed to visualize the interactions and pinpoint critical assets. The STRIDE methodology, supported by the Microsoft Threat Modeling (MTM) tool, is employed to systematically uncover threats including spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege. To enrich the analysis and align with real-world adversarial behavior, the MITRE ATT&CK framework is also utilized to map identified threats to known tactics and techniques. Each discovered threat is evaluated through a detailed risk assessment using the Common Vulnerability Scoring System (CVSS) and a 5 by 5 risk matrix, allowing a quantifiable estimation of impact and likelihood.ResultsThe analysis revealed 21 threats across smart city domains, with spoofing, tampering, and denial of service being the most frequent. Five threats were rated as critical based on CVSS, particularly targeting cloud services and web applications.DiscussionFurthermore, the paper introduces a dedicated case study involving the Internet of Vehicles (IoV), applying the Cyber Kill Chain model to demonstrate the progression of a cyber-attack targeting connected vehicle systems, with a focus on identifying less common yet critical ATT&CK techniques at each phase. The study concludes by proposing targeted mitigation strategies and architectural recommendations aimed at enhancing the cyber resilience of smart city infrastructures. |
| format | Article |
| id | doaj-art-539d654b8a8947f485d1fe1d952479a4 |
| institution | DOAJ |
| issn | 2624-9898 |
| language | English |
| publishDate | 2025-07-01 |
| publisher | Frontiers Media S.A. |
| record_format | Article |
| series | Frontiers in Computer Science |
| spelling | doaj-art-539d654b8a8947f485d1fe1d952479a42025-08-20T02:41:17ZengFrontiers Media S.A.Frontiers in Computer Science2624-98982025-07-01710.3389/fcomp.2025.16471791647179A framework for cyber threat modeling and risk assessment in smart city environmentsMariya Ouaissa0Mariyam Ouaissa1Zineb Nadifi2Sarah El Himer3Yassine Al Masmoudi4Ali Kartit5LISI, Cadi Ayyad University, Marrakech, MoroccoLTI, Chouaib Doukkali University, El Jadida, MoroccoLTI, Chouaib Doukkali University, El Jadida, MoroccoSidi Mohamed Ben Abdellah University, Fez, MoroccoLaboratory of Geosciences and Environment Technics, Faculty of Science, El Jadida, MoroccoLTI, Chouaib Doukkali University, El Jadida, MoroccoIntroductionWith the rise of digital transformation, the concept of the smart city has emerged as a key pillar of modern urban development. However, as smart cities increasingly rely on the Internet of Things (IoT), cloud computing, and real-time data processing, they also face an expanded attack surface and growing cybersecurity threats.MethodsThis paper presents a comprehensive threat modeling and risk assessment approach tailored to smart city environments. It begins by identifying the core components and data flows within a typical smart city architecture covering domains such as surveillance, transportation, and healthcare. A Data Flow Diagram (DFD) is constructed to visualize the interactions and pinpoint critical assets. The STRIDE methodology, supported by the Microsoft Threat Modeling (MTM) tool, is employed to systematically uncover threats including spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege. To enrich the analysis and align with real-world adversarial behavior, the MITRE ATT&CK framework is also utilized to map identified threats to known tactics and techniques. Each discovered threat is evaluated through a detailed risk assessment using the Common Vulnerability Scoring System (CVSS) and a 5 by 5 risk matrix, allowing a quantifiable estimation of impact and likelihood.ResultsThe analysis revealed 21 threats across smart city domains, with spoofing, tampering, and denial of service being the most frequent. Five threats were rated as critical based on CVSS, particularly targeting cloud services and web applications.DiscussionFurthermore, the paper introduces a dedicated case study involving the Internet of Vehicles (IoV), applying the Cyber Kill Chain model to demonstrate the progression of a cyber-attack targeting connected vehicle systems, with a focus on identifying less common yet critical ATT&CK techniques at each phase. The study concludes by proposing targeted mitigation strategies and architectural recommendations aimed at enhancing the cyber resilience of smart city infrastructures.https://www.frontiersin.org/articles/10.3389/fcomp.2025.1647179/fullthreat modelingSTRIDEMITRE ATT&CKMTMrisk assessmentCVSS |
| spellingShingle | Mariya Ouaissa Mariyam Ouaissa Zineb Nadifi Sarah El Himer Yassine Al Masmoudi Ali Kartit A framework for cyber threat modeling and risk assessment in smart city environments Frontiers in Computer Science threat modeling STRIDE MITRE ATT&CK MTM risk assessment CVSS |
| title | A framework for cyber threat modeling and risk assessment in smart city environments |
| title_full | A framework for cyber threat modeling and risk assessment in smart city environments |
| title_fullStr | A framework for cyber threat modeling and risk assessment in smart city environments |
| title_full_unstemmed | A framework for cyber threat modeling and risk assessment in smart city environments |
| title_short | A framework for cyber threat modeling and risk assessment in smart city environments |
| title_sort | framework for cyber threat modeling and risk assessment in smart city environments |
| topic | threat modeling STRIDE MITRE ATT&CK MTM risk assessment CVSS |
| url | https://www.frontiersin.org/articles/10.3389/fcomp.2025.1647179/full |
| work_keys_str_mv | AT mariyaouaissa aframeworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT mariyamouaissa aframeworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT zinebnadifi aframeworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT sarahelhimer aframeworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT yassinealmasmoudi aframeworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT alikartit aframeworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT mariyaouaissa frameworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT mariyamouaissa frameworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT zinebnadifi frameworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT sarahelhimer frameworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT yassinealmasmoudi frameworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments AT alikartit frameworkforcyberthreatmodelingandriskassessmentinsmartcityenvironments |