Design and evaluation of resilient infrastructures systems for smart cities

Abstract

Cities are rapidly converging toward digital technologies in order to provide advanced information services, efficient management, and resource utilization that will positively impact all aspects of our life and economy. This has led to the proliferation of ubiquitous connectivity to critical infrastructures (electrical grid, utility networks, finance, etc.) that are used to deliver advanced information services to homes, businesses, and government. On the other hand, such smart systems are more complex, dynamic, heterogeneous, and have many vulnerabilities that can be exploited by cyberattacks. Protecting and securing the resources and services of smart cities become critically important due to the disruptive or even potentially life-threatening nature of a failure or attack on smart cities' infrastructures. In this paper we present a resilient architecture that protects smart cities' communications, controls, and computations based on autonomic computing and Moving Target Defense (MTD) techniques. The key idea to achieve resiliency is based on making it extremely difficult for the attackers to figure out the current active execution environments used to run smart city services by randomizing the use of these resources at runtime. We have evaluated and validated our approach by applying a wide range of attacks against our smart infrastructures testbed and demonstrated that the provided services can tolerate with little overhead these attacks.