Abstract
The term Smart City represents a strategic concept for a city or region that involves the use of modern technologies to influence the quality of life in the city. At the technological level, a wide range of IoT devices are used, which are interconnected through modern low-latency networks to enable the creation of intelligent applications with added value for their users. However, this relatively simple and noble idea represents a wide range of technologies and approaches, making the idea of ensuring Cyber Security in Smart Cities difficult. When implementing any technology in an organization, the processes, assets, and people that bring the technology to life, are crucial. The aim of this paper is to analyze the key capabilities, frameworks and standards that would facilitate and support the possibility of developing Smart Cities. The first part of the article introduces the issue of Cyber Security and Smart Cities. Subsequently, the key approaches for ensuring security in creating Smart Cities are analyzed. The final part presents the BPMN-SC data model based on business process model notation and key security standards while incorporating the specifics of Smart Cities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Berkeley Center for Long-Term Cybersecurity. https://cltc.berkeley.edu/publication/smart-cities/. Accessed 31 Mar 2023
Casey, E., Barnum, S., Griffith, R., Snyder, J., van Beek, H., Nelson, A.: Advancing coordinated cyber-investigations and tool interoperability using a community developed specification language. Digit. Investig. 22, 14–45 (2017)
Chergui, M.E., Benslimane, S.M. (eds.) A valid BPMN extension for supporting security requirements based on cyber security ontology. In: 8th International Conference on Model and Data Engineering (MEDI), Marrakesh, Morocco (2018)
Computer Security Resource Center. https://csrc.nist.gov/publications/detail/sp/800-53b/final. Accessed 31 Mar 2023
Conrad, E., Misenar, S., Feldman, J.: Chapter 8 - domain 7: security operations (e.g., foundational concepts, investigations, incident management, disaster recovery). In: Conrad, E., Misenar, S., Feldman, J. (eds.) CISSP Study Guide. 3rd edn. Syngress, Boston, pp. 347–428 (2016)
De Nicola, A., Villani, M.L.: Smart City Ontologies and Their Applications: A Systematic Literature Review. Sustainability 13(10), 5578 (2021)
Deloitte. https://www2.deloitte.com/content/dam/Deloitte/de/Documents/risk/Report_making_smart_cities_cyber_secure.pdf. Accessed 31 Mar 2023
Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) (Text with EEA relevance) (2022)
Dong, N., Zhao, J., Yuan, L., Kong, Y.: Research on information security system of smart city based on information security requirements. J. Phys. Conf. Ser. 1069, 012040 (2018)
European Union Agency for Cybersecurity (ENISA). https://www.enisa.europa.eu/publications/baseline-security-recommendations-for-iot. Accessed 31 Mar 2023
Unified Cyberontology. https://unifiedcyberontology.org. Accessed 31 Mar 2023
ISO/IEC 27001: Information technology - Security techniques - Information security management systems – Requirements (2013)
ISO/IEC 27002: Information technology — Security techniques — Code of practice for information security management. International Organization for Standardization (2013)
Kaspersky Daily. https://www.kaspersky.com/blog/cybersecurity-ontology/40404/. Accessed 31 Mar 2023
Kokolakis, S., Demopoulos, A., Kiountouzis, E.: The use of business process modelling in information systems security analysis and design. Inf. Manag. Comput. Secur. 8, 107–116 (2000)
Manville, C., Kotterink, G.B.: Mapping Smart Cities in the EU. EPRS: European Parliamentary Research Service, Belgium (2014)
Maschio, I.: European Innovation Partnership on Smart Cities and Communities. European Comission (2023)
Mozzaquatro, B., Agostinho, C., Goncalves, D., Martins, J., Jardim-Goncalves, R.: An ontology-based cybersecurity framework for the Internet of Things. Sensors 18(9), 3053 (2018)
Open Data. https://opendata.gov.cz/informace:kontext:smart-city. Accessed 31 Mar 2023
Pastuszuk, J., Burek, P., Ksiezopolski, B. (eds.) Cybersecurity ontology for dynamic analysis of IT systems. In: 25th KES International Conference on Knowledge-Based and Intelligent Information & Engineering Systems (KES), Szczecin, Poland (2021)
Rodriguez, A., Fernández-Medina, E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. IEICE Trans. Inform. Syst. E90-D(4), 745–752 (2007)
Massink, R., Manville GCJCJMJKPRKTALMW, C., Bas, K.: Mapping Smart Cities in the EU. European Parliamentary Research Service (2014)
Salnitri, M., Dalpiaz, F., Giorgini, P.: Designing secure business processes with SecBPMN. Softw. Syst. Model. 16(3), 737–757 (2017)
San MartÃn, L., RodrÃguez, A., Caro, A., Velásquez, I.: Obtaining secure business process models from an enterprise architecture considering security requirements. Bus. Process Manage. J. 28(1), 150–177 (2022)
Silicon Labs. https://pages.silabs.com/rs/634-SLU-379/images/Preparing_for_Next-Gen_Cyber_Attacks_on_IoT.pdf. Accessed 31 Mar 2023
Staalduinen van, W., Bond R., Dantas, C., Jegundo, A.L.: Smart Age Friendly Cities, Age Friendly Smart Cities. European Comission, Futurium (2022)
Syed, R.: Cybersecurity vulnerability management: a conceptual ontology and cyber intelligence alert system. Inf. Manage. 57(6), 103334 (2020)
Temple, W.G., Wu, Y., Cheh, C., Li, Y., Chen, B., Kalbarczyk, Z.T., et al.: CyberSAGE: the cyber security argument graph evaluation tool. Empir. Softw. Eng. 28(1), 18 (2022)
Urbanik, P., Horalek, J.: Design of the Smart City Domain Concept in the Czech Republic, pp. 803–814. Hradec Economic Days, University of Hradec Kralove (2023)
Vojkovic, G.: Will the GDPR slow down development of smart cities?. In: IEEE 2018 41st InternationalConvention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatja, Croatia, pp. 1295–1297 (2018)
Wang, Z., Zhu, H., Liu, P., Sun, L.: Social engineering in cybersecurity: a domain ontology and knowledge graph application examples. Cybersecurity 4(1), 1–21 (2021)
Zareen, S., Akram, A., Khan, S.A.: Security requirements engineering framework with BPMN 2.0.2 extension model for development of information systems. Appl. Sci. 10(14), 4981 (2020)
Acknowledgement
The financial support of the project "Application of Artificial Intelligence for Ensuring Cyber Security in Smart City" (ARTISEC), n. VJ02010016, granted by the Ministry of the Interior of the Czech Republic is gratefully acknowledged.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Horalek, J., Otcenaskova, T., Sobeslav, V., Tucnik, P. (2024). A Business Process and Data Modelling Approach to Enhance Cyber Security in Smart Cities. In: Cong Vinh, P., Mahfooz Ul Haque, H. (eds) Nature of Computation and Communication. ICTCC 2023. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 586. Springer, Cham. https://doi.org/10.1007/978-3-031-59462-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-59462-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-59461-8
Online ISBN: 978-3-031-59462-5
eBook Packages: Computer ScienceComputer Science (R0)