Cities Are Getting Smart, and Feds Can Help Make Them Smarter

Communities across the country may soon regulate traffic patterns, control garbage trucks and run the power grid using the internet of things, but when building “smart” systems, they often find themselves starting from scratch.

Federal agencies may be able to help.

Instead of forcing cities to reinvent the wheel with every new project, federal agencies can bring them to the table to share what works and what doesn’t work in areas like cybersecurity and privacy, said Sokwoo Rhee, the associate director of the cyber-physical program at the National Institute for Standards and Technology, in a conversation with Nextgov.

Rhee aims to kickstart that collaboration with the Smart and Secure Cities and Communities Challenge, a program hosted by NIST and the Homeland Security Department Science and Technology Directorate that brings together technologists around the world to work on “smart” projects in transportation, public safety, waste management and a handful of other categories.

At the program’s Tuesday kickoff, officials from NIST and DHS S&T encouraged teams to adopt standards for protecting smart systems and consider how projects can be upgraded over time to confront new cyber threats.

Cities often set cybersecurity and privacy as “conceptual priorities,” Rhee told Nextgov. “However, when it comes to an execution plan, they don’t really make it to the top of their list.”

He attributes this issue largely to the fact that there are very few guidelines for groups to follow when rolling out new initiatives. “The cities can’t do that by themselves,” he said, and academics, industry leaders and government researchers must become involved in creating a blueprint for smart city design.

With NIST researchers set to debut a new smart cities framework on Thursday, the agency’s associate director and chief cybersecurity advisor Donna Dodson said the benefits of such standards go beyond closing potential security gaps.

“Part of the importance of standards is not just being able to look at cybersecurity...it’s also to support interoperability,” Dodson said.

Communicating best practices with partner groups will be easier if cities follow similar basic blueprints, she said, and while no framework is perfect for everyone, standards will provide cities with a clear starting point as they launch new projects.

When designing projects, cities must also “balance enterprise and planning with adaptability,” said Scott Tousley, deputy director of DHS S&T’s cybersecurity division. Online bad actors alter their strategies as the cyber landscape changes, he said, and smart cities must have the ability to update their systems to combat new threats.

When it comes to constantly checking IoT systems for vulnerabilities, “We’ve all been trained to be lazy,” Tousley said.

Tousley added that smart systems will inevitably come under fire, so preparing and addressing those cyberattacks when they come will be crucial.

Teams participating in the challenge will convene in June for a midterm review of their projects before presenting their designs at a final expo scheduled for late 2018 or early 2019.