For our next event in the seminar series, we have invited Dr Aksel Ersoy from Oxford Brooks University to present his research on smart city infrastructures. He is Lecturer in Urban Geography in the Department of Social Sciences and focuses his research on the social and economic transformations of metropolitan cities.
Join us on Wednesday 8 March from 3pm to 5pm for his talk in Room 2.31, Iontas Building. More details about the talk can be found in the abstract below. Hope to see many of you!
Abstract
The issues of global environmental change and sustainability have now been on the agendas of research institutions, government departments and civil society organisations for a number of years. While the implications of the transnational and global characteristics of environmental problems continue to be integral to policymaking, government and governance, increasing attention is being directed at the necessity and scope for local action. Within urban studies, the multiple interlinkages between infrastructure domains has become crucial as interconnectedness and interdependencies of infrastructure networks provoke thinking about how urban policy shifts towards more resource efficient and resilient cities via enabling more integrative forms of co-management of urban infrastructure. Cities are wrestling with the inadequacies and inefficiencies of embedded and legacy infrastructure systems, while at the same time being presenting with a range of new opportunities and possibilities created by developments in digital technologies. The latter are currently signified by reference to the (imminent) arrival of the “smart city”, although this is a term which is used in diverse ways. This presentation explores local smart city practices, with a particular concern for governance and whether smart is explicitly understood as a vehicle for capitalising upon unexploited infrastructure interdependencies or dealing with the products of established siloed thinking about infrastructure.
The first Smart Dublin Advisory Network meeting took place on the 12th October in the Mansion House. The plan is for the network to meet every six months to help guide the work of Smart Dublin as it develops and implements its strategy and programmes. The first meeting mainly focused on introducing Smart Dublin and undertaking some initial workshop exercises to brainstorm initial ideas and feedback and to do so preliminary backcasting. The first task was a quick introduction and for each person to say in one word a quality they hoped Smart Dublin would fulfil. Here’s a list of those aspirational words – which I have grouped into triplets – a list against which to judge over the next few years how successful Smart Dublin has been.
Connectivity Networking Integrated
Collaborative Cooperation Sharing
People Community Engagement
Well-being Safe Quality-of-life
Accessible Sustainable Diversity
Data Insight Problem-solving
Strategic Joined-up Agile
Transformative Future-proofing International
Innovation Start-ups Testing
Socio-technical Curiosity Easy
Interestingly, efficiency, economy and open – which are three of the four key terms that have to date underpinned Smart Dublin’s work (along with engagement) – were not suggested. Personally, I think it’s a fascinating list in terms of what it prioritizes as key attributes of a successful smart city and it would be interesting to compare this list to other lists produced by stakeholder groups in other cities. A brief post about the advisory board meeting and the Smart Dublin showcase that followed its first meeting can be found here.
Rob Kitchin, Sophia Maalsen and Gavin McArdle have a new paper published in Geoforum titled ‘The praxis and politics of building urban dashboards’. It is open access with this link until early Dec.
Abstract: This paper critically reflects on the building of the Dublin Dashboard – a website built by two of the authors that provides citizens, planners, policy makers and companies with an extensive set of data and interactive visualizations about Dublin City, including real-time information – from the perspective of critical data studies. The analysis draws upon participant observation, ethnography, and an archive of correspondence to unpack the building of the dashboard and the emergent politics of data and design. Our findings reveal four main observations. First, a dashboard is a complex socio-technical assemblage of actors and actants that work materially and discursively within a set of social and economic constraints, existing technologies and systems, and power geometries to assemble, produce and maintain the website. Second, the production and maintenance of a dashboard unfolds contextually, contingently and relationally through transduction. Third, the praxis and politics of creating a dashboard has wider recursive effects: just as building the dashboard was shaped by the wider institutional landscape, producing the system inflected that landscape. Fourth, the data, configuration, tools, and modes of presentation of a dashboard produce a particularised set of spatial knowledges about the city. We conclude that rather than frame dashboard development in purely technical terms, it is important to openly recognize their contested and negotiated politics and praxis.
Hackathons are rapid design and development events at which volunteer participants come together to conceptualize, prototype, and make (mostly digital) products and services.
Coupling with the rapid pace of conceptualising a product or service, prototyping and making do with limited time and resources during the event, is the competition with other teams for the prizes, ranging from cash rewards to a spot in an incubator programme that could potentially transform the initial idea at a hackathon into a startup success.
We often see coverage of the winning teams, their ideas and sometimes their presentations before the judging panel. However, we do not necessarily know how participants reflect upon their own experiences, problems they encounter along the way and adjustments to their goals and strategies under time pressure.
In this blogpost, we try to give a glimpse of these aspects by asking participants how and what they did in the Global Data Fest/Smart City Hackathon which took place in Dublin between 6 – 8 March, 2015. The videos were taken before the teams presented their ideas to the judges, which means they did not know who were going to win and thus the conversation was not about their ‘winning experiences’. Instead, the videos are about how they took into account of all sorts of challenges and the advice they received from the mentors to finish their project. In doing so, we also wish to create cultural memory for the participants and for one the various pursuits of transforming Dublin into a smart city.
Back in December we posted about the extent to which Dublin can be considered a smart city. In this post, we complement this with a similar analysis of Cork, which is seeking to become a smart region rather than city (utilising smart technologies across the city and the county).
In Cork a ‘smart agenda’ is being developed that builds on the existing assets, attributes and experiences in the region through the ‘Cork Smart Gateway’ initiative, which is a collaboration between the two local authorities and the Nimbus Research Centre (Internet of Things, networks) and Tyndall National Institute (ICT, microelectronic circuits, nanotechnology, energy, photonics). The aim is to leverage a quadruple helix innovation model where government, industry, academia and civil participants work together to co-create and drive structural change utilising ICT solutions. As well as a host of EU, SFI and enterprise projects, Cork is also home to the National Sustainable Building Energy Testbed, Water Systems and Service and Innovation Centre, and the Mallow Systems and Innovation Centre, and UCC is a lead partner of Insight and CONNECT. A full range of projects is set out in Table 1.
In addition to these projects, Cork City Council is a follower City in a Smart Cities and Communities Horizon 2020 project called GrowSmarter, a €25m initiative (lead cities: Stockholm, Cologne, and Barcelona). GrowSmarter establishes three ‘lighthouses’ for smart cities which demonstrate to other cities how they can be prepared in an intelligent way for the energy challenges of the future. As part of this project, Cork will roll out initiatives in transport, energy, and information and communications technology. There are also a significant number of companies driving Internet of Things development in the region, for example, EMC and Vodafone have jointly invested €2m in a new INFINITE internet of things industrial platform that will traverse Cork. There are also a range of ongoing research and pilot projects that have yet to be mainstreamed, and others that ran for a handful of years before terminating, plus there are a number of other smart city apps available developed by citizens and commercial enterprises.
Table 1: Smart Cork
Smart economy
Energy Cork
Cluster supporting collaboration and innovation in the energy sector
IT@Cork
Cluster supporting collaboration and innovation in the ICT sector
TEC Gateway – part of Nimbus, CIT
EI funded technology gateway supporting Irish industry to develop new IoT technologies
Rubicon
Incubator – provides supports and capital investment for startups
Smart government
City Council housing stock management
Stock condition surveys and maintenance activities updated by smart technologies close to real time
Library digital services
A suite of library apps for various services
Variable messaging signs
Real time off-street parking and road closure information on key access routes to the city
Smart living
Smart energy management
Real-time monitoring and control of energy use and environmental characteristics for residential and commercial buildings; Secure management and prognostics networks for energy systems – EOS
Smart urban district energy Management
Real-time monitoring and control of neighbourhoods (blocks of buildings) for sustainable energy use
Smart lighting
Intelligent LED lighting networks
GreenCom
Smart microgrid testbed that enables wireless monitoring/control of loads, microgeneration and microstorage energy elements
Smart mobility
Coca Cola Zero Bikes
Public Hire Bike Scheme
LeapCard
Smart card access/payment for trains and buses
Real-time passenger information
Real time bus and train information at stops
EV Infrastructure
Deploy standard and fast charging points throughout the city
Smart environment
Smart testbeds
National Sustainable Energy Testbed (NSBET); Community Testbed – A regional community testbed with access to high-performance broadband facilities; Water Test-bed
River Lee deployment
Real time wireless sensor river monitoring system looking at water quality and depth
Rainwater harvesting
Remote monitoring of rainwater harvesting system in Sunview Fairhill
Smart water
Sensor development and integration to support management of Fats, oils and greases in the waste water networks – FOGMON
Aquametrics – Single point monitoring of water networks
Mid-altitude security and environmental monitoring
AEOLUS – Mid-altitude (400m) sensor platform combining HD cameras, metrological, Radar and AIS for coastal monitoring for security and environmental assessment
Smart people
Maker Dojo
Hands-on, ‘hacker’ style workshops
CorkCitiEngage
A Cork Smart Gateway Survey Project. Public feedback on public issues, digital skills, and use of public infrastructure
CorkOpenData
data.corkcity.ie – An online platform for publishing city information obtained from various sources, from sensors to surveys
Source: Compiled by the Cork Smart Gateway
Like Dublin then Cork lay claim to being a nascent smart city. Similarly they are very much at the start of realising the ambition of becoming a smart region and over the next number of years the smart region landscape is likely to change quite substantially as new initiatives are rolled out and new technologies deployed.
Rob Kitchin
Thanks to Claire Davis and Cork Smart Gateway initiative for compiling the table, with was prepared for our recent report on smart cities, privacy and security.
Smart city solutions utilise complex, networked assemblages of digital technologies and ICT infrastructure to manage various city systems and services. Any device that relies on software to function is vulnerable to being hacked. If a device is networked, then the number of potential attack points multiples across the network, and the hack can be performed remotely (1). Once a single device is compromised, then the whole assemblage becomes vulnerable to cyberattacks that seek to ‘alter, disrupt, deceive, degrade or destroy computer systems and networks or the information and/or programs resident in or transiting these systems or networks’ (2).
There are three forms of cyberattack: availability attacks that seek to close a system down or deny service use; confidentiality attacks that seek to extract information and monitor activity; and integrity attacks that seek to enter a system to alter information and settings (such as changing settings so that components exceed normal performance, erasing critical software, or planting malware and viruses) (3). The vulnerability of smart city systems is exacerbated by a number of issues including weak security and encryption; the use of insecure legacy systems and poor maintenance; large and complex attack surfaces and interdependencies; cascade effects; and human error and disgruntled (ex)employees (19). The result is that the process of making city systems and infrastructures ‘smart’ has also made them vulnerable to a suite of cyber-threats (4,5,6).
Cyberattacks can target every type of smart city solution and particular system components. There are a number of weak points – including SCADA systems, the sensors and microcontrollers of the Internet of Things, and communication networks and telecommunication switches.
SCADA systems
Various forms of urban infrastructure, including the electricity grid, water supply, and traffic control, rely on SCADA (supervisory control and data acquisition) systems that are used to control functions and flow (4). These systems measure how an infrastructure is performing in real-time and enable either automated or human operator interventions to change settings. SCADA systems can be traced back to the 1920s, but were extensively rolled out in the 1980s (12). As a consequence, many deployments are quite dated. Many have been found to operate with their original security codes (13). In some cases, while the infrastructure is relatively secure, the communications network is vulnerable (4). A number of SCADA systems have been compromised, with hackers altering how the infrastructure performs, or causing a denial-of-service, or have stolen data. Probably the most infamous SCADA hack was the 2009 Stuxnet attack on Iran’s uranium enrichment plant in which the system was infected by malware that destroyed a number of centrifuges by running them beyond their design specifications (12). By 2010 over 90,000 Stuxnet infections were reported in 115 countries (5).
Internet of Things
The Internet of Things refers to the connecting together of machine-readable, uniquely identifiable objects across the Internet. Some objects are passive and can simply be scanned or sensed (such as smart cards with embedded RFID chips used to access buildings and transport systems). Others are more active and include microcontrollers and actuators. All kinds of objects that used to be dumb, such as fridges, thermostats and lights, are now becoming networked and smart, generating information about their use and becoming controllable from a distance. Moreover, sensors can be embedded into the urban fabric and throughout critical infrastructures to produce data concerning ‘location, proximity, velocity, temperature, flow, acceleration, sound, vision, force, load, torque, pressure, and interactions’ (13). Sensors and microcontrollers are hackable as they often have little effective security, encryption, or privacy protocols in place. RFID chips, for example, can be hacked, jammed and spoofed (13).
Communication networks and telecommunication switches
The Internet of Things are linked together via a number of communications technologies and protocols such as 4G LTE (Long Term Evolution), GSM (Global System for Mobile communication), CDMA (Code Division Multiple Access), WiFi, bluetooth, RFID (Radio-Frequency Identification), NFC (Near-Field Communication), ZigBee (open wireless standard), and Z-Wave (wireless communication). Each of the modes of networking and transferring data are known to have security issues that enable data to be intercepted and provide access to devices. Likewise, telecommunication switches that link together the local and long distance Internet infrastructure are known to have vulnerabilities including manufacturer and operator back-door security access and access codes that are infrequently updated (4).
Transport management systems and vehicles
There have been a number of cyberattacks on transport management systems in recent years, as well as proof-of-concept demonstrations of possible attacks. For example, a cyberattack on a key toll road in Haifa, Israel, closed it for eight hours causing major traffic disruption (9). A research team from the University of Michigan managed to hack and manipulate more than a thousand traffic lights in one city using a laptop and wireless radio (15). Likewise, IOActive Labs have hacked traffic control sensors widely used around the world and altered traffic light sequencing and interactive speed and road signs (16). A teenager in Lodz, Poland, managed to hack the city tram switches, causing four trams to derail and injuring a number of passengers (1, 13). In the US, air traffic control systems have been hacked, FAA servers seized, the personal information of 58,000 workers stolen, and malicious code installed on air traffic networks (13). Vehicles themselves are also open to being hacked given that a new car contains up to 200 sensors connected to around 40 electronic control units and can connect to wireless networks. A recent Wired article details how two hackers were able to remotely hack a car through its Internet computer that controls entertainment and navigation systems, facilitates phone calls and can provide a wifi hotspot, using it as a route to replace firmware that enabled them to take control of the car’s internal computer network. The hackers could then take over the driving of the car from over 10 miles away, turning the driver into a passenger (17).
Electricity grid and smart meters
The generation, transmission, and distribution of electricity are monitored and controlled using SCADA systems (12). In addition, the electricity grid consists of a range of other networked devices. In the case of the US energy grid over 70 percent of components are over 25 years old, including many SCADA systems (13). Given the potential cascade effects of shutting down the electricity grid, it has been a key point of cyberattack. Electricity grid utilities in the US report being under near constant cyberattack, with one utility recording that it was the target of approximately 10,000 cyberattacks each month (all five commissioners of the Federal Energy Regulatory Commission agree that the threat of a cyber-attack on the electric grid is the top threat to electricity reliability in the United States) (8). The Israel Electric Corp. reports that its servers register about 6,000 unique computer attacks every second, with other critical infrastructure also under continuous cyberattack (9). As smart grids and smart meters are installed, the number of potential access points to grid networks increases enormously (12). Smart meters themselves can be hacked with low-cost tools and readily available software to alter proof of consumption or to steal energy from other users (1, 14).
Building management systems
Building management systems are often considered an aspect of property services rather than IT services and cybersecurity is not a key issue in purchase or operation (18). The consequence is weakly protected systems, often still configured with manufacturer codes. Moreover manufacturers often do not have processes in place for responding to vulnerabilities or a notification process to inform customers about security threats (18). The vulnerabilities of building management systems pose two main threats. The first is that if they are hacked building operations could be disrupted and safety risks created. The second is that they provide a potential route for breaking into enterprise business systems and critical company data if they share the same network. In the case of the Target data breach in which over 100 million customer details were stolen it appears that the retailer did not properly segment its data network, with hackers gaining access through the company that maintained its heating, ventilation and air conditioning (HVAC) system (18).
Cameras
Cities are full of a plethora of CCTV cameras; some owned and controlled privately, others by public authorities and police services. The security of these cameras is highly variable, with some lacking encryption or usernames and passwords, and others open to infection by malware and firmware modification (20). Accessing a camera provides a means to spy on individuals, such as viewing home presence or using a bank ATM camera to monitor the digits being pressed. Demonstrating the scale of the issue, one website provides access to the feeds of thousands of unsecured or poorly secured cameras (uses admin passwords) from 152 countries (21). Cameras can also be turned off, with some lacking the function to be restarted remotely (19).
Many cyberattacks are relatively inconsequential, such as probes and address scans, and are unsuccessful, while a small number are much more significant and involve a security breach. In a 2014 study of 599 utility, oil and gas, energy and manufacturing companies nearly 70 percent reported at least one security breach that led to the loss of confidential information or disruption of operations in the previous 12 months; 78 percent expected a successful attack on their ICS (industrial control systems) or SCADA systems in the next two years (10). In 2012, 23 gas pipeline companies were hacked and source code and blueprints to facilities stolen (7). Between 2010 and 2014, the US Department of Energy (that oversees the US power grid, nuclear arsenal, and national labs) documented 1,131 cyberattacks, of which 159 were successful (11). In 53 cases these attacks were ‘root compromises’, meaning that the attackers gained administrative privileges to computer systems, stealing various kinds of personnel and operational information (11).
Cyberattacks can be performed by hostile nations, terrorist groups, cyber-criminals, hacker collectives, and individual hackers. Former FBI director, Robert Mueller, details that 108 nations have cyberattack units, targeting critical infrastructure and industrial secrets (13). The majority of attacks are presently being repulsed using cybersecurity tools, or their effects have been disruptive or damaging but not critical for the long term delivery of services (3). Indeed, it needs to be recognised that to date, successful cyberattacks on cities are still relatively rare and when they have occurred their effects generally last no more than a few hours or involve the theft of data rather than creating life threatening situations. That said, it is clear that there is a cybersecurity arms race underway between attackers and defenders, and that more severe disruption of critical infrastructure has been avoided through the threat of mutually assured destruction between nations (22). This is not to suggest that smart city initiatives should be avoided, but rather that the cybersecurity challenges of creating secure smart cities should be taken seriously. It is likely that cyberattacks will increase over time, they will become more sophisticated, and that they have the potential to cause significant disruption to city services and the wider economy and society (5).
