CitySCAPE
Cyber Security as a Key to Unlocking the Potential of a Multi-modal Transport Ecosystem
Tallinn is one of the pilot sites to test cyber security in the transport ecosystem. During this project, FinEst Centre for Smart Cities and TalTech autonomous vehicle research group will introduce anonymous vehicle (AV) shuttle ISEAUTO as a first/last mile solution to the existing transport network.
The aim is to review the multi-modal transport ecosystem while also considering its interplay with related critical NIS Directive sectors: energy and banking.
The project is led by the Institute of Communications and Computer Systems from Greece, together with partners like AIRBUS Cybersecurity SAS and Kaspersky Lab Italia SRL. We will build the concept on top of the actual cybersecurity needs of the transport providers.
We have carefully identified the real-world cyber-security challenges that transport providers already face, along with their daily operation and through a systematic analysis has translated them to a set of desired attributes for the envisioned CitySCAPE solution. It introduces innovative risk analysis techniques and orchestrates several software solutions to realize an interoperable toolkit that would integrate into any multimodal transport system. It allows the collaborative analysis of security/privacy persistent threats, forecasts cyber-security incidents, counteracts at highly-possible attack entry-points, assesses the impact in both technical and financial terms and finally, provides informative notifications to CERT/CSIRT authorities. During the project two pilot sites have been selected: Genoa, Italy and Tallinn, Estonia. Pilots will be the test and validation of the developed solution.
CitySCAPE considers the paradigm of interconnecting transport systems where traditional security controls and security assurance arguments are becoming increasingly inefficient in supporting emerging needs and applications. Among the reasons for the inefficiencies of those solutions is the mosaic of involved data and non-standardized data types (i.e. travel information, fleet data), the plethora of diverse transport services and the strong interdependencies between software components residing at interconnected infrastructures, allowing threats and security incidents to propagate between assets of these interconnected networks. At the user level, the hand-held devices and mobile transport applications (e.g., ticketing) increase the system's attack surface (i.e., sensors are already in use to detect a mobile app on passengers’ smartphones as they get on board.)
The CitySCAPE action invests effort on the significant improvement of both the cybersecurity capabilities of technological artefacts and the relevant human competencies involved in the multimodal transport ecosystem. By identifying vulnerabilities in the system and by providing the basis for standardization CitySCAPE solution will make the multimodal transport system more secure and stable which will lead to the accelerated introduction of autonomous vehicles in cities multi-modal transport networks.