Unclassified documents

Committee: ZZ/4
Close date: 31/05/2017
View moreView less

This PAS specifies requirements for establishing a framework for the security-minded management of smart cities and their associated infrastructure, as well as of data, information and services, used to deliver city services. It outlines methods for identifying security threats to data, information, physical infrastructure and systems that might affect the people who live, work in, or visit the smart city. It also sets out parameters for mitigating other adversities on security systems.

It covers the use of trustworthiness and security controls applicable to the smart city framework (SCF) (see PAS 181), smart city concept model (SCCM) (see PAS 182) and data framework used for sharing data and information services (see PAS 183).

The security-minded approach specified in this PAS covers all aspects of security relating to smart cities, including:

- governance;

- personnel;

- citizens, i.e. residents, businesses, visitors and commuters;

- organizations;

- process; and

- physical security.

The approach also covers aspects of the environment of the smart city, including:

- scale;

- organizational complexity;

- complex service delivery and ownership of smart city infrastructure;

- response to incidents, events, and changing risk levels; and

- extent of autonomy.

This PAS covers technological aspects relating to the secure delivery of services, including:

- safety;

- authenticity;

- availability (including reliability);

- confidentiality;

- integrity;

- possession;

- resilience; and

- utility.

The framework enables the development of an overall security strategy for the handling, management and sharing of data and information that can be used to inform and guide the development and delivery of smart city projects and subsequent operation, delivery, evolution and disposal of assets and services.

The framework specified in this PAS can be used to create and cultivate an appropriate, risk-based safety and security mindset and culture across the many organizations, services and individuals which use shared, disclosed and derived data and includes the need to monitor and audit compliance.

This PAS is for use by decision-makers in smart cities from the public, private and third sectors.

NOTE PAS 185 is consistent with the approach set out in PAS 1192-5 regarding the security-minded management of building information modelling, digital built environments and smart asset management. This consistency is important as it allows appropriate, sharing or disclosure of geospatial, dynamic and asset information in support of service planning, development and delivery in smart cities.