Smart Cities specification for data, information and asset security management launched by BSI

BSI, the business standards company, has launched a new smart cities specification for safeguarding data and information security in cities. PAS 185 Smart Cities – Specification for Establishing and Implementing a Security-Minded Approach lists the requirements for creating a framework designed to address the security-minded management of a city.

The PAS was commissioned by the Centre for the Protection of National Infrastructure (CPNI), the Government authority for protective security advice to the UK’s national infrastructure. PAS 185 outlines the potential security threats to a smart city that could affect those people who live and work there, as well as outlining appropriate responses to those threats.

The key goal of a smart city is to join up sectors – such as the utilities, transport or healthcare – across organisational boundaries into a ‘whole city’ approach for the day-to-day running of services. The smart cities ethos is that the greater availability of data and information can improve existing assets, which include refuge facilities, transport infrastructure and housing.

Data and information can then be used in conjunction with the integration of services and systems to improve service provision for both current and future citizens. In addition, information acquired from outcome-based contracting can be used to improve the efficiency of newly-built assets through a better understanding of the whole-life performance of existing assets.

The framework in PAS 185 can be used to create appropriate and proportionate security measures in order to deter and/or disrupt hostile, malicious, fraudulent and criminal activities. Crucially, implementation of these measures will not prevent delivery of the city’s aims. Further, the PAS considers security holistically, looking at governance, personnel, physical and technological security issues and solutions.

Aspects related to the environment of the smart city – including scale, organisational complexity, complex service delivery and ownership of smart city infrastructure – are covered in PAS 185. How an organisation or individual should respond to incidents, security breaches and changing risk levels is also outlined in the specification.

Availability of data and information 

Dan Palmer, head of market development for manufacturing at the BSI, said: “Greater availability of data and information can transform the way in which our cities are run, helping public and private sector decision-makers to provide a better environment for citizens. It’s critically important that this data and information is handled responsibly, and doesn’t open up the city to cyber or other attacks.”

Palmer added: “PAS 185 was created to provide a framework for the development of an overall security strategy for the handling, management and sharing of data. It will help decision-makers in smart cities, as well as smart city data officers, to understand and guard against the risks involved as they move into the digital age. It will also be of great benefit to those interested in using data and information to effectively deliver smart city objectives.”

PAS 185 is a companion document to other smart cities documents produced by the BSI, including PAS 183 Smart Cities – Guide to Establishing a Decision-Making Framework for Sharing Data and Information Services and PAS 184 Smart Cities – Developing Project Proposals for Delivering Smart City Solutions.

The City Standards Institute is among the organisations that participated on the PAS 185 Steering Group*. The Cities Standards Institute is a collaboration between the BSI and the Future Cities Catapult to create a standards-based community of good practice for cities and the companies with whom they work.

*The following organisations were involved in the development of PAS 185 as members of the Steering Group: A Luck Associates, Arup, BIM Task Group, Bodvoc Ltd, City of Bradford Metropolitan District Council, Bristol City Council, Cities Standards Institute, the Centre for the Protection of National Infrastructure, the Department for Transport, Digital Catapult and Future Cities Catapult (FlyingBinary), the Institute of Asset Management, the IoT Security Foundation, the National Cyber Security Centre, Peterborough City Council, the Trustworthy Software Foundation, Turner & Townsend, the University of Cambridge and the Centre for Smart Infrastructure and Construction

About the Author

Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications)

Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting.

In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector.

In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute’s George van Schalkwyk Award.

An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award.

Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site.

Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media.

Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014.

Related Posts