ORIGINAL RESEARCH article
Front. Comput. Sci.
Sec. Computer Security
Volume 7 - 2025 | doi: 10.3389/fcomp.2025.1647179
This article is part of the Research TopicAI-Driven Cyber Risk Assessment and InsuranceView all articles
A Framework for Cyber Threat Modeling and Risk Assessment in Smart City Environments
Provisionally accepted- 1Cadi Ayyad University, Marrakesh, Morocco
- 2Universite Chouaib Doukkali, El Jadida, Morocco
- 3Universite Sidi Mohamed Ben Abdellah, Fes, Morocco
- 4Universite Chouaib Doukkali Faculte des Sciences, El Jadida, Morocco
Select one of your emails
You have multiple emails registered with Frontiers:
Notify me on publication
Please enter your email address:
If you already have an account, please login
You don't have a Frontiers account ? You can register here
With the rise of digital transformation, the concept of the smart city has emerged as a key pillar of modern urban development. However, as smart cities increasingly rely on the Internet of Things (IoT), cloud computing, and real-time data processing, they also face an expanded attack surface and growing cybersecurity threats. This paper presents a comprehensive threat modeling and risk assessment approach tailored to smart city environments. It begins by identifying the core components and data flows within a typical smart city architecture covering domains such as surveillance, transportation, and healthcare. A Data Flow Diagram (DFD) is constructed to visualize the interactions and pinpoint critical assets. The STRIDE methodology, supported by the Microsoft Threat Modeling (MTM) tool, is employed to systematically uncover threats including spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege. To enrich the analysis and align with realworld adversarial behavior, the MITRE ATT&CK framework is also utilized to map identified threats to known tactics and techniques. Each discovered threat is evaluated through a detailed risk assessment using the Common Vulnerability Scoring System (CVSS) and a 5 by 5 risk matrix, allowing a quantifiable estimation of impact and likelihood. The analysis revealed 21 threats across smart city domains, with spoofing, tampering, and denial of service being the most frequent. Five threats were rated as critical based on CVSS, particularly targeting cloud services and web applications. Furthermore, the paper introduces a dedicated case study involving the Internet of Vehicles (IoV), applying the Cyber Kill Chain model to demonstrate the progression of a cyber-attack targeting connected vehicle systems, with a focus on identifying less common yet critical ATT&CK techniques at each phase. The study concludes by proposing targeted mitigation strategies and architectural recommendations aimed at enhancing the cyber resilience of smart city infrastructures.
Keywords: threat modeling, STRIDE, MITRE ATT&CK, MTM, Risk Assessment, CVSS, Cyber Kill Chain Adversarial Tactics, techniques
Received: 14 Jun 2025; Accepted: 10 Jul 2025.
Copyright: © 2025 Ouaissa, Ouaissa, Nadifi, El Himer, Al Masmoudi and Kartit. This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) or licensor are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms.
* Correspondence: Mariya Ouaissa, Cadi Ayyad University, Marrakesh, Morocco
Disclaimer: All claims expressed in this article are solely those of the authors and do not necessarily represent those of their affiliated organizations, or those of the publisher, the editors and the reviewers. Any product that may be evaluated in this article or claim that may be made by its manufacturer is not guaranteed or endorsed by the publisher.