AUTHOR=Ouaissa Mariya , Ouaissa Mariyam , Nadifi Zineb , El Himer Sarah , Al Masmoudi Yassine , Kartit Ali 

TITLE=A framework for cyber threat modeling and risk assessment in smart city environments

JOURNAL=Frontiers in Computer Science

VOLUME=Volume 7 - 2025

YEAR=2025

URL=https://www.frontiersin.org/journals/computer-science/articles/10.3389/fcomp.2025.1647179

DOI=10.3389/fcomp.2025.1647179

ISSN=2624-9898

ABSTRACT=IntroductionWith the rise of digital transformation, the concept of the smart city has emerged as a key pillar of modern urban development. However, as smart cities increasingly rely on the Internet of Things (IoT), cloud computing, and real-time data processing, they also face an expanded attack surface and growing cybersecurity threats.MethodsThis paper presents a comprehensive threat modeling and risk assessment approach tailored to smart city environments. It begins by identifying the core components and data flows within a typical smart city architecture covering domains such as surveillance, transportation, and healthcare. A Data Flow Diagram (DFD) is constructed to visualize the interactions and pinpoint critical assets. The STRIDE methodology, supported by the Microsoft Threat Modeling (MTM) tool, is employed to systematically uncover threats including spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege. To enrich the analysis and align with real-world adversarial behavior, the MITRE ATT&CK framework is also utilized to map identified threats to known tactics and techniques. Each discovered threat is evaluated through a detailed risk assessment using the Common Vulnerability Scoring System (CVSS) and a 5 by 5 risk matrix, allowing a quantifiable estimation of impact and likelihood.ResultsThe analysis revealed 21 threats across smart city domains, with spoofing, tampering, and denial of service being the most frequent. Five threats were rated as critical based on CVSS, particularly targeting cloud services and web applications.DiscussionFurthermore, the paper introduces a dedicated case study involving the Internet of Vehicles (IoV), applying the Cyber Kill Chain model to demonstrate the progression of a cyber-attack targeting connected vehicle systems, with a focus on identifying less common yet critical ATT&CK techniques at each phase. The study concludes by proposing targeted mitigation strategies and architectural recommendations aimed at enhancing the cyber resilience of smart city infrastructures.