March 13, 2025 by Singapore University of Technology and Design
Collected at: https://techxplore.com/news/2025-03-ontology-smart-city-infrastructure-threats.html
With technological advancements and a growing awareness about the United Nations (UN) Sustainable Development Goals (SDGs), interconnected systems within cities that capture real-time data indicators reflecting chosen SDGs are a way forward. Known as smart city infrastructure (SCI), these systems are vital to nations in assessing their alignment with the UN SDGs. As the role of smart city infrastructure becomes apparent, it inevitably becomes a prime target for adversaries and cyber criminals.
“Digital forensic investigators have had the short end of the stick for far too long. They often contend with tight timelines and vast amounts of data during investigations. Moreover, if collaboration is required on uncommon platforms such as SCI, investigators must establish a common term of reference for investigation. They also need to identify threats, corresponding digital evidence sources and crimes committed. Such activities can take considerable amounts of time and effort,” explained Dr. Tok Yee Ching, a Research Fellow from the Automated Systems SEcuriTy (ASSET) Research Group at the Singapore University of Technology and Design (SUTD).
To assist digital forensic investigators and law enforcement agencies conducting investigations on SCI in the future, Dr. Tok, together with Singapore Institute of Technology student Davis Yang Zheng and SUTD Associate Professor Sudipta Chattopadhyay, developed an ontology [Smart City Ontological Paradigm Expression (SCOPE)] for SCI threats, cybercrime and digital investigation. His paper, titled “A Smart City Infrastructure ontology for threats, cybercrime and digital forensic investigation” was published in Forensic Science International: Digital Investigation.
Ontologies are representations, definitions and relations of concepts and data within a specific domain. By using ontologies, complex domains can be understood more easily via consistent and structured representation of knowledge. SCOPE was envisioned to be an attractive aid for digital forensic investigators and adheres to international standardization standards. SCOPE also have a technology-agnostic approach to account for the diverse range of smart city infrastructure in various sectors such as energy, home, oil & gas etc.
While conducting the research, the ASSET group analyzed the current ontologies such as Unified Cyber Ontology (UCO) and Cyber-investigation Analysis Standard Expression (CASE). After careful consideration and thorough research, the group concluded that such current ontologies lack SCI representation, and extending them on an ad hoc basis is inefficient and ineffective for investigators. This led to the design and development of SCOPE.
Building on the prior work from ASSET group, which also involved Dr. Tok as the key contributor, the ASSET group researchers and their SIT collaborator embedded their earlier work on SCI threats, cybercrime, and evidence sources into SCOPE. Other critical information, such as attack techniques and pattern classifications from MITRE, was also accounted for. With SCOPE, users can adopt it for a wide range of use cases, such as SCI cybercrime incidents, evidence sharing, or even adversary emulation.
While the design of SCOPE was challenging, its suitability for a real-life cybercrime scenario needed to be investigated thoroughly. To this end, Dr. Tok and his colleagues evaluated the usability of SCOPE via a few carefully crafted scenarios based on real-world activity by Advanced Persistent Threats (APTs). The evaluation consisted of i) ontological representation of the scenario, ii) investigation and the Tactics, Techniques and Procedures (TTPs) used by the APT and iii) containment and recovery using identified Indicators of Compromise (IoCs). In a nutshell, this evaluation was necessary to understand how the end users of SCOPE will apply SCOPE for realistic scenarios and accomplish the crucial tasks should a cybercrime takes place in SCI.
The evaluation results showed that, through the usage of SCOPE, investigators could add more granular details during their investigation, such as affected areas of malicious software infection and damage. The additional context allowed increased efficiency and rapid remediation. Investigators also benefit from easily accessible complex technical details such as threat type and affected systems.
ASSET research group has made SCOPE publicly available for the digital forensic community to use and assist in future SCI investigations. In the future, the ASSET research group will add further tooling support to use the SCOPE ontology and will conduct a user study with digital forensic professionals from the public and private sectors. This will determine how SCOPE could be further improved for industry usage. The group also hopes future researchers could explore integrating SCOPE into digital forensics tools to empower digital forensic investigators in their future workflows.
More information: Yee Ching Tok et al, A Smart City Infrastructure ontology for threats, cybercrime, and digital forensic investigation, Forensic Science International: Digital Investigation (2025). DOI: 10.1016/j.fsidi.2025.301883
Most of what you articulate happens to be astonishingly precise and it makes me ponder the reason why I had not looked at this with this light before. This piece really did turn the light on for me as far as this subject goes. Nevertheless there is just one point I am not necessarily too comfy with so while I make an effort to reconcile that with the main theme of the point, permit me see just what all the rest of the readers have to point out.Very well done.
It is perfect time to make a few plans for the long run and it is time to be happy. I have learn this post and if I could I desire to counsel you some fascinating issues or advice. Perhaps you could write subsequent articles relating to this article. I want to learn more things about it!
Great blog! Do you have any hints for aspiring writers? I’m planning to start my own site soon but I’m a little lost on everything. Would you propose starting with a free platform like WordPress or go for a paid option? There are so many options out there that I’m totally confused .. Any tips? Thank you!
Thank you for sharing excellent informations. Your website is very cool. I’m impressed by the details that you have on this website. It reveals how nicely you understand this subject. Bookmarked this web page, will come back for more articles. You, my pal, ROCK! I found just the information I already searched everywhere and simply could not come across. What a great web site.
Leave a Reply