Design, Analysis, and Evaluation of Highly Secure Smart City Infrastructures and Services

Abstract

Critical infrastructure systems, such as energy networks, water treatment facilities, and 5G telecommunications, form the backbone of national security and public welfare. However, many of these systems rely on outdated technologies, rendering them increasingly vulnerable to evolving cyber threats. As these infrastructures become increasingly digitized under Industry 4.0, integrating cloud computing, Artificial Intelligence (AI), and the Industrial Internet of Things (IIoT), they simultaneously introduce a broader attack surface susceptible to threats such as sensor spoofing, Denial-of-Service (DoS), and man-in-the-middle attacks. Realistic, scalable, and interoperable testbeds are essential to evaluate cybersecurity risks and mitigation strategies in such interconnected environments. Existing isolated testbeds are limited in their ability to replicate cross-domain dependencies and security vulnerabilities inherent in modern smart cities. To address this gap, this dissertation introduced the Federated Cybersecurity Testbeds as a Service (FCTaaS) framework, an innovative approach that federates geographically and logically distributed testbeds to enable more robust and integrated cybersecurity experimentation. FCTaaS offers remote access to specialized hardware and software resources, streamlining testbed discovery, orchestration, and resource management. This enables researchers and educators to conduct complex cybersecurity experiments without the overhead of local setup or infrastructure ownership. The research specifically focuses on developing two cyber-physical testbeds: the Water Treatment Facility Testbed (WTFT) and the 5G Telecommunication Testbed (5GTT). These testbeds closely mirror real-world operations, offering a rich experimental environment for vulnerability analysis and defense validation. A core contribution of this work is the design of a cyber-resilient architecture that leverages Edge AI and Anomaly Behavior Analysis to enable real-time threat detection and mitigation. An autoencoder-based machine learning model was designed and implemented for anomaly detection in the water treatment facility. Deployed on edge hardware, the system achieved 98.3\% detection accuracy with an average inference latency of 19.6 ms. Additionally, resilience evaluation revealed that the proposed mitigation strategy improved system resilience by an average of 25.7 points, demonstrating the importance of lightweight, low-latency AI-based solutions in protecting mission-critical infrastructure. Building on this, a comprehensive 5G testbed was developed for both research and education. It integrates open-source 5G software with physical radio hardware to emulate real-world 5G environments. Through experiments simulating DoS attacks and database exploits, the study revealed vulnerabilities in core network functions, notably the AMF and MySQL database services, which can compromise both network availability and data integrity. A second autoencoder-based anomaly detection model was developed and evaluated to counter these threats. The model achieved 98.9\% detection accuracy across multiple network attack scenarios, validating its effectiveness in securing 5G systems. Beyond the design of testbeds and detection systems, the FCTaaS framework addresses three fundamental aspects of cyber-physical system resilience: interoperability, scalability, and interdependency. The interoperability use case demonstrated seamless integration between the 5G network and water treatment monitoring systems, enabling real-time data collection and supervisory control. The scalability study revealed system limitations when handling more than 300 concurrent remote nodes, identifying critical thresholds for infrastructure performance. Lastly, the interdependency analysis highlighted the cascading effects of cyberattacks, showing that a targeted DoS attack on the 5G UPF could entirely disrupt water treatment communication systems, emphasizing the systemic risk posed by interconnected infrastructure. In conclusion, this dissertation offers a unified, scalable, and practical solution for advancing cybersecurity research through federated testbeds. The FCTaaS framework significantly contributes to the field by enabling realistic experimentation across interconnected systems, facilitating the development of AI-driven security mechanisms, and promoting hands-on education. Its impact lies in bridging the gap between isolated testbed environments and the complex, integrated ecosystems found in modern smart cities and paving the way for resilient, secure, and adaptive cyber-physical infrastructure.