NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

The National Security Agency (NSA), CISA, and the Office of the Director of National Intelligence (ODNI), published Potential Threats to 5G Network Slicing. This guidance—created by the Enduring Security Framework (ESF), a public-private cross-sector working group led by the NSA and CISA—presents both the benefits and risks associated with 5G network slicing. It also provides mitigation strategies that address potential threats to 5G network slicing.

Building upon the work published in the Enduring Security Framework’s Potential Threat Vectors to 5G Infrastructure, the Enduring Security Framework1 (ESF) established a working panel comprised of government and industry experts and conducted an in-depth review of network slicing, a key component of 5G infrastructure. This working panel assessed the security, risks, benefits, design, deployment, operations, and maintenance of a network slice.

For this guidance, a network slice is defined as an end-to-end logical network that provides specific network capabilities and characteristics for a user.

As with any emerging technology, with increased benefits come increased risks. This guidance intends to introduce 5G stakeholders to the benefits associated with network slicing and introduce perceived risks and management strategies that may address those risks.

The guidance builds upon ESF’s Potential Threat Vectors to 5G Infrastructure, published in 2021.

Trends in maritime communications

An estimated 90 per cent of the goods traded around the world travel by sea. Vital commodity flows, as well as seafarer safety, hinge on ever more sophisticated maritime communication networks.

Much of the world’s commerce would simply not be possible without the plethora of technologies making up today’s maritime communications ecosystem. These include ship stations (meaning radiocommunication equipment on board commercial, passenger or patrol vessels, etc.); coast stations that support ships at sea; as well as radar services, automatic identification, and maritime distress systems.

Although the International Maritime Organization (IMO) develops regulations for shipping, ensuring safe maritime communication largely falls to the International Telecommunication Union (ITU).

ITU Recommendations, Reports, Regulations, and databases – along with giving seafarers vital information – help safeguard the frequency bands that vessels use to navigate safely, as explained by ITU’s German Medici.

Modernizing the GMDSS

Distress, safety, and emergency maritime communications are coordinated through the Global Maritime Distress and Safety System (GMDSS), which uses terrestrial communication and satellite systems (such as those operated by Inmarsat and Iridium) to connect ships and coast stations. Discussions currently underway at ITU aim to make the GMDSS more flexible in terms of maritime safety information distribution, which in turn should open the door to new technology applications in this area, said Medici.

The GMDSS continues to evolve to improve and enhance maritime communications and safety.  Satellite EPIRBs operating at 1.6 gigahertz (GHz) and using very high frequency (VHF) systems for DSC will no longer be part of the GMDSS. However, the IMO may soon allow an existing geostationary satellite system to become a new GMDSS satellite service provider, explained Medici.

Evolving e-navigation

In the future, seafarers will increasingly rely on communications services, such as e-navigation, which IMO defines as “the harmonized collection, integration, exchange, presentation and analysis of marine information on board and ashore by electronic means to enhance berth-to-berth navigation and related services for safety and security at sea and to protect the marine environment”. High-speed broadband connections will keep ships and shore facilities continuously updated and let mariners follow real-time data displays on the bridge.

Ships will increasingly use VHF data exchange systems that integrate data exchange, application-specific messaging, and automatic identification capabilities in the same VHF maritime band, Medici added.

Beacon detection and response

Cospas-Sarsat, a satellite-aided, treaty-based search and rescue initiative that has been operational since 1985, is now developing a second-generation beacon and medium-Earth orbit search and rescue system (MEOSAR), in which repeaters are placed on global navigation satellite system (GNSS) satellites.

The initiative brings together 45 nations and agencies to collaboratively detect and locate radio beacons activated by aircraft, vessels or people in distress.

This Cospas-Sarsat development will enable near-time global coverage of beacon localization and distress message transmission, said Medici. A new “return-link-service” (RLS) will give users a confirmation that their message was received.

Autonomous vessels on the waves

Maritime autonomous surface ships (MASS) are also on the horizon. These are ships that can operate independently (to varying degrees) of human interaction.

“In April 2022, IMO began work on the development of a regulatory framework for Maritime Autonomous Surface Ships,” Medici noted.  The work aims to integrate new and advancing technologies in its regulatory framework – balancing the benefits derived from new and advancing technologies against safety and security concerns, the impact on the environment and on international trade facilitation, the potential costs to the industry, and their impact on personnel, both on board and ashore.

For the moment, these “autonomous vessels” lack specified spectrum requirements.  But that may change as MASS communications requirements are identified.  “The development of MASS may be supported by future ITU studies, including potential determination of their spectrum needs, and the publication of associated ITU Recommendations and Reports,” Medici concluded.

[Source: ITU]

Political agreement on new rules to enhance the resilience of critical entities

As a key part of the EU's work to build a Security Union, the new rules will strengthen the resilience of critical infrastructure to a range of threats, including natural hazards, terrorist attacks, insider threats, or sabotage, as well as public health emergencies like the recent COVID-19 pandemic.

Against an ever more complex risk landscape, the new Directive replaces the European Critical Infrastructure Directive of 2008. A wider sectoral scope will allow Member States and critical entities to better address interdependencies and potential cascading effects of an incident. Eleven sectors will be covered: energy, transport, banking, financial market infrastructures, health, drinking water, wastewater, digital infrastructure, public administration, space, and food.

Vice-President for Promoting our European Way of Life, Margaritis Schinas, said: “It is essential to shield our economy and our society against physical threats that could disrupt services that are vital for people's daily lives and for the functioning of our internal market. With today's agreement, we are delivering on our commitment to enhance the resilience of critical infrastructure in the EU, complementing the recently strengthened cybersecurity legislation. Together, these new rules form a coherent and robust system to protect our infrastructure online and off”.

Commissioner for Home Affairs, Ylva Johansson, said: “In the light of the current geopolitical situation in Europe, enhancing our resilience is of key importance. The CER Directive will make us better prepared against disruptions that impact the security of our citizens and the prosperity of the internal market, following the lessons learnt from the pandemic and long-term challenges like climate change. The new Directive will ensure the provision of essential services such as energy, transport, water and healthcare while minimising the impact of natural and man-made incidents”.

The proposal introduces new rules to strengthen the resilience of critical entities:

- Member States will need to adopt a national strategy and carry out regular risk assessments to identify entities that are considered critical or vital for the society and the economy.
- Critical entities will need to carry out risk assessments of their own, take technical and organisational measures to enhance their resilience and notify incidents. They will also be able to request background checks on personnel holding sensitive roles.
- Critical entities in the EU, from the sectors covered, providing essential services in six Member States or more, will benefit from extra advice on how best to meet their obligations to assess risks and take resilience-enhancing measures.
- A Critical Entities Resilience Group will facilitate cooperation among Member States and the exchange of information and good practices.
- An enforcement mechanism will help ensure that the rules are followed: Member States will need to ensure that national authorities have the powers and means to conduct on-site inspections of critical entities. Member States will also introduce penalties in case of non-compliance.
- Member States will need to provide support to critical entities in enhancing their resilience with, for instance, guidance material. The Commission will provide complementary support to Member States and critical entities, by developing a Union-level overview of cross-border and cross-sectoral risks, best practices, methodologies, cross-border training activities and exercises to test the resilience of critical entities, among others.

Next steps

The political agreement reached by the European Parliament and the Council is now subject to formal approval by the co-legislators. Once published in the Official Journal, the Directive will enter into force 20 days after publication. Member States will then need to transpose the elements of the Directive into national law within 21 months.

Submarine telecom cables enhance climate monitoring and tsunami forecasts

Over 1.3 million kilometres of submarine telecommunications cables now span the world’s oceans. As the network grows and old cables are replaced, the next generation of cables could form a real‑time ocean observation network able to provide accurate early warnings of tsunamis and a wealth of valuable data for climate science.

A standard SMART cable, meaning a telecom cable upgraded for “Scientific Monitoring And Reliable Telecommunications”, will include climate and hazard‑monitoring sensors designed to co‑exist with telecom components and to last for the same 25‑year lifespan as any commercial cable.

Climate scientists hope for the resulting ocean‑observation network to grow sustainably alongside commercial network deployments. The SMART cable will combine scientific sensing and telecoms into the same,shared submarine cable, never compromising reliable telecoms.

Two new standards now under development at the International Telecommunication Union (ITU) will support this aim, providing for both SMART cables and cables dedicated exclusively to scientific sensing. This standards effort builds on minimum requirements established by the Joint Task Force on SMART Cable Systems, formed in 2012 with the support
of ITU, the UNESCO‑Intergovernmental Oceanographic Commission (UNESCO‑IOC) and the World Meteorological Organization (WMO).

“We aim to reach a point where cable system suppliers are offering all their customers the option of standardized SMART capability,” says task force chair Bruce M. Howe, a University of Hawaii research professor.

At Station ALOHA 100 kilometres north of Oahu, Howe installed and now operates a cabled scientific observatory at a depth of 4728 metres, making it the world’s deepest of its kind.

The Joint Task Force has helped develop the technical and financial feasibility of SMART cables. It now works closely with United Nations organizations, governments, and businesses intent on deploying SMART cables at scale.
A Portuguese first

Two years ago, Alcatel Submarine Networks became the first cable provider to commit to SMART, while Portugal’s telecom regulator ANACOM pledged to build SMART into the new CAM [Continent‑Azores‑Madeira] ring cable connecting the mainland to islands a thousand kilometres out in the Atlantic Ocean.

“SMART cables have been on our agenda since 2018, when planning the replacement of the ageing existing cables,” says João Cadete de Matos, Chair of ANACOM.

The submarine cable division of NEC Japan has installed more than 6000 kilometres of submarine cables dedicated to scientific sensing, which are now operated by Japan’s National Research Institute for Earth Science and Disaster Resilience. The first submarine cables for tsunami forecasts were deployed 12 years ago, and the network was expanded after the 2011 Great East Japan Earthquake — but without supporting commercial telecoms in parallel.

The Brazil‑Portugal trans‑Atlantic cable system, known as EllaLink, was the first to dedicate a fibre of a commercial telecoms cable to environmental sensing, between Madeira Island and the trunk cable. Portugal now plans to include full‑fledged SMART capability in the new CAM cable ring, with sensors embedded in the 50 or so repeaters distributed at 70‑kilometre intervals along the 3700‑kilometre system.

“We understood the significance of the opportunity. Three tectonic plates meet in this region, making it prone to earthquakes, and much international data traffic will run through the region,” says Matos.

This system could become the first step towards commercial telecom cables equipped with SMART capabilities.

“Portugal has been a huge voice of support. Some 15 to 20 per cent of international submarine cables will pass through Portuguese waters,” says Howe. “Portugal’s experience can catalyse the growth of a SMART cable community in Europe and globally.”

Added SMART capability will form around 10 per cent (EUR 12 million, or about USD 13 million) of the total cost to deploy the new government‑sponsored CAM cable. Expected to enter service in 2025, the cable will be constructed integrating sensors built by specialized companies.

Other SMART projects are in various stages of planning and development in Indonesia, the Vanuatu–New Caledonia island area, and even Antarctica.

The project between Vanuatu and New Caledonia — supported by the Joint Task Force with funding from the Gordon and Betty Moore Foundation — will establish cable linkage across a “young” subduction zone (just 50 million years of age), complete with a 6500‑metre‑deep trench where hundreds of earthquakes are known to happen each year, with associated tsunami risks.

“This project will be a major accomplishment for the Joint Task Force,” says Howe, “and important in forming the foundations of an enduring regional science and early‑warning ecosystem, bringing together scientific communities, providing training, and bringing more confidence to government and industry.”

Smarter sensors

SMART cables include tried‑and‑tested environmental and hazard‑monitoring sensors in cable repeaters, which house devices amplifying the optical communication signals at intervals along a submarine cable.

Three sensors measure ocean‑bottom temperature as an indicator for climate trends; pressure for sea‑level rise, ocean currents, and tsunamis; and seismic acceleration for earthquake detection and tsunami alerts. Sensors should be operational at all times, and all detected data will be transmitted to cable landing stations at the speed of light.

“The three sensors will give us essential ocean variables, and they are compact and robust, and relatively easy to integrate in cable repeaters,” says Howe.

And SMART monitoring will keep getting smarter, he adds.

“In 10 years, we could consider more elaborate sensing capabilities, such as salinity, to add to what temperature and pressure tell us about circulation; water chemistry to understand risks like ocean acidification; and ocean sound measurements for monitoring marine mammals and biodiversity.”

Undersea and under budget

For now, some 70 DART buoys — for Deep‑ocean Assessment and Reporting of Tsunamis — are the principal existing means of tsunami detection.

But 30 per cent of those are typically out of service at any time, says Howe. By contrast, probability studies suggest a failure rate of just 5 per cent for the new sensors over a cable’s 25‑year operational life.

A SMART cable spanning the Pacific region, where most of the US‑operated DART buoy network is located, could therefore come at a more attractive price as well as offer more valuable and reliable real‑time data with no maintenance.

The current DART buoy programme run by the US National Oceanic and Atmospheric Administration (NOAA) costs USD 27 million a year, while the international Argo programme, with 4000 expendable floats, costs around USD 32 million a year.

The US National Science Foundation’s Ocean Observation Initiative, using buoys, gliders, autonomous vehicles, and a cable system, has annual operating costs of about USD 44 million, on top of some USD 400 million it took to set up.

In contrast, the Joint Task Force calculates annual expenditures of just USD 40 million to sustain 2000 SMART cable repeaters in 30 systems around the world, assuming a very conservative 10‑year refresh cycle.

Find more resources and contact the ITU/WMO/UNESCO-IOC Joint Task Force on SMART Cable Systems.

[Source: ITU]

NSA Issues Recommendations to Protect VSAT Communications

The National Security Agency (NSA) updated its Cybersecurity Advisory (CSA) today for securing very small aperture terminal (VSAT) networks, “Protecting VSAT Communications.” The advisory aims to help organizations understand how communications may be at risk of compromise and how they can act to reduce risk.

The recent U.S. and European Union public statements noted the Russian military launched cyber attacks against commercial satellite communications to disrupt Ukrainian command and control in February 2022. This cyber activity against Ukraine further underscores the risk to VSAT communications for both espionage and disruption.

A number of U.S. government missions use VSAT networks for remote communications when other options are not feasible. However, VSAT communication links were not built with security in mind — often resulting in traffic being sent unencrypted.

NSA recommends government VSAT networks, such as those designated as National Security Systems (NSS) and ones used by Defense Industrial Base (DIB) organizations, enable all available transmission security protections on VSAT networks. NSA also recommends encrypting all communications prior to transmitting across VSAT links, keeping hardware and firmware updated, and changing any default credentials before use.

Tackling Security Challenges in 5G Networks

The EU Agency for Cybersecurity (ENISA) proposes good practices for the secure deployment of Network Function Virtualisation (NFV) in 5G networks.

Network Function Virtualisation is a new technology in 5G networks, which offers benefits for telecom operators in terms of flexibility, scalability, costs, and network management. However, this technology also introduces new security challenges.

The report released today supports national authorities with the implementation of the 5G toolbox, and in particular the recommendation for EU Member States to ensure that Mobile Network Operators follow security good practices for NFV. It explores the relevant challenges, vulnerabilities and attacks pertaining to NFV within the 5G network. It analyses the relevant security controls and recommends best practices to address these challenges and solutions, taking into account the particularities of this highly complex, heterogeneous and volatile environment.

How does it work?

Traditionally, mobile network functions have been implemented using dedicated hardware and networking equipment, built especially for telecom operators and their networks. Network Function Virtualisation is a new technology used in 5G networks to implement networking functions using software, therefore running virtually on top of standard server hardware or standard cloud platforms.

Applying network function virtualisation will therefore reduce the number of operations and maintenance costs.

60 security challenges were identified in the report and classified under 7 categories:

- Virtualisation or containerisation;
- Orchestration and management;
- Administration and access control;
- New and legacy technologies;
- Adoption of open source or COTS;
- Supply chain;
- Lawful interception (LI).

How do we address the security challenges

The report explores vulnerabilities, attack scenarios and their impact on the 5G NFV assets. The work includes a total of 55 best practices classified under Technical, Policy and Organisational categories.

Some of the key findings the report include:

- Resource virtualisation:
The virtualisation layer provides unified computing resources based on generalised hardware to the layers above and is the basis of all cloud-native and virtualised network functions and service software. If the virtualisation layer is breached, all network functions come under direct attack with disastrous consequences.

- Resource sharing:
A single physical server may run several different tenants' virtual resources (e.g. virtual machines (VMs) or containers), and a single tenant's virtual resource might be distributed across several physical servers. Multi-tenancy resource sharing and the breaking of physical boundaries introduce the risks of data leaks, data residue and attacks.

- Use of open source:
There will be increasing use of open-source software. This introduces a new set of security challenges in terms of keeping a consistent and coherent approach to security-by-design and prevention of deliberate security flaws.

- Multi-vendor environment:
In such environment, it remains difficult to coordinate security policies and determine responsibility for security problems and more effective network security monitoring capabilities are required.

NFV is an important technology in 5G and its security is critical for the overall security of the 5G networks, especially because 5G networks are underpinning critical infrastructures.

Asia-Pacific implements radiocommunication updates

Countries across Asia and the Pacific need fair, transparent, and predictable spectrum policies to accelerate equitable digital transformation across the region, according to radiocommunication experts convened by the International Telecommunication Union (ITU) over the last two weeks.

Regulators, industry experts and academics met to discuss future Asia-Pacific radio-frequency spectrum requirements following Radio Regulations updates.

"Radiocommunication services profoundly transform the way we work, travel, do business and access public services, including education and health," said ITU Secretary-General Houlin Zhao. “The Regional Radiocommunication Seminars provide an excellent opportunity for our members to learn the practical application of the ITU Radio Regulations, so that people everywhere can take advantage of the social and economic opportunities brought about by the rapid growth of digital platforms."

The regional seminar, convened entirely online, covered the regulatory framework for both terrestrial and space services and the procedures for filing and recording frequency assignments in the Master International Frequency Register (MIFR).

Masanori Kondo, Secretary-General of the Asia-Pacific Telecommunity, welcomed the discussions as “an opportunity for regulators to widen and deepen their knowledge and insight in the field of spectrum management." He emphasized the need for Asia-Pacific countries to develop fair, predictable, and transparent spectrum management policies and regulations to keep their diverse and geographically extensive telecommunication sector functioning effectively.

ITU support and guidance
Participants discussed the current regulatory framework for international frequency management, ITU Radiocommunication (ITU-R) Recommendations, and best practices for spectrum use by both terrestrial and space services.

“Despite the challenges brought about by the COVID-19 pandemic, we continue to deliver high quality capacity building opportunities to our members, supporting them with all the information and tools they need to analyse and implement the Radio Regulations and promote efficient spectrum management," said Mario Maniewicz, Director of the ITU Radiocommunication Bureau.

RRS-21 Asia-Pacific also included basic training to prepare for technical examinations and gain familiarity with ITU tools to produce frequency notices.

NSA and CISA provide cybersecurity guidance for 5G cloud infrastructures

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance to securely build and configure cloud infrastructures in support of 5G. Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement is the first of a four-part series created by the Enduring Security Framework (ESF), a cross-sector, public-private working group which provides cybersecurity guidance that addresses high priority cyber-based threats to the nation’s critical infrastructure.

“This series provides key cybersecurity guidance to configure 5G cloud infrastructure,” said Natalie Pittore, Chief of ESF in NSA’s Cybersecurity Collaboration Center. “Our team examined priority risks so that we could provide useful guidance, disseminated in an actionable way to help implementers protect their infrastructure.”

The series builds on the ESF Potential Threat Vectors to 5G Infrastructure analysis paper released in May 2021, which focused specifically on threats, vulnerabilities, and mitigations that apply to the deployment of 5G infrastructures. Based on preliminary analysis and threat assessment, the top 5G cloud infrastructure security challenges were identified by ESF and a four-part series of instructional documents covering those challenges will be released over the next few weeks. Topics include securely isolating network resources; protecting data in transit, in use, and at rest; and ensuring integrity of the network infrastructure.

Part I focuses on detecting malicious cyber actor activity in 5G clouds to prevent the malicious cyberattack of a single cloud resource from compromising the entire network. The guidance provides recommendations for mitigating lateral movement attempts by malicious cyber actors who have successfully exploited a vulnerability to gain initial access into a 5G cloud system.
“This series exemplifies the national security benefits resulting from the joint efforts of ESF experts from CISA, NSA, and industry,” said Rob Joyce, NSA Cybersecurity Director. “Service providers and system integrators that build and configure 5G cloud infrastructures who apply this guidance will do their part to improve cybersecurity for our nation.”

“Strong and vibrant partnerships are critical to the overall effort to reduce cyber risk. Along with our public and private partners in the ESF, CISA is proud to partner with NSA to present the Security Guidance series for 5G Infrastructure,” said Alaina Clark, Assistant Director for Stakeholder Engagement. “Protecting 5G cloud infrastructure is a shared responsibility and we encourage 5G providers, operators and customers to review the new guidance.”

5G cloud providers, integrators, and network operators share the responsibility to detect and mitigate lateral movement attempts within their 5G cloud infrastructure. This document provides best practices to secure the 5G cloud from specific cyber threats of lateral movement that could compromise a network.

Broadband Commission calls for people-centred solutions to achieve universal connectivity

More than a year and a half into the COVID-19 pandemic, amid relentless global demand for broadband services, the Broadband Commission for Sustainable Development has reaffirmed its call for digital cooperation, innovation with information and communication technologies (ICTs), and collaborative approaches to secure universal connectivity and access to digital skills.

The Commission's State of Broadband Report 2021​, released during the meeting, outlines the impact of pandemic policies and calls for a concerted, people-centred push to close the world's persistent divide. In the world's least developed countries (LDCs), no more than a quarter of the population is online.

"Digital cooperation needs to go beyond access to broadband," said H.E. President Paul Kagame of Rwanda, Co-Chair of the Commission. “We also need to close the gap in the adoption and use of affordable devices and services, in accessible content, and in digital literacy."

More than 50 Commissioners and special guests, representing government leaders, heads of international organizations and private sector companies, civil society and academia, affirmed that people-centred solutions must be at the heart of building a sustainable path towards universal broadband.

Commission co-Chair Carlos Slim, Founder of Carlos Slim Foundation and Grupo Carso, added: “To achieve our universal connectivity goal, we need to work together. We need to build a digital future that is inclusive, affordable, safe, sustainable, meaningful and people centred. We need to support infrastructure and to deal with affordability and relevant content to ensure usage. For that to happen, it requires concerted efforts."

Connectivity for sustainable development
The Annual Fall Meeting, held in a virtual format, underscored the need to accelerate digital connectivity to fulfil the United Nations Agenda for 2030, centred on 17 Sustainable Development Goals.

“The absence of digital skills remains the largest barrier to Internet use," noted Audrey Azoulay, Director-General of the United Nations Educational, Scientific and Cultural Organization (UNESCO) and co-Vice Chair of the Commission. “Digital education must therefore be as much about gaining skills as about developing the ability to think critically in order to master the technical aspects and be able to distinguish between truth and falsehood."

“UNESCO's Media and Information Literacy curriculum, launched in Belgrade, Serbia, in April, provided a key tool to boost skills," she added.

A newly released Commission report on distance and hybrid learning cites the need to foster digital skills along with expanding broadband infrastructure.

[Source: ITU]

Digital is the future of urban energy

Cities already account for two-thirds of energy consumption and produce more than 70 per cent of carbon emissions globally every year.

With more than half of all people in the world living in cities, smart urban energy systems are needed to bring climate-damaging emissions down to net-zero in the next few decades.

Digital solutions can help cities reduce emissions and make the transition to clean energy systems, according to the latest report from the International Energy Agency (IEA).

By 2050, when almost 70 per cent of the world’s population will be city dwellers, energy will be in even higher demand.

To provide it sustainably, cities will need smart grids and innovative storage that integrate renewable power generation, electrified transport, and efficient heating and cooling, along with climate-safe bioenergy and waste-to-energy solutions.

Bringing all these together will depend on top-to-bottom digitalization of urban energy systems and related services. The IEA report, 'Empowering Cities for a Net Zero Future', based on consultations with over 125 experts, advises pioneering cities on how to ensure a sustainable energy future based on digital technologies.
Building smart grids

Flexible energy systems enable agile responses to real-time situations, balancing demand and supply throughout the day. Smart grids with real-time monitoring and predictive analytics can offer reduced peak loads, better integrate renewables at lower costs and minimize pressure on aging grid infrastructure.

Smart grids will be crucial to address global warming by reducing carbon-dioxide (CO2) emissions. Direct access to data, meanwhile, empowers consumers to manage their energy consumption and costs.

In the United Arab Emirates, the Dubai Electricity and Water Authority (DEWA) says it has installed a local smart grid that enables "automated decision-making and interoperability across the entire electricity and water network."

By 2050, digitalization and smart controls can reduce CO2 emissions from buildings by 350 million tonnes, the IEA estimates.

Heating, air conditioning, motion sensors, ventilation and other data can encourage more efficient energy use. For instance, appliances can be operated when solar and wind power are active.

Electric vehicles (EVs) can be charged overnight, when electricity demand is lower, or when solar photovoltaic (PV) production exceeds other demand. Crucially, plugged-in EVs can also add energy storage capacity to the whole system.
Connected mobility

Electrification of transport and widespread EV use will help to scale up renewable energy sources through smart charging and vehicle-to-grid (V2G) systems that adapt charging rates to power availability and sometimes even return power to the grid.

People who hesitate to adopt EVs could be reassured by real-time data on costs and the availability of charging points.

Smart mobility applications can help residents pick modes of transport, including public transit and shared schemes, with more awareness about lowering emissions.

In Lathi, Finland, a mobile app shows the different transport options available and their respective carbon emissions. Virtual credits awarded for a low footprint can then be used to purchase city services and products.
Standards for climate-safe cities

Harmonized international standards can enable the interoperability of smart energy solutions as well as ensure data privacy, grid stability and cybersecurity, the IEA report affirms.

The International Telecommunication Union (ITU), the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) already work together closely on standards development through their joint smart city task force.

Innovators aiming for system-level harmonization can look to smart city standards like ITU Y.4459, “Digital entity architecture framework for Internet of Things interoperability”, developed by ITU-T Study Group 20 (Internet of Things and smart cities and communities).

Key Performance Indicators for Smart Sustainable Cities – prepared by the United for Smart Sustainable Cities Initiative based on an ITU standard aligned with UN Sustainable Development Goals (ITU Y.4903/L.1603) – have set a benchmark for best practices and provide a practical framework to assess each city’s progress towards net-zero emissions and digital transformation.

A key standard developed by ITU-T Study Group 5 (Environment, climate change and circular economy) and released last year (ITU L.1470) details the emission-reduction trajectories needed to cut greenhouse gas emissions in the information and communication technology (ICT) sector by 45 per cent between 2020 and 2030.

This is the rate required to meet a key climate goal – limiting global warming to 1.5 degrees Celsius during this century, compared to pre-industrial levels, in line with the Paris Agreement and the United Nations Framework Convention on Climate Change (UNFCCC).

[Source: ITU]
1 2