Description of PAS 185:2017 2018

This PAS specifies requirements for establishing a framework for the security-minded management of the city, including its associated assets, including data and information, and services.

It outlines methods for identifying security threats to a smart city, including those that might also affect the people who live, work in, trade from, or visit it. It also sets out parameters for mitigating other adversities on security systems.

It covers the use of trustworthiness and security controls applicable to the smart city framework (SCF) (see PAS 181), smart city concept model (SCCM) (see ISO 30182) and data framework used for sharing data and information services (see PAS 183).

The security-minded approach specified in this PAS covers all aspects of security relating to smart cities, including:

• governance;

• personnel;

• citizens;

• organizations;

• process; and

• physical security.

The approach also covers aspects of the environment of the smart city, including:

• scale;

• organizational complexity;

• complex service delivery and ownership of smart city infrastructure;

• response to incidents, events, and changing risk levels; and

• extent of autonomy.

This PAS covers technological aspects relating to the secure delivery of services, including:

• safety;

• authenticity;

• availability (including reliability);

• confidentiality;

• integrity;

• possession;

• resilience; and

• utility.

NOTE Definitions of these terms are given in Clause 3.

The framework specified in this PAS enables the development of an overall security strategy for the handling, management and sharing of data and information that can be used to inform and guide the development and delivery of smart city projects and subsequent operation, delivery, evolution and disposal of assets and services.

This framework can be used to create and cultivate an appropriate, risk-based safety and security mindset and culture across the many organizations, services and individuals which use shared, disclosed and derived data, and includes the need to monitor and audit compliance.

This PAS is for use by decision-makers in smart cities from the public, private and third sectors and smart city data officers. It might also be of relevance to those who are interested in utilizing data and information to effectively deliver smart city objectives.

NOTE PAS 185 is consistent with the approach set out in PAS 1192‑5 regarding the security-minded management of building information modelling, digital built environments and smart asset management. This consistency is important as it allows appropriate, sharing or disclosure of geospatial, dynamic and asset information in support of service planning, development and delivery in smart cities.

About BSI

BSI Group, also known as the British Standards Institution is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies certification and standards-related services to businesses.