Viable Cities Logo

Threat modelling and attack simulation

of viable cities

Increased digitization makes cities increasingly vulnerable to cyber attacks, where computers are compromised by malicious actors in order to cause damage and disruption. The higher the degree of digitization, the more devastating the potential attacks. In order to mitigate cyber threats, vulnerabilities first need to be identified. This is generally very difficult, because it requires (i) a detailed understanding of the city-wide system architecture, and (ii) significant security expertise. 

The task can be significantly facilitated by dedicated engineering tool support in the form of threat modeling and attack simulation. Threat modeling supports requirement no 1 by documenting the design of the system architecture. Attack simulation supports requirement no 2 by automating the identification of vulnerabilities. The main goal is to do a feasibility study for a threat modeling and attack simulation approach specifically designed for large scaled complex system-of-systems.

This project has received further funding in the new project ' Threat Modeling and Attack Simulation'.


  • Project leader: Robert Lagerström, KTH Royal Institute of Technology.
  • Partners: KTH Royal Institute of Technology, Foreseeti, Lund Municipality, Umeå University IT
  • Total budget: SEK 810 000
  • Grant requested: SEK 405 000
  • Start date: 2018-06-01
  • End date: 2018-12-31
  • Type of action: feasibility study
  • Keywords: cyber security, threat modeling, attack simulation, risk management, vulnerabilities, security operation center, internet of things

More about the initiative


Article in Energy World, September 20, 2018 The company that finds security holes in energy systems