| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to vulnerabilities in smart city sensor hubs has happened again at Echelon, one of the companies involved. Researchers found a total of 17 new vulnerabilities in products from Echelon, including eight critical flaws. Echelon confirmed the vulnerability, developed mitigation solutions, and collaborated with IBM to resolve the issues [74304].
(b) The software failure incident related to vulnerabilities in smart city sensor hubs has also happened at other organizations. Researchers found vulnerabilities in products from three companies: Libelium, Echelon, and Battelle. These vulnerabilities included basic flaws like guessable default passwords, bugs allowing injection of malicious software commands, and authentication bypasses. The three companies have made patches available for all 17 bugs [74304]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase is evident in the vulnerabilities found in sensor hubs used in smart city schemes. Researchers from IBM Security and Threatcare discovered 17 new vulnerabilities in products from three companies - Libelium, Echelon, and Battelle - including critical flaws like guessable default passwords, bugs allowing injection of malicious software commands, and authentication bypasses [74304].
(b) The software failure incident related to the operation phase is highlighted by the fact that many smart city schemes connect sensors or relay data to the cloud using the open internet, potentially exposing devices publicly. Simple checks on IoT crawlers like Shodan and Censys revealed thousands of vulnerable smart city products deployed in the wild, indicating operational vulnerabilities due to the way these systems are set up and managed [74304]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident discussed in the article is primarily within the system. The vulnerabilities and flaws identified in the smart city sensor hubs from companies like Libelium, Echelon, and Battelle were due to issues such as guessable default passwords, bugs allowing injection of malicious commands, and authentication bypasses [74304]. These vulnerabilities were inherent to the design and implementation of the systems themselves, making them vulnerable to exploitation from within the system.
(b) outside_system: The software failure incident also involves factors originating from outside the system. The use of open internet connections for smart city devices and sensors, instead of internal networks, exposed these devices publicly and made them susceptible to attacks from external sources [74304]. Additionally, the article mentions the presence of exploits for the identified flaws on hacker forums, indicating that external threat actors could potentially exploit these vulnerabilities [74304]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in the articles is primarily related to non-human actions, specifically vulnerabilities in sensor hubs used in smart city schemes. Researchers from IBM Security and Threatcare found 17 new vulnerabilities in products from three companies that sell systems to underpin smart city schemes, including guessable default passwords, bugs allowing injection of malicious software commands, and authentication bypass flaws. These vulnerabilities could potentially be exploited to manipulate data passing through the sensor hubs, leading to risks in public safety and management of industrial control systems [74304]. Additionally, the smart city hubs analyzed by the researchers do not have automatic update capabilities, which means entities using these products need to proactively apply patches to prevent vulnerabilities, highlighting a non-human factor contributing to the software failure incident [74304].
(b) While the software failure incident is primarily attributed to non-human actions, there is also a human element involved in the incident. The vulnerabilities found in the smart city sensor hubs were identified by researchers from IBM X-Force Red and Threatcare, who conducted the analysis in response to incidents like the accidental missile alert in Hawaii and the hack that set off tornado sirens in Dallas. The researchers emphasized the importance of raising awareness about these vulnerabilities to ensure that municipalities prioritize patching, as organizations often fail to do so. They also noted that someone posted an exploit for one of the flaws on a hacker forum in August 2015, indicating potential human actions contributing to the exploitation of software vulnerabilities [74304]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident reported in the articles is primarily related to hardware vulnerabilities in smart city sensor hubs. Researchers from IBM Security and Threatcare found 17 new vulnerabilities in products from companies like Libelium, Echelon, and Battelle, including critical flaws. These vulnerabilities included issues like guessable default passwords, bugs allowing injection of malicious software commands, and authentication bypasses [74304].
(b) The software failure incident also involves software vulnerabilities in the smart city sensor hubs. The vulnerabilities discovered by the researchers included flaws that could allow an attacker to inject malicious software commands and bypass authentication checks. The companies involved have released patches to address the software vulnerabilities identified [74304]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident discussed in the articles is malicious in nature. Researchers from IBM Security and data security firm Threatcare discovered 17 new vulnerabilities in products from three companies that sell systems for smart city schemes. These vulnerabilities included critical flaws such as guessable default passwords, bugs allowing injection of malicious software commands, and authentication bypasses. The vulnerabilities could potentially be exploited by attackers to manipulate information, compromise public safety systems, and cause damage to life and livelihood [74304]. Additionally, the articles mention that someone posted an exploit for one of the flaws on a hacker forum in August 2015, indicating that malicious actors may have already been aware of and potentially exploiting these vulnerabilities [74304].
(b) The software failure incident is non-malicious in the sense that the vulnerabilities were not intentionally introduced to harm the system. The companies involved, such as Echelon, Battelle, and Libelium, collaborated with IBM to resolve the issues and released patches for all 17 bugs. Echelon confirmed the vulnerabilities, developed mitigation solutions, and notified customers and relevant authorities. Battelle appreciated IBM's feedback and assistance in improving the security of their open source smart city hub collaboration. Libelium promptly addressed the web vulnerabilities found in their Meshlium Manager System upon being informed by IBM, releasing a new software version to fix the detected flaws [74304]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The intent of the software failure incident related to poor decisions can be seen in the article where it mentions that vulnerabilities were found in smart city sensor hubs from three companies - Libelium, Echelon, and Battelle. These vulnerabilities included basic issues like guessable default passwords, bugs allowing injection of malicious commands, and bypassing authentication checks. Additionally, many smart city schemes were found to use the open internet instead of internal networks, potentially exposing devices publicly. The lack of proper security measures and the decision to use vulnerable devices in critical infrastructure like public safety and industrial control systems highlight poor decisions that can lead to significant consequences [74304].
(b) The intent of the software failure incident related to accidental decisions is evident in the accidental missile alert in Hawaii and the hack that set off Dallas's tornado sirens. These incidents, along with others, prompted researchers to investigate vulnerabilities in smart city systems. The accidental nature of these incidents and the subsequent investigation by IBM X-Force Red and Threatcare indicate that the failures were not intentional but rather a result of unintended consequences or mistakes [74304]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident in the articles can be attributed to development incompetence. Researchers from IBM Security and data security firm Threatcare found a total of 17 new vulnerabilities in products from three companies that sell systems for smart city schemes. These vulnerabilities included basic issues like guessable default passwords, bugs allowing injection of malicious software commands, and flaws enabling attackers to bypass authentication checks [74304].
(b) The software failure incident can also be categorized as accidental. For example, an accidental missile alert in Hawaii and a hack setting off tornado sirens in Dallas were mentioned as incidents that inspired the researchers to investigate vulnerabilities in smart city systems. The vulnerabilities found in the smart city hubs were not intentionally created but were present due to lack of proper security measures and privacy controls, potentially leading to serious consequences if exploited by motivated attackers [74304]. |
| Duration |
temporary |
The software failure incident discussed in the articles is more aligned with a temporary failure rather than a permanent one. This is evident from the fact that vulnerabilities were identified in products from three companies, including critical flaws, and patches were made available for all 17 bugs [74304]. The incident involved specific vulnerabilities that were introduced by certain circumstances (such as guessable default passwords, bugs allowing injection of malicious commands, and authentication bypass) and were addressed through patches, indicating a temporary nature of the failure. |
| Behaviour |
omission, value, other |
(a) crash: The software failure incident mentioned in the articles did not specifically describe a crash where the system loses state and does not perform any of its intended functions.
(b) omission: The incident involved vulnerabilities in smart city sensor hubs that could allow attackers to manipulate information being passed around, potentially causing damage to life and livelihood if the systems fail to perform their intended functions [74304].
(c) timing: The articles did not mention any failure related to timing, where the system performs its intended functions but at incorrect times.
(d) value: The vulnerabilities found in the smart city sensor hubs could lead to the system performing its intended functions incorrectly, such as allowing attackers to inject malicious software commands or sidestep authentication checks [74304].
(e) byzantine: The software failure incident described in the articles did not exhibit a byzantine behavior where the system behaves erroneously with inconsistent responses and interactions.
(f) other: The other behavior observed in the incident was the potential exposure of smart city products to the public internet, leaving devices vulnerable to exploitation by anyone who finds them [74304]. |