Introduction
The vision of smart cities rests on their capacity to connect services, infrastructures, and citizens into an intelligent urban ecosystem. Urban environments increasingly rely on interconnected edge devices and digital infrastructures, transforming cities into highly complex digital organisms.
However, this transformation comes with profound security implications. A single vulnerability in a network of traffic lights or emergency communication systems can cascade across the city’s entire digital ecosystem, disrupting public services, compromising citizen safety, and eroding trust in public institutions. As the number of devices grows exponentially, so too does the attack surface, making it increasingly difficult to maintain a secure and verifiable operational environment. To defend such systems effectively, cities require a cybersecurity model that goes beyond traditional perimeter-based defenses. This model must ensure continuous trust, verify the integrity of systems in real time, and securely update and manage devices throughout their lifecycle.
This is precisely where the REWIRE Integrated Framework comes in, delivering a verifiable trust architecture designed to protect embedded systems end-to-end. It combines design-time assurance with runtime attestation, enabling cities to build and maintain trusted digital infrastructures. In this first use case, REWIRE was deployed to secure smart city infrastructures, focusing on public safety scenarios.
Use Case Description
At the core of the REWIRE framework is the TCB. This component functions as the anchor for verifiable trust, enabling continuous security monitoring and enforcement across devices and services. The TCB integrates several essential functionalities: Configuration Integrity Verification (CIV) ensures that devices remain in a known, trusted state; the Secure Software Update mechanism allows controlled and authenticated updates; ZTO automates the secure enrollment of new devices; and the KMS provides harmonized cryptographic control. Additional components such as the Tracer and the Process State Verification layer make it possible to collect and verify runtime evidence about the system’s operational state.
In the smart cities use case, REWIRE’s architecture was deployed in a Hardware-in-the-Loop environment using StarFive VisionFive 2 RISC-V boards. This setup replicated a real-world urban scenario involving multiple interconnected edge devices, such as emergency response units and environmental monitoring nodes, all communicating with a central controller. The goal was to secure software updates and maintain the integrity and trustworthiness of each device in the network.
Moreover, one of the central challenges of managing large urban networks is the efficient and secure distribution of software updates. Traditional one-to-one update models are too slow and cumbersome for critical infrastructures, where hundreds or thousands of devices must be updated quickly and reliably. REWIRE addresses this with a One-to-Many Software Update pipeline, which allows a single update operation to reach many devices simultaneously. In practice, the update originates from a central authority and is secured using Lightweight Block Cipher (LRBC) encryption and mirrored cryptographic keys. Each device validates the integrity of the software using attestation mechanisms embedded in the TCB. The update status and trust evidence are recorded on REWIRE’s blockchain infrastructure, ensuring full accountability and immutability of update records. If a device fails attestation, automated alerting and containment mechanisms are triggered through the Facility Layer and the AI-based Misbehaviour Detection Engine (AIMDE). This model ensures that the entire urban network can be updated without service interruption, while every device maintains verifiable trustworthiness.
As far as the metrics are concerned, the evaluation of REWIRE in smart city scenarios was based on a combination of quantitative and qualitative indicators. On the quantitative side, software update latency decreased dramatically compared to conventional sequential processes, demonstrating that REWIRE’s one-to-many mechanism allows hundreds of devices to receive secure patches in minimal time. Attestation checks were performed in well under 200ms per device, with no downtime recorded during update operations and no failures during tampering simulations. The qualitative assessment focused on operational benefits. Operators observed a significant increase in transparency, as the trust status of devices could be monitored in real time. The automated onboarding of new devices minimized human intervention and reduced configuration errors. The integrated security mechanisms improved resilience against supply chain manipulation and software tampering, providing a more robust and manageable trust infrastructure.
Conclusions
As cities evolve into complex, digitally connected organisms, trust becomes the foundation upon which all innovation rests. REWIRE’s Trusted Computing Base, attestation mechanisms, and secure update capabilities give cities the means to protect their infrastructures while continuing to innovate. By making trust measurable and enforceable, REWIRE helps cities create digital environments that are not only smart but also safe, resilient, and future-proof. The smart city pilot demonstrated that REWIRE’s architecture can secure urban infrastructures at scale. By enabling efficient software updates, continuous attestation, and automated trust management, it reduces operational costs and strengthens resilience against cyber incidents. The framework’s transparency and auditability also align well with emerging EU cybersecurity regulations, providing a strategic advantage for cities aiming to modernize securely.