Guardian Light: An Edge-Resilient Fail-Safe Mechanism for IoT

Smart Lighting Against DDoS and Network Partitions

Lokman Mohd Fadzıl1,* Tımothy Lo Yın Hong1

1 Cybersecurity Research Centre (CYRES), Universiti Sains Malaysia, Penang 11800, Malaysia

Received: December 12, 2025 Revised: February 05, 2026 Accepted: March 08, 2026 ⋆ Corresponding author

ABSTRACT

New cybersecurity and operational resilience issues have been brought about by the growing use of cloud-managed

smart street lighting in metropolitan settings, especially in the event of network partitioning and Distributed Denial of

Service (DDoS) assaults. Current systems still rely mostly on centralized cloud control, which creates a single point

of failure that might compromise public safety and interfere with vital lighting functions. In the context of the author’s

Streetlight-as-a-Service (SLaaS) framework, where streetlights operate as intelligent, service-capable infrastructure

nodes rather than discrete lighting devices, this paper proposes Guardian Light, an edge-resilient fail-safe mechanism

for intelligent street lighting. The suggested design uses AWS IoT Core, AWS IoT Device Defender, and AWS IoT

Greengrass to combine device-side autonomous governance with cloud-side anomaly detection. With the help of

an internal real-time clock, state-aware failover logic, persistent offline scheduling, and local threshold monitoring,

Guardian Light makes it possible for lighting nodes to continue operating safely and consistently even in the event

that malicious traffic is discovered or cloud connectivity is compromised. The study emphasizes how current smart

lighting research goes beyond energy saving and scheduling to cyber-resilient operational continuity through the

integration of edge intelligence and service-oriented streetlight design. By doing this, the study offers a workable and

theoretically sound solution to improve the autonomy, security, and dependability of next-generation SLaaS-enabled

smart city systems.

Keywords: Smart Cities IoT Security Edge Computing AWS IoT DDoS Mitigation Operational Continuity

1. INTRODUCTION

Smart street lighting has evolved from a basic municipal utility

into a digitally connected urban platform that supports energy

efficiency, adaptive illumination, traffic responsiveness,

public safety, and broader smart city services. Recent literature

shows that modern street lighting systems increasingly

integrate LED infrastructure, sensors, controllers, wireless

communications, and remote management functions, allowing

them to operate as intelligent nodes rather than passive

lighting assets. This transition has created substantial opportunities

for cities to improve operational efficiency and

service quality, but it has also expanded the technological

complexity of the lighting ecosystem and introduced new

dependencies on networking, data exchange, and centralized

orchestration [1, 2].

Despite their growing importance, connected lighting systems

remain exposed to significant cybersecurity and operational

risks. The connected nature of these systems enlarges the attack

surface, especially when field devices rely on commodity

communications, remote connectivity, and cloud-mediated

control. Connected lighting systems must therefore be examined

not only for functional performance, but also for realistic

cyber threats spanning on-premises, cloud, and hybrid de-