Europe’s digital connections and energy systems rely on a network that most people never see: thousands of kilometres of cables and pipelines lying on the seabed. These cables and pipelines carry internet traffic between continents, transmit electricity between countries and transport gas that powers homes and industries. This article summarises the key achievements and findings from the first half of the VIGIMARE project, a three-year, Horizon Europe-funded initiative running from September 2024 to August 2027, coordinated by Laurea University of Applied Sciences, and outlines what comes next. The project brings together 19 partners from 8 European countries, including critical infrastructure operators, research institutions and technology providers. More information is available at www.vigimare.eu.

The VIGIMARE project was launched to better understand how the submarine infrastructure can be protected and to develop a new surveillance technology to monitor it. During the first half of its three-year programme, the project has largely focused on building that understanding, mapping risks, analysing vulnerabilities and starting to design the VIGIMARE platform to monitor and protect these Critical Infrastructure (CI) systems. As the Project Coordinator, I wanted to summarise in this article the key findings from the first half of the VIGIMARE project.

The next phase of the project will shift from analysis to practice, as the technologies developed in the project are tested in real operational environments.

Why submarine infrastructure matters

Submarine cables and pipelines are owned and operated by a diverse mix of actors. Some are national energy and gas transmission companies, such as TERNA in Italy or GAZ-SYSTEM in Poland. Others are private telecommunications operators, such as CINIA in Finland. In the energy sector, offshore wind developers and electricity grid operators increasingly rely on submarine power cables. Alongside these commercial entities, national emergency supply agencies and regulatory authorities also have responsibilities for overseeing critical infrastructure security. This diversity of ownership across countries and sectors is itself part of what makes protection challenging. form the backbone of Europe’s connectivity and energy supply. Telecommunications cables carry the vast majority of the global internet traffic. Submarine power cables connect national electricity grids and offshore wind farms. Gas pipelines transport energy across borders. Because these systems run underwater and across multiple jurisdictions, protecting them is complicated. A single cable may cross territorial waters, exclusive economic zones and international waters.

Responsibility is shared between operators, national authorities and international frameworks. At the national level, security legislation and emergency planning frameworks govern how operators must protect their assets. At the European level, the Critical Entities Resilience (CER) Directive (European Parliament and Council, 2022a) and the NIS2 Directive (European Parliament and Council, 2022b) on cybersecurity set binding requirements that member states must implement. At the international level, cables and pipelines that cross exclusive economic zones and international waters fall under frameworks including the United Nations Convention on the Law of the Sea (UNCLOS). The Baltic Sea demonstrations described later in this article offer a concrete illustration of this complexity. Recent incidents involving damage to undersea cables in European waters have also highlighted how vulnerable these systems can be, not only to accidents but also to deliberate interference.

Mapping the risks

During its first 18 months, VIGIMARE concentrated on understanding the risks facing submarine infrastructure and designing a technological framework for monitoring it. The project analysed both physical and cyber risks affecting cables and pipelines. This work drew on a combination of systematic literature reviews, analysis of documented incident data, structured expert consultations with infrastructure operators and security specialists, and technical assessments contributed by project partners with hands-on operational experience.

On the physical side, many of the most common threats come from everyday maritime activity. Anchors, fishing gear and ship traffic are frequent causes of damage. Natural events such as seabed movement or extreme weather can also affect infrastructure, while construction defects or corrosion can weaken systems over time. At the same time, experts involved in the project examined scenarios involving sabotage or other deliberate interference. These risks are difficult to assess because activity under the sea is hard to monitor and attribution can be slow.

The project also looked at cyber risks connected to the digital systems used to manage infrastructure. Operators rely on complex networks of software, sensors and remote monitoring tools. Vulnerabilities in supply chains, such as software provided by third parties, can create entry points for cyberattacks.

One key conclusion is that cyber and physical risks are increasingly linked. A cyber intrusion could, for example, interfere with monitoring systems or obscure information about events happening near critical infrastructure – for example, by disabling automatic vessel identification (AIS) feeds so that a ship approaching a cable route goes undetected, or by falsifying sensor readings so that operators believe conditions are normal when a physical incident is already under way.

Where protection efforts should focus

Across the different analyses, several areas repeatedly emerged as particularly important for resilience, which is understood here as an infrastructure system’s ability to prevent, withstand, absorb and recover from incidents that could disrupt the essential services it provides:

• Landing stations, where subsea cables connect to land-based networks
• Supply chains and subcontractors, which can introduce vulnerabilities
• Rapid detection and response capabilities, especially in cyber incidents
• Better coordination between infrastructure operators and authorities

These findings are helping shape the technological solutions that the project is now developing.

Alongside the risk analysis, the project has been developing a technical platform designed to combine many types of maritime data. At the centre of this effort is the VIGIMARE platform, the Virtual Control Room (VCR), a system that integrates information from different sources, such as satellite data, vessel tracking systems and underwater sensors, into a shared situational picture. The idea is to allow infrastructure operators and authorities to detect unusual behaviour near cables or pipelines earlier and coordinate responses more efficiently. Those responses would typically involve the infrastructure operators themselves as first-line actors, together with national coast guards, maritime authorities and, where relevant, military or law enforcement agencies, depending on the nature of the incident and the jurisdiction. The VCR was tested initially in the Laurea coordinated AI-ARC project (2021-2024, www.ai-arc.eu), where the system was first developed for law enforcement agencies in the Arctic.

The platform is designed to be sensor-agnostic, meaning it can connect to different monitoring technologies and data sources. Artificial intelligence tools are also being developed to help identify anomalies automatically, such as vessels behaving suspiciously near infrastructure or ships operating without transmitting identification signals.

The next phase: Demonstrations at sea

With the analytical groundwork largely completed, the second half of the VIGIMARE project will focus on finalising the technical developments and testing these technologies in real-world scenarios.

Five demonstrations are planned across three European sea regions, in the Mediterranean Sea, the Irish Sea and the Baltic Sea, each centred on a specific type of infrastructure and operational environment.

Mediterranean Sea – Hybrid threat scenarios

Two demonstrations will take place in the Mediterranean region. One focuses on the electricity interconnection between Sardinia, Corsica and mainland Italy, led by the Italian energy operator TERNA. Another examines an offshore gas pipeline connecting Sicily with North Africa, led by the Italian gas operator ENI. These scenarios explore how cyber and physical threats could interact and how monitoring technologies can detect them.

Irish Sea – Gas pipeline monitoring

Another demonstration will examine the gas pipelines linking Ireland with the United Kingdom, led by the main Irish Gas Operator Gas Networks Ireland. Their pipelines carry the majority of Ireland’s imported gas, making them strategically important. The demonstration will test how suspicious activity near the pipelines can be detected using the VIGIMARE platform.

Baltic Sea – Pipeline and cable protection

Two further demonstrations are planned in the Baltic Sea region. One focuses on monitoring the Baltic Pipeline, running both offshore and onshore from Denmark into Poland, led by Gas-Systems, Poland’s main Gas Operator. The other demonstration in the Baltic Sea addresses the protection of submarine telecommunications cables, the same cables that suffered repeated damage in recent years. CINIA’s C-Lion1 cable – the only direct submarine link between Finland and Central Europe, connecting Helsinki to Rostock – was completely severed in November 2024, disconnected again at Christmas 2024, and damaged a third time in January 2025, with sabotage suspected in each case (Cinia, 2024a; Cinia, 2024b; Cinia, 2025). The Finnish Cable Operator CINIA is leading this demonstration. This demonstration scenario will test how multiple data sources, from maritime traffic information (AIS) to Distributed acoustic sensing (DAS sensors) from Alcatel Submarine Networks, can be combined to detect potential threats earlier. In addition to the technical systems, the project is also contributing to discussions about how European countries and infrastructure operators cooperate on the protection of critical infrastructure. This includes helping organisations adapt to new EU requirements on resilience and cybersecurity, particularly the CER Directive and the revised NIS2 Directive.

Looking ahead

The first half of the VIGIMARE project has focused on understanding the problem: identifying risks, analysing vulnerabilities and designing a technical framework for monitoring submarine infrastructure.

The next phase will be more practical. Through demonstrations in different European regions, the project will test how data sharing, sensors and analytics can improve the protection of cables and pipelines in everyday operational environments.

For systems that remain largely invisible beneath the sea, improving that visibility may be one of the most important steps toward making Europe’s critical infrastructure more resilient.

References

• European Parliament and Council (2022a) Directive (EU) 2022/2557 on the resilience of critical entities and repealing Council Directive 2008/114/EC. Official Journal of the European Union, L 333, 27 December, pp. 164–198.
• European Parliament and Council (2022b) Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2 Directive). Official Journal of the European Union, L 333, 27 December, pp. 80–152.
• Cinia 2024a. ’A fault in the Cinia C-Lion1 submarine cable between Finland and Germany’, Cinia news, 18 November. Accessed: 27 March 2026.
• Cinia 2024b. ’Fault detected in Cinia C-Lion1 submarine cable’, Cinia news, 25 December. Accessed: 27 March 2026.
• Cinia 2025. ’Disturbance in Cinia C-Lion submarine cable’, Cinia news, 26 January. Accessed: 27 March 2026.
• Submarine Cable Map 2025. Submarine cable map. Accessed: 26 March 2026.

The language editing and structure for this text has been improved using Copilot.