Submarine Cables in the Circumpolar Area: Governance and Security Issues

Submarine infrastructures are extremely important for the well-tempered function of the states and societies, but simultaneously less investigated at the level of resilience planning and more efficient protection towards threats and hazards. As an example of their importance, submarine cables are considered vital for global connectivity, as they are responsible for carrying 99% of international data traffic [1]. However, they face significant risks from natural disasters [2], accidental damage, and deliberate sabotage [3–5], especially in the emerging and liquid geopolitical environment of today. Recent incidents have highlighted the urgent need to enhance the security and resilience of these critical infrastructures to ensure their uninterrupted function, from the data transmission and the protection of the digital economy to the energy transmission and the protection of the energy needs. Proof of the ever-growing significance and attention that the states are putting on shielding submarine infrastructures towards this emerging landscape, is also the recommendations for ‘Secure and Resilient Submarine Cable Infrastructures’ [6] and the ‘Joint Communication to strengthen the security and resilience of submarine cables’ [7] that the EU has published recently (2024 and 2025 respectively). The importance of building resilience in today's world is highlighted importantly the recent years and actions have been taken towards this direction, both from the technical/research community and the states, but yet it's not fully adopted in practice as main approach to various problems regarding critical infrastructures and the landscape of current hazards and threats. Building resilience to natural, climatic and man-made events must be of prime importance in an ever-growing and interconnected world, including especially any type of critical infrastructures, meaning also the submarine. Not only for safety and security reasons, but also regarding the economic impact that the absence of resilient planning and philosophy can impose on the states and the operators, as the cost of not being resilient is important. According to respective studies [8] which are based on over 3,000 scenarios, the urgency of designing resilient infrastructure is clear when considering natural hazards: in most scenarios, it is costly to delay global action on resilience to 2030, with a median value of US$ 1.0 trillion in potential losses. Resilience sits in an intricate interplay among individuals, communities, institutions and infrastructures. Moreover, it is well assessed that resilience depends on many factors such as technological (e.g. platforms and tools), human (e.g. capability of intervention and exploitation of information from citizens and users) and user's acceptance (understanding the added value provided by novel technological solutions for the improvement of operative capabilities, in ordinary and extraordinary conditions). The aim of the research is to provide a systematic methodological approach to assess the resilience capacity of the European critical infrastructure sectors of submarine telecommunication cables, power cables and gas pipelines. Based on the multi-risk dynamic assessment of natural and manmade hazards which is successfully tested also on other types of infrastructures (e.g., gas pipelines) and with the respective adjustments for this type of critical infrastructures, the operators will have the situational overview in order to further strengthen their assets and make then more resilient and robust. The novelty of this approach is based on its proven efficiency to various other types of infrastructure assets and its adjustment for the needs of the submarine infrastructures, a sector of infrastructure assets which is considered less investigated by the research community regarding its critical role and therefore vulnerable. The research conducted is part of the EU-funded research project of VIGIMARE.

The protection of submarine cables in Southeast Asia: The security gap and challenges and opportunities for regional cooperation

The undersea domain has become increasingly central to global security, economic connectivity, and strategic competition. Critical infrastructures such as submarine cables and pipelines, advances in underwater technologies, expanding interest in seabed resources, and accelerating environmental change have intensified activity beneath the ocean surface. While the United Nations Convention on the Law of the Sea (UNCLOS) provides the foundational legal framework governing maritime zones and seabed activities, contemporary security challenges in the undersea domain increasingly arise from the interaction of multiple factors rather than from legal entitlements alone. Existing scholarship examines aspects of the undersea domain through disciplinary lenses, including international law, strategic studies, technological research, political economy, and environmental science. However, these approaches often analyse legal regulation, geopolitical competition, technological capability, infrastructure development, and ecological change separately. This fragmentation limits understanding of how security risks emerge beneath the ocean surface. This paper develops a five-dimensional analytical framework for analysing security in the undersea domain. Integrating legal, geopolitical and security, technological, economic, and environmental dimensions, the framework demonstrates how regulatory ambiguity, technological capability, infrastructure dependency, economic activity, and environmental transformation interact to shape patterns of vulnerability, competition, and governance beneath the ocean surface.

The possible applications of communication based on big data have steadily increased in several industries, such as the autonomous vehicle industry, with a corresponding increase in security challenges, including cybersecurity vulnerabilities (CVs). The cybersecurity-related symmetry of big data communication systems used in autonomous vehicles may raise more vulnerabilities in the data communication process between these vehicles and IoT devices. The data involved in the CVs may be encrypted using an asymmetric and symmetric algorithm. Autonomous vehicles with proactive cybersecurity solutions, power-based cyberattacks, and dynamic countermeasures are the modern issues/developments with emerging technology and evolving attacks. Research on big data has been primarily focused on mitigating CVs and minimizing big data breaches using appropriate countermeasures known as security solutions. In the future, CVs in data communication between autonomous vehicles (DCAV), the weaknesses of autonomous vehicular networks (AVN), and cyber threats to network functions form the primary security issues in big data communication, AVN, and DCAV. Therefore, efficient countermeasure models and security algorithms are required to minimize CVs and data breaches. As a technique, policies and rules of CVs with proxy and demilitarized zone (DMZ) servers were combined to enhance the efficiency of the countermeasure. In this study, we propose an information security approach that depends on the increasing energy levels of attacks and CVs by identifying the energy levels of each attack. To show the results of the performance of our proposed countermeasure, CV and energy consumption are compared with different attacks. Thus, the countermeasures can secure big data communication and DCAV using security algorithms related to cybersecurity and effectively prevent CVs and big data breaches during data communication.

One of the strategic development priorities of the Republic of Croatia is the development and construction of a modern telecommunications network and the availability of high-speed Internet throughout its territory, especially in rural areas and on islands. To enable this, it is important to build a reliable and resilient communication infrastructure. With the cooperation of all stakeholders in the construction, from telecom operators to local and state administrations responsible for the maritime demesne, and with efficient legislation, it is possible to achieve sustainable development of submarine cable infrastructure. The paper provides an overview of the legal aspects of submarine optical cable infrastructure design and application at the national and international levels. Special attention is dedicated to the analysis of a national legal regime regulating the protection and sustainable use of submarine cables. Thus, the authors will provide critical analysis of a kind of dualism present in the application of the Ordinance on the Register of Concessions and the Ordinance on the Register of Concessions on the Maritime Demesne and offer suggestions for potential improvements of a national legal framework pertaining to the right of laying and legally protecting submarine cables.

The Industrial Internet of Things (IIoT) is a paradigm that enables the integration of cyber-physical systems in critical infrastructures, such as power grids, water distribution networks, and transportation systems. IIoT devices, such as sensors, actuators, and controllers, can provide various benefits, such as performance optimization, efficiency improvement, and remote management. However, these devices also pose new security risks and challenges, as they can be targeted by malicious actors to disrupt the normal operation of the infrastructures they are connected to or to cause physical damage or harm. Therefore, it is essential to develop effective and intelligent solutions to detect and prevent attacks on IIoT devices and to ensure the security and resilience of critical infrastructures. In this paper, we present a comprehensive analysis of the types and impacts of attacks on IIoT devices based on a literature review and a data analysis of real-world incidents. We classify the attacks into four categories: denial-of-service, data manipulation, device hijacking, and physical tampering. We also discuss the potential consequences of these attacks on the safety, reliability, and availability of critical infrastructures. We then propose an expert system that can detect and prevent attacks on IIoT devices using artificial intelligence techniques, such as rule-based reasoning, anomaly detection, and reinforcement learning. We describe the architecture and implementation of our system, which consists of three main components: a data collector, a data analyzer, and a data actuator. We also present a table that summarizes the main features and capabilities of our system compared to existing solutions. We evaluate the performance and effectiveness of our system on a testbed consisting of programmable logic controllers (PLCs) and IIoT protocols, such as Modbus and MQTT. We simulate various attacks on IIoT devices and measure the accuracy, latency, and overhead of our system. Our results show that our system can successfully detect and mitigate different types of attacks on IIoT devices with high accuracy and low latency and overhead. We also demonstrate that our system can enhance the security and resilience of critical infrastructures by preventing or minimizing the impacts of attacks on IIoT devices.

After implementing 5G technology, academia and industry started researching 6th generation wireless network technology (6G). 6G is expected to be implemented around the year 2030. It will offer a significant experience for everyone by enabling hyper-connectivity between people and everything. In addition, it is expected to extend mobile communication possibilities where earlier generations could not have developed. Several potential technologies are predicted to serve as the foundation of 6G networks. These include upcoming and current technologies such as post-quantum cryptography, artificial intelligence (AI), machine learning (ML), enhanced edge computing, molecular communication, THz, visible light communication (VLC), and distributed ledger (DL) technologies such as blockchain. From a security and privacy perspective, these developments need a reconsideration of prior security traditional methods. New novel authentication, encryption, access control, communication, and malicious activity detection must satisfy the higher significant requirements of future networks. In addition, new security approaches are necessary to ensure trustworthiness and privacy. This paper provides insights into the critical problems and difficulties related to the security, privacy, and trust issues of 6G networks. Moreover, the standard technologies and security challenges per each technology are clarified. This paper introduces the 6G security architecture and improvements over the 5G architecture. We also introduce the security issues and challenges of the 6G physical layer. In addition, the AI/ML layers and the proposed security solution in each layer are studied. The paper summarizes the security evolution in legacy mobile networks and concludes with their security problems and the most essential 6G application services and their security requirements. Finally, this paper provides a complete discussion of 6G networks’ trustworthiness and solutions.

Background . The Law of Ukraine "On Critical Infrastructure" defines the task of ensuring the security and resilience of critical infrastructure. The practice of implementation of the Law provisions shows the need to introduce a system of education and training of personnel in this area. The observed tendencies of increasing of the range of threats to critical infrastructure, in particular during armed conflict, only emphasize the urgency of raising the level of knowledge and skills of personnel in this area. The purpose of the article is to review potential formats of education and identification of fields of knowledge and specialties within which it is appropriate to reflect issues of critical infrastructure protection in the educational process. Among the important tasks of the article are: a review of research on the problems and the practice of implementation of the educational process in this field, an analysis of legislative and organizational opportunities for the introduction of educational programs, a review of higher education standards and programs, identification of basic competencies of graduates and program results of studies in this area. Methods . There were used methods of theoretical-methodological and comparative analysis for the developing conceptual approaches to the organization of education process on the issues of security and resilience of critical infrastructure. The system-functional analysis of the tasks of the subjects responsible for critical infrastructure protection was used to determine the fields of knowledge and specialties in which it is appropriate to train specialists. Methods of system analysis to form a list of program results of training in this area. Results . The article proposes a methodical approach to determining the necessary competencies, knowledge and skills of the personnel of the subjects of the national system of critical infrastructure protection. The list of specialties in which it is expedient to train specialists by higher education institutions of Ukraine has been defined. A set of competencies and program learning outcomes have been developed, which could serve as basic for developing educational standards and educational programs. A set of educational disciplines is offered that can be a component of the educational process in selected specialties. Conclusions . The article substantiates the legislative conditionality and scientific and practical relevance to establish the system of specialists training in the field of critical infrastructure protection. Though, the training system can cover various forms and methods of training, at the current stage of development of the national critical infrastructure protection system of Ukraine, it is advisable to introduce separate educational programs within the framework of existing educational programs of defined set of specialties. There has been developed the competencies and program outcomes for graduates. A set of educational disciplines that can be a component of the educational process in selected specialties is also proposed. In future, it is necessary to continue research on the development of specific educational programs on the security and resilience of critical infrastructure for various specialties.

There has been a tremendous increase in research in the area of cyber security to support cyber applications and to avoid key security threats faced by these applications. The goal of this study is to identify and analyze the common cyber security vulnerabilities. To achieve this goal, a systematic mapping study was conducted, and in total, 78 primary studies were identified and analyzed. After a detailed analysis of the selected studies, we identified the important security vulnerabilities and their frequency of occurrence. Data were also synthesized and analyzed to present the venue of publication, country of publication, key targeted infrastructures and applications. The results show that the security approaches mentioned so far only target security in general, and the solutions provided in these studies need more empirical validation and real implementation. In addition, our results show that most of the selected studies in this review targeted only a few common security vulnerabilities such as phishing, denial-of-service and malware. However, there is a need, in future research, to identify the key cyber security vulnerabilities, targeted/victimized applications, mitigation techniques and infrastructures, so that researchers and practitioners could get a better insight into it.

The Irish Government’s Climate Action Plan aims to increase renewable energy generation capacity to 22GW by 2030, with at least 5GW of this to be produced by offshore wind. The potential to harness and develop this resource is significant; however not all areas offshore are suitable. Moreover, not all routes from windfarms to land are suitable for the submarine cables needed to transfer the energy produced offshore back to the onshore grid. This research utilizes geospatial analysis to identify the optimal route selection for offshore export cables. The area under consideration for this research encompasses the South and West coasts of Ireland in the North Celtic Sea and Eastern Atlantic Ocean, areas under intense development for offshore wind, particularly floating wind platforms. To achieve this, a geospatial repository of publicly available data was compiled to ensure the key features related to cable route feasibility were included in the spatial analysis. These layers included bathymetric, geological, and ecological data, as well as information on human activities in the area, to assess the potential hazards to a submarine cable within a particular region. Each variable was assessed as to its importance in the route selection model using criteria weights derived from the Analytical Hierarchical Process and expert opinion of a panel of industry representatives. The resulting data layers were combined into a suitability map of the seabed using a Weighted Overlay Analysis. Individual offshore wind sites and coastal landfall sites were selected based on proposed developments. GIS route selection methods were then implemented, principally the least-cost path algorithm, to identify the optimal route. The combined criteria map produced in this project classifies regions off the South and West coasts of Ireland into zones of suitability for cable routes and highlights the main areas along the coast most appropriate for cable landfall sites.  By using automated route selection tools in GIS along the suitability map surface, realistic paths along the seabed can be quickly designed to allow for adequate burial of the cable, and avoidance of obstacles, hazards and zones of exclusion. The findings of this research indicate that distance from existing coastal substations is a key factor in terms of the economic viability of a cable route. Many windfarms will require more than one export cable, and with several windfarm proposals within the same coastal region, bottle necks at suitable landfall sites may be expected. The results of the study provide a useful tool for policy makers and developers in the planning stage. In a broader context, these findings can be upscaled, customised and applied at a national level for other countries to allow a systematic approach to offshore renewable energy development.

Artificial intelligence (AI)-based emergency response systems have emerged as critical enablers of smart infrastructure safety, offering enhanced real-time decision-making, risk assessment, and disaster mitigation strategies across various domains. This systematic literature review, encompassing 424 eligible studies, investigates the integration of machine learning (ML), deep learning (DL), computer vision, IoT-enabled predictive analytics, and AI-powered robotics in optimizing emergency response mechanisms. The study comprehensively examines AI applications in disaster management, real-time incident detection, healthcare emergency response, industrial hazard prevention, cybersecurity frameworks, and intelligent traffic control, providing a detailed assessment of technological advancements and challenges in AI adoption. The findings reveal that AI has significantly improved predictive accuracy, automated hazard detection, and emergency resource optimization, leading to faster response times, minimized human error, and enhanced situational awareness in crisis management. AI-driven predictive analytics models have enabled early warning systems for earthquakes, floods, and wildfires, facilitating proactive disaster preparedness and risk mitigation. In real-time emergency response, AI-powered computer vision and sensor-based surveillance technologies have improved incident detection, reducing intervention delays and ensuring more efficient allocation of emergency resources. In the healthcare sector, AI-enhanced diagnostic tools, triage automation, and geospatial analytics for ambulance dispatch have streamlined medical crisis management, improving survival rates and reducing treatment delays. Additionally, AI-integrated industrial safety frameworks, robotic automation, and cybersecurity intelligence systems have strengthened workplace hazard prevention, cyber threat detection, and emergency communication resilience, ensuring safer and more secure operational environments. Despite these advancements, several challenges related to interoperability, regulatory constraints, cybersecurity vulnerabilities, algorithmic biases, and ethical concerns persist, hindering large-scale AI adoption in emergency response systems. This review provides a comprehensive synthesis of AI’s transformative role in modern emergency management, offering insights into technological developments, limitations, and policy considerations necessary to enhance AI-driven crisis response strategies and ensure more effective, scalable, and resilient emergency safety infrastructures worldwide.

Ever since its emergence, the concept internet of things (IoT) has been applied in many fields. In the area of medical sciences, a new concept “Internet of Medical Things” (IoMT) has been explored. IoMT establishes a connection between humans & machines and serves both of them. It has been expected that, by 2025, services of IoMT would reach the entire world. IoMT has covered a wide scope pertaining to health but unfortunately been facing many security challenges. Healthcare systems consist of sensitive and significant data, which is unorganized and noisy and needs additional power to be calculated for effective analysis & workable results. This data is worked upon for the purpose of making critical decisions. Therefore, it has become the main target of Cyber Criminals. The need of robust security and privacy (S&P) is gradually increasing as more and more devices are getting connected to the IoMT. The S&P of the IoMT has now become a great challenge, considering the utmost significance and vulnerability of the data in the healthcare industry. Lack of sufficient S&P in IoMT devices keeps the patients’ privacy at high stake. This research is intended to propose a Security Model to cope with these Security threats, attacks, issues and challenges. The proposed model has been developed by thoroughly investigating all the major security models through a detailed systematic literature review. The SLR has been conducted to explore all the security threats, security attacks, security issues and security challenges. Extensive meta-analysis has been performed for each of the defined category in order to prioritize these risks. After analyzing these risks, a comprehensive security model has been proposed. The interface has been developed in Python which is well structured, user friendly and easy to implement. The developed module not only identify and prioritize the risks but also automatically control different level of threats. The developed system also contain user intimation modules in case of any threat. This research is based on a very flexible and comprehensive model, which would be highly beneficial to future researchers who desire to work on existing models for the improvement as well as to those who wish to create new security models for IoMT.

The global governance of artificial intelligence (AI) depends on coordination among national governments, international organizations, and non‐state actors. While existing research has mapped the institutional complexity of the emerging AI regime, public trust in the stakeholders involved remains underexplored. This study addresses this gap using parallel surveys in the United States and China, two leading AI powers locked in strategic rivalry. Results show that respondents in both countries express the highest levels of trust in their own government and the lowest in their geopolitical rival, with other actors such as the European Union, tech firms, and research institutes falling in between. These patterns reflect how geopolitical competition and intergroup dynamics shape public trust, posing challenges for inclusive and cooperative governance in contested global domains such as AI. At the same time, individuals who view AI as socially beneficial and who support international cooperation report higher trust across a broad set of actors, including rivals. These findings illuminate systematic patterns in public opinions that condition the political viability of global AI governance and suggest that narratives emphasizing shared benefits and collaboration may help bridge trust gaps.

Cyber physical systems are the integration of cyber world elements and physical world elements with the help of state-of-the-art technologies. These CPS are used to monitor, manipulate, and control real objects. Internet of things is similar to CPS but is used to provide communication between both homogeneous and heterogamous networks for the purpose of data sharing, resource sharing, and management. The common goals of both CPS and IoT are reliable and secure transmission of data in real-time environment. The usage of both CPS and IoT increased in applications like smart cities, smart grids, smart transportation, and smart healthcare, and so cyberattacks and threats also increased exponentially. Security issues and challenges of both CPS and IoT have become a global issue, and a proper security mechanism to address this issue is a need of the hour. In this chapter, we firstly provide an overview of IoT, relationship, and differences between CPS and IoT. Secondly, we addressed their security challenges and issues. Finally, suggested emerging techniques and methods to improve the safety and security of CPS and IoT systems are discussed.

Wireless body area sensor networks (WBANs) are becoming more popular and great potential of the human body is shown in real time monitoring. Cost-effective, unobtrusive and unsupervised continuous monitoring applications like surveillance, as well as the promise of WBANs Healthcare has attracted a wide range of activity and rehabilitation system game. However, the benefits of WBANs, using a number of challenging issues must be resolved. In addition to the open issues in standardization, WBANs energy efficiency and quality of service (QoS), security and privacy issues are major concerns. These wearable system life-critical data should be protected, since they control. Nevertheless, these systems face some difficulties of addressing security. WBANs wireless sensor networks (WSN) to inherit the most well known security challenges. However, WBANs, the specific symptoms such as severe resource constraints and harsh environmental conditions, security and privacy challenges the pretending to support additional unique. In this paper, survey the leading security and privacy issues and will survey potential attacks WBANs. In addition, we have an unsolved problem is that quality service is a serious security issue has great potential for currency in WBANs will explain, and then we discuss a potential future direction.