The protection of critical marine and submarine infrastructure

Critical infrastructures are no longer concentrated solely on dry land. A growing portion of the energy we consume, the data we exchange, and the military capacity we project depends on pipelines, cables, ports, and naval bases situated under or alongside the water surface. The underwater domain, discreet and difficult to monitor, has become a privileged stage for strategic competition and operations in the so-called «Grey Zone», where the line between accident, sabotage, and act of war blurs dangerously. This particularly affects Spain, a country situated at the crossroads between the Atlantic and the Mediterranean, which concentrates a significant number of these infrastructures, thereby multiplying both their relevance and their exposure. Throughout the following article, we analyse the evolution of threats and the impact of tactics in the Grey Zone, we discuss the main marine and underwater critical infrastructures of interest to us, and we explore how detection and protection systems must be designed to be effective, highlighting the role that companies such as SAES can play in this regard.

Index

• Introduction
• The evolution of threats and tactics in the Grey Zone
• New capabilities against underwater infrastructures
• Recent lessons: pipelines, cables, and other reference cases
• How to combat threats?
• How is a marine and underwater critical infrastructure protection system designed?
• The role of SAES in the protection of critical underwater infrastructures
• Conclusions and recommendations

Introduction

Advanced societies today depend on a dense and complex network of critical infrastructures, the continuity of which conditions national security, economic stability, and ultimately, the daily lives of citizens, whose welfare the State must defend. Energy, data, trade, and communications are sustained by nodes and corridors that, in a growing number of cases, are no longer on dry land, but upon and beneath the water surface. From major ports and naval bases to underwater gas and oil pipelines, the fibre optic cables crossing oceans, the data centres that will increasingly be built underwater in coming years, or offshore power generation projects, the number of points to protect does not cease to grow and, foreseeably, will continue to increase for decades.

This reality adds a layer of complexity when it comes to endowing the economy and society with resilience, a trendy term, but no less important for it. As we know, for a long time, the debate on critical infrastructures focused almost exclusively on land-based facilities and, furthermore, mostly inland: power stations, transport networks, interior logistics hubs, or surface data centres, to cite but a few. However, the progressive «marinisation» of energy and information has shifted an essential part of the vulnerability towards the maritime domain; especially, towards the underwater space, as we have seen in articles we have dedicated in the past to several of these topics. Thus, energy arrives via pipes laid on the seabed, the data that sustain the digital economy travel encapsulated in cables resting at hundreds or thousands of metres of depth, and some of the most sensitive military and logistics nodes are situated precisely at the coast-sea interface, as occurs in Rota, Ferrol, or Cartagena, but not exclusively there.

This change is not only quantitative, but qualitative. The suspicion of sabotage regarding major gas pipelines in the Baltic Sea or recent incidents affecting cables and pipelines in European maritime spaces have demonstrated that strategic competition is also waged on the seabed and that there are many actors who, even with relatively simple means, can cause notable damage, as in the case of Nord Stream. Moreover, an attack against a limited number of carefully selected infrastructures can trigger far-reaching effects on energy supply, digital connectivity, or market confidence, without the need to resort to large-scale operations or cause direct casualties or, in the worst case, with a very limited number of them. The combination of high criticality, low public visibility, and difficulty of access makes these infrastructures especially attractive targets for actors seeking to operate on the margins of open confrontation, that is, in the Grey Zone – a strip of the conflict spectrum which, as we have already explained in previous analysis, is employed as a tool for escalation control.

At the same time, the density of assets under the sea continues to increase. Every new cable linking continents, every energy interconnection, every offshore wind farm or new port facility increases the volume of essential services that depend on the marine medium… and expands, in parallel, the exposure to hostile actors, whose number is also growing; for beyond States, it is foreseeable that in the short to medium term, some non-state elements may possess the capacity to inflict enormous damage on these infrastructures. Their protection, therefore, can no longer be conceived as a sectoral matter reserved for energy or telecommunications operators; it has become a national security problem with a strong maritime and underwater dimension, which implies the participation of public institutions, both civil and military, but also private ones, regarding their defence.

In this context, the defence community faces a double challenge. On the one hand, it must systematically understand how threats against critical infrastructures are evolving, with special attention to the way in which state and non-state actors utilise the underwater domain to carry out actions in said Grey Zone. On the other, it must contribute to the design and deployment of detection, surveillance, and protection systems that allow vulnerabilities to be reduced reasonably in terms of cost-effectiveness-efficiency, raising the risk threshold for any potential aggressor and improving the resilience of the system as a whole.

That is the raison d’être of this article which addresses, firstly, the evolution of threats and the consolidation of the Grey Zone as a preferential space for action against critical marine and underwater infrastructures, without underestimating the possibility of a high-intensity conflict – which is not far-fetched given the situation on the southern and eastern flanks. Subsequently, the specific case of Spain is examined, identifying the main marine and underwater infrastructures of a critical nature and the specific features of their risk profile. On that basis, the fundamental criteria followed for the design of detection and protection systems are presented, as well as the diverse technological solutions available on the market. Finally, the role played by the Spanish company SAES (S.A. de Electrónica Submarina, S.M.E.) is studied, detailing its capabilities and the specific products it has developed in recent years, oriented towards the protection of this type of infrastructure.

Evolution of threats and the Grey Zone

The protection of critical underwater infrastructures cannot be understood in isolation from the general evolution of threats in the realm of security and defence. In barely a few decades, we have moved from a scenario dominated by the logic of large-scale conventional confrontation between peer powers to one where the focus was placed on projection, counter-insurgency struggle, and stabilisation, and finally, to another where hybrid forms and prolonged competition below the threshold of declared war prevail. The underwater domain and the seabed – although it is bold to speak of domains for now as there is no agreement in this regard and they are not included as such in any doctrine – due to their discretion and technical complexity, have proven especially suitable for this type of action.

In the Cold War era, the threat against underwater infrastructures was associated primarily with state military capabilities: submarines capable of intervening on strategic cables, offensive mining campaigns in port approaches, special forces operations conducted by combat divers, and all manner of sabotage actions in the context of an open conflict were the expectation. However, although war scenarios were contemplated in which these infrastructures could be enemy targets, there were relatively clear red lines and a political-strategic framework that delimited the use of those means, at least as far as the two main blocs were concerned.

Today the panorama is much more diffuse. Competition between great powers, the fragmentation of the security environment, and the proliferation of non-state actors with advanced technological capabilities have driven the generalisation of what some call «hybrid warfare» and which, for our purposes, we will term actions in the Grey Zone. An amalgam of combinations employing tools ranging from diplomatic pressure to economic coercion, disinformation campaigns, cyberattacks, and limited physical actions, always carefully calibrated to remain in that intermediate strip between formal peace and open war. In this context, critical infrastructures, and in particular those situated under the sea, have become privileged vectors of pressure and strategic signalling, as has been demonstrated since the war in Ukraine began.

The possibilities are many. From sabotage that temporarily reduces the capacity of a gas pipeline, to another capable of altering a country’s digital connectivity or affecting the functioning of a port, the truth is that there are many actions susceptible to generating political tensions, economic costs, and a sense of vulnerability in public opinion, without needing to escalate towards a generalised conflagration. One must not forget that the difficulty in attributing this type of action quickly and with certainty to a specific author, both due to the characteristics of the environment and the tangle of actors involved in infrastructure management, provides the aggressor with a margin of ambiguity to exploit to their benefit. In this regard, the denial of authorship (as when Ukraine destroyed a good part of the Crimean bridge), the insinuation that it is an accident, or the deliberate sowing of doubt in public debate (a habitual modus operandi of Russia) form part of the operation’s very design.

It is precisely here that the concept of the Grey Zone gains relevance. This expression alludes to that intermediate space in which States – and, on occasions, other actors – carry out deliberate operations with the purpose of modifying the status quo, testing the resilience and determination of the adversary, or eroding their capabilities, without clearly crossing the threshold that would activate formal collective defence mechanisms or justify a forceful military response. The Grey Zone is not a place, but a way of acting: gradualist, ambiguous, and difficult to fit into the traditional categories of peace or war, which, nevertheless, is constantly employed. Examples abound, from the actions of the Wagner Group at the time to China constructing military bases on artificial islands, or the employment of immigration by Morocco or Russia as a weapon, to the launch of balloons from Belarus against the Baltic countries and the overflight of airports and airbases or military production plants with unidentified drones.

In the field of underwater infrastructures, the Grey Zone manifests in discreet low-signature operations, often executed by means that blend in with ordinary civil activity. Unmanned underwater vehicles, apparently commercial vessels, small teams of divers supported by yachts or fishing boats, and other analogous vectors allow for approaching cables, pipelines, or port structures without raising suspicion until the moment of action. By then, it is usually too late, requiring intense and costly forensic labour to determine the procedures and authorship of the attack, and that is when it is even possible. The conditions inherent to the medium – depth, currents, scarce presence of witnesses, technical difficulty of investigations – offer a propitious terrain for any incident to be presented as a fortuitous event, as long as there is no conclusive evidence to the contrary. Along with this, the employment of intermediaries, shell companies, or even PMCs contributes to further diluting the chain of political responsibility, but not the damage, which is usually significant and of a strategic nature.

Technological evolution has amplified this potential. Unmanned underwater and surface vehicles are increasingly compact, silent, autonomous, and affordable. Platforms that a few years ago were only within reach of a handful of navies are today found, in less sophisticated but operationally useful versions, available in markets that are not always subject to strict controls. There is even the possibility of producing them oneself with few means, as many components are COTS and can be acquired with relative ease in international markets – white, grey, or black. These systems can be employed for detailed reconnaissance tasks of a cable’s route, for the covert installation of listening sensors, for the placement of charges, or simply to document with precision the physical environment of an infrastructure in order to identify its most vulnerable points.

In parallel, the improvement of diving equipment and payloads accessible to non-state actors has expanded the range of threats. More reliable and compact diving equipment, individual propulsion systems, and explosives of reduced size but high power facilitate the realisation of missions at greater depth and for prolonged times.
Added to this is a less visible but equally decisive factor: access to information, with all that this implies in terms of the diffusion of military technology. As if this were not sufficient, it must also be taken into account that, having surpassed the first quarter of the 21st century, the combination of open sources, technical documentation available on the internet, high-resolution commercial imagery, and maritime traffic data allows for reconstructing with a significant degree of precision the route of pipelines and cables, the location of repeater stations, the structure of oil platforms and naval bases, or the location of singular points whose neutralisation would have especially grave effects.

Cyberattacks add an additional dimension to this picture. The possibility of combining physical actions on an infrastructure with operations in cyberspace directed against its control systems, its communications, or its managing companies multiplies the potential impact and complicates the response. A cut in a cable or an «accidental» breakdown in a repeater station accompanied by an intrusion or disinformation campaign can confuse operators, delay detection of the problem, or sow doubts regarding its real origin, while multiplying the effects by producing synergies. In this way, the protection of critical underwater infrastructures can no longer be approached solely from the perspective of their physical «hardening»; it demands an integral approach encompassing sensors, cybersecurity, operational resilience, and inter-institutional coordination.

The incidents recorded in the European environment in recent years constitute, in each case, new lessons that have accelerated this raising of awareness among EU Member States. The explosions that damaged pipeline sections in the Baltic, the cuts and breakdowns in communications cables, and other events of a controversial nature have shown the extent to which the possibility of complex attacks against energy and data infrastructures situated in international waters or in maritime zones of high sensitivity is real. In several of these cases, common features repeat: they occur in regions where energy and communications routes of great strategic value converge; they affect infrastructures whose interruption, even if limited in time, has significant effects on prices, confidence, and capacity for political manoeuvre; and they pose serious technical and diplomatic difficulties for attributing authorship quickly and clearly. Furthermore, the threat posed by long-range, low-cost weapons that Russia already produces by the thousands monthly cannot be ignored; although they exceed the Grey Zone to go directly to the black, they are there. In this sense, the possibility, should the case arise, of a strategic sub-nuclear attack against interests on European soil must not be ruled out, which will force substantial resources to be allocated both to air defences and to weapons capable of exercising deterrence, returning blows if necessary.

From the military and security perspective, and returning particularly to the Grey Zone and the threat to critical marine and underwater infrastructures, these recent experiences point to several fundamental conclusions. The first is the need to develop a situational awareness that is much more robust than what has existed until now. It is not enough to monitor port accesses or immediate coastal zones: the area of interest extends to broad areas where cables and pipelines run, and where hostile actions can occur with a very high degree of discretion. The second is the realisation that the border between the accidental and the deliberate is increasingly fine, which forces the acquisition of advanced forensic-technical investigation capabilities and agile information exchange mechanisms between allies, operators, and national authorities. The third is that the time factor proves critical: in a Grey Zone environment, the aggressor possesses the advantage of the initiative, and any delay in the detection of an attack, in the collection of evidence, or in the construction of a coherent narrative reduces the deterrent effect of the response that may be articulated afterwards.

Finally, it becomes evident that the allied and multinational dimension is inescapable. In densely interconnected regions, energy and communications infrastructures are, frequently, transnational by design. The effects of a cut in a cable or a breakdown in a gas pipeline rarely, not to say never, affect a single country; their consequences radiate to partners and neighbours. In that context, the protection of critical marine and underwater infrastructures demands solid cooperation frameworks, both for surveillance and for response. It is from this perspective, marked by the evolution of threats and the expansion of the Grey Zone, that the Spanish case must be analysed, along with the way in which our country protects – and must continue reinforcing – its critical character.

New capabilities against underwater infrastructures

The technological evolution of the last two decades has notably expanded the range of tools available to potential aggressors. While until now barely countries like the United States or the Russian Federation possessed relevant capabilities, three unstoppable trends have coalesced to produce a turnaround in the situation:

• Generalisation of unmanned vehicles (UUV and USV): platforms that are increasingly compact, silent, and affordable allow for approaching cables, pipelines, or port structures with a degree of discretion impossible just a few years ago. They can be employed for reconnaissance, sensor installation, charge placement, or simply to obtain precise information on the configuration of an infrastructure.
• Improvement in diving equipment and payload: the commercial availability of advanced diving equipment, including closed-circuit (rebreather) systems which are more discreet, electric propulsion systems for divers, and compact demolition charges facilitates well-trained actors operating at greater depth and for longer, increasing the range of reachable targets and the type of actions that can be executed.
• Access to detailed information on infrastructures: the combination of Open Source Intelligence (OSINT), technical documentation available on the web, high-resolution commercial imagery, and maritime traffic data allows for reconstructing with considerable precision the route of cables and pipelines, the location of repeater stations, interconnection nodes, or zones of greater structural vulnerability.

Added to this «democratisation» of capabilities is, as we have noted previously, the possibility of combining physical actions with cyberattacks against command and control systems, escalating the impact and complicating the response.

Furthermore, although for the moment it does not seem a short-term threat, the possibility should not be underestimated that certain transnational actors such as some organised crime networks, with their own agenda (sometimes at the service of third parties, let us not forget), may end up taking an interest in the weaknesses that the States combating them show in this realm. After all, with money to burn and significant knowledge in matters of drones or submarine construction, for example, some cartels might consider it appropriate to lease their services or even go so far as to propose blackmail…

Recent lessons: pipelines, cables, and other reference cases

Events of recent years in the European environment offer a set of lessons that have driven the debate on the protection of underwater infrastructures. The Nord Stream case in 2022, which gravely damaged several pipeline sections in the Baltic, evidenced the real possibility of complex attacks against energy infrastructures situated in international waters, in a context of high geopolitical tension. What is almost more interesting than the attack itself; the possibility of denial and the multiple interests coexisting on the part of numerous actors prevented the attribution of responsibility for the action to Ukraine, with the majority (ourselves included) thinking that the Kremlin, the infrastructure having been written off following the rupture of relations with Germany, was behind it.

Since then, many other attacks have been recorded, some of less doubtful authorship (such as those that have struck vessels in Sevastopol, Odesa, or Novorossiysk) and others yet to be resolved, such as those related to communications cables and pipelines in the Baltic. It is not surprising that they have raised doubts regarding the border between accidents and sabotage, nor that, at the same time, they have forced a reaction on the part of coastal States and NATO, increasing their presence and surveillance in the zone. The parallels, in any case, are interesting, as many of these episodes share common elements:

• they occur in areas where energy and communications routes of high strategic value converge;
• they affect infrastructures whose interruption, even if limited in time, has significant economic and political consequences;
• and they present, to a greater or lesser extent, technical and political difficulties in attributing responsibility with certainty, at least in the initial stages of the crisis.

From the military and security point of view, these lessons point to several conclusions:

1. The protection of critical underwater infrastructures requires permanent surveillance and expanded maritime situational awareness, beyond traditional port or coastal zones. Unfortunately, it is no longer enough to monitor the surface in the confidence that any submarine, given its size, will be detected in time. On the contrary, it is necessary to develop «undersea domain awareness» capabilities that integrate underwater sensors, unmanned platforms, and advanced signal processing systems, preferably supported by AI tools that accelerate detection and processing cycles, hence offering as wide a temporal margin as possible (for the moment) to the human decision-maker.
2. The border between the accidental and the deliberate is increasingly difficult to draw, which forces improvements in both forensic-technical investigation capacity and information exchange mechanisms between allies and operators.
3. Political and operational response times are critical. In a Grey Zone environment, the aggressor counts on the advantage of time and the initiative; delays in identifying the incident, in obtaining evidence, or in articulating a coherent narrative can reduce the deterrent effect of any measure adopted afterwards, as has been said. What is worse, depending on the type of attack, internal crises can occur as a Government’s capacity to guarantee security is called into question. Or, indeed, an anticipated and disproportionate response may occur, given the need to appear in control of the situation and strong, which can provoke involuntary escalations or regional crises of all kinds.
4. The allied and multinational dimension cannot be ignored. Although security may depend, ultimately, on each State, in densely interconnected regions, such as the Baltic or the Mediterranean, energy and communications infrastructures are usually transnational, such that any incident has implications transcending the jurisdiction of a single actor. This forces the establishment of all manner of combined control mechanisms, increasing interoperability and, of course, endowing oneself with definitions and doctrines as homogeneous as possible, to avoid misunderstandings or disjointed responses.

Spain, of course, is anything but an exception. Not for nothing do energy routes, communications cables, and port nodes essential for Europe and the Atlantic converge in our area of responsibility. Furthermore, with the aggravating factor that political decisions of recent decades have ended up leaving the Armed Forces without Maritime Patrol capacity and that the steps taken to recover it have been affected both by erroneous acquisition decisions (although understandable from the industrial point of view) and by the confrontation we currently maintain with Israel, which affects the arrival of vital systems, which must be replaced by possibly less capable options, suffering delays along the way.

How to combat threats?

The acceleration of threats to underwater infrastructures has been accompanied by notable growth in the market for technological solutions destined for their protection, as could not be otherwise. Recent reports estimate that the segment of underwater security systems and services will grow steadily throughout this decade, driven by demand from navies, State Security Forces and Corps, port authorities, energy operators, and communications providers seeking to reinforce their resilience against hybrid attacks and discreet sabotage.

Although the offering is very diverse, a first block of solutions centred on underwater detection and surveillance can be distinguished. These are, above all, sonar systems dedicated to the protection of ports, anchorages, high-value vessels, and offshore platforms, capable of anticipating the arrival of divers, unmanned underwater vehicles, and other contacts of interest at short and medium range (in any case, a few kilometres, and only when this is possible). Added to these are towed sonars of greater range, initially conceived for anti-submarine warfare, but which prove equally useful for generating situational awareness in areas where critical cables or pipelines run. In recent years, hybrid systems combining acoustic sensors with electromagnetic and pressure sensors have also been incorporated, seeking to reduce blind spots and improve threat classification capacity in complex environments. In fact, the development of solutions is proving blistering and everything indicates that these will continue to become more complex and perfect, for there is no other choice.

A second block is occupied by unmanned platforms, both underwater and surface. Autonomous underwater vehicles (AUV) and smaller UUVs are employed to inspect cable and pipe routes, check the condition of physical protections, map the immediate environment of an infrastructure, or investigate incidents. USVs, for their part, can maintain persistent patrols over an area of interest, carrying acoustic, electro-optical, or electronic warfare sensors, and acting as extenders of the surveillance network without exposing manned platforms. With the added and very important factor that the availability of multiple platforms of different sizes and costs operating in unison allows for forming a sensor network and, thereby, taking advantage of the benefits of multistatism, into which we will not delve as we already explained them at the time in a specific article.

Alongside them, a set of passive protection and physical reinforcement solutions has been consolidated which may seem from another time, but which maintain their utility. In relatively shallow waters, where the main threats are anchor dragging, fishing, or possible direct sabotage, operators resort to special coatings, articulated pipes, protection structures, and also the selective burial of cables and pipes. These elements do not in themselves prevent a well-prepared deliberate action, but they raise the threshold of effort required and substantially reduce the risk of accidental damage, which today continues to represent a very significant part of recorded incidents. Furthermore, there always remains the placement of nets and physical barriers of all kinds, so common in many naval bases against divers, torpedoes, or unmanned vehicles.

The most recent innovation has centred on transforming the infrastructures themselves into sensors. Distributed fibre optic sensing technologies allow cables to be used as continuous sensors of vibration, temperature, or strain over tens of kilometres. This capacity, combined with advanced signal analysis algorithms, makes it possible to detect characteristic patterns – from the prolonged dragging of an anchor to the repeated passage of a vessel over the same point – and provide more solid evidence for the attribution of incidents. Thus, if a few weeks ago we spoke about how the trenches of the future will cease to be cold and damp positions excavated in the black earth, to become nodes of a much larger multi-sensor detection system, the same is occurring with some critical infrastructures, in a trend that does not cease to intensify due to technical possibilities and security circumstances.

All of this is integrated into command, control, and data fusion systems that have come to occupy a central place in the market offering. Providers no longer limit themselves to selling isolated sensors, but propose software solutions combining underwater information, maritime traffic data, radar and camera images, meteorological information, and, in some cases, external intelligence sources. Something which, incidentally, must be an object of priority attention, for the country that in the coming years does not possess sovereignty in software matters, however much it may even produce the physical components or part of them, will fall into unsustainable dependence. In any case, returning to the idea, the manufacturers’ objective involves offering authorities and operators a coherent picture of the situation, with tools for pattern analysis, anomaly detection, and early warning generation, so that the response can be activated before an incident reaches its maximum gravity. Much the same, in many senses, as can be seen in the cyber domain, monitoring network traffic, IP addresses, and an endless number of factors to preempt attacks as far as possible.

In parallel to technological development, the market has also become sophisticated in terms of service models, which has changed, so to speak, from purchase to leasing or the offering of complete packages. Thus, alongside classic acquisitions of complete systems, formulas based on the provision of surveillance services are beginning to gain strength: companies or consortia that operate, on behalf of the client, distributed sensor networks, analysis centres, and response capabilities, invoicing for service availability or protection level and guaranteeing themselves, in passing, recurring revenue, while the client obtains in exchange a 24/7 service. This trend fits well with the needs of some civil operators who cannot (the cost is not trivial), or do not wish to, develop internally all the capabilities necessary to protect their underwater assets.

The European context adds an additional layer of dynamism. The European Commission and several Member States have launched specific initiatives to reinforce the surveillance of underwater infrastructures, including communications cables, electrical interconnections, and gas pipelines, as well as plans to possess rapid repair means in case of sabotage. These programmes constitute a financing and cooperation framework that stimulates European industry to develop advanced solutions. At the same time, they open opportunities for all those companies that can offer high value-added technological solutions in niches such as underwater acoustics and sensor integration, something which luckily, in Spain, we are well supplied with.

Before entering into that, however, it is worth closing the section by clarifying that, in this scenario, the challenge for users and providers is not only technological, but also economic and political. When planning any acquisition, elements such as dependencies, interoperability between systems from different manufacturers, the need to fit solutions into existing or planned command and control architectures, both national and allied, sovereignty over certain critical components, and, of course, the protection of intellectual property and the data generated by the systems must be taken into account. These, although they may seem of little relevance to many, are issues that weigh increasingly in purchasing decisions. For this reason, those States that bet on a balanced combination of national capabilities and international cooperation will be better positioned to guarantee both their resilience and their decision-making autonomy. This is the case as there is no perfect solution and, certainly, no power, at least a medium one like Spain, is in a situation to bet on full autarky in this matter.

How is a marine and underwater critical infrastructure protection system designed?

Designing a marine and underwater critical infrastructure protection system demands a layered approach combining risk analysis, environmental characterisation, multimodal sensorics, and reaction plans proportional to the probable threat. All this without losing sight of the final objective, which is to maintain the continuity of essential services – such as communications cables or energy conduits – reducing to a minimum the probability of intrusion, sabotage, or accidental damage, and avoiding false alarms at the same time in an especially complex physical medium. Also the secondary one, for in the event that defences fail, the data obtained must be the maximum possible so that forensic labour is guaranteed and allows for rapid attribution, an adequate response, and also the subsequent improvement of the system.

The starting point can be none other than the definition of the asset to be protected and its level of criticality. It is not enough to know what is on the bottom; one must understand what impact its interruption would have and which segments are most vulnerable: cable resting zones, maritime route crossings, narrow passages, anchorage areas, or sections close to ports. This delimitation allows for establishing a realistic protection perimeter and prioritising resources towards those points where the combination of impact and exposure is greatest.

The second step is a structured evaluation of threats, both possible and probable, as this allows for «refining the aim», reducing costs and improving effectiveness. In coastal environments, divers, high-speed vessels, unmanned vehicles of different sizes, midget submarines, or devices placed on the seabed can coexist. Furthermore, there are non-hostile presences that must be correctly discriminated, such as marine fauna or legal traffic. To orient the design, operational parameters (speed, typical depth, radiated signature) are assessed, together with risk criteria (availability of the means to the attacker, probability of attack, and destructive potential). This combination defines the «scenario catalogue» that the system must cover.

From there, a feasibility study of the sensorics is carried out, especially acoustic sensors, as they are usually the most relevant. In a real scenario, proximity to the coast, bathymetry, and seabed profile are analysed. In addition, performance is simulated to decide how many sensors are needed and at which points they must be located. Applying acoustic performance modelling tools allows for anticipating zones of good coverage and shadow zones, estimating plausible ranges, and adjusting the architecture before proceeding with the deployment of whatever hardware is deemed appropriate. In typical coastal environments, a few kilometres’ distance from the coast and moderate depths already generate propagation conditions sufficiently variable to justify this preliminary work, which very few can undertake, given its complexity and the specificity of the tools necessary to carry it out.

The sensory architecture must take into account the need to detect multiple types of influences. It is true, as we said, that acoustic sensors are the habitual core, but also that their action reinforces whenever it is possible to detect other signatures. For this reason, the following are combined:

• Passive acoustics, to detect energy radiated by the threat. It proves especially useful against platforms with machinery and propulsion.
• Active acoustics, to confirm contacts and detect low-emission targets.
• Electromagnetics, relevant against metallic elements or platforms with associated emissions.
• Pressure, where the hydrodynamic disturbance of a platform’s passage can be detectable at short distances.
• Seismic, taking advantage of the transmission of very low-frequency components to the sub-seabed in certain scenarios.

The combination of modalities not only increases the probability of detection, but improves signal classification, allowing for better characterisation of both the type of threat and its possible intentions.

In the acoustic part, performance is optimised through array configurations, because they provide directivity gain. This translates into an improvement of the signal-to-noise ratio and a greater capacity for identification and classification[FR1]. The sizing and geometry of the specific array are justified with expressions of merit equivalent to the sonar equation: in passive mode, the balance between target source level, ambient noise, directivity, and detection threshold; in active mode, the target strength is also integrated.

Frequency selection is another critical aspect. In active systems, at lower frequencies potential range and the sensor’s physical size usually increase, but spatial resolution is lost. At high frequencies, the ability to detect small objects improves, at the cost of diminishing range. Therefore, effective protection usually combines bands, such that area surveillance is carried out with lower frequencies and verification or close inspection with higher ones.

In parallel, active sensors distributed in multistatic mode can be incorporated, where separate transmitters and receivers collaborate to create a detection «mesh» more robust to the geometry of the environment. There are also developments of optical sensors in individual or distributed configurations, oriented towards measuring local disturbances associated with water dynamics, as a complement to traditional solutions.

In any case, when designing a protection system the reader needs to take into account that it is not sufficient simply to detect (hence why the situational awareness capacity of our Air and Space Force beyond the atmosphere serves no purpose to cover deficiencies in defensive means, leaving our satellites unprotected against any enemy action). Therefore, a reaction system is always needed, which may count on diverse complementary approaches:

• Non-lethal deterrence, such as acoustic warnings in water and air, bubble curtains, or underwater physical barriers (nets, fences, or other structures) to hinder unauthorised access.
• Operational response, based on coordination with surface units and specialised teams.
• Neutralisation, reserved for competent authorities and under applicable doctrine and legal framework, with specific capabilities for high-risk threats, such as the employment of kinetic means of all kinds.

Finally, all the foregoing must be integrated into a command and control centre with data fusion, alarm rules based on the potential risk implied by each type of threat, and pattern recording for continuous learning, for every collected datum must be evaluated subsequently. Only thus does a system move from «hearing things» to interpreting behaviours and escalating the response according to the probable threat with a reduced margin of error.

In a nutshell, it can be stated that a well-designed system should combine planning by risk levels and threat types, environmental modelling, multimodal sensorics, and the possibility of offering a staggered and personalised response. It is that sum of layers that converts the protection of critical underwater infrastructures into a truly robust, sustainable, and environment-adapted capability; precisely, that to which SAES dedicates itself, as we shall see below.

The role of SAES in the protection of critical underwater infrastructures

Within our particular technological and industrial ecosystem, SAES (S.A. de Electrónica Submarina, S.M.E.) occupies a singular position. It is a Spanish company specialised in underwater acoustics of which we have spoken on several occasions, as they play a key role in programmes such as that of the S-80 class submarines or the F-110 frigates. With several decades of experience in the development of equipment and systems for the Navy and for other national and international clients, its profile combines proximity to the operational needs of the Spanish Armed Forces with a growing export vocation and a strong orientation towards research and development, despite its reduced size.

From the technological point of view, the core of SAES’s capabilities resides in advanced underwater signal processing, although they also market sensors, simulation systems, or naval mines, among others. In fact, over the years, this company from Cartagena, which now also has facilities in Cadiz, has developed sonars of different classes – towed, cylindrical, intruder detection, acoustic classification systems – and influence equipment for mine warfare and anti-submarine warfare. That experience, built initially around the needs of naval platforms, has been progressively adapted to the new requirements of surveillance and protection of critical infrastructures, in particular in the port and littoral environment.

One of the most relevant products in this realm is the DDS-03, a diver detection sonar conceived to protect ports, vessels at anchor, and sensitive maritime infrastructures against low-signature underwater threats. It is a high-frequency active sonar, with 360-degree coverage, capable of detecting and tracking multiple targets and discriminating between divers, small underwater vehicles, and other contacts of lesser operational interest. This type of solution fits naturally into integral protection systems for naval bases, coastal energy terminals, or singular interconnection points where an undetected approach by an intruder could have grave consequences.

What is important, in any case, is not so much this or that equipment, as the fact that the company has evolved to go beyond the individual sensor to offer integrated protection systems for ports and other critical installations designed ad hoc, following the steps explained in the previous section. In this way, SAES is capable of designing and constructing integrated critical infrastructure protection systems that can combine long-range passive acoustic sensors, active sonars for intruder detection in proximity, and electromagnetic sensor barriers in zones closest to the protected infrastructure. Information proceeding from all these sensors is subsequently integrated into a command and control system that allows for generating a coherent picture of the underwater environment and activating adequate response procedures, which may range, should the case arise, from the broadcasting of acoustic messages (useful against divers, as it implies they have been detected), to kinetic actions, such as the launch of small torpedoes or mines if necessary.

In the field of wider area surveillance, it is worth remembering that some infrastructures are very extensive, the company also provides solutions based on towed sonars and towed arrays, such as its DTAS system, oriented towards the detection and classification of contacts at greater distance. Although this equipment has traditionally been used in anti-submarine warfare missions, its capacity to cover large expanses of sea makes it a tool of interest for inspection campaigns of cable and pipeline routes or for the reinforced surveillance of infrastructure corridors in tension scenarios.

In addition to the foregoing, recently SAES has taken a qualitative leap with the development of distributed surveillance systems such as Ocean Sentinel, presented in collaboration with the also Spanish Satlink. In particular, this system combines intelligent buoys equipped with acoustic sensors and satellite communication capabilities with control centres capable of processing received information in real time. This type of solution allows for deploying flexible surveillance networks in areas where it proves unviable or excessively costly to install traditional fixed sensors, reinforcing the protection of maritime routes, cable transit zones, or accesses to offshore installations.

The company’s participation in R&D&i projects, both national and European, allows one to think that SAES’s capabilities will continue to grow in coming years. Its implication in initiatives centred on underwater noise, the improvement of low-signature threat detection, and the development of advanced signal processing algorithms is indicative of a strategy that does not limit itself to exploiting mature solutions, but seeks to anticipate future needs derived from the expansion of the Grey Zone to the underwater domain.

From the perspective of the Armed Forces and other Spanish operators, the added value of this Murcian company is concretised on several planes. In the first place, it offers products and systems adapted to the national operational environment, designed taking into account the acoustic and oceanographic particularities of Spanish maritime spaces and the real structure of its critical infrastructures. In the second place, it facilitates direct and continuous dialogue between users and developers, something especially valuable when it comes to adjusting detection algorithms, integrating new sensors, or adapting systems to changes in doctrine and procedures. In the third place, it contributes to industrial sovereignty by providing key capabilities – in underwater acoustics and sensor integration – that, otherwise, would depend exclusively on external providers.

In sum, SAES is a fundamental actor regarding the design and deployment of protection solutions for marine and underwater critical infrastructures. A position that will be accentuated in the coming decades. As Spain reinforces its bet on infrastructure protection (and it is not something negotiable), this company’s capacity to design ad hoc solutions and integrate proprietary technology into complex systems – some of them multinational – will be one of the elements contributing to translating the strategies that we as a country are little by little gathering in different documents, into effective capabilities on the ground, or, in this case, upon and beneath the sea surface.

Conclusions and recommendations

Dependence on infrastructures situated upon, alongside, and under the sea – ports, naval bases, cables, pipelines, energy installations, and, in the future, underwater data centres – is already a structural feature of advanced societies. These infrastructures are not an appendage of the system, but an integral part of the provision of energy, digital connectivity, trade, and military capacity. Their vulnerability translates, therefore, into an unacceptable risk for the State as a whole and, also, for many of its allies.

Secondly, the evolution of threats has consolidated the underwater domain as a privileged scenario for competition in the Grey Zone. The combination of physical discretion, technical complexity, and difficulties of attribution offers hostile actors opportunities for pressure and sabotage difficult to replicate in other domains. In this context, incidents occurring in the European environment must not be viewed as isolated anomalies, but as manifestations of an underlying trend that will foreseeably continue over the coming years and which, surely, will not cease to increase.

Thirdly, the Spanish case presents specific features that increase both criticality and exposure. Spain’s geographical position, at the crossroads between the Atlantic and the Mediterranean, makes it a transit point for energy and communications routes of global reach. The density of underwater cables and energy interconnections, the importance of its ports and naval bases, and the forecast for growth in the extraction of marine energy or mineral resources configure an infrastructure map in which critical assets multiply day by day. Added to this is a necessarily complex governance, in which responsibilities of several ministries, administrations, and private operators converge. Besides, this comes on top of European and allied cooperation frameworks.

Fourthly, effective solutions to protect these infrastructures cannot be limited to adding security layers in an improvised manner. They demand an approach based on risk management, asset prioritisation, the design of multimodal surveillance architectures – underwater, surface, and cyber – and integration into command and control systems capable of transforming data into usable situational awareness. The technology exists and progresses rapidly, such that the true challenge resides in selecting, combining, and operating these capabilities in a coherent, sustainable manner aligned with real operational needs.

Fifthly, the industrial dimension is not an accessory element, but of the greatest relevance. The capacity to possess national companies that master key technologies – such as underwater acoustics, sensor integration, or advanced signal processing – reinforces decision-making autonomy, facilitates the adaptation of systems to the local environment, and allows for participating with one’s own voice in European and allied programmes. In this sense, the case of SAES illustrates how a domestic company can provide concrete solutions responding to needs identified at strategic, operational, and tactical levels, for the defence of critical infrastructures affects all of them.

Having explained all the foregoing, we cannot close the article without making some recommendations for the future. Thus, at the strategic level, it proves essential to consolidate an integrated vision of underwater infrastructure protection that overcomes watertight compartments between departments and sectors. Coordination between Defence, Interior, Ecological Transition, Transport, and private operators should translate into joint risk assessment plans, preparation exercises, and shared response protocols.

At the operational level, it is advisable to prioritise the development of robust underwater situational awareness in areas of greatest criticality, combining fixed and mobile sensors, manned and unmanned means, and advanced data fusion capabilities. Allied experience demonstrates that investing in early detection and solid attribution is as important as physically reinforcing infrastructures.

At tactical and technical levels, it should be taken into account that the sooner we deploy new systems and train the personnel necessary to operate them, the sooner we will be able to improve each of their components and gain usage experience.

Furthermore, it is obligatory to also deal with other planes such as the industrial and technological. Indeed, it would be advisable to reinforce support mechanisms for innovation in underwater protection technologies, favouring collaboration between companies like SAES, large contractors, research centres, and end users. It is not that nothing is being done, but it is not at all sufficient and more investment and support are required. In this sense, participating actively in European and allied initiatives not only allows for accessing financing and sharing risks, but also influencing the definition of standards and architectures that will mark the market in coming years; but Spain, for this participation to yield all required results, must accompany its companies and influence every part of the process, for which will and a disposition to place nationals in key posts in NATO and the EU are needed.

Finally, following on since we have touched upon the human and doctrinal dimensions, we must remember that the best technology loses a large part of its effectiveness if it is not accompanied by trained personnel, clear procedures, and a settled strategic culture. Investing in specific training, in employment doctrines adapted to the Grey Zone environment, and in exercises integrating civil and military actors is an indispensable condition for available capabilities to translate, when the moment arrives, into effective responses.

The protection of critical underwater infrastructures is, definitively, a long-haul challenge combining technical, strategic, and industrial dimensions. Addressing it with ambition and realism is an unavoidable task for any country that, like Spain, aspires to preserve its security, its prosperity, and its credibility as a reliable ally in an increasingly contested international environment.