The construction of the second tube of the Učka Tunnel represents a significant advancement in the connection between Istria and the rest of Croatia. Eccos played a crucial role in equipping the tunnel with modern electrical and mechanical systems, with a special focus on the cybersecurity of all implemented systems. We installed essential systems that ensure the functionality and safety of the tunnel. This includes state-of-the-art equipment for power supply, lighting, signaling and ventilation, fire protection, communication and video surveillance systems. Additionally, an automatic traffic incident detection system based on advanced video analytics, along with traffic and signaling management systems, has been put in place. To achieve the highest standards of traffic safety in the tunnel, all of these systems are interconnected. Using the Epsimax application — our own software solution—integrated with the SCADA system, seamless interactions between the installed systems have been established, serving as the primary tool for monitoring and managing the tunnel.
Key Elements of Cybersecurity in Tunnels
In today’s world, where digital connectivity is becoming increasingly widespread, the importance of cybersecurity in tunnels—critical infrastructure components—is growing. Tunnels can be potential targets for cyberattacks, posing risks to the safety of passengers, supply chains, emergency services, and more.
Effective cybersecurity in tunnels requires careful attention to both hardware and software components. For hardware, it is essential to know the source of its components, ensuring data security both in transit and at rest. Hardware upgrades should be frequent and straightforward, and the system must provide detailed logs to monitor operations and assist in incident reconstruction.
Regarding software, it should be developed using a secure development process and incorporate security principles in its design, default settings, and application. Furthermore, the software must maintain a strictly controlled supply chain for third-party components, especially when including open-source elements.
The ISA/IEC 62443 standard is designed to manage cybersecurity in systems that rely on operational technologies. It covers the complete scope of cybersecurity management and provides recommendations for system segmentation and effective communication. It is advised to define functional levels (or zones) that group systems with similar security requirements, establishing clear communication protocols between these levels. Communication between levels is facilitated through conduits that permit only specific, well-defined types of communication. This approach ensures that if an attack occurs in one zone, the attacker does not have an easy path to other systems. Additionally, special attention is given to securing communication with IT system components by implementing a demilitarized zone.
Eccos understands the critical role of cybersecurity in all projects, including the Učka Tunnel equipment project. In addition to the previously mentioned measures, we focused on ensuring the confidentiality of sensitive data, securely configuring features instead of simply disabling them, maintaining redundancy for critical system components, segmenting the system effectively, and allowing for regular updates of operating systems and software components without disrupting operations. System visibility is essential for proactive security management, as it enables quicker responses to threats and better preparedness for potential incidents. Epsimax System Health Management software plays a key role in enhancing this visibility. It functions as an independent component that monitors the status of various network devices from any manufacturer, employing standard protocols. This software provides insight into all system elements and facilitates the timely detection of vulnerabilities.
While it is impossible to achieve complete protection against cyber attacks—given the unpredictability and complexity of these threats—the risk can be greatly reduced and potential consequences mitigated. Through the implementation and integration of advanced solutions and modern systems, along with adherence to European security standards, the Učka Tunnel has become one of the safest infrastructure projects in the region and beyond.
