Physical pipeline security continues to be both a concern and challenge for federal and state agencies,
as well as the companies who own and operate the thousands of pipelines across North America.
According to the Government Accountability Office (GAO), “Interstate pipelines run through remote areas and highly populated urban areas, and are vulnerable to accidents, operating errors and malicious physical and cyber-based attack or intrusion.” Why has pipeline security been a concern for decades with no satisfactory solution? Generally, pipelines are built through remote areas where infrastructure connectivity and power are scarce to operate traditional types of physical security systems that protect energy and chemical plants and facilities. Up until now, there was no viable solution.
In a December 2018 study, the GAO stated that since the terrorist attacks of September 11, 2001, “New threats to the nation’s pipeline systems have evolved to include sabotage by environmental activists and cyber-attack or intrusion by nations.” One such sabotage occurred in 2016 when five environmentalists disrupted five pipelines transporting oil from Canada to the United States. Intentional attacks to pipeline infrastructure are not the only concern. On March 29, 2019, the Congressional Research Service (CRS) reported to the U.S. Department of Transportation’s Federal Safety Program that “uncontrolled pipeline releases can result from a variety of causes, including third-party excavation, corrosion, mechanical failure, control system failure, operator error and malicious acts.” The CRS Report also stated that “ongoing threats against the nation’s natural gas, oil and refined product pipelines have heightened concerns about the security risks.”
Since 2006, the Transportation Security Administration (TSA) has federal oversight for the physical security and cybersecurity of oil, natural gas and hazardous materials pipelines in the United States. So far, the TSA hasn’t issued regulations, but the industry has been adhering to the Pipeline Security Guidelines released in 2011 and updated in 2018. According to that update, a key TSA expectation is that pipeline operators implement “security measures to monitor, detect and assess unauthorized access 24 hours a day, 7 days a week” for sites deemed “critical” (i.e., those whose destruction would result in the highest consequence).
The risk is known, but what are the odds of an event occurring? Many pipeline operators believe the odds are too low to merit heavy investment to counter disruptions. One may also ask what is the frequency of prior events? According to the statistics provided by the Pipeline and Hazardous Materials Safety Administration (PHMSA), there were 772 incidents, 291 fatalities and 1,267 injuries over the past 20 years across all U.S. pipeline systems (Figure 1). From Jan. 1 through Nov. 21, 2019, there have been 22 incidents, 9 fatalities and 33 injuries.
New Pipeline Laws Demand Risk-Mitigation
New pipeline security laws have been put into effect to increase the safety of transporting hazardous materials in pipelines. Congressional oversight of PHMSA has focused on several mandated rules with potentially significant impacts on pipeline operations nationwide.
These TSA guidelines require leak detection systems for hazardous liquids that include oil and refined fuels, and they establish standards for leak detection capability. On Sept. 24, 2019, the DOT published Public Law 112-90, which expands the standards for integrity management for liquid pipelines beyond high-consequence areas. According to U.S. Transportation Secretary Elaine L. Chao, “These are significant revisions to federal pipeline safety laws and will improve the safety of our nation’s energy infrastructure.”
The concerns of DOT, PHMSA and TSA are aimed to strengthen the safety of more than 500,000 miles of onshore gas transmission and hazardous liquid pipelines throughout the United States — which deliver trillions of cubic feet of natural gas and hundreds of billions of tons of liquid petroleum products each year. According to PHMSA Administrator Skip Elliott, “The tremendous growth in U.S. energy production will require greater anticipation and preparation for emerging risks to public safety, and these forward-looking rules will help ensure pipeline operators invest in continuous improvements to pipeline safety and integrity management.”
What Needs to be Protected
Those in the pipeline industry do not like the word “protect,” as it implies an “armed force,” and this is not common outside of nuclear power plants or military needs. Most pipeline companies embrace the philosophy of DDDAR: Deter, Delay, Detect, Assess and Respond.
New gas transmission and hazardous liquid pipeline safety laws will modernize federal pipeline safety standards by expanding risk-based integrity management requirements. Equipment and procedures will need to be enhanced or overhauled to protect infrastructure from extreme weather events, thieves, environmental extremists, nation-states or even those out to sabotage operations. What infrastructure is impacted? The pipeline itself is impacted, as well as pumps, valves, meters, gathering systems, compressor, metering stations, storage facilities and even easements along the distribution routes. Early threat detection and warning to any and all parts of the pipeline infrastructure will eventually be required, and if not yet, should be a priority for all operators. For security, most operators focus resources on facilities that are designated as “critical” by the TSA, as pipeline systems are too vast to monitor “all parts.” That’s the role of their control centers that remotely monitor pressures, valves, pumps and more. However, pipeline infrastructure should also be protected and follow the DDDAR philosophy.
Outdated Solutions for New Guidelines
According to David Corrington of Stonehaven Partners, “Traditional security methods have proven
to be ineffective in threat detection, deterrence and risk mitigation.”
Upstream and midstream companies are anxious to address the new environmental, safety and security guidelines but are at a loss to identify a complete, cost-effective and practical solution, especially for remote pipeline locations.
Today’s solution typically involves a scheduled on-site visit or air patrols along the right-of-way for leaks, incursions, unauthorized equipment or construction. Unstaffed pump stations are visited frequently by operators, yet this is not the case with remote valve sites.
Personnel site visits usually find incidents after-the-fact, where the magnitude of the incident is worse than if it was caught earlier. Adding that manual “inspection” or “guarding” the 2.7 million miles of pipelines can be costly, so innovative solutions are needed for new and expanded security concerns.
“Implementation of newer technologies has given the edge to the pipeline industry in combating these threat elements, as these technologies now include fixed or mobile solar powered video surveillance, drone deployment/response and thermal radar detection,” says Corrington.
Advanced Security Solutions for a New Era
As stated by a midstream pipeline security manager, “For midstream security professionals, the 2016 ‘valve turners’ and the Dakota Access Pipeline (DAPL) Protests (2016-2017) dramatically changed our industry’s understanding of the emerging threat from environmental extremists and protesters of various causes (i.e., water rights, tribal lands, property rights and climate change). Their tactics and selection of remote valve sites and remote projects sites underscored the requirement to detect, assess and respond to security threats in real time at these sites. Power, bandwidth and reliable analytics have been the challenge in deploying cost-effective security technology.”
The goal is to deploy a “risk management” technology that delivers numerous benefits to internal stakeholders. One would be a security benefit for detecting unauthorized or suspicious activity. Another would be a safety benefit for monitoring contractors at the site, investigating injuries and near misses and ensuring the safety of employees. Yet another would be a benefit to operational support for investigating alarms received by the pipeline control center, checking critical site assets such. The industry needs a technology that delivers a broad range of benefits. For this reason, we avoid the phrase “security cameras,” as these are now “sensors connected to a platform” — where the overall benefits are much greater!
Advanced technologies with video surveillance to remote pipeline locations has become a solution to supplement manual security inspections and provide early warning and detection to events that disrupt supply, create loss and provide a security risk. Additionally, these advanced technologies supplement the 24/7 remote monitoring by control center personnel and adds a visual component to the data feed.
Power and connectivity can now be easily brought to remote sites to mitigate threats and vandalism via solar power, Long-Term Evolution (LTE) connectivity and analytics. Companies can now have a stable platform for harnessing field data. LTE is a standard for wireless broadband communication for mobile devices and data terminals. Solar-powered LTE provides a cost-effective option for rapid deployment and real-time data with remote connectivity.
However, companies want more from their physical security investment. When asked what other features he would want from a security system, one pipeline spokesperson added, “restrict people access, know when someone is on site and identify who is on site at any time, as well as address environmental, safety, and security concerns as rapidly as possible.”
Physical Security Asset Performance
From those polled who are responsible for pipeline Environmental, Health, Safety and Security (EHS&S), their wish list for a physical security asset investment would:
- Identify known manpower on sites and bifurcate between known or unknown persons.
- Reduce required man hours per area, leading to increased productivity.
- Reduce the number of site visits, which may lead to a reduction in personnel cost.
- Notify operations of spills and releases more rapidly to minimize their environmental impact.
- Enable personnel to deploy to other areas, while technology automation sounds the alert.
- Use skilled personnel for more impactful problems, instead of driving to sites.
As highlighted above, the value proposition that will catch leadership’s attention is the nexus to the safety, operational, data and resource benefits. This is over and above the security value, and this theme must be greatly emphasized.
Convergint Technologies and its partners have a viable physical security solution for remote pipelines that can meet the above performance criteria, as well as collate data from each location:
Geo-Fence the fenceless perimeters of these remote locations.
- Track assets through RFID/GPS.
- Bring SCADA/DCS connectivity to these distant and remote sites.
- Unify the safety and security enterprise inclusive of these remote locations.
- Prepare for the coming Digital Transformation with IoT while preparing for the surge of 5G.
The stand-alone security solution is comprised of a solar power system, LTE gateway, a sensor with analytics for notification of vehicles, humans and other pre-defined objects, Cloud or Edge recording and an enterprise site dashboard. Additional options for the platform may include:
- Access Control/Valve Control
- IoT Realtime Asset Tracking for Lifecycle Management
- License Plate Recognition
- Motion and Event Based Visitor Management System
- Perimeter Intrusion Detection
- Alarm/Event Push Notification
- Gunshot Detection
- Drone Detection
These solutions are configured, installed and built to function in harsh environments with the ability to be customized to fit any pipeline operator’s need. Sensors may be designed with high definition video, thermal imaging or pan-tilt-zoom capability. The designs can incorporate wind velocity or ambient temperature measurement for environmental concerns. They can also alert to safety concerns such as people on site without proper Personal Protective Equipment (PPE). A strobe light, LED lights or Giant Voice can be incorporated for two-way communication. These state-of-the-art security designs can incorporate actuations, such as relays, valve control or access control. Onboard software could run algorithms to establish rules that include heat stress monitoring and alerts. Each can be affixed to a pole, tower or building and be constructed for portability.
In the past, physical security and protection has been thought of as fences, cameras and guards. Designing the power of technology in the security field has brought new and more cost-effective solutions to problems that concern governments and communities. Installing the best system to meet the field performance requirements of remote sites will greatly improve an operator’s real-time visibility into the sites’ activities, which could only be visible in the past by in-person 24/7 monitoring.
Darin R. Dillon, CPP (Certified Protection Professoinal), is Energy Principal at Convergint Technologies.