re: Pipelines for Dummies- HELP

quote:

---

There are also separate scheduling, nomination, billing and measurement systems that could have been hacked that don’t prevent physical operations but could cause massive financial losses if tracking ownership of the products in the system isn’t possible. Linefill in Colonial is several million barrels at any time. So talking about hundreds of millions in potential misallocated products.

---

I wish I knew more. So many moving parts and to just say “oh we were hacked” really leaves a lot of mystery.

Where did all the product go in lines? Did it free flow into breakout tanks? What gave the hack away? Just a straight up loss of controls?

They’ll never say, maybe word will travel in the industry and I’ll learn about it some day...shits just weird.

I would imagine storage facilities on the east coast should have plenty of product, especially the big Citgo facility in Jersey. I believe the gas issues is simply people overreacting and causing their own demise.

No doubt that a controller’s job can be pretty easy...browse the the web until it’s time to go home.

Just depends on what type of controlling gig you have...Nat Gas lines are pretty easy to run, liquid lines like Colonial or Explorer take a little more bandwidth to monitor.

Part of me believes this was done on American soil...not from overseas.

There are computer control systems that run pipelines. A liquid pipeline, like Colonial’s, has a lot of components that have to work and won’t work if a cyber attack takes out the control system. There are numerous shutdown valves; numerous pumping stations, each with pumps, tanks with level controls, alarms and shutdowns;

The electrical system is controlled by computers that manage load shedding. All of this has to be manually overridden and controlled in a safe way. That is a tall order. If you gave me the job, and an unlimited budget, I could have had that whole system back online in 48 hours, but not with safety as a priority. With a focus on safety, it is impressive that they are online already.

The way to get it back online is to isolate the control computers (PLCs and DCS’) from the internet, replace them with new ones, reinstall the custom software, and come back online. In this way you would only have to manually control the remote interfaces.

ETA: One thing I forgot is that at the sales point we have LACTs that are custody transfer meters. The electronics would have to be replaced, because it would not do any good to start pumping if you can’t sell. Alternatively you could get both parties to agree to a tank gauging method of determining sales volumes.

quote:

---

The liquid custody transfer meters don't have to be replaced. The outputs are either analog or digitally sent to a control system/scheme(DCS). These meters are only online as much as the DCS is. The Russians can't hack into them directly. They are not on a cloud.

---

This is not always the case. I’ve personally programmed custody transfer meters for liquids and gas onshore and offshore. Ive seen them talk RS232 or 485 to a DCS or PLC, as you described, and I’ve seen them on a WAN as a peer. I don’t know how the Colonial system is, but it’s an obvious clown show to be hacked like that. That is easily preventable.

quote:

---

Ive seen them talk RS232 or 485 to a DCS or PLC, as you described, and I’ve seen them on a WAN as a peer.

---

Even so, the entire electronics wouldn't need to be replaced. It's not a PC that has a virus. You would just need to change the output protocol's. I could do a meter in under 30 minutes. As opposed to replacing a $80k meter not to mention it has a lead time of around 10-12 weeks.

quote:

---

This is not always the case. I’ve personally programmed custody transfer meters for liquids and gas onshore and offshore. Ive seen them talk RS232 or 485 to a DCS or PLC, as you described, and I’ve seen them on a WAN as a peer.

---

Many measurement devices (analyzers, meters, whatever) can communicate digitally to the DCS. Typically that’s Modbus over RS232 / RS485 or Modbus/TCP over ethernet. But the poster you’re replying to is right - they’re only online as much as the DCS is. If the meter is communicating to the DCS using Modbus/TCP over a WAN, then the DCS must also be on that same WAN.

In other words, if they have access to the meter then it’s likely a worst-case scenario and they also have access to all of your PLC’s, the DCS, basically everything.

we are in the pipeline services business, the way I understand it there are minimum levels of controls and safety that have to be maintained because of PHMSA requirements and the hazardous nature of the products. when the hack happened, colonial had to stop the pipeline to run diagnostics to determine what level of controls they maintained, what level of control hackers had, and how much damage to the control IT system was done.

in effect they had to audit their system and meet the PHMSA regulators checklist for safe operations

quote:

---

This is all a false flag operation by big oil to correct for last year's inventory bloat and price drops.

---

Know how I know you are one of the dummies?