- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
re: Pipelines for Dummies- HELP
Posted on 5/12/21 at 8:18 pm to Fletch1985
Posted on 5/12/21 at 8:18 pm to Fletch1985
Colonial uses Transport4 for all that...T4 wasn’t hacked.
Posted on 5/12/21 at 8:21 pm to offshoreangler
quote:
Boy there are some pipelining mother frickers around here...
SCADA/HMI can have some built in logic or controls, shutdowns, alerts or trips, but ultimately there is someone sitting on a console starting, monitoring, stopping that line.
With some of the guys I’ve met, I think it would be safe to change that to “supposed to be watching the controls”.
All alarm hell would also alert them as well. Would be really curious to know how everything alerted during the hack or if shite just went dark?
Posted on 5/12/21 at 8:25 pm to Fletch1985
quote:
There are also separate scheduling, nomination, billing and measurement systems that could have been hacked that don’t prevent physical operations but could cause massive financial losses if tracking ownership of the products in the system isn’t possible. Linefill in Colonial is several million barrels at any time. So talking about hundreds of millions in potential misallocated products.
I wish I knew more. So many moving parts and to just say “oh we were hacked” really leaves a lot of mystery.
Where did all the product go in lines? Did it free flow into breakout tanks? What gave the hack away? Just a straight up loss of controls?
They’ll never say, maybe word will travel in the industry and I’ll learn about it some day...shits just weird.
I would imagine storage facilities on the east coast should have plenty of product, especially the big Citgo facility in Jersey. I believe the gas issues is simply people overreacting and causing their own demise.
Posted on 5/12/21 at 8:25 pm to roadkill
Hackers don’t have any control of the pipeline and never did. That’s just the news
A pipeline like colonial has over 5500 miles of lines and close to 100 facilities. They move 2.7 million barrels of product off their line per day. It’s a manual operation with controls through a computer based system. Like posted earlier a SCADA type system is used for supervision and data back to a hub.
It can be ran completely in the dark with no supervisory from the scada system but agencies like PHMSA and DOT have regulations that stop it from happening. One slip up by an operator at the wrong time could cause a catastrophic type spill.
A pipeline like colonial has over 5500 miles of lines and close to 100 facilities. They move 2.7 million barrels of product off their line per day. It’s a manual operation with controls through a computer based system. Like posted earlier a SCADA type system is used for supervision and data back to a hub.
It can be ran completely in the dark with no supervisory from the scada system but agencies like PHMSA and DOT have regulations that stop it from happening. One slip up by an operator at the wrong time could cause a catastrophic type spill.
Posted on 5/12/21 at 8:25 pm to Hawgeye
No doubt that a controller’s job can be pretty easy...browse the the web until it’s time to go home.
Just depends on what type of controlling gig you have...Nat Gas lines are pretty easy to run, liquid lines like Colonial or Explorer take a little more bandwidth to monitor.
Just depends on what type of controlling gig you have...Nat Gas lines are pretty easy to run, liquid lines like Colonial or Explorer take a little more bandwidth to monitor.
Posted on 5/12/21 at 8:27 pm to Huey Lewis
quote:
This is all a false flag operation by big oil to correct for last year's inventory bloat and price drops.
Which section of your arse did you pull that from?
Posted on 5/12/21 at 8:27 pm to geauxfortwo
Part of me believes this was done on American soil...not from overseas.
Posted on 5/12/21 at 8:29 pm to geauxfortwo
Exactly.
I don’t think people understand that the hackers didn’t shutdown the pipeline
The hackers pushed pass the threshold of cyber security that made the operator follow procedures and they shut it down themselves.
I don’t think people understand that the hackers didn’t shutdown the pipeline
The hackers pushed pass the threshold of cyber security that made the operator follow procedures and they shut it down themselves.
Posted on 5/12/21 at 8:37 pm to Klondikekajun
There are computer control systems that run pipelines. A liquid pipeline, like Colonial’s, has a lot of components that have to work and won’t work if a cyber attack takes out the control system. There are numerous shutdown valves; numerous pumping stations, each with pumps, tanks with level controls, alarms and shutdowns;
The electrical system is controlled by computers that manage load shedding. All of this has to be manually overridden and controlled in a safe way. That is a tall order. If you gave me the job, and an unlimited budget, I could have had that whole system back online in 48 hours, but not with safety as a priority. With a focus on safety, it is impressive that they are online already.
The way to get it back online is to isolate the control computers (PLCs and DCS’) from the internet, replace them with new ones, reinstall the custom software, and come back online. In this way you would only have to manually control the remote interfaces.
ETA: One thing I forgot is that at the sales point we have LACTs that are custody transfer meters. The electronics would have to be replaced, because it would not do any good to start pumping if you can’t sell. Alternatively you could get both parties to agree to a tank gauging method of determining sales volumes.
The electrical system is controlled by computers that manage load shedding. All of this has to be manually overridden and controlled in a safe way. That is a tall order. If you gave me the job, and an unlimited budget, I could have had that whole system back online in 48 hours, but not with safety as a priority. With a focus on safety, it is impressive that they are online already.
The way to get it back online is to isolate the control computers (PLCs and DCS’) from the internet, replace them with new ones, reinstall the custom software, and come back online. In this way you would only have to manually control the remote interfaces.
ETA: One thing I forgot is that at the sales point we have LACTs that are custody transfer meters. The electronics would have to be replaced, because it would not do any good to start pumping if you can’t sell. Alternatively you could get both parties to agree to a tank gauging method of determining sales volumes.
This post was edited on 5/12/21 at 8:41 pm
Posted on 5/12/21 at 8:54 pm to Penrod
quote:
One thing I forgot is that at the sales point we have LACTs that are custody transfer meters. The electronics would have to be replaced, because it would not do any good to start pumping if you can’t sell.
The liquid custody transfer meters don't have to be replaced. The outputs are either analog or digitally sent to a control system/scheme(DCS). These meters are only online as much as the DCS is. The Russians can't hack into them directly. They are not on a cloud. This is one of the easiest parts of the system.
Starting up and controlling the pumps, control valves, leak detection, etc. That is what takes time.
Posted on 5/12/21 at 9:12 pm to Cash
quote:
The liquid custody transfer meters don't have to be replaced. The outputs are either analog or digitally sent to a control system/scheme(DCS). These meters are only online as much as the DCS is. The Russians can't hack into them directly. They are not on a cloud. This is one of the easiest parts of the system.
Was about to say the same thing. I would imagine your standalone systems that only communicate their readings via analog or Modbus are pretty secure. Things like meters, analyzers, etc.
The DCS should also be pretty damned secure but I know different companies employ different levels of “air gaps,” and they aren’t impenetrable. The planning/scheduling tools are probably the least secure.
The thing is, the hackers may have never even had access to any control systems. But the company has to take that risk seriously as the consequences are too severe if they are wrong.
Posted on 5/12/21 at 9:17 pm to Cash
quote:
The liquid custody transfer meters don't have to be replaced. The outputs are either analog or digitally sent to a control system/scheme(DCS). These meters are only online as much as the DCS is. The Russians can't hack into them directly. They are not on a cloud.
This is not always the case. I’ve personally programmed custody transfer meters for liquids and gas onshore and offshore. Ive seen them talk RS232 or 485 to a DCS or PLC, as you described, and I’ve seen them on a WAN as a peer. I don’t know how the Colonial system is, but it’s an obvious clown show to be hacked like that. That is easily preventable.
Posted on 5/12/21 at 9:18 pm to lostinbr
quote:
The thing is, the hackers may have never even had access to any control systems. But the company has to take that risk seriously as the consequences are too severe if they are wrong.
IMO, leak detection is the low hanging fruit. If you can find a way to simulate an event you can trip off the entire network. Then as you said the pipeline has to step back and look at everything just to be safe.
Posted on 5/12/21 at 9:37 pm to Penrod
quote:
Ive seen them talk RS232 or 485 to a DCS or PLC, as you described, and I’ve seen them on a WAN as a peer.
Even so, the entire electronics wouldn't need to be replaced. It's not a PC that has a virus. You would just need to change the output protocol's. I could do a meter in under 30 minutes. As opposed to replacing a $80k meter not to mention it has a lead time of around 10-12 weeks.
Posted on 5/12/21 at 9:43 pm to Hawgeye
(no message)
This post was edited on 2/22/24 at 11:46 am
Posted on 5/12/21 at 9:57 pm to Penrod
quote:
This is not always the case. I’ve personally programmed custody transfer meters for liquids and gas onshore and offshore. Ive seen them talk RS232 or 485 to a DCS or PLC, as you described, and I’ve seen them on a WAN as a peer.
Many measurement devices (analyzers, meters, whatever) can communicate digitally to the DCS. Typically that’s Modbus over RS232 / RS485 or Modbus/TCP over ethernet. But the poster you’re replying to is right - they’re only online as much as the DCS is. If the meter is communicating to the DCS using Modbus/TCP over a WAN, then the DCS must also be on that same WAN.
In other words, if they have access to the meter then it’s likely a worst-case scenario and they also have access to all of your PLC’s, the DCS, basically everything.
Posted on 5/13/21 at 12:50 am to lostinbr
If different products travel through the pipeline as mentioned diesel and then jet fuel,how do they keep them from mixing.Wouldn’t a certain amount of the jet fuel be contaminated by diesel ?
Posted on 5/13/21 at 1:07 am to LSUA 75
we are in the pipeline services business, the way I understand it there are minimum levels of controls and safety that have to be maintained because of PHMSA requirements and the hazardous nature of the products. when the hack happened, colonial had to stop the pipeline to run diagnostics to determine what level of controls they maintained, what level of control hackers had, and how much damage to the control IT system was done.
in effect they had to audit their system and meet the PHMSA regulators checklist for safe operations
in effect they had to audit their system and meet the PHMSA regulators checklist for safe operations
Posted on 5/13/21 at 3:55 am to Klondikekajun
Oilfield baws getting richer , consumer getting F$&@ed!
Posted on 5/13/21 at 4:41 am to Huey Lewis
quote:
This is all a false flag operation by big oil to correct for last year's inventory bloat and price drops.
Know how I know you are one of the dummies?
Popular
Back to top
Follow TigerDroppings for LSU Football News