Securing North American Pipeline Infrastructure
Under Lock and Key
Oil and gas pipelines are a juicy target if some militant group wants to create a serious disruption to an enemy’s daily life. Pipelines may also look like a free energy source to certain nefarious individuals who may illegally tap the infrastructure to get at the lucrative product. But there are also less adversarial threats to pipeline security, such as third-party groups digging in the area and damaging the pipe.
While the first two scenarios are common in other parts of the world where constant fighting threatens infrastructure integrity, the last concern is more prevalent in North America.
“Physical security methods run the gamut from foot patrols, cameras, guards and fences to detailed security plans and threat and vulnerability assessments,” says Cathy Landry, communications director and spokeswoman for the Interstate Natural Gas Association of America (INGAA). The association released guidelines for physical pipeline security after the terrorist attacks on Sept. 11, 2001. The U.S. Transportation Security Administration adopted the guidelines and offers a number of resources for training and assessing pipeline security.
However, physical threats aren’t the only concerns to pipeline security. Cyber-attacks are an increasing concern to the industry, as well as the U.S. government.
According to global investigations, intelligence and risk management firm Stroz Friedberg, the rate of cyber-attacks on energy firms is skyrocketing. Between October 2012 and May 2013, oil and gas companies reported 111 cyber incidents to the U.S. Department of Homeland Security. That is nearly 30 attacks more than the sector reported for all of fiscal year 2012.
“Like all companies, the pipeline industry has noticed an uptick of attempted cyber intrusion campaigns in recent years,” Landry says. “It’s really a sign of the times. Some hackers have had good luck, and that’s prompted more to try. Because the cyber threats are so fast-moving and changing, I’d certainly say we experience more cyber-attacks than physical attacks. However, just like the attacks you might get on your PC at home or the office, some are threats and some are nuisances. Still, lots of time, effort and money is being put into protecting data and systems.”
Last year, the U.S. Department of Energy announced a $30 million investment to help strengthen electric grid, oil and gas infrastructures.
“We are very focused on cybersecurity initiatives, in part because the Obama executive orders issued last year and recent high-profile cyber-attacks against some large U.S. and international companies,” Landry says. “However, we are vigilant on both physical and cybersecurity issues, and have safeguards and practices in place to prevent attacks and mitigate affects should an attack occur.”
Wired for Protection
There are a number of companies that offer physical and cyber security products for the oil and gas pipeline sector, such as cameras, asset monitoring systems and other technology. Future Fibre Technologies (FFT), an Australian company with its North American headquarters in Mountain View, California, offers a number of fiber-optic solutions to provide physical security, two of which are specifically geared toward the pipeline industry.
Secure Pipe and Aura are passive systems buried along with the pipeline and detect ground disturbances that could be threats, according to Erick Reynolds, manager of critical infrastructure for FFT. Secure Pipe can detect digging around a pipeline, whereas Aura can detect vehicles traveling on the surface.
“The biggest challenge is the labor involved in trenching or following behind to place the cable above pipeline. The system can detect and locate threats within 150 yds of an event.”
The fiber-optic cable is spliced every 10 km, and there are no batteries in the field to break. Processors along the system transmit signals to a monitoring station. When a disturbance affects the path of the light traveling through the fiber-optic cable, an alarm goes off at a monitoring station and is classified as either a threat to act on or a nuisance to disregard.
Reynolds says the problem is usually a backhoe digging in the wrong place. While FFT’s Secure Pipe system is popular internationally, there’s not huge demand in North America.
“North America becomes sort of a strange market,” he says. “In Canada and the United States, the biggest perceived threat is someone digging near a pipeline where they shouldn’t be. Most of the events we see are in places like California and Houston, where there may be a mismarked pipeline. Internationally, the threat is usually terroristic or criminal, such as someone putting on a hot tap to steal product. It’s two definite different drivers. Criminal and terroristic attacks have been hot-button topics compared to backhoe digging in North America.”
Demands for Security
While Reynolds says digging may be the biggest threat to pipeline security in North America, that doesn’t mean there aren’t terroristic or criminal threats domestically.
“There was a guy in Canada who was setting charges around a pipeline, and that would be defined as terrorism. Pipelines are a softy protected infrastructure in the United States. It wouldn’t take much to cause a big problem.”
In Mexico, Reynolds says hot tops are a big problem.
Reynolds says the North American market for pipeline security systems is cyclical and typically reactionary.
“If someone has an incident, such as an explosion, where there may be loss of life,” he says, “then everyone wants to know what the latest and greatest technology is to prevent such things from happening in the future.”
Reynolds views the response from the pipeline industry as being more accepting of traditional means of physical security, such as flyovers or patrols to make sure nothing is awry.
The majority of FFT’s business globally is related to perimeter protection. The company offers similar technology as its Secure Pipe and Aura, but in a fence-mounted or buried system to be installed around storage facilities and refineries.
Reynolds has been with FFT for eight years, and he hasn’t seen much change in the North American pipeline security market in that time. He says the biggest driver will eventually be governmental regulations that force the pipeline industry to adapt security systems.
“We’ve seen that with chemical facilities where the industry said it was good, but the government said no it wasn’t and forced the issue.”
An Integrity Issue
Pipeline security isn’t just a matter of protecting assets, it’s also about integrity and moving oil and gas safely.
“Security and integrity management are intrinsically tied,” Landry says. “You maintain the integrity of the pipeline and facilities by inspecting it, both inside and out, and also protecting it from outside forces, whether that’s weather, an excavator with a backhoe or a terrorist, cyber of physical. The goal of a pipeline is to move natural gas safely and reliability. Security and integrity management are keys to that.”
In that same vein, FFT is currently studying the dual capabilities of its Aura system. The company is validating the ability of its system to also detect leaks, as well as protect pipelines from physical threats.
In the end, pipeline security is an integral component of operating oil and gas pipelines. Whether it’s a case of mistaken digging coordinates or hackers targeting a piece of critical infrastructure, stakeholders have a variety of tools at their disposal to protect their assets from physical and cyber threats alike.
Bradley Kramer is managing editor of North American Oil & Gas Pipelines. Contact him at firstname.lastname@example.org.