The Homeland Defense and Security Information Analysis Center received a request for research and analysis of safety culture assessments and incident rates within the U.S. pipeline industry. HDIAC highlighted the most commonly occurring safety incidents in the pipeline industry over the last 10 years and provided possible solutions for reducing occurrences of multiple types of safety incidents. In addition, HDIAC compiled tables to display the most common incident types alongside their total property damage costs by year. Also provided in the inquiry were tables showcasing companies with the most safety violations over the last 10 years, measured by the total number of corrective action orders received and a list of pipeline companies that carried out safety culture assessments.
Background
In 2013, the United States contained 1.7 million miles of oil and gas pipeline. [1] The vast network of oil and gas pipelines makes incident prevention difficult as shown by the recent increase in reported safety incidents for 2015. [2] Prevention becomes more challenging due to the varied types of safety concerns and incidents. Equipment failures, corrosion, incorrect operation, excavation and natural and outside forces are the most costly and commonly occurring safety concerns for the pipelines. [2] Safety incidents can result in injury or loss of life, as well as significant property damage. [2] The Pipeline and Hazardous Materials Safety Administration promotes safer operating procedures through the use of enforcement actions to reduce the occurrence of safety incidents. Corrective action orders, the strongest enforcement action issued by the PHMSA, focus on “urgent situations arising out of an accident, spill, or other significant, immediate, or imminent safety or environmental concern.” [3] From 2005-2014, PHMSA issued 77 corrective action orders, [4] with an average of 1.79 corrective action orders by company. [4]
Infrastructure Weakness and Damage
More than 100,000 miles of pipelines built during or prior to the 1930s still exist in the United States. [5] These dated lines were constructed with leak-prone materials, such as cast iron, bare steel and unprotected coated steel, [5,6] making pipeline failure and corrosion the two most common types of safety incidents reported by PHMSA. [2] Replacing aged infrastructure will reduce safety incidents caused by failure and corrosion. Damage also occurs from natural forces, such as floods, landslides and high winds, as well as damage from outside forces including vehicle impact, vandalism and terrorism. [7,8] Hurricanes, earthquakes and other weather-related events are difficult to protect against. [8] Outside forces primarily impact aboveground infrastructure in densely populated areas. [7] Placing pipeline infrastructure below ground reduces the risks of damage by outside forces and may assist in protecting against some natural forces. Although burying all possible infrastructure underground may lower the number of incidents caused by both natural and outside forces, underground pipelines are still susceptible to damage caused by excavation
events, including digging, trenching and grading. [9] To reduce the risk of excavation related incidents, pipeline location and depth must be more accurately marked.
Incorrect Operation
Incorrect operation incidents resulting from human error are one of the least common incident types in the pipeline industry. [10,2] Increased autonomy of pipeline infrastructure, while
encouraging further safety training among necessary personnel, may reduce these incidents. Other possible ways of reducing safety incidents, especially those involving human error, is the inclusion of safety culture assessments. By increasing safety awareness, employees are less likely to engage in behavior that may cause a safety incident, such as overfilling a tank, over pressurizing equipment, using improper equipment or techniques and not following established procedures. [10]
Cyberattacks
Due to a rise in cyberattacks on critical infrastructure, [11] HDIAC’s analysis also included cyber threats. Although there was no PHMSA data on cyber related incidents, cyber threats are a growing concern to pipeline infrastructure. Many vulnerabilities arise with the connection of Supervisory Control and Data Acquisition systems to the Internet. [12,13] Weak, default or non-existent login credentials required to access the systems further compound this problem. [13] To mitigate the risks of a cyber intrusion capable of hijacking control systems, HDIAC proposed stronger password requirements and limiting access to necessary on-site personnel.
Recommendations and Conclusion
HDIAC’s analysis determined certain types of safety incidents, such as corrosion and equipment failure, would become less prevalent by replacing aging pipeline infrastructure. Continuous
efforts to reduce safety incidents include employee training and/or simulations, burying available infrastructure underground and increasing the use of safety culture assessments. As other types of safety incidents become less common, research shows that cyber threats against pipeline infrastructure would become more prevalent. [14] The information provided by HDIAC allows the customer to view the trend of pipeline incident types over the last 10 years and prepare mitigation efforts to reduce their occurrence and overall impact on the pipeline industry. Additionally, knowing that cyberattacks against pipeline systems are likely to increase, while equipment failure and corrosion incidents are likely to decrease, assists in predicting and preparing for future incidents.
References
1. Table 1-10: U.S. Oil and Gas Pipeline Mileage. Bureau of Transportation Statistics. (2013) Retrieved from http://www.rita.dot.gov/bts/sites/rita.dot.gov.bts/files/publications/national_transportation_statistics/html/table_01_10.html (accessed January 12, 2016).
2. PHMSA Pipeline Incidents (1995- 2014). Pipeline & Hazardous Materials Safety Administration. (2015). Retrieved from http://opsweb.phmsa.dot.gov/primis_pdm/all_reported_inc_trend.asp (accessed January 12, 2016).
3. Summary of Enforcement Actions. Pipeline & Hazardous Materials Safety Administration. (2015). Retrieved from http://primis.phmsa.dot.gov/comm/reports/enforce/Actions_opid_0.html?
nocache=5767#_TP_1_tab_1 (accessed January 12, 2016).
4. Corrective Action Orders Issued. Pipeline & Hazardous Materials Safety Administration. (2015). Retrieved from http://primis.phmsa.dot.gov/comm/reports/enforce/CAOEvent_opid_0.html?
nocache=7184 (accessed January 12, 2016).
5. Bluegreen Alliance. (2014, April 30). Repairing America’s Aging Pipelines. Retrieved from http://www.bluegreenalliance.org/news/publications/NaturalGas_BiFold_R8_HighRes.pdf (accessed January 12, 2016).
6. Bell, T. E. (2014). Pipelines Safety And Security: Is It No More Than A Pipe Dream? The Bent of Tau Beta Pi. Winter 2015. Retrieved from http://www.tbp.org/pubs/Features/W15Bell.pdf (accessed January 12, 2016).
7. Fact Sheet: Other Outside Force. Pipeline & Hazardous Materials Safety Administration. (2014). Retrieved from http://primis.phmsa.dot.gov/comm/FactSheets/FSOtherOutsideForce.htm?
nocache=3930 (accessed January 12, 2016).
8. Fact Sheet: Natural Force Damage. Pipeline & Hazardous Materials Safety Administration. (2014). Retrieved from http://primis.phmsa.dot.gov/comm/FactSheets/FSNaturalForce.htm?nocache=2515 (accessed January 12, 2016).
9. Fact Sheet: Excavation Damage. Pipeline & Hazardous Materials Safety Administration. (2014). Retrieved from https://primis.phmsa.dot.gov/comm/FactSheets/FSExcavationDamage.
htm (accessed January 12, 2016).
10. Fact Sheet: Incorrect Operation. Pipeline & Hazardous Materials Safety Administration. (2014). Retrieved from http://primis.phmsa.dot.gov/comm/FactSheets/FSIncorrectOperation.htm?
nocache=4528 (accessed January 12, 2016).
11. Sanger D. E. and Schmitt, E. (2012). Rise is Seen in Cyberattacks Targeting U.S. Infrastructure. The New York Times. Retrieved from http://www.nytimes.com/2012/07/27/us/cyberattacks-are-up-national-security-chief-says.html?_r=0 (accessed January 12, 2016).
12. Parfomak, P. W. (2012). Pipeline Cybersecurity: Federal Policy. Congressional Research Service. Retrieved from http://nsarchive.gwu.edu/NSAEBB/NSAEBB424/docs/Cyber-076.pdf (accessed January 12, 2016).
13. Hellman, H. (2015). Acknowledging the threat: Securing United States Pipeline SCADA Systems. Energy Law Journal, 36. Pg 157-178. Retrieved from http://felj.org/sites/default/files/docs/
elj361/23-157-Hellmann-Final-4.27.pdf (accessed January 12, 2016).
14. National Security Council. Transnational Organized Crime: A Growing Threat to national and International Security. Retrieved from https://www.whitehouse.gov/administration/eop/nsc/transnational-crime/threat (accessed January 12, 2016).