Because this was more of a personal project than a demand from a customer, the requirement assessment process was somewhat abbreviated. However, some of the needs were dictated by failures of previous tools, so a little background is in order.
A virtualized Industrial Control System (ICS) modeling program was provided by a vendor, but it never worked as desired. Two of the scenarios were irrelevant to the organization's mission, while the other two scenarios were broken: if a circuit breaker was opened, there were no cascading effects, like other circuit breakers opening. Therefore, when cyber security personnel were attempting to identify and protect critical components, there were no consequences felt within the system.
The physical ICS model used by the organization was ready for expansion, and one request was for a fuel storage and transfer system. With the knowledge what was lacking from the previous ICS application, I decided to make a fuel scenario that accounted for cascading effects, while providing alternative options for the security team.
A brief summary of the necessary requirements is listed here:
- General-use backend model was needed, one that can be used for any liquid, not just fuel. This means the same backend program can be used for fuel, water, chemicals, and so on.
- Physics-modeling of flow rates and pressure drops (within reason) was necessary. Because the cyber security teams wouldn't have the engineering background to notice invalid parameters, some of the components would be "idealized" to be frictionless or otherwise theoretical models. However, the main components, such as valves and pumps, needed to be modeled as realistically as possible, so cascading effects could be simulated.
- A graphical interface should be available. This could be the standard human-machine interface currently used with the physical model or a Python-centric GUI.
- Pure Python code would be used, but the ability to use ICS protocols, such as Modbus, should be supported.
One of the key points of this project, the physics-based modeling, could be considered unusual for software developers. Most software projects are business applications; programmers have little need to know about mathematical modeling or they have engineering teams who can provide the formulas. As I served in the Navy as a nuclear engineering laboratory technician, the necessary knowledge and skills were already available.
You are not expected to know the engineering principles that will be used for this scenario, but it will demonstrate some of the real-world applications of programming beyond making a website or other typical business applications.
The schematic diagram that will be used when designing this project is shown as follows:
You don't have to understand the entire system, but a basic explanation follows, as the operations are part of the requirements development.
For this fuel storage and transfer systems, two 1-million gallon tanks store the fuel that is delivered by truck. The height of the fluid in the tanks provides a static hydraulic pressure to the supply lines going to the pumps.
The pumps are positive displacement, screw-type pumps that maintain a constant flow rate regardless of downstream pressure. Unlike centrifugal pumps, they do not suffer vapor lock if no fluid is present, as they can create their own suction. Also, unlike centrifugal pumps, they don't require a Net Positive Suction Head (NPSH) of incoming fluid. NPSH is the pressure of incoming fluid from static pressure due to gravity, as well as any additional pressure provided by other pumps. If the NPSH is too low for a given pump, the fluid will flash to vapor and cause damage to the pump, as well as stop the flow.
The valves are comprised of the following:
- There are gate valves, which are either fully open or fully closed. These are annotated as SV in the diagram.
- There are globe valves, which are designed to allow any position from fully open to fully closed. Because of their construction, they can throttle flow to any amount desired. These are annotated as GV in the diagram.
- There are pressure relief valves, which have a spring setting to ensure the downstream pressure from the pumps does not exceed parameters. If the pressure gets too high, the relief valve opens and sends the fuel back to the inlet of the pump. These are annotated as PR in the diagram.
- There are pressure regulating valves, which maintain a constant outlet pressure for the pumps. Regardless of the rest of the valves settings, the pump will continue to see the same pressure. These are annotated as FR in the diagram.
- There are needle valves, which are used for sampling fuel prior to use. These are annotated as NV in the diagram.
The circles with FIT, PDIT, and PIT are flow and pressure sensors, while LI is a tank level indicator. Not shown in the diagram are the check valves between the tanks and SV-1 and SV-2, which prevent backflow into the tanks.
That's a lot of information, and most of it probably doesn't make much sense unless you have a mechanical background. Don't worry, as we will cover the most important information in the next few sections.