Contents

• Introduction
• Safety and Security in the Pipeline Industry
• Pipeline Safety Record
• Pipeline Security Vulnerabilities
• Cybersecurity Risks
• Pipelines and Hazardous Materials Safety Administration
• DOT Pipeline Security Activities
• Pipeline Safety Improvement Act of 2002
• Pipeline Inspection, Protection, Enforcement, and Safety Act of 2006
• Transportation Security Administration
• TSA Pipeline Security Activities
• Security Incident Investigations
• GAO Study of TSA's Pipeline Security Activities
• Federal Energy Regulatory Commission
• National Transportation Safety Board
• San Bruno Pipeline Accident Investigation
• Key Policy Issues
• Staffing Resources for Pipeline Safety and Security
• PHMSA Inspectors
• PHMSA Staffing Shortfalls
• State Pipeline Inspector Funding
• TSA Pipelines Security Resources
• Automatic Shutoff Valves for Transmission Pipelines
• Previous Consideration
• Remotely Controlled Valves for Liquids Pipelines
• Valve Replacement Costs
• Oak Ridge Laboratory Valve Study
• SCADA and Leak Detection System Requirements
• Public Perceptions
• Natural Gas Distribution Excess Flow Valves
• PHMSA Penalties and Pipeline Safety Enforcement
• PHMSA Penalties in Perspective
• Regulation of Canadian Oil/Tar Sands Crude Pipelines
• Pipeline Security Regulations
• Additional Issues
• Accuracy and Completeness of Pipeline System Records
• Mandatory Internal Inspection or Hydrostatic Testing
• Emergency Response Plan Disclosure
• Pipeline Water Crossings
• Conclusion

Summary

Nearly half a million miles of pipeline transporting natural gas, oil, and other hazardous liquids crisscross the United States. While an efficient and fundamentally safe means of transport, many pipelines carry materials with the potential to cause public injury and environmental damage. The nation's pipeline networks are also widespread and vulnerable to accidents and terrorist attack. Recent pipeline accidents in Marshall, MI, San Bruno, CA, Allentown, PA, and Laurel, MT, have heightened congressional concern about pipeline risks and drawn criticism from the National Transportation Safety Board (NTSB). Both government and industry have taken numerous steps to improve pipeline safety and security over the last 10 years. Nonetheless, while many stakeholders agree that federal pipeline safety programs have been on the right track, the spate of recent pipeline incidents suggest there continues to be significant room for improvement. Likewise, the threat of terrorist attacks, especially cyberattacks on pipeline control systems, remains a concern.

The federal pipeline safety program is authorized through the fiscal year ending September 30, 2015, under the Pipeline Safety, Regulatory Certainty, and Job Creation Act of 2011 (P.L. 112-90), which was signed by President Obama on January 3, 2012. The act contains a broad range of provisions addressing pipeline safety and security. Among the most significant are provisions that could increase the number of federal pipeline safety inspectors, require automatic shutoff valves for transmission pipelines, mandate verification of maximum allowable operating pressure for gas transmission pipelines, increase civil penalties for pipeline safety violations, and mandate reviews of diluted bitumen pipeline regulation.

Both government and industry have taken numerous steps to improve pipeline safety and security over the last 10 years. Nonetheless, the NTSB has identified improvement of federal pipeline safety oversight as a "top ten" priority for 2013. The leading pipeline industry associations have concurred. Whether renewed efforts by industry, combined with additional oversight by federal agencies, will further enhance the safety and security of U.S. pipelines remains to be seen.

As Congress oversees the federal pipeline safety program and the federal role in pipeline security, key issues of focus may be pipeline agency staff resources, automatic pipeline shutoff valves, penalties for safety violations, safety regulations for oil sands crudes, and the possible need for pipeline security regulations, among other concerns. In addition to these specific issues, Congress may assess how the various elements of U.S. pipeline safety and security activity fit together in the nation's overall strategy to protect transportation infrastructure. Pipeline safety and security necessarily involve many groups: federal agencies, oil and gas pipeline associations, large and small pipeline operators, and local communities. Reviewing how these groups work together to achieve common goals could be an oversight challenge for Congress.

---

Keeping America's Pipelines Safe and Secure: Key Issues for Congress

Introduction

Nearly half a million miles of high-volume pipeline transport natural gas, oil, and other hazardous liquids across the United States.¹ These transmission pipelines are integral to U.S. energy supply and have vital links to other critical infrastructure, such as power plants, airports, and military bases. While an efficient and fundamentally safe means of transport, many pipelines carry volatile, flammable, or toxic materials with the potential to cause public injury and environmental damage. The nation's pipeline networks are also widespread, running alternately through remote and densely populated regions, some above ground and some below. These systems are vulnerable to accidents and terrorist attack. Recent pipeline accidents in Marshall, MI, San Bruno, CA, Allentown, PA, and Laurel, MT, have demonstrated this vulnerability and have heightened congressional concern about pipeline risks.

The federal program for pipeline safety resides primarily within the Department of Transportation (DOT), although its inspection and enforcement activities rely heavily upon partnerships with state pipeline safety agencies. The federal pipeline security program began with the DOT as well, immediately after the terror attacks of September 11, 2001, but pipeline security authority was subsequently transferred to the Department of Homeland Security (DHS) when the latter department was created. The DOT and DHS have distinct missions, but they cooperate to protect the nation's pipelines. The Federal Energy Regulatory Commission is not operationally involved in pipeline safety or security, but it can examine safety issues under its siting authority for interstate natural gas pipelines, and can allow pipeline companies under its rate jurisdiction to recover pipeline security costs. Collectively, these agencies administer a comprehensive and complex set of regulatory authorities which has been changing significantly over the last decade and continues to do so.

The federal pipeline safety program is authorized through the fiscal year ending September 30, 2015, under the Pipeline Safety, Regulatory Certainty, and Job Creation Act of 2011 (P.L. 112-90), which was signed by President Obama on January 3, 2012. This report reviews the history of federal programs for pipeline safety and security, key policy issues, and recent developments leading up to P.L. 112-90. Although the act contains over 30 substantive sections, this report focuses only on a subset of provisions of key interest in recent congressional debate.

Safety and Security in the Pipeline Industry

Of the nation's approximately half million miles of transmission pipeline, roughly 180,000 miles carry hazardous liquids—over 75% of the nation's crude oil and around 60% of its refined petroleum products, along with other products.² Within this network, there are nearly 200 interstate crude oil and liquid fuel pipelines, which account for roughly 80% of total pipeline mileage and transported volume.³

The U.S. natural gas pipeline network consists of around 300,000 miles of interstate and intrastate transmission.⁴ It also contains some 14,000 miles of onshore field and gathering pipeline, which connect gas extraction wells to processing facilities.⁵ Around 120 systems make up the interstate gas transmission network; another 90 or so systems operate strictly within individual states.⁶ These interstate and intrastate gas transmission pipelines feed around 900,000 miles of regional pipelines in some 1,400 local distribution networks serving over 66 million customers.⁷ Natural gas pipelines also connect to 127 active liquefied natural gas (LNG) storage sites, which can augment pipeline gas supplies during peak demand periods.⁸

Pipeline Safety Record

Taken as a whole, releases from pipelines cause few annual fatalities compared to other product transportation modes.⁹ According to the DOT, there were 14 deaths per year on average from all U.S. pipeline systems from 2007 through 2011.¹⁰ Accidental pipeline releases result from a variety of causes, including third-party excavation, corrosion, mechanical failure, control system failure, and operator error. Natural forces, such as floods and earthquakes, can also damage pipelines. There were 140 hazardous liquid pipeline accidents, 84 natural gas transmission (including gathering) pipeline accidents, and 58 natural gas distribution accidents in 2011.¹¹

Although pipeline releases have caused relatively few fatalities in absolute numbers, a single pipeline accident can be catastrophic in terms of deaths and environmental damage. Notable pipeline accidents in recent years include:

• 1999―A gasoline pipeline explosion in Bellingham, WA, killed three people and caused $45 million in damage to a city water plant and other property.
• 2000―A natural gas pipeline explosion near Carlsbad, NM, killed 12 campers.
• 2006―Corroded pipelines on the North Slope of Alaska leaked over 200,000 gallons of crude oil in an environmentally sensitive area and temporarily shut down Prudhoe Bay oil production.
• 2007―An accidental release from a propane pipeline and subsequent fire near Carmichael, MS, killed two people, injured several others, destroyed four homes, and burned over 70 acres of grassland and woodland.
• 2010―A pipeline spill in Marshall, MI, released 819,000 gallons of crude oil into a tributary of the Kalamazoo River.
• 2010—A natural gas pipeline explosion in San Bruno, CA, killed 8 people, injured 60 others, and destroyed 37 homes.
• 2011―A natural gas pipeline explosion in Allentown, PA, killed 5 people, damaged 50 buildings, and caused 500 people to be evacuated.
• 2011―A pipeline spill near Laurel, MT, released an estimated 42,000 gallons of crude oil into the Yellowstone River.
• 2012—A natural gas pipeline explosion in Springfield, MA injured 21 people and heavily damaged over a dozen buildings.

Such accidents have generated persistent scrutiny of pipeline regulation and have increased state and community activity related to pipeline safety.

Pipeline Security Vulnerabilities

In addition to their vulnerability to accidents, pipelines may also be intentionally damaged by vandals and terrorists. Pipelines may also be vulnerable to "cyber-attacks" on supervisory control and data acquisition (SCADA) systems or attacks on electricity grids and communications networks.¹² Oil and gas pipelines, globally, have been a favored target of terrorists, militant groups, and organized crime. In Colombia, for example, rebels have bombed the Caño Limón oil pipeline and other pipelines over 950 times since 1993.¹³ In 1996, London police foiled a plot by the Irish Republican Army to bomb gas pipelines and other utilities across the city.¹⁴ Militants in Nigeria have repeatedly attacked pipelines and related facilities, including the simultaneous bombing of three oil pipelines in May 2007.¹⁵ A Mexican rebel group similarly detonated bombs along Mexican oil and natural gas pipelines in July and September 2007.¹⁶ In June 2007, the U.S. Department of Justice arrested members of a terrorist group planning to attack jet fuel pipelines and storage tanks at the John F. Kennedy (JFK) International Airport in New York.¹⁷ Natural gas pipelines in British Columbia, Canada, were bombed six times between October 2008 and July 2009 by unknown perpetrators.¹⁸ In 2009, the Washington Post reported that over $1 billion of crude oil had been stolen directly from Mexican pipelines by organized criminals and drug cartels.¹⁹

Since September 11, 2001, federal warnings about Al Qaeda have mentioned pipelines specifically as potential terror targets in the United States.²⁰ One U.S. pipeline of particular concern, and with a history of terrorist and vandal activity, is the Trans Alaska Pipeline System (TAPS), which transports crude oil from Alaska's North Slope oil fields to the marine terminal in Valdez. TAPS runs some 800 miles and delivered approximately 600,000 barrels of oil per day in 2011 (over 10% of U.S. domestic oil production).²¹ In 1999, Vancouver police arrested a man planning to blow up TAPS for personal profit in oil futures.²² In 2001, a vandal's attack on TAPS with a high-powered rifle forced a two-day shutdown and caused extensive economic and ecological damage.²³ In January 2006, federal authorities acknowledged the discovery of a detailed posting on a website purportedly linked to Al Qaeda that reportedly encouraged attacks on U.S. pipelines, especially TAPS, using weapons or hidden explosives.²⁴ In November 2007 a U.S. citizen was convicted of trying to conspire with Al Qaeda to attack TAPS and a major natural gas pipeline in the eastern United States.²⁵

Notwithstanding the incidents cited above, to date, there have been no known Al Qaeda attacks on TAPS or other U.S. pipelines. The most recent U.S. federal threat assessment concludes "with high confidence that the terrorist threat to the U.S. pipeline industry is low ... [with] no specific or credible threat information indicating that violent transnational extremist groups or domestic extremists are actively plotting to conduct attacks on the U.S. pipeline industry."²⁶ Terrorist activities are in constant flux, however, and difficult to predict, so terrorist attacks remain a possibility in the future. Although Al Qaeda attacks on U.S. pipelines may be perceived as unlikely, attacks by individuals not associated with organized or terrorist groups may be a growing concern. For example, in August 2011, federal agents arrested a U.S. citizen—acting alone—who confessed to planting an improvised explosive device (which failed to detonate) under a natural gas pipeline in Oklahoma.²⁷ In June 2012, a man was critically injured attempting to plant an improvised explosive device along a natural gas pipeline in Plano, TX.²⁸

Cybersecurity Risks²⁹

One specific area of pipeline security risk that has recently come to the fore is SCADA system cybersecurity. In March 2012, the Industrial Control Systems Cyber Emergency Response Team within DHS identified an ongoing series of cyber intrusions among U.S. natural gas pipeline operators dating back to December 2011. According to the agency, various pipeline companies described targeted spear-phishing³⁰ attempts and intrusions into multiple natural gas pipeline sector organizations "positively identified … as related to a single campaign."³¹ In 2011, computer security company McAfee reported similar "coordinated covert and targeted" cyberattacks originating primarily in China against global energy companies. The attacks began in 2009 and involved spear-phishing, exploitation of Microsoft software vulnerabilities, and the use of remote administration tools to collect sensitive competitive information about oil and gas fields.³² In 2010, the Stuxnet computer worm was first identified as a threat to industrial control systems. Although the Stuxnet software initially spreads indiscriminately, the software includes a highly specialized industrial process component targeting specific Siemens industrial SCADA systems.³³ Computer security specialists claim that malicious software developers have already created new software programs tailored to target the kinds of SCADA system weaknesses revealed by Stuxnet.³⁴ The increased vulnerability of pipeline SCADA systems due to their modernization, taken together with the emergence of SCADA-specific malicious software and the recent cyberattacks, suggests that cybersecurity threats to pipelines have been increasing.

Pipelines and Hazardous Materials Safety Administration

The Natural Gas Pipeline Safety Act of 1968 (P.L. 90-481) and the Hazardous Liquid Pipeline Act of 1979 (P.L. 96-129) are two of the principal early acts establishing the federal role in pipeline safety. Under both statutes, the Transportation Secretary is given primary authority to regulate key aspects of interstate pipeline safety: design, construction, operation and maintenance, and spill response planning. Pipeline safety regulations are covered in Title 49 of the Code of Federal Regulations.³⁵ The DOT administers pipeline regulations through the Office of Pipeline Safety (OPS) within the Pipelines and Hazardous Materials Safety Administration (PHMSA). At the end of FY2012, PHMSA employed 203 total staff, including 135 inspection and enforcement staff.³⁶ In addition to its own staff, PHMSA's enabling legislation allows the agency to delegate authority to intrastate pipeline safety offices, and allows state offices to act as "agents" administering interstate pipeline safety programs (excluding enforcement) for those sections of interstate pipelines within their boundaries.³⁷ Approximately 350 state pipeline safety inspectors were available in 2012.³⁸

PHMSA's pipeline safety program is funded primarily by user fees assessed on a per-mile basis on each regulated pipeline operator.³⁹ P.L. 109-468 authorized annual pipeline safety program expenditures of $79.0 million in FY2007, $86.2 million in FY2008, $91.5 million in FY2009, and $96.5 million in FY2010. P.L. 112-90 authorizes expenditures of $109.3 million annually for each of FY2012 through FY2015, and $1.5 million annually through FY2015 for state pipeline damage prevention programs. The President's FY2013 budget requested $177 million.⁴⁰

PHMSA uses a variety of strategies to promote compliance with its safety standards. The agency conducts programmatic inspections of management systems, procedures, and processes; conducts physical inspections of facilities and construction projects; investigates safety incidents; and maintains a dialogue with pipeline operators. The agency clarifies its regulatory expectations through published protocols and regulatory orders, guidance manuals, and public meetings. PHMSA relies upon a range of enforcement actions, including administrative actions such as corrective action orders (CAOs) and civil penalties, to ensure that operators correct safety violations and take measures to preclude future safety problems. Between January 1 and November 8, 2012, PHMSA initiated 244 enforcement actions against pipeline operators.⁴¹ Civil penalties proposed by PHMSA for safety violations during this period totaled approximately $8.3 million.⁴² PHMSA also conducts accident investigations and system-wide reviews focusing on high-risk operational or procedural problems and areas of the pipeline near sensitive environmental areas, high-density populations, or navigable waters.

Since 1997, PHMSA has increasingly required industry's implementation of "integrity management" programs on pipeline segments near "high consequence areas." Integrity management provides for continual evaluation of pipeline condition; assessment of risks to the pipeline; inspection or testing; data analysis; and follow-up repair; as well as preventive or mitigative actions. High consequence areas include population centers, commercially navigable waters, and environmentally sensitive areas, such as drinking water supplies or ecological reserves. The integrity management approach directs priority resources to locations of highest consequence rather than applying uniform treatment to the entire pipeline network. PHMSA made integrity management programs mandatory for most oil pipeline operators with 500 or more miles of regulated pipeline as of March 31, 2001 (49 C.F.R. §195).

DOT Pipeline Security Activities

Presidential Decision Directive 63 (PDD-63), issued during the Clinton Administration, assigned lead responsibility for pipeline security to the DOT.⁴³ These responsibilities fell to the OPS, at that time part of the DOT's Research and Special Programs Administration (RSPA), since the agency was already addressing some elements of pipeline security in its role as safety regulator.⁴⁴ In 2002, the OPS conducted a vulnerability assessment to identify critical pipeline facilities and worked with industry groups and state pipeline safety organizations "to assess the industry's readiness to prepare for, withstand and respond to a terrorist attack."⁴⁵ Together with the Department of Energy and state pipeline agencies, the OPS promoted the development of consensus standards for security measures tiered to correspond with the five levels of threat warnings issued by the Office of Homeland Security.⁴⁶ The OPS also developed protocols for inspections of critical facilities to ensure that operators implemented appropriate security practices. To convey emergency information and warnings, the OPS established communication links to key staff at the most critical pipeline facilities throughout the country. The OPS also began identifying near-term technology to enhance deterrence, detection, response, and recovery, and began seeking to advance public and private sector planning for response and recovery.⁴⁷

On September 5, 2002, the OPS circulated guidance developed in cooperation with the pipeline industry defining the agency's security program recommendations and implementation expectations. This guidance recommended that operators identify critical facilities, develop security plans consistent with prior trade association security guidance, implement these plans, and review them annually.⁴⁸ Although the guidance was voluntary, the OPS expected compliance and informed operators of its intent to begin reviewing security programs within 12 months, potentially as part of more comprehensive safety inspections.⁴⁹ Federal pipeline security authority was subsequently transferred outside of DOT, however, as discussed below, so the OPS did not follow through on a national program of pipeline security program reviews.

Pipeline Safety Improvement Act of 2002

On December 12, 2002, President Bush signed into law the Pipeline Safety Improvement Act of 2002 (P.L. 107-355). The act strengthened federal pipeline safety programs, state oversight of pipeline operators, and public education regarding pipeline safety.⁵⁰ Among other provisions, P.L. 107-355 required operators of regulated natural gas pipelines in high-consequence areas to conduct risk analysis and implement integrity management programs similar to those required for oil pipelines.⁵¹ The act authorized the DOT to order safety actions for pipelines with potential safety problems and increased violation penalties. The act streamlined the permitting process for emergency pipeline restoration by establishing an interagency committee, including the DOT, the Environmental Protection Agency, the Bureau of Land Management, the Federal Energy Regulatory Commission, and other agencies, to ensure coordinated review and permitting of pipeline repairs. The act required DOT to study ways to limit pipeline safety risks from population encroachment and ways to preserve environmental resources in pipeline rights-of-way. P.L. 107-355 also included provisions for public education, grants for community pipeline safety studies, "whistle blower" and other employee protection, employee qualification programs, and mapping data submission.

Pipeline Inspection, Protection, Enforcement, and Safety Act of 2006

On December 29, 2006, President Bush signed into law the Pipeline Inspection, Protection, Enforcement and Safety Act of 2006 (PIPES Act, P.L. 109-468). The main provisions of the act address pipeline damage prevention, integrity management, corrosion control, and enforcement transparency. The PIPES act created a national focus on pipeline damage prevention through grants to states for improving damage prevention programs, establishing 811 as the national "call before you dig" one-call telephone number, and giving PHMSA limited "backstop" authority to conduct civil enforcement against one-call violators in states that have failed to conduct such enforcement. The act mandated the promulgation by PHMSA of minimum standards for integrity management programs for natural gas distribution pipelines.⁵² It also mandated a review of the adequacy of federal pipeline safety regulations related to internal corrosion control, and required PHMSA to increase the transparency of enforcement actions by issuing monthly summaries, including violation and penalty information, and a mechanism for pipeline operators to make response information available to the public.

Transportation Security Administration

In November 2001, President Bush signed the Aviation and Transportation Security Act (P.L. 107-71) establishing the Transportation Security Administration (TSA) within the DOT. According to TSA, the act placed the DOT's pipeline security authority (under PDD-63) within TSA. The act specified for TSA a range of duties and powers related to general transportation security, such as intelligence management, threat assessment, mitigation, security measure oversight and enforcement, among others. On November 25, 2002, President Bush signed the Homeland Security Act of 2002 (P.L. 107-296) creating the Department of Homeland Security (DHS). Among other provisions, the act transferred to DHS the Transportation Security Administration from the DOT (§403). On December 17, 2003, President Bush issued Homeland Security Presidential Directive 7 (HSPD-7), clarifying executive agency responsibilities for identifying, prioritizing, and protecting critical infrastructure.⁵³ HSPD-7 maintains DHS as the lead agency for pipeline security (par. 15), and instructs the DOT to "collaborate in regulating the transportation of hazardous materials by all modes (including pipelines)" (par. 22h). The order requires that DHS and other federal agencies collaborate with "appropriate private sector entities" in sharing information and protecting critical infrastructure (par. 25). TSA joined both the Energy Government Coordinating Council and the Transportation Government Coordinating Council under provisions in HSPD-7. The missions of the councils are to work with their industry counterparts to coordinate critical infrastructure protection programs in the energy and transportation sectors, respectively, and to facilitate the sharing of security information.

HSPD-7 also required DHS to develop a national plan for critical infrastructure and key resources protection (par. 27), which the agency issued in 2006 as the National Infrastructure Protection Plan (NIPP). The NIPP, in turn, required each critical infrastructure sector to develop a Sector Specific Plan (SSP) that describes strategies to protect its critical infrastructure, outlines a coordinated approach to strengthen its security efforts, and determines appropriate funding for these activities. Executive Order 13416 further required the transportation sector SSP to prepare annexes for each mode of surface transportation.⁵⁴ In accordance with the above requirements the TSA issued its Transportation Systems Sector Specific Plan and Pipeline Modal Annex in 2007 with an update on 2010.

TSA Pipeline Security Activities

Pipeline security activities at TSA are led by the Pipeline Security Division (PSD) within the agency's Office of Security Policy and Industry Engagement (OSPIE).⁵⁵ According to the agency's Pipeline Modal Annex (PMA), TSA has been engaged in a number of specific pipeline security initiatives as summarized in Table 1.

In addition to the activities in Table 1, TSA has also conducted regional supply studies for key natural gas markets, has conducted training on cyber security awareness, has participated in pipeline blast mitigation studies, and has joined in "G-8" multinational security assessment and planning.⁵⁶

In 2003, TSA initiated its Corporate Security Review (CSR) program, wherein the agency visits the largest pipeline and natural gas distribution operators to review their security plans and inspect their facilities. During the reviews, TSA evaluates whether each company is following the intent of the OPS security guidance, and seeks to collect the list of assets each company had identified meeting the criteria established for critical facilities. In 2004, the DOT reported that the plans reviewed to date (approximately 25) had been "judged responsive to the OPS guidance."⁵⁷ TSA has completed CSRs covering the largest 100 pipeline systems (84% of total U.S. energy pipeline throughput) and is in the process of conducting second CSRs of these systems.⁵⁸ According to TSA, CSR results indicate that the majority of U.S. pipeline systems "do a good job with pipeline security" although there are areas in which pipeline security can be improved.⁵⁹ Past CSR reviews have identified inadequacies in some company security programs such as not updating security plans, lack of management support, poor employee involvement, inadequate threat intelligence, and employee apathy or error.⁶⁰ In 2008, the TSA initiated its Critical Facility Inspection Program (CFI), under which the agency conducted in-depth inspections of all the critical facilities of the 125 largest pipeline systems in the United States. The agency estimated that these 125 pipeline systems collectively included approximately 600 distinct critical facilities.⁶¹ TSA concluded the CFI program in May 2011, having completed a total of 347 inspections throughout the United States.⁶²

In addition to the initiatives in Table 1, TSA has worked to establish qualifications for personnel applying for positions with unrestricted access to critical pipeline assets and has developed its own inventory of critical pipeline infrastructure.⁶³ The agency has also addressed legal issues regarding recovery from terrorist attacks, such as FBI control of crime scenes and eminent domain in pipeline restoration. In October 2005, TSA issued an overview of recommended security practices for pipeline operators "for informational purposes only ... not intended to replace security measures already implemented by individual companies."⁶⁴ The agency released revised pipeline security guidelines in 2010 and 2011. The guidelines include a section on cybersecurity developed with the assistance of the Applied Physics Laboratory of Johns Hopkins University as well as other government and industry stakeholders.⁶⁵

The President's FY2012 budget request for DHS did not include a separate line item for TSA's pipeline security activities. The budget request did include a $134.7 million line item for "Surface Transportation Security," which encompasses security activities in non-aviation transportation modes, including pipelines.⁶⁶ The PSD has traditionally received from the agency's general operational budget an allocation for routine operations such as regulation development, travel, and outreach. According to the PSD, the budget funds 13 full-time equivalent staff within the office.⁶⁷

In 2007 the TSA Administrator testified before Congress that the agency intended to conduct a pipeline infrastructure study to identify the "highest risk" pipeline assets, building upon such a list developed through the CSR program. He also stated that the agency would use its ongoing security review process to determine the future implementation of baseline risk standards against which to set measurable pipeline risk reduction targets.⁶⁸ Provisions in the Implementing Recommendations of the 9/11 Commission Act of 2007 (P.L. 110-53) require TSA, in consultation with PHMSA, to develop a plan for the federal government to provide increased security support to the "most critical" pipelines at high or severe security alert levels and when there is specific security threat information relating to such pipeline infrastructure (§1558(a)(1)). The act also requires a recovery protocol plan in the event of an incident affecting the interstate and intrastate pipeline system (§1558(a)(2)). TSA published this plan in 2010.

Security Incident Investigations

In addition to the above pipeline security initiatives, the TSA Pipeline Security Division has performed a limited number of vulnerability assessments and has supported investigations for specific companies and assets where intelligence information has suggested potential terrorist activity. The PSD, along with PHMSA, was involved in the investigation of an August 2006 security breach at an LNG peak-shaving plant in Lynn, MA.⁶⁹ Although not a terrorist incident, the security breach involved the penetration of intruders through several security barriers and alert systems, permitting them to access the main LNG storage tank at the facility. The PSD also became aware of the JFK airport terrorist plot in its early stages and supported the Federal Bureau of Investigation's associated investigation. The PSD engaged the private sector in helping to assess potential targets and determine potential consequences. The PSD worked with the pipeline company to keep it informed about the plot, discuss its security practices, and review its emergency response plans.⁷⁰

GAO Study of TSA's Pipeline Security Activities

In December 2008, the Senate Committee on Commerce, Science, and Transportation requested a study by the Government Accountability Office (GAO) examining TSA's efforts to ensure pipeline security. GAO's report, released in August 2010, focused on TSA's use of risk assessment and risk information in securing pipelines, actions the agency has taken to improve pipeline security under guidance in the 9/11 Commission Act of 2007 (P.L. 110-53), and the agency's efforts to measure such security improvement efforts.⁷¹ Among other findings, GAO concluded that, although TSA had begun to implement a risk management approach to prioritize its pipeline security efforts, work remained to ensure that the highest risk pipeline systems would get the necessary scrutiny. GAO also concluded that TSA was missing opportunities under its CSR and CFI programs to better ensure that pipeline operators understand how they can enhance the security of their pipeline systems. TSA could also make better use of CSR and CFI recommendations for analyzing pipeline vulnerabilities and was not following up on these recommendations. GAO found that linking TSA's pipeline security performance measures and milestones to the goals and objectives in its national security strategy for pipeline systems could aid in achieving results within specific time frames and could facilitate more effective oversight and accountability.⁷² TSA concurred with all of GAO's recommendations for addressing the issues and has since been implementing them.⁷³

Federal Energy Regulatory Commission

One area related to pipeline safety and security not under either PHMSA's or TSA's primary jurisdiction is the siting approval of new gas pipelines, which is the responsibility of the Federal Energy Regulatory Commission (FERC). Companies building interstate natural gas pipelines must first obtain from FERC certificates of public convenience and necessity. (FERC does not oversee oil pipeline construction.) FERC must also approve the abandonment of gas facility use and services. These approvals may include safety and security provisions with respect to pipeline routing, safety standards, and other factors.⁷⁴ As a practical matter, however, FERC has traditionally left these considerations to the other agencies.⁷⁵

On September 14, 2001, FERC notified jurisdictional companies that it would "approve applications proposing the recovery of prudently incurred costs necessary to further safeguard the nation's energy systems and infrastructure" in response to the terror attacks of 9/11. FERC also committed to "expedite the processing on a priority basis of any application that would specifically recover such costs from wholesale customers." Companies could propose a surcharge over currently existing rates or some other cost recovery method.⁷⁶ In FY2005, the commission processed security cost recovery requests from 14 oil pipelines and 3 natural gas pipelines.⁷⁷ FERC's FY2006 annual report stated that "the Commission continues to give the highest priority to deciding any requests made for the recovery of extraordinary expenditures to safeguard the reliability and security of the Nation's energy transportation systems and energy supply infrastructure."⁷⁸ FERC's subsequent annual reports do not mention pipeline security.

In February 2003, FERC promulgated a new rule (RM02-4-000) to protect critical energy infrastructure information (CEII). The rule defines CEII as information that "must relate to critical infrastructure, be potentially useful to terrorists, and be exempt from disclosure under the Freedom of Information Act." According to the rule, critical infrastructure is "existing and proposed systems and assets, whether physical or virtual, the incapacity or destruction of which would negatively affect security, economic security, public health or safety, or any combination of those matters." CEII excludes "information that identifies the location of infrastructure." The rule also establishes procedures for the public to request and obtain such critical information, and applies both to proposed and existing infrastructure.⁷⁹

On May 14, 2003, FERC handed down new rules (RM03-4) facilitating the restoration of pipelines after a terrorist attack. The rules allow owners of a damaged pipeline to use blanket certificate authority to immediately start rebuilding, regardless of project cost, even outside existing rights-of-way. Pipeline owners would still need to notify landowners and comply with environmental laws. Prior rules limited blanket authority to projects up to $17.5 million and 45-day advance notice.⁸⁰

National Transportation Safety Board

The National Transportation Safety Board (NTSB) is an independent federal agency charged with determining the probable cause of transportation accidents (including pipeline accidents), promoting transportation safety, and assisting accident victims and their families. The board's experts investigate significant accidents, develop factual records, and issue safety recommendations to prevent similar accidents from recurring. The NTSB has no statutory authority to regulate transportation, however, so its safety recommendations to industry or government agencies are not mandatory. Nonetheless, because of the board's strong reputation for thoroughness and objectivity, the average acceptance rate for its safety recommendations is 78%.⁸¹ The NTSB's "Most Wanted List" for 2013 called for enhanced pipeline safety through improved oversight of the pipeline industry.⁸²

San Bruno Pipeline Accident Investigation

In August 2011, the NTSB issued preliminary findings and recommendations from its investigation of the San Bruno Pipeline accident. The investigation included testimony from pipeline company officials, government agency officials (PHMSA, state, and local), as well as testimony from other pipeline experts and stakeholders. In addition to specifics about the San Bruno incident, the hearing addressed more general pipeline issues, including public awareness initiatives, pipeline technology, and oversight of pipeline safety by federal and state regulators.⁸³ The NTSB's findings were highly critical of the pipeline operator (PG&E) as well as both the state and federal pipeline safety regulators. The board concluded that "the multiple and recurring deficiencies in PG&E operational practices indicate a systemic problem" with respect to its pipeline safety program.⁸⁴ The board further concluded that

the pipeline safety regulator within the state of California, failed to detect the inadequacies in PG&E's integrity management program and that the Pipeline and Hazardous Materials Safety Administration integrity management inspection protocols need improvement. Because the Pipeline and Hazardous Materials Safety Administration has not incorporated the use of effective and meaningful metrics as part of its guidance for performance-based management pipeline safety programs, its oversight of state public utility commissions regulating gas transmission and hazardous liquid pipelines could be improved.

In her opening statement about the San Bruno accident report, NTSB Chairman Hersman summarized the board's findings as "troubling revelations … about a company that exploited weaknesses in a lax system of oversight and government agencies that placed a blind trust in operators to the detriment of public safety."⁸⁵ The NTSB's final accident report "concludes that PHMSA's enforcement program and its monitoring of state oversight programs have been weak and have resulted in the lack of effective Federal oversight and state oversight."⁸⁶

The NTSB issued 39 recommendations stemming from its San Bruno accident investigation, including 20 recommendations to the Secretary of Transportation and PHMSA. These recommendations included:

• Conducting audits to assess the effectiveness of PHMSA's oversight of performance-based pipeline safety programs and state pipeline safety program certification,
• Requiring pipeline operators to provide system-specific information to the emergency response agencies of the communities in which pipelines are located,
• Requiring that automatic shutoff valves or remote control valves be installed in high consequence areas and in class 3 and 4 locations,⁸⁷
• Requiring that all natural gas transmission pipelines constructed before 1970 be subjected to a hydrostatic pressure test that incorporates a spike test,
• Requiring that all natural gas transmission pipelines be configured so as to accommodate internal inspection tools, with priority given to older pipelines, and
• Revising PHMSA's integrity management protocol to incorporate meaningful metrics, set performance goals for pipeline operators, and require operators to regularly assess the effectiveness of their programs using meaningful metrics.⁸⁸

More detailed discussion of the accident findings and the NTSB's recommendations are publicly available in the final accident report.

Key Policy Issues

The 112^th Congress reauthorized the federal pipeline safety program and enacted a number of new pipeline safety provisions. In the context of its continuing oversight of federal pipeline safety and security activities, and in addition to the findings of the NTSB's San Bruno investigation, the 113^th Congress may focus on certain key issues that have drawn particular attention in recent policy deliberations.

Staffing Resources for Pipeline Safety and Security

The U.S. pipeline safety program employs a combination of federal and state staff to implement and enforce federal pipeline safety regulations. To date, PHMSA has relied heavily on state agencies for pipeline inspections, with only approximately 25% of inspectors in 2012 being federal employees. Some in Congress have criticized inspector staffing at PHMSA as being insufficient to adequately cover pipelines under the agency's jurisdiction, notwithstanding state agency cooperation. In considering PHMSA staff levels, three distinct issues are the overall number of federal inspectors, the agency's historical use of staff funding, and the staffing of pipeline safety inspectors among the states.

PHMSA Inspectors

The President's FY2013 budget request listed PHMSA's estimated staffing in 2013 as 290 full-time equivalent employees (FTEs), up from 206 funded staff in 2010. By contrast, as Figure 1 shows, the addition of 10 inspection and enforcement staff under P.L. 112-90 amounts to only a modest continuation of staff growth (of mostly inspectors) begun over 10 years ago in response to the 1999 Bellingham accident, the terrorist attacks of 9/11, implementation of PHMSA's integrity management regulations, and the expansion of U.S. pipeline networks.

Figure 1. PHMSA Pipeline Safety Staffing, Historical and Proposed under P.L. 112-90 Full-Time Equivalent Staff

Sources: U.S. Office of Management and Budget, Budget of the United States Government: Appendix, Fiscal Years1996-2011; P.L. 112-90 §31(b). Notes: Estimated staff are staff anticipated by the agency as reported in annual budget requests. They may differ from actual staff employed (for the same fiscal year) as reported in subsequent budget requests.

Whether an increase of 10 PHMSA pipeline safety staff by 2014, in addition to filling all previously authorized positions, would be the optimal number remains to be seen. Under the President's FY2013 budget request for 290 FTEs, most of the staff additions would presumably be inspectors.⁸⁹ While such an increase would represent a dramatic increase in the number of federal pipeline safety staff available, filling all these positions and retaining all these employees might pose practical challenges, further discussed below.

PHMSA Staffing Shortfalls

One issue that has complicated the PHMSA staffing debate is a long-term pattern of understaffing in the agency's pipeline safety program. At least as far back as 1994, PHMSA's (or RSPA's) actual staffing for pipeline safety as reported in its annual budgets requests has generally fallen well short of the level of staffing anticipated in the prior year's budget request. For example, the president's FY2011 budget request for pipeline safety reports 175 actual employees in 2009. However, the FY2010 budget request stated an expectation of 191 employees ("estimated") for 2009. On this basis, from 2001 through 2011, the agency reported a staffing shortfall averaging approximately 23 employees every year. (Note that, due to this annual shortfall, the FTEs reported in Figure 1 are generally higher than the number actually employed by PHMSA.) Furthermore, most of this staffing shortage has been among inspectors. In testimony before Congress in September 2010, DOT officials reported that PHMSA employed only 110 of 137 inspectors for which it was funded—a shortfall of 27 inspectors.⁹⁰ In March 2011, agency officials reported 126 inspectors employed.⁹¹ However, as of the end of FY2012, PHMSA reported 135 inspection and enforcement staff out of 203 total staff at the agency—nearly a full complement of funded inspector FTE's.⁹²

PHMSA officials offer a number of reasons for the historical shortfall in inspector staffing. These reasons include a scarcity of qualified inspector job applicants, delays in the federal hiring process during which applicants accept other job offers, and PHMSA inspector turnover—especially to pipeline companies which often hire away PHMSA inspectors for their corporate safety programs. Because PHMSA pipeline inspectors are highly trained by the agency (typically for two years before being allowed to operate independently) they are highly valued by pipeline operators seeking to comply with federal safety regulations. The agency states that it aggressively recruits a qualified and diverse workforce but is challenged by industry recruitment of the same candidates, especially with the rapid development of unconventional oil and gas shales, for which the skill sets PHMSA seeks (primarily engineers) are in high demand.⁹³ PHMSA officials also cite structural issues associated with the agency's appropriations, which can require the use of FTE salary funding to meet other obligations.⁹⁴ P.L. 112-90 requires the DOT to report on PHMSA's pipeline staffing shortfalls, including the reasons for such shortfalls, and actions the agency is taking to fill the positions (§31(a)). This report has not yet been completed.

State Pipeline Inspector Funding

Because state agencies would continue to account for the majority of U.S. pipeline safety inspectors under P.L. 112-90, another important consideration is how the number of state inspectors might be affected by budget shortfalls and possible agency funding cuts faced by many states due to the recent U.S. economic recession. Under P.L. 109-468 (§2(c)), PHMSA is authorized to award grants reimbursing state governments for up to 80% of the cost of the staff, personnel, and activities required to support the federal pipeline safety program. According to DOT, these grant are essential to "enable the states to continue their current programs and hire additional inspectors ... [and] assure that states do not turn over responsibility for distribution pipeline systems to the Federal inspectors," among other reasons.⁹⁵ According to PHMSA, in 2012, the average state grant was approximately 74% of state program expenditures during 2011.⁹⁶

Notwithstanding federal pipeline safety grants, inspector staffing at state pipeline safety agencies has been negatively affected by state budget deficits. According to a 2010 letter from the National Association of Pipeline Safety Representatives, pipeline safety employees in 17 states had already been furloughed without pay for up to three weeks at that time.⁹⁷ PHMSA officials have also reportedly cited unfilled positions among state pipeline safety agencies as eroding the state pipeline safety workforce.⁹⁸ Senior DOT officials consider financial problems among state pipeline safety agencies a matter of "great concern" and have granted to states waivers from certain regulatory financial requirements to increase their access to federal grant money.⁹⁹ Nonetheless, the future availability of state pipeline safety inspectors remains uncertain. In particular, the possibility that some states may choose to end their roles as agents for the federal pipeline safety program—or that states may lose federal pipeline safety program certification for performance reasons—and thereby shift a greater burden for pipeline inspections back to the federal government, may warrant continued attention from Congress.

TSA Pipelines Security Resources

Similar to its concerns about the adequacy of federal pipeline safety staffing, Congress has long been concerned about staff resources available to implement the nation's pipeline security program. For example, as one Member remarked in 2005, "aviation security has received 90% of TSA's funds and virtually all of its attention. There is simply not enough being done to address ... pipeline security."¹⁰⁰ At a congressional field hearing in April 2010, another Member expressed concern that TSA's pipeline division did not have sufficient staff to carry out a federal pipeline security program on a national scale.¹⁰¹

At its current staffing level of 13 FTEs, TSA's Pipelines Security Division has limited field presence. In conducting a pipeline corporate security review, for example, TSA typically sends one to three staff to hold a three- to four-hour interview with the operator's security representatives, followed by a visit to only one or two of the operator's pipeline assets.¹⁰² TSA's plan to focus security inspections on the largest pipeline and distribution system operators tries to make the best use of its limited resources. However, there are questions as to whether the agency's CSRs as currently structured allow for rigorous security plan verification and a credible threat of enforcement. The limited number of CSRs the agency can complete in a year is a particular concern. According to a 2009 GAO report, "TSA's pipeline division stated that they would like more staff in order to conduct its corporate security reviews more frequently," and "analyzing secondary or indirect consequences of a terrorist attack and developing strategic risk objectives required much time and effort."¹⁰³

Since both PHMSA and TSA have played important roles in the federal pipeline security program, with TSA the designated lead agency since 2002, Congress has raised questions about the appropriate responsibilities and division of pipeline security authority between them.¹⁰⁴ According to TSA, the two agencies have established "a 24/7 communication and coordination relationship in regards to all pipeline security and safety incidents."¹⁰⁵ Nonetheless, given the limited staff in TSA's pipeline security division, and the comparatively large pipeline safety staff (especially inspectors) in PHMSA, legislators have considered whether the TSA-PHMSA pipeline security relationship optimally aligns staff resources across both agencies to fulfill the nation's overall pipeline safety and security mission.¹⁰⁶ The Transportation Security Administration Authorization Act of 2011 (H.R. 3011) in the 112^th Congress would have mandated a study regarding the relative roles and responsibilities of the Department of Homeland Security and the Department of Transportation with respect to pipeline security (§325).¹⁰⁷

Automatic Shutoff Valves for Transmission Pipelines

In the 2010 San Bruno pipeline accident, natural gas continued to flow from the pipeline for nearly two hours after the initial explosion—fueling the intense fire, hindering emergency response, and increasing fire damage. The long duration of flowing gas was due to delays in the closing of manually operated valves by the pipeline operator, and may have been exacerbated by inadequate employee training in valve closure procedures.¹⁰⁸ Consequently, some advocates have called for widespread installation of remotely or automatically controlled valves in natural gas and hazardous liquids transmission pipelines. As noted earlier, the NTSB has recommended the installation of such valves in all "high consequence" and relatively more populated areas. P.L. 112-90 requires automatic or remote-controlled shut-off valves, or equivalent technology, where economically, technically, and operationally feasible on transmission pipeline facilities constructed or entirely replaced (§4(1)). The act also requires a study on the ability of transmission pipeline operators to respond to a hazardous liquid or natural gas release from pipelines located in high-consequence areas (§4(2)).

Previous Consideration

The possibility of requiring remotely controlled or automatic shutoff valves for natural gas pipelines is not new. Congress previously considered such requirements in reaction to a 1994 natural gas pipeline fire in Edison, NJ, similar to the San Bruno accident, in which it took the pipeline operator 2½ hours to close its manually operated valves.¹⁰⁹ In 1995, during the 104^th Congress, H.R. 432 and S. 162 would have required the installation of remotely or automatically controlled valves in natural gas pipelines "wherever technically and economically feasible" (§11). Under the Accountable Pipeline Safety and Partnership Act of 1996 (P.L. 104-304), Congress mandated a DOT assessment of remotely controlled valves (RCVs) on interstate natural gas pipelines, and empowered the agency to require such valves if appropriate based upon its findings (§4(h)).

The DOT's assessment, released in 1999, reported that installation of RCVs would provide only "a small benefit from reduced casualties because virtually all casualties from a rupture occur before an RVC could be activated."¹¹⁰ Moreover, the DOT reported that it lacked data to compare pipeline fire property damage with and without RCVs. Nonetheless, the DOT study advocated the deployment of RCVs, at least in some gas pipeline locations.

We have found that RCVs are effective and technically feasible, and can reduce risk, but are not economically feasible. We have also found that there may be a public perception that RCVs will improve safety and reduce the risk from a ruptured gas pipeline. We believe there is a role for RCVs in reducing the risk from certain ruptured pipelines and thereby minimizing the consequences of certain gas pipeline ruptures.... Any fire would be of greater intensity and would have greater potential for damaging surrounding infrastructure if it is constantly replenished with gas. The degree of disruption in heavily populated and commercial areas would be in direct proportion to the duration of the fire. Although we lack data enabling us to quantify these potential consequences, we believe them to be significant nonetheless, and we believe RCVs may provide the best means for addressing them.¹¹¹

Notwithstanding this conclusion, the DOT has not mandated the use of RCVs in natural gas transmission pipelines.

The natural gas pipeline industry historically has objected to federal mandates to install remotely controlled or automated valves. Although pipeline operators already employ such valves under specific circumstances, such as in hard-to-access locations or at compressor stations, they have opposed the installation of such valves more widely throughout their pipeline systems on the grounds that they are usually not cost-effective. They also argue that such valves do not always function properly, would not prevent natural gas pipeline explosions (which cause most fatalities), and are susceptible to false alarms, needlessly shutting down pipelines and disrupting critical fuel supplies.¹¹² Automatic valves, in particular, may be susceptible to unnecessary closure, potentially disrupting critical flows of natural gas to distribution utilities and—as a result—increasing safety risks associated with residential furnace relighting, among other concerns.¹¹³ Some operators also claim higher maintenance costs for valves that are not manually operated.

Remotely Controlled Valves for Liquids Pipelines

The use of remotely controlled or automatic valves has also been a long-standing consideration for hazardous liquid pipeline systems. The National Transportation Safety Board (NTSB) began to address the need for rapid shutdown of failed hazardous liquid pipelines using remotely controlled or automatic valves in the 1970s.¹¹⁴ In 1987, the NTSB recommended that the DOT "require the installation of remote-operated valves on pipelines that transport hazardous liquids, and base the spacing of remote-operated valves on the population at risk."¹¹⁵ The Pipeline Safety Act of 1992 (P.L. 102-508) required the DOT to assess the effectiveness of "emergency flow restricting devices (including remotely controlled valves and check valves)" on hazardous liquid pipelines, and required the DOT to "issue regulations prescribing the circumstances under which operators of hazardous liquid pipeline facilities must use emergency flow restricting devices" (§212). Notwithstanding this congressional mandate, the NTSB found the DOT's efforts to promote the use of such devices inadequate. In 1996, the NTSB stated that the DOT "has performed studies, conducted research, and sought industry input, but has failed to carry through and develop requirements for leak detection and rapid shutdown of failed pipelines."¹¹⁶ In its integrity management regulations, issued in December 2000, the DOT opted to leave the decision whether to install emergency flow restricting devices up to pipeline operators.¹¹⁷

Valve Replacement Costs

Cost would be a major factor in a broad national program to retrofit manual valves with remotely controlled or automatic valves. For example, in the interstate natural gas pipeline network, valves are typically installed every 5 to 20 miles. Assuming a 10-mile separation between valves, the nation's 306,000 mile gas transmission system contains over 30,000 valves. The spacing of valves can be much closer together in particular pipeline systems, however, such as systems located in more populated areas. In October 2010 PG&E reported 300 valves that could be candidates for automation in approximately 565 miles of high-consequence area pipelines in its California system.¹¹⁸

The potential costs of retrofitting manual valves vary greatly by pipeline and specific location. A 1998 Southwest Research Institute report estimated a cost of $32,000 (approximately $40,000 in 2010 dollars) per valve for retrofitting 30-inch pipeline valves to make them remotely controlled.¹¹⁹ The DOT's 1999 study reported an average cost of $83,000 (approximately $100,000 in 2010 dollars) for Texas Eastern Transmission Corporation (TETCO) to retrofit 90 existing valves in a large part of its pipeline system.¹²⁰ PG&E estimates the average cost of retrofitting an automatic or remotely controlled valve on an existing large diameter pipeline at approximately $750,000, but ranging as low as $100,000 and as high as $1.5 million.¹²¹

Applying, for illustration, a $100,000 cost to some 30,000 valves yields $3.0 billion in capital investment required, not counting any higher future maintenance expenses. The American Gas Association reportedly has estimated the cost of replacing manual valves with automatic valves nationwide at $12 billion.¹²² Even if such valve retrofits were required only in heavily populated areas, industry costs could still be hundreds of millions of dollars—a significant cost to the pipeline industry and therefore likely to increase rates for pipeline transportation of natural gas. To the extent that some pipeline systems, like PG&E's, contain more valves then others per mile of pipe, they could be disproportionately affected. Gas pipeline service interruptions would also be an issue as specific lines could be repeatedly taken out of service during the valve retrofit process. The hazardous liquids pipeline industry could face capital costs and service interruptions of the same magnitude if required to do a widespread valve retrofit on existing lines. Additional right-of-way costs, environmental impacts, and construction accidents associated with the valve replacements could also be a consideration. For new pipelines, the incremental costs of installing remotely controlled or automatic valves instead of manual valves would be lower than in the retrofit case, but could still increase future pipeline costs.

Oak Ridge Laboratory Valve Study

In October 2012, Oak Ridge National Laboratory released a safety study of remotely controlled and automatic pipeline shutoff valves which the laboratory completed for the DOT in response to the requirements in P.L. 112-90 and related NTSB recommendations. Among other findings, the study concluded that such valves can be effective for mitigating potential consequences resulting from a natural gas pipeline release (and subsequent fire). However, because natural gas pipeline fires can cause damage so quickly, such mitigation requires that the leak is detected and the proper valves closed completely so the damaged pipeline segment can be isolated and firefighting activities can begin within 10 minutes of the initial fire. Fire hydrants must also be accessible in the vicinity of the leak within the potentially severe fire damage radius.¹²³ For hazardous liquid pipelines, the study similarly concluded that installing such valves can be effective for mitigating potential fire damage resulting from a "guillotine-type" break and subsequent fire if the leak is detected and the damaged pipeline segment isolated within 15 minutes after the break. The report further concluded that "adding automatic closure capability to block valves in newly constructed or fully replaced hazardous liquid pipelines can also be an effective strategy for mitigating potential socioeconomic and environmental damage resulting from a release that does not ignite."¹²⁴ Thus the Oak Ridge study concludes that while remotely controlled and automatic pipeline shutoff valves can improve safety, they can do so only in conjunction with rapid and well-coordinated emergency response.

SCADA and Leak Detection System Requirements

To effectively reduce the impact of pipeline accidents, installing remotely controlled or automatic valves may require associated investments in supervisory control and data acquisition (SCADA) systems along with other operational changes to improve leak detection. As one pipeline expert has stated,

The pipeline operator's focus on keeping the pipeline system operating and the lack of remotely-operable valves are the primary factors that control the quantity of product released after a rupture or leak. Even with remote control valves this relationship will not change unless the pipeline is equipped with a reliable leak detection subsystem that works with the SCADA system and [unless] those who control pipeline operations are trained for and dedicated to minimizing product release (safety and environmental mindset) rather than trained for and dedicated to keeping the system operating (economic mindset).¹²⁵

In its report about a 1996 pipeline accident in Tiger Pass, LA, the NTSB similarly concluded that the operator's "delay in recognition ... that it had experienced a pipeline rupture at Tiger Pass was due to the piping system's dynamics during the rupture and to the design of the company's SCADA system."¹²⁶ Estimates of converting manual valves may, therefore, need to account for the costs of SCADA changes, leak detection systems, and associated training. These costs may also include significant reliability and security components, since increasing reliance upon new or expanded SCADA systems may also expose pipeline systems to greater risk from operating software failure or cyberterrorism.¹²⁷

Consistent with the concerns above, P.L. 112-90 requires a DOT analysis of the technical limitations of leak detection systems as well as the feasibility of establishing standards for such systems (§8(a)). After congressional review of this analysis, the act authorizes the DOT to issue new leak detection standards if "practicable" (§8(b)). The agency released its leak detection study in December 2012. However, the study does not reach specific conclusions or recommendations; it only provides data and reports on technical and cost aspects of leak detection systems.¹²⁸ The DOT has not stated whether or how it intends to develop new leak detection standards based on the findings of this report.

Public Perceptions

Some stakeholders have argued that public perceptions of improved pipeline safety and control are the highest perceived benefit of remotely controlled or automatic valves.¹²⁹ Although the value of these perceptions is hard to quantify (and, therefore, not typically reflected in cost-effectiveness studies), the importance of public perception and community acceptance of pipeline infrastructure can be a significant consideration in pipeline design, expansion, and regulation. In 2001, a representative of the National Association of Regulatory Utility Commissioners testified before Congress that "the main impediment to siting energy infrastructure is the great difficulty getting public acceptance for needed facilities."¹³⁰ Likewise, the National Commission on Energy Policy stated in its 2006 report that energy-facility siting is "a major cross-cutting challenge for U.S. energy policy," largely because of public opposition to new energy projects and other major infrastructure.¹³¹

One result of public concern about pipeline safety has been to prevent new pipeline siting in certain localities, and to increase pipeline development time and costs in others. In a 2006 report, for example, the Energy Information Administration (EIA) stated that "several major projects in the Northeast, although approved by FERC, have been held up because of public opposition or non-FERC regulatory interventions."¹³² In the specific case of the Millennium Pipeline, proposed in 1997 to transport Canadian natural gas to metropolitan New York, developers did not receive final construction approval for nine years, largely because of community resistance to the pipeline route.¹³³ Numerous other proposed pipelines, especially in populated areas, have faced similar public acceptance barriers.¹³⁴ Controversy surrounding the proposed Keystone XL pipeline project, discussed below, is only the most recent example of how the development of major pipeline projects may be influenced by public opinion. Even where there is federal siting authority, as is the case for interstate natural gas pipelines, community stakeholders retain many statutory and regulatory avenues to affect energy infrastructure decisions. Consequently, the public perception value of remotely controlled or automatic pipeline valves may need to be accounted for, especially with respect to its implications for general pipeline development and operations.

Natural Gas Distribution Excess Flow Valves

While the San Bruno, CA, and Edison, NJ, gas pipeline accidents focused attention on automatic valves in large diameter transmission pipelines, this technology also applies to smaller gas distribution lines serving individual buildings. In natural gas distribution systems, "excess flow" valves are safety devices which can automatically shut off pipeline flow in the event of a leak. In this way, the valves can minimize the release of natural gas during a pipeline accident, thereby reducing the likelihood or severity of a fire or explosion. PHMSA issued new standards requiring the installation of excess flow valves on new gas distribution lines in single-family homes as part of its final rule for natural gas distribution integrity management programs on December 3, 2009.¹³⁵ P.L. 112-90 authorizes regulation, "if appropriate," requiring excess flow valves for new or entirely replaced distribution branch pipelines, as well as for service lines to multi-family residential buildings and small commercial facilities (§22). Although smaller in scale, automatic valves in distribution lines raise the same cost and safety tradeoffs as automatic valves in large diameter pipelines.

PHMSA Penalties and Pipeline Safety Enforcement

The adequacy of the PHMSA's enforcement strategy has been an ongoing focus of congressional oversight.¹³⁶ Provisions in the Pipeline Safety Improvement Act of 2002 (P.L. 107-355) put added scrutiny on the effectiveness of the agency's enforcement strategy and assessment of civil penalties (§8). In April 2006, PHMSA officials testified before Congress that the agency had institutionalized a "tough-but-fair" approach to enforcement, "imposing and collecting larger penalties, while guiding pipeline operators to enhance higher performance."¹³⁷ According to the agency, $4.6 million in proposed civil penalties in 2005 was three times greater than penalties proposed in 2003, the first year higher penalties could be imposed under P.L. 107-355 (§8(a)).¹³⁸ Proposed penalties totaled $4.5 million in 2010.¹³⁹ Proposed penalties in 2011 totaled $3.7 million, with an average penalty of approximately $65,500.¹⁴⁰ P.L. 112-90 increases the maximum civil penalty from $1.0 million to $2.0 million for a related series of major consequence violations, such as those causing serious injuries, deaths, or environmental harm (§2(a)).

Although PHMSA's imposition of pipeline safety penalties increased quickly after P.L. 107-355 was enacted, the role of federal penalties in promoting greater operator compliance with pipeline safety regulations is not always clear. To understand the potential influence of penalties on operators, it can be helpful to put PHMSA fines in the context of the overall costs to operators of a pipeline release. Pipeline companies, seeking to generate financial returns for their owners, are motivated to operate their pipelines safely (and securely) for a range of financial reasons. While these financial considerations certainly include possible PHMSA penalties, the costs of a pipeline accident may also include fines for violations of environmental laws (federal and state), the costs of spill response and remediation, penalties from civil litigation, the value of lost product, costs for pipeline repairs and modifications (e.g., to resolve federal regulatory interventions), and other costs. Depending upon the severity of a pipeline release, these other costs may far exceed pipeline safety fines, as illustrated by the following examples.

• Kinder Morgan. In April 2006 Kinder Morgan Energy Partners entered into a consent agreement with PHMSA to resolve a corrective action order stemming from three hazardous liquid spills in 2004 and 2005 from the company's Pacific Operations pipeline unit.¹⁴¹ According to the company, the agreement would require Kinder Morgan to spend approximately $26 million on additional integrity management activities, among other requirements.¹⁴² Under a 2007 settlement agreement with the U.S. Justice Department and the State of California, Kinder Morgan also agreed to pay approximately $3.8 million in civil penalties for violations of environmental laws and approximately $1.5 million related to response and remediation associated with these spills. The spills collectively released approximately 200,000 gallons of diesel fuel, jet fuel, and gasoline.¹⁴³ This volume of fuel would have a product value on the order of $0.5 million based on typical wholesale market prices at the time of the spills.
• Plains All American. In 2010, Plains All American Pipeline agreed to spend approximately $41 million to upgrade 10,420 miles of U.S. oil pipeline to resolve Clean Water Act (CWA) violations for 10 crude oil spills in Texas, Louisiana, Oklahoma, and Kansas from 2004 through 2007. Among these upgrades, the company agreed to spend at least $6 million on equipment and materials for internal corrosion control and surveys on at least 2,400 miles of pipeline. The company was required to pay a $3.25 million civil penalty associated with the CWA violations.¹⁴⁴
• Enbridge. Enbridge Energy Partners estimated expenses of $475 million to clean up two oil spills on its Lakehead pipeline system in 2010, including the spill in Marshall, MI. This estimate did not include fines or penalties which might also be imposed in connection with the spills. The pipeline operator also reported $16 million in lost revenue from pipeline shipments it could not redirect to other lines while the Lakehead system was out of service.¹⁴⁵ The full impact of these expenditures on the company's business is unclear, however, as Enbridge stated in a subsequent quarterly report that "substantially all of the costs" related to its 2010 oil pipeline spills "will ultimately be recoverable under our existing insurance policies."¹⁴⁶
• Olympic Pipe Line. After the 1999 Bellingham pipeline accident, Olympic Pipe Line Company and associated defendants reportedly agreed to pay a $75 million settlement to the families of two children killed in the accident.¹⁴⁷
• El Paso. In 2002, El Paso Corporation settled wrongful death and personal injury lawsuits stemming from the 2000 natural gas pipeline explosion near Carlsbad, NM, which killed 12 campers.¹⁴⁸ Although the terms of those settlements were not disclosed, two additional lawsuits sought a total of $171 million in damages.¹⁴⁹ However, El Paso's June 2003 quarterly financial report stated that "our costs and legal exposure ... will be fully covered by insurance."¹⁵⁰

PHMSA Penalties in Perspective

The threat of safety enforcement penalties is often considered one of the primary tools available to pipeline safety regulators to ensure operator compliance with safety requirements. However, as the examples above suggest, pipeline safety fines, even if they were raised to $2.0 million for major violations, could still account for only a limited share of the financial impact of future pipeline releases. So, it is not clear how large an effect increasing PHMSA's authorized fines, alone, might have on operator compliance. On the other hand, the authority of PHMSA to influence pipeline operations directly—for example, through corrective action orders or shutdown orders in the event of a pipeline failure—can have a large financial impact on a pipeline operator in terms of capital expenditures or lost revenues. Indeed, some have suggested that this operational authority is the most influential component of PHMSA's pipeline safety enforcement strategy. Therefore, as Congress continues its oversight of PHMSA's enforcement activities, and as it considers new proposals to increase compliance with federal pipeline safety regulations, Congress may evaluate how PHMSA's authorities to set standards, assess penalties, and directly affect pipeline operations may reinforce one another to improve U.S. pipeline safety.

Regulation of Canadian Oil/Tar Sands Crude Pipelines

Canadian oil exports to the United States have been increasing rapidly, primarily due to growing output from the oil sands in Western Canada.¹⁵¹ Oil sands (also referred to as tar sands) are a mixture of clay, sand, water, and heavy black viscous oil known as bitumen. Oil sands are processed to extract the bitumen, which can then be upgraded into a product that is suitable for pipeline transport. Canada's oil sands production can be exported as either a light, upgraded synthetic crude ("syncrude") or a heavy crude oil that is a blend of bitumen diluted with lighter hydrocarbons ("dilbit") to ease transport. The bulk of oil sands' supply growth is expected to be in the form of the latter.¹⁵² Five major pipelines have been constructed in recent years to link the oil sands region to markets in the United States. A sixth pipeline, Keystone XL, was rejected in January 2012 by the U.S. State Department, although the developer plans to reapply for a federal permit with a modified route.¹⁵³ If ultimately approved and constructed, Keystone XL would bring Canada's total U.S. petroleum export capacity to over 4.1 million barrels per day, enough capacity to carry over a third of current U.S. petroleum imports.¹⁵⁴

This expansion of petroleum pipelines from Canada has generated considerable controversy in the United States. One specific area of concern has been perceived new risks to pipeline integrity of transporting heavy Canadian crudes. Some opponents of the new Canadian oil pipelines, notably the Natural Resources Defense Council (NRDC), have argued that these pipelines could be more likely to fail and cause environmental damage than other crude oil pipelines because the bitumen mixtures they would carry are "significantly more corrosive to pipeline systems than conventional crude," among other reasons.¹⁵⁵ NRDC has called for a moratorium on approving new oil pipelines from oil sands regions, and a review of existing pipeline permits, until these safety concerns are researched further and addressed in federal environmental and safety studies. Canadian officials and other stakeholders have rejected these arguments, however, citing factual inaccuracies and a flawed methodology in the NRDC analysis, which compares pipeline spill rates in Canada to those in the United States.¹⁵⁶

Some in Congress have called for a review of PHMSA regulations to determine whether new regulations for Canadian heavy crudes are needed to account for any unique properties they may have. Accordingly, P.L. 112-90 requires PHMSA to review whether current regulations are sufficient to regulate pipelines transmitting "diluted bitumen," and analyze whether such oil presents an increased risk of release (§16). This study, which is being performed by the Transportation Research Board of the National Academy of Sciences, has not yet been completed.

Pipeline Security Regulations

As noted earlier in this report, federal pipeline security activities to date have relied upon voluntary industry compliance with PHMSA security guidance and TSA security best practices. By initiating this voluntary approach, PHMSA sought to speed adoption of security measures by industry and avoid the publication of sensitive security information (e.g., critical asset lists) that would normally be required in public rulemaking.¹⁵⁷ Provisions in P.L. 109-468 require the DOT Inspector General to "address the adequacy of security standards for gas and oil pipelines" (§23(b)(4)). P.L. 110-53 similarly directs TSA to promulgate pipeline security regulations and carry out necessary inspection and enforcement—if the agency determines that regulations are appropriate (§1557(d)). Addressing this issue, the 2008 IG report states that

TSA's current security guidance is not mandatory and remains unenforceable unless a regulation is issued to require industry compliance.... PHMSA and TSA will need to conduct covert tests of pipeline systems' vulnerabilities to assess the current guidance as well as the operators' compliance.¹⁵⁸

Although TSA's FY2005 budget justification stated that the agency would "issue regulations where appropriate to improve the security of the [non-aviation transportation] modes," the agency has not done so for pipelines, and it is not currently working on such regulations. The pipeline industry has long expressed concern that new security regulations and related requirements may be "redundant" and "may not be necessary to increase pipeline security."¹⁵⁹ The PHMSA Administrator, in 2007, similarly testified that enhancing security "does not necessarily mean that we must impose regulatory requirements."¹⁶⁰ TSA officials have questioned the IG assertions regarding pipeline security regulations, particularly the IG's call for covert testing of pipeline operator security measures. They have argued that the agency is complying with the letter of P.L. 110-53 and that its pipeline operator security reviews are more than paper reviews.¹⁶¹ In accordance with P.L. 110-53 (§1557 (b)), TSA has been implementing a multi-year program of pipeline system inspections, including documentation of findings and follow up reviews.¹⁶² Because the TSA believes the most critical U.S. pipeline systems generally meet or exceed industry security guidance, the agency believes it achieves better security with voluntary guidelines, and maintains a more cooperative and collaborative relationship with its industry partners as well.¹⁶³

Although the TSA believes its voluntary approach to pipeline security is adequate, Canadian pipeline regulators have come to a different conclusion. In 2010 the National Energy Board of Canada mandated security regulations for jurisdictional Canadian petroleum and natural gas pipelines, some of which are cross-border pipelines serving export markets in the United States. A number of companies operate pipelines in both countries. In announcing these new regulations, the board stated that it had considered adopting the existing security standards "as guidance" rather than an enforceable standard, but "taking into consideration the critical importance of energy infrastructure protection," the board decided to adopt the standard into the regulations.¹⁶⁴ Establishing pipeline security regulations in Canada is not completely analogous to doing so in the United States, as the Canadian pipeline system is much smaller and operated by far fewer companies than the U.S. system. Nonetheless, Canada's choice to regulate pipeline security may raise questions as to why the United States has not. In its oversight of potential pipeline security regulations, Congress may evaluate the effectiveness of the current voluntary pipeline security standards based on findings from the TSA's CSR reviews, pipeline inspections, DHS cybersecurity alerts, and any future DOT Inspector General reports.

Additional Issues

In addition to the issues mentioned above, Congress may consider several issues related to proposed legislation or otherwise raised by pipeline stakeholders.

Accuracy and Completeness of Pipeline System Records

On January 3, 2011, as a response to its initial investigation of the San Bruno pipeline accident, the NTSB issued urgent new safety recommendations "to address record-keeping problems that could create conditions in which a pipeline is operated at a higher pressure than the pipe was built to withstand."¹⁶⁵ The NTSB issued these recommendations after it had concluded that there were significant errors in the records characterizing the San Bruno pipeline, and that "other pipeline operators may have discrepancies in their records that could potentially compromise the safe operation of pipelines throughout the United States."¹⁶⁶ PHMSA officials have also testified that some operators may not be collecting all the pipeline system data necessary to fully evaluate safety and compliance with federal regulations.¹⁶⁷ In 2006, questions were raised about the accuracy of pipeline location data provided by operators and maintained by PHMSA in the National Pipeline Mapping System (NPMS).¹⁶⁸ At the time, agency officials reportedly acknowledged limitations in NPMS accuracy, but did not publicly discuss plans to address them. P.L. 112-90 authorizes PHMSA to collect additional geospatial and technical data from pipeline operators to achieve the purposes of the NPMS (§11(a) and §12). Congress may review whether these or other statutory measures are sufficient to verify that pipeline operator information is complete and correct, particularly for older parts of the pipeline network.

Mandatory Internal Inspection or Hydrostatic Testing

Some proposals would increase requirements for pipeline operators to conduct internal inspections of transmission pipelines using "smart pigs," robotic devices sent through pipelines to take physical measurements continuously along the way.¹⁶⁹ In its San Bruno accident investigation report, the NTSB has recommended that all natural gas transmission pipelines be configured to accommodate such internal inspection tools. However, experts note that there are different pipeline inspection techniques with overlapping capabilities and different strengths.¹⁷⁰ While an effective technology for detecting corrosion in many applications, smart pigs have limitations as a general tool for assessing the integrity of pipelines. For example, although smart pigs may be good corrosion detectors, they are still a developing technology and may be somewhat less effective in detecting other types of pipeline anomalies (e.g., cracks). Operators also maintain that smart pigging may be less useful for predicting future problems with pipeline integrity than other federally approved maintenance techniques like "direct assessment" (49 C.F.R. 192.903) wherein pipelines are examined externally based on risk data and other factors.¹⁷¹ Furthermore, because many older pipelines contain sharp turns and other obstructions due to historical construction techniques, they cannot accommodate smart pig devices without significant and costly pipeline modifications to make them more "piggable." Consequently, some industry stakeholders caution against unrealistic expectations for the capabilities of smart pigs as a stand-alone pipeline inspection tool.¹⁷²

As an alternative to internal inspection where such inspection cannot currently be performed, some policy makers have called for mandatory hydrostatic testing of pipelines to verify their integrity. Hydrostatic testing involves filling a pipeline with water under pressure greater than the anticipated operating pressure to determine if it is structurally sound and does not leak. Such testing is common for new pipelines that have not yet entered service. Because it uses only water, hydrostatic testing poses relatively little direct risk to the public or the environment, but when used for operating pipelines it necessarily interrupts pipeline service. Injecting water into pipelines is also costly, and may create safety problems since water is corrosive and may be difficult to remove completely from a pipeline once testing is completed.¹⁷³ Nonetheless, as noted above, the NTSB has recommended that all natural gas transmission pipelines constructed before 1970 be subjected to hydrostatic pressure tests. P.L. 112-90 requires verification of maximum allowable operating pressure for all natural gas transmission pipelines "as expeditiously as economically feasible" (§23(a)). The act also authorizes regulations for pressure verification that "shall consider … pressure testing; and ... other alternative methods, including in-line inspections" (§23(a)). As Congress examines any new federal requirements for pipeline inspection, it may consider smart pig devices and hydrostatic testing as only two techniques in a portfolio of maintenance practices operators may need to employ to ensure their pipelines are physically sound.

Emergency Response Plan Disclosure

Federal regulations require pipeline operators to prepare emergency response plans for pipeline spills and to make those plans available for inspection by PHMSA and local emergency response agencies (49 C.F.R. 192.605). Some stakeholders have proposed that these plans also be made available to the public to allow for additional review of their adequacy and to provide better risk and response information to people living near pipelines.¹⁷⁴ Operators reportedly have resisted such disclosures on the grounds that their emergency response plans contain confidential customer and employee information.¹⁷⁵ They also raise concerns that the plans contain security-sensitive information about pipeline vulnerabilities and spill scenarios which could be useful to terrorists.¹⁷⁶ P.L. 112-90 requires PHMSA to collect and maintain copies of pipeline emergency plans for public availability excluding any proprietary or security-sensitive information (§6(a)). As oversight of this issue continues, Congress may consider the tradeoffs between public awareness and pipeline security in a general operating environment where both safety and security hazards may be significant.

Pipeline Water Crossings

The 2011 oil spill into the Yellowstone River near Laurel, MT, appears to have been the result of the buried oil pipeline becoming exposed due to scouring of the river bottom during unusually heavy flooding.¹⁷⁷ Prior to the flooding, a depth-of-cover survey by the operator verified that the pipeline was at least five feet below the riverbed, exceeding a four-foot minimum cover requirement in PHMSA regulations.¹⁷⁸ Because the four-foot requirement appears to have been insufficient to prevent riverbed pipeline exposure in this case, some policy makers have called for a review of pipeline river crossings and associated safety requirements nationwide. P.L. 112-90 mandates a review of the adequacy of PHMSA regulations with respect to pipelines that cross inland bodies of water at least 100 feet wide and, based on the review's findings, requires PHMSA to develop legislative recommendations for changing existing regulations (§28(a)). The agency has not yet released this study.

Conclusion

Both government and industry have taken numerous steps to improve pipeline safety and security over the last 10 years. While stakeholders across the board agree that federal pipeline safety programs have been on the right track, major pipeline incidents since 2010 suggest there continues to be significant room for improvement. Likewise, the threat of physical and cyberattack on U.S. pipeline infrastructure remains a concern. The NTSB has identified improvement of federal pipeline safety oversight as a "top ten" priority for 2013. The leading pipeline industry associations have concurred. The American Gas Association has expressed support for these NTSB recommendations, stating that "pipeline safety and integrity is the top priority for the natural gas industry."¹⁷⁹ The Interstate Natural Gas Association of America (INGAA) has stated that "INGAA members are addressing all of the issues that the NTSB has outlined ... and more."¹⁸⁰ The Association of Oil Pipe Lines has also welcomed the NTSB's focus on pipeline safety, stating that "operators are hard at work on safety improvements suggested by NTSB, PHMSA and their own initiatives."¹⁸¹ Whether the renewed efforts by industry, combined with additional oversight by federal agencies, will further enhance the safety and security of U.S. pipelines remains to be seen.

As Congress oversees the federal pipeline safety program and the federal role in pipeline security, key issues of focus may be pipeline agency staff resources, automatic pipeline shutoff valves, penalties for safety violations, safety regulations for oil sands crudes, and the possible need for pipeline security regulations, among other concerns. In addition to these specific issues, Congress may assess how the various elements of U.S. pipeline safety and security activity fit together in the nation's overall strategy to protect transportation infrastructure. Pipeline safety and security necessarily involve many groups: federal agencies, oil and gas pipeline associations, large and small pipeline operators, and local communities. Reviewing how these groups work together to achieve common goals could be an oversight challenge for Congress.

Footnotes

1.	Hazardous liquids primarily include crude oil, gasoline, jet fuel, diesel fuel, home heating oil, propane, and butane. Other hazardous liquids transported by pipeline include anhydrous ammonia, carbon dioxide, kerosene, liquefied ethylene, and some petrochemical feedstocks.
2.	Pipeline and Hazardous Materials Safety Administration, "Annual Report Mileage for Hazardous Liquid or Carbon Dioxide Systems," online table, October 31, 2012, http://www.phmsa.dot.gov/pipeline/library/data-stats.
3.	Richard A. Rabinow, "The Liquid Pipeline Industry in the United States: Where It's Been, Where It's Going," Prepared for the Association of Oil Pipe Lines, April 2004, p. 4.
4.	Pipeline and Hazardous Materials Safety Administration, "Annual Report Mileage for Natural Gas Transmission & Gathering Systems," online table, October 31, 2012, http://www.phmsa.dot.gov/pipeline/library/data-stats. There are also approximately 6,300 miles of offshore gathering pipelines. Gathering pipelines in the Outer Continental Shelf regulated by the Department of the Interior are outside the scope of this report.
5.	Ibid.
6.	Energy Information Administration, "About U.S. Natural Gas Pipelines," June 2007, pp. 1, 29, http://www.eia.doe.gov/pub/oil_gas/natural_gas/analysis_publications/ngpipeline/fullversion.pdf.
7.	Pipeline and Hazardous Materials Safety Administration, "Annual Report Mileage for Gas Distribution Systems," online table, October 31, 2012, http://www.phmsa.dot.gov/pipeline/library/data-stats.
8.	Pipeline and Hazardous Materials Safety Administration, "Annual Report Mileage for Liquefied Natural Gas (LNG) Facilities," November 29, 2012, http://www.phmsa.dot.gov/pipeline/library/data-stats.
9.	Bureau of Transportation Statistics, "Table 2-1: Transportation Fatalities by Mode," online table, April 2012, http://www.bts.gov/publications/national_transportation_statistics/html/table_02_01.html.
10.	Pipeline and Hazardous Materials Safety Administration, "Significant Pipeline Incidents," web page, December 12, 2012, http://primis.phmsa.dot.gov/comm/reports/safety/SigPSI.html?nocache=6256.
11.	Ibid.
12.	J.L. Shreeve, "Science & Technology: The Enemy Within," The Independent. London, UK, May 31, 2006, p. 8.
13.	Government Accountability Office (GAO), Security Assistance: Efforts to Secure Colombia's Caño Limón-Coveñas Oil Pipeline Have Reduced Attacks, but Challenges Remain, GAO-05-971, September 2005, p. 15; Stratfor Forecasting, Inc.," Colombia: The FARC's Low-Level Pipeline Campaign," Stratfor Today, June 23, 2008. http://www.stratfor.com/analysis/colombia_farcs_low_level_pipeline_campaign?ip_auth_redirect=1.
14.	President's Commission on Critical Infrastructure Protection, Critical Foundations: Protecting America's Infrastructures, Washington, DC, October 1997.
15.	Katherine Houreld, "Militants Say 3 Nigeria Pipelines Bombed," Associated Press, May 8, 2007.
16.	Reed Johnson, "Six Pipelines Blown Up in Mexico," Los Angeles Times, September 11, 2007. p. A-3.
17.	U.S. Department of Justice, "Four Individuals Charged in Plot to bomb John F. Kennedy International Airport," Press release, June 2, 2007.
18.	Ben Gelinas, "New Letter Threatens Resumption of 'Action' against B.C. Pipelines," Calgary Herald, April 15, 2010.
19.	Steve Fainaru and William Booth, "Mexico's Drug Cartels Siphon Liquid Gold," Washington Post, December 13, 2009.
20.	"Already Hard at Work on Security, Pipelines Told of Terrorist Threat," Inside FERC, McGraw-Hill Companies, January 3, 2002.
21.	Alyeska Pipeline Service Co., "Overview of TAPS." Internet page, June 27, 2012, http://www.alyeska-pipe.com/TAPS.
22.	David S. Cloud, "A Former Green Beret's Plot to Make Millions Through Terrorism," Ottawa Citizen, December 24, 1999, p. E15.
23.	Y. Rosen, "Alaska Critics Take Potshots at Line Security," Houston Chronicle, February 17, 2002.
24.	Wesley Loy, "Web Post Urges Jihadists to Attack Alaska Pipeline," Anchorage Daily News, January 19, 2006.
25.	U.S. Attorney's Office, Middle District of Pennsylvania, "Man Convicted of Attempting to Provide Material Support to Al-Qaeda Sentenced to 30 Years' Imprisonment," Press release, November 6, 2007; A. Lubrano and J. Shiffman, "Pa. Man Accused of Terrorist Plot," Philadelphia Inquirer, February 12, 2006, p. A1.
26.	Transportation Security Administration, Office of Intelligence, Pipeline Threat Assessment, January 18, 2011, p. 3.
27.	Carol Cratty, "Man Accused in Attempted Bombing of Oklahoma Gas Pipeline," CNN, August 12, 2011.
28.	"Grand Jury Indicts Plano Gas Pipeline Bomb Suspect on Weapons Charge," Associated Press, July 11, 2012.
29.	For a more comprehensive analysis of U.S. pipeline cybersecurity issues, see CRS Report R42660, Pipeline Cybersecurity: Federal Policy, by [author name scrubbed].
30.	"Spear-phishing" involves sending official-looking e-mails to specific individuals to insert harmful software programs (malware) into protected computer systems; to gain unauthorized access to proprietary business information; or to access confidential data such as passwords, social security numbers, and private account numbers.
31.	Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), "Gas Pipeline Cyber Intrusion Campaign," ICS-CERT Monthly Monitor, April 2012, p.1, http://www.us-cert.gov/control_systems/pdf/ICS-CERT_Monthly_Monitor_Apr2012.pdf.
32.	McAfee Foundstone Professional Services and McAfee Labs, Global Energy Cyberattacks: "Night Dragon," white paper, February 10, 2011, p. 3, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf.
33.	Tobias Walk, 2007, p. 7.
34.	Eric Byres, February 2012.
35.	Safety and security of liquefied natural gas (LNG) facilities used in gas pipeline transportation is regulated under CFR Title 49, Part 193.
36.	Pipeline and Hazardous Material Safety Administration (PHMSA), personal communication, December 13, 2012.
37.	49 U.S.C. 60107.
38.	PHMSA, December 13, 2012.
39.	49 U.S.C. 60125.
40.	U.S. Office of Management and Budget, Budget of the United States Government, Fiscal Year 2013: Appendix February 13, 2012.
41.	Pipeline and Hazardous Material Safety Administration (PHMSA), "PHMSA Pipeline Safety Program: Summary of Enforcement Actions," web page, December 14, 2012, http://primis.phmsa.dot.gov/comm/reports/enforce/Actions_opid_0.html?nocache=8828.
42.	Pipeline and Hazardous Material Safety Administration (PHMSA), "PHMSA Pipeline Safety Program: Summary of Cases Involving Civil Penalties," web page. December 14, 2012, http://primis.phmsa.dot.gov/comm/reports/enforce/CivilPenalty_opid_0.html?nocache=9288#_TP_1_tab_1.
43.	Presidential Decision Directive 63, Protecting the Nation's Critical Infrastructures, May 22, 1998.
44.	In November 2004, the President signed the Norman Y. Mineta Research and Special Programs Improvement Act (P.L. 108-426), which eliminated RSPA and placed the Office of Pipeline Safety under the new Pipeline and Hazardous Material Safety Administration. This restructuring did not significantly alter the authorities or activities of the OPS.
45.	Research and Special Programs Administration (RSPA), RSPA Pipeline Security Preparedness, December 2001.
46.	Ellen Engleman, Administrator, Research and Special Programs Administration (RSPA), statement before the Subcommittee on Energy and Air Quality, House Energy and Commerce Committee, March 19, 2002.
47.	Ellen Engleman, Administrator, Research and Special Programs Administration (RSPA), statement before the Subcommittee on Highways and Transit, House Transportation and Infrastructure Committee, February 13, 2002.
48.	James K. O'Steen, Research and Special Programs Administration (RSPA), Implementation of RSPA Security Guidance, presentation to the National Association of Regulatory Utility Commissioners, February 25, 2003.
49.	Office of Pipeline Safety (OPS), personal communication, June 10, 2003.
50.	P.L. 107-355 encourages the implementation of state "one call" excavation notification programs (§2) and allows states to enforce "one-call" program requirements. The act expands criminal responsibility for pipeline damage to cases where damage was not caused "knowingly and willfully" (§3). The act adds provisions for ending federal-state pipeline oversight partnerships if states do not comply with federal requirements (§4).
51.	A 2006 Government Accountability Office (GAO) report found that PHMSA's gas integrity management program benefitted public safety, although the report recommended revisions to PHMSA's performance measures. See GAO, "Natural Gas Pipeline Safety: Integrity Management Benefits Public Safety, but Consistency of Performance Measures Should Be Improved," GAO-06-946, September 8, 2006, pp. 2-3.
52.	PHMSA issued final regulations requiring operators of natural gas distribution pipelines to adopt integrity management programs similar to existing requirements for gas transmission pipelines on December 4, 2009.
53.	HSPD-7 supersedes PDD-63 (par. 37).
54.	Executive Order 13416, "Strengthening Surface Transportation Security," December 5, 2006.
55.	The PSD was formerly known as the Pipeline Security Program Office. The OSPIE was previously known as the Office of Transportation Sector Network Management and, before that, the Intermodal Security Program Office.
56.	Transportation Security Administration, Pipeline Modal Annex, June 2007, pp. 10-11. G8 = Group of Eight (the United States, the United Kingdom, Canada, France, Germany, Italy, Japan, and Russia).
57.	Department of Transportation (DOT), "Action Taken and Actions Needed to Improve Pipeline Safety," CC-2004-061, June 16, 2004, p. 21.
58.	Government Accountability Office (GAO), Pipeline Security: TSA Has Taken Actions to Help Strengthen Security, but Could Improve Priority-Setting and Assessment Processes, GAO-10-867, August, 2010, Executive Summary.
59.	Jack Fox, General Manager, Pipeline Security Division, Transportation Security Administration (TSA), personal communication, July 25, 2012.
60.	Mike Gillenwater, TSA, "Pipeline Security Overview," presented to the Alabama Public Service Commission Gas Pipeline Safety Seminar, Montgomery, AL, December 11, 2007.
61.	Department of Homeland Security, "Extension of Agency Information Collection Activity Under OMB Review: Critical Facility Information of the Top 100 Most Critical Pipelines," 76 Federal Register 62818, October 11, 2011.
62.	Transportation Security Administration, personal communication, February 24, 2012.
63.	TSA, TSA Multi-Modal Criticality Evaluation Tool, TSA Threat Assessment and Risk Management Program, slide presentation, April 15, 2003.
64.	TSA, Intermodal Security Program Office, Pipeline Security Best Practices, October 19, 2005, p. 1.
65.	Transportation Security Administration, Pipeline Security Guidelines, April, 2011, pp. 16-19; Personal communication, February 2, 2010.
66.	U.S. Office of Management and Budget, Budget of the United States Government, Fiscal Year 2012: Appendix, February 2012, p. 508.
67.	Jack Fox, personal communication, July 25, 2012.
68.	Kip Hawley, Assistant Secretary, Department of Homeland Security, Testimony before the Senate Committee on Commerce, Science, and Transportation hearing on Federal Efforts for Rail and Surface Transportation Security, January 18, 2007.
69.	Pipeline and Hazardous Materials Safety Administration (PHMSA), "Pipeline Safety: Lessons Learned From a Security Breach at a Liquefied Natural Gas Facility," Docket No. PHMSA-04-19856, Federal Register, Vol. 71, No. 249, December 28, 2006, p. 78269; TSA, Intermodal Security Program Office, personal communication, August 30, 2006.
70.	Transportation Security Administration, personal communication, July 6, 2007.
71.	Government Accountability Office, GAO Watchdog, "Transportation Security's Efforts To Ensure Pipeline Security," Assignment No. 440768, Internet database, February 4, 2010.
72.	U.S. Government Accountability Office (GAO), Pipeline Security: TSA Has Taken Actions to Help Strengthen Security, but Could Improve Priority-Setting and Assessment Processes, GAO-10-867, August, 2010, pp. 54-55.
73.	Jerald E. Levine, Director, Departmental GAO/OIG Liaison Office, Department of Homeland Security, Letter to GAO, July 23, 2010.
74.	U.S. Code of Federal Regulations. 18 C.F.R. 157.
75.	Federal Energy Regulatory Commission (FERC), personal communication, May 22, 2003.
76.	Federal Energy Regulatory Commission (FERC), News release, R-01-38, Washington, DC, September 14, 2001.
77.	Federal Energy Regulatory Commission (FERC), Federal Energy Regulatory Commission Annual Report FY2005, 2006, p. 19. These are the most recent specific figures reported.
78.	Federal Energy Regulatory Commission (FERC), Federal Energy Regulatory Commission Annual Report FY2006, 2007, p. 23.
79.	Federal Energy Regulatory Commission (FERC), news release, R-03-08, Washington, DC. February 20, 2003.
80.	Christian Schmollinger, "FERC OKs Emergency Reconstruction," Natural Gas Week, May 13, 2003.
81.	National Transportation Safety Board, 2011 Annual Report, NTSB/SPC-12/04, p. iii.
82.	National Transportation Safety Board, "NTSB Most Wanted List: Enhance Pipeline Safety," November 2012.
83.	National Transportation Safety Board (NTSB), "Public Hearing: Natural Gas Pipeline Explosion and Fire, San Bruno, CA, September 9, 2010," web page, March 15, 2011, http://www.ntsb.gov/Events/2011/San_Bruno_CA/default.htm.
84.	National Transportation Safety Board (NTSB), "Pacific Gas and Electric Company Natural Gas Transmission Pipeline Rupture and Fire, San Bruno, CA, September 9, 2010," NTSB/PAR-11/01, August 30, 2011, p.118.
85.	Deborah A.P. Hersman, Chairman, National Transportation Safety Board, "Opening Statement, Pipeline Accident Report – San Bruno, California, September 9, 2010," August 30, 2011.
86.	NTSB, August 30, 2011, p. 123.
87.	Generally, Class 3 locations have 46 or more buildings intended for human occupancy or lie within 100 yards of either a building or outside area of public assembly; Class 4 locations are areas where buildings with four or more stories are prevalent. For precise definitions, see 49 C.F.R. 192.5.
88.	NTSB, August 30, 2011, pp. 128-132.
89.	U.S. Office of Management and Budget, February 2012, p. 1046.
90.	John D. Porcari, Deputy Secretary, U.S. Department of Transportation, Testimony before the House Committee on Transportation and Infrastructure, Hearing on the Enbridge Pipeline Oil Spill in Marshall, MI, September 15, 2010.
91.	Linda Daugherty, Pipeline and Hazardous Materials Safety Administration, Testimony before the National Transportation Safety Board hearing "Natural Gas Pipeline Explosion and Fire, San Bruno, CA, September 9, 2010," March 2, 2011.
92.	Linda Daugherty, Pipeline and Hazardous Materials Safety Administration, personal communication, December 13, 2012.
93.	Linda Daugherty, December 13, 2012.
94.	Pipeline and Hazardous Materials Safety Administration, personal communication, November 4, 2010.
95.	U.S. Department of Transportation, Pipeline And Hazardous Materials Safety Administration, FY 2011 Budget Request, February 1, 2010, p. 31, http://www.dot.gov/budget/2011/budgetestimates/phmsa.pdf.
96.	Linda Daugherty, December 13, 2012.
97.	National Association of Pipeline Safety Representatives, RE: Request for Waiver of Prior Three Year Average State Expense Component of the Pipeline Safety Grant Program, letter to Mr. Jeffrey D. Weise, Associate Administrator for Pipeline Safety, Pipeline And Hazardous Materials Safety Administration, October 15, 2010, http://www.wutc.wa.gov/webimage.nsf/web+objects/CCOPS_DOCs_by_Year/$file/NAPSR%20letter%20to%20PHMSA%20dated%2010-15-09-Waiver%20Request.pdf.
98.	Stephanie Seay, "Budget Woes May Impede Local Pipe Safety Efforts," Gas Daily, November 8, 2010.
99.	The Honorable Cynthia Quarterman, Administrator, Pipeline and Hazardous Materials Safety Administration, Remarks at the "Different Pathways to a Common Goal: PIPA, Damage Prevention, & Greater Public Awareness and Involvement Conference," Pipeline Safety Trust, New Orleans, LA, November 5, 2010.
100.	Senator Daniel K. Inouye, opening statement before the Senate Committee on Commerce, Science and Transportation, hearing on the President's FY2006 Budget Request for the Transportation Security Administration (TSA), February 15, 2005.
101.	Congressman Gus M. Bilirakis, Remarks before the House Committee on Homeland Security, Subcommittee on Management, Investigations, and Oversight hearing on "Unclogging Pipeline Security: Are the Lines of Responsibility Clear?," Plant City, FL, April 19, 2010.
102.	Department of Homeland Security, "Intent to Request Approval from OMB of One New Public Collection of Information: Pipeline Corporate Security Review," 74 Federal Register 42086, August 20, 2009.
103.	U.S. Government Accountability Office, Transportation Security: Comprehensive Risk Assessments and Stronger Internal Controls Needed to Help Inform TSA Resource Allocation, GAO-09-492, March 2009, p. 30, http://www.gao.gov/new.items/d09492.pdf.
104.	For example, see Hon. William J. Pascrell, Jr., statement at the House Committee on Transportation and Infrastructure, Subcommittee on Highways, Transit and Pipelines, hearing on Pipeline Safety, March 16, 2006.
105.	TSA, Pipeline Security Division, personal communication, November 5, 2010.
106.	Congressman Gus M. Bilirakis, April 19, 2010.
107.	The committee print is available at http://homeland.house.gov/sites/homeland.house.gov/files/documents/pdf/091411_TS_Subcommittee%20Print.pdf.
108.	John Upton, "Gas Fueled Blaze for Almost Two Hours," San Francisco Examiner, September 15, 2010.
109.	National Transportation Safety Board, Texas Eastern Transmission Corporation Natural Gas Pipeline Explosion and Fire, Edison, New Jersey, March 23, 1994, NTSB/PAR-95/01, January 18, 1995.
110.	U.S. Department of Transportation, Remotely Controlled Valves on Interstate Natural Gas Pipelines, September 1999, p. 22.
111.	U.S. Department of Transportation, September 1999, pp. 23-24.
112.	Rich Connell, John Hoeffel and Marc Lifsher, "Lawmakers Move to Impose New Requirements for Pipeline Shutoff Valves," Los Angeles Times, September 14, 2010.
113.	Christina Sames, Vice President, American Gas Association, Remarks at the Different Pathways to a Common Goal: PIPA, Damage Prevention, & Greater Public Awareness and Involvement Conference, Pipeline Safety Trust, New Orleans, LA, November 4, 2010
114.	National Transportation Safety Board (NTSB), Pipeline Special Investigation Report: Evaluation of Accident Data and Federal Oversight of Petroleum Product Pipelines, NTSB/SIR-96/02, 1996, p. 37.
115.	Ibid.
116.	Ibid. p. 39.
117.	49 CFR 195.452(i)(4)
118.	Pacific Gas and Electric Company, "Re: Updates on Natural Gas Transmission System," Letter to the California Public Utilities Commission, October 25, 2010, p. 2-2, http://www.pge.com/includes/docs/pdfs/about/newsroom/puc_updates_oct252010.pdf.
119.	Cecil R. Sparks, Thomas R. Morrow, and John P. Harrell, "Cost Benefit Study of Remote Controlled Main Line Valves, Final Report to Gas Research Institute," Southwest Research Institute, San Antonio, TX, Report No. GRI- GRI-98/0076, May 1998.
120.	U.S. Department of Transportation, September 1999, p. 11.
121.	Pacific Gas and Electric Company, October 25, 2010, p. 2-3.
122.	John Upton, "PG&E Faces High Costs on Pipelines," New York Times, March 3, 2011.
123.	Oak Ridge National Laboratory, Studies for the Requirements of Automatic and Remotely Controlled Shutoff Valves on Hazardous Liquids and Natural Gas Pipelines with Respect to Public and Environmental Safety, ORNL/TM-2012/411, October 31, 2012, p. xxviii.
124.	Ibid.
125.	Charles H. Batten, "Engineering Analysis of Olympic Pipe Line Company's Safety and Risk Mitigation Features for Application No. 96-1 Cross Cascade Pipeline Project," Batten & Associates, Inc., Locust Grove, VA, February 8, 1999, p. 19, http://www.efsec.wa.gov/oplarchive/oplpft/Cca/chb-3.pdf.
126.	National Transportation Safety Board, Pipeline Accident Summary Report: Natural Gas Pipeline Rupture and Fire During Dredging of Tiger Pass, Louisiana, October 23, 1996, PR98-916501, NTSB/PAR-98/01/SUM, September 28, 1998, p. 15.
127.	See, for example: Tyler Williams, "Cyber Security Threats to Pipelines and Refineries," Pipeline & Gas Journal, November 1, 2007.
128.	Pipeline and Hazardous Materials Safety Administration, Leak Detection Study—DTPH56-11-D-000001, Final Report No. 12-173, prepared by Kiefner & Associates, Inc., Worthington, OH, December 10, 2012.
129.	U.S. Department of Transportation, September 1999, pp. 19-20.
130.	William M. Nugent, First Vice President, National Association of Regulatory Utility Commissioners, testimony before the Senate Energy and Natural Resources Committee hearing on Federal, State, and Local Impediments to Siting Energy Infrastructure, May 15, 2001.
131.	National Commission on Energy Policy, Siting Critical Energy Infrastructure: An Overview of Needs and Challenges, Washington, DC, June 2006, p. 1.
132.	Energy Information Administration, Additions to Capacity on the U.S. Natural Gas Pipeline Network: 2005, August 2006. p. 11.
133.	Federal Energy Regulatory Commission (FERC), "Commission Approves Revised $1 Billion Millennium Pipeline Project to Bring New Gas Service to the Northeast," press release, December 21, 2006. See, for example: Randal C. Archibold, "Fighting Plans for a Gas Pipeline: Not Under My Backyard," New York Times, August 7, 2001.
134.	See, for example, Samantha Santa Maria, "Energy Projects: Rockies Express Add-on Pipe Projects Face Several Obstacles to Building in US Northeast," Inside F.E.R.C., October 22, 2007.
135.	U.S. Department of Transportation, "DOT Issues Much-Anticipated Rules to Enhance Pipeline Safety," Office of Public Affairs, press release, December 3, 2009.
136.	See, for example: Representative James L. Oberstar, Statement before the House Committee on Transportation and Infrastructure, Hearing on the Enbridge Pipeline Oil Spill in Marshall, MI, September 15, 2010.
137.	S.L. Gerard, Pipeline and Hazardous Materials Administration, testimony before the House Energy and Commerce Committee, Energy and Air Quality Subcommittee hearing on Pipeline Safety, Serial No. 109-84, April 27, 2006, p. 14.
138.	Ibid. These figures only reflect administrative enforcement cases. They exclude cases that PHMSA has referred to the Department of Justice for civil and criminal enforcement under 49 CFR 190.231 and 190.235.
139.	Pipelines and Hazardous Materials Safety Administration, "Civil Penalty Cases: Nationwide," web page, February 8, 2012, http://primis.phmsa.dot.gov/comm/reports/enforce/CivilPenalty_opid_0.html?nocache=9398; "Colorado Pipeline Company Fined 2.3 Million After Explosion," Clean Skies News, December 1, 2009.
140.	PHMSA, February 8, 2012.
141.	Pipeline and Hazardous Materials Safety Administration, Consent Agreement: In the Matter of Kinder Morgan Energy Partners, L.P., Respondent, CPF No. 5-2005-5025H, April 4, 2006.
142.	Kinder Morgan Energy Partners, L.P., "Kinder Morgan Energy Partners Enters into Consent Agreement with PHMSA," press release, Houston, TX, April 10, 2006.
143.	U.S. Environmental Protection Agency, "Kinder Morgan, SFPP Agree to Pay Nearly $5.3 Million to Resolve Federal And State Environmental Violations," press release, May 21, 2007.
144.	U.S. Environmental Protection Agency, "Plains Pipeline to Spend $41 Million to Prevent Oil Spills Across 10,000 Miles of Pipeline," press release, August 10, 2010.
145.	Enbridge Energy Partners, L.P., Enbridge Energy Partners, L.P. Third Quarter 2010 Earnings, Slide presentation, October 28, 2010, p. 8, http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MjY2NzE3N3xDaGlsZElEPTQwMTI5MXxUeXBlPTI=&t=1.
146.	Enbridge Energy Partners, L.P., October 28, 2010, p. 8.
147.	"Olympic Pipe Line, Others Pay Out Record $75 Million in Pipeline Explosion Wrongful Death Settlement," Business Wire, April 10, 2002.
148.	National Transportation Safety Board, Pipeline Accident Report, PAR-03-01, February 11, 2003.
149.	El Paso Corp., Quarterly Report Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934, Form 10-Q, for the period ending June 30, 2002, Houston, TX, 2002.
150.	El Paso Corp., 2002.
151.	For further discussion and analysis of Canadian oil sands pipeline issues, see CRS Report R41875, The U.S.-Canada Energy Relationship: Joined at the Well, by [author name scrubbed] and [author name scrubbed].
152.	Canadian Association of Petroleum Producers (CAPP), "Crude Oil: Forecast, Markets & Pipelines," Calgary, AB, June 2010, p. 7, http://www.capp.ca/GetDoc.aspx?DocId=173003; CRS analysis.
153.	See CRS Report R41668, Keystone XL Pipeline Project: Key Issues, by [author name scrubbed] et al.; U.S. Department of State, "Briefing on the Keystone XL Pipeline," briefing transcript, January 18, 2012, http://www.state.gov/r/pa/prs/ps/2012/01/181492.htm; TransCanada Corp., "TransCanada Will Re-Apply for a Keystone XL Permit," press release, January 18, 2012.
154.	TransCanada has proposed a pipeline spur from the Keystone XL pipeline to the Bakken oil shale field in Montana, North Dakota, and South Dakota, known as the Bakken Marketlink Project.
155.	Anthony Swift, Susan Casey-Lefkowitz, and Elizabeth Shope, "Tar Sands Pipelines Safety Risks," Natural Resources Defense Council, February 2011, p. 6.
156.	Canadian Energy Resources Conservation Board, "ERCB Addresses Statements in Natural Resources Defense Council Pipeline Safety Report," press release, Calgary, Alberta, February 16, 2011.
157.	GAO, Pipeline Security and Safety: Improved Workforce Planning and Communication Needed, GAO-02-785, August 2002, p. 22.
158.	U.S. Department of Transportation, Office of Inspector General, May 21, 2008, p. 6.
159.	American Gas Association (AGA), American Petroleum Institute (API), Association of Oil Pipelines (AOPL), and American Public Gas Association (APGA), joint letter to members of the Senate Commerce Committee providing views on S. 1052, August 22, 2005.
160.	T.J. Barrett, Administrator, Pipeline and Hazardous Materials Safety Administration, Testimony before the Senate Committee on Commerce, Science, and Transportation on Federal Efforts for Rail and Surface Transportation Security, January 18, 2007.
161.	Sammon, John, Transportation Security Administration, Testimony before the House Transportation and Infrastructure Committee, Railroad, Pipelines, and Hazardous Materials Subcommittee hearing on Implementation of the Pipeline Inspection, Protection, Enforcement, and Safety Act of 2006, June 24, 2008.
162.	TSA, Pipeline Security Division, personal communication, February 17, 2009.
163.	Jack Fox, General Manager, Pipeline Security Division, Transportation Security Administration (TSA), remarks before the Louisiana Gas Association Pipeline Safety Conference, New Orleans, LA, July 25, 2012.
164.	National Energy Board of Canada, Proposed Regulatory Change (PRC) 2010-01, Adoption of CSA Z246.1-09 Security Management for Petroleum and Natural Gas Industry Systems, File Ad-GA-SEC-SecGen 0901, May 3, 2010, p. 1, https://www.neb-one.gc.ca/ll-eng/livelink.exe/fetch/2000/90463/409054/614444/A1S7H7_-_Proposed_Regulatory_Change_(PRC)_2010-01.pdf?nodeid=614556&vernum=0.
165.	National Transportation Safety Board, NTSB Issues Urgent Safety Recommendations as a Result of Preliminary Findings in San Bruno Pipeline Rupture Investigation; Hearing Scheduled For March," SB-11-01, press release, January 3, 2011.
166.	Ibid.
167.	Linda Daugherty, March 2, 2011.
168.	Dina Cappielo, "What Lies Beneath," Houston Chronicle, November 12, 2006, p. A1.
169.	"Pig" is the common acronym for "pipeline inspection gauge."
170.	Pete Carey, "Pipeline Inspection Not an Exact Science," San Jose Mercury News, October 11, 2010.
171.	The Pipeline Safety Improvement Act of 2002 (P.L. 107-355) directed the DOT to issue regulations on using internal inspection, pressure testing, and direct assessment to natural gas pipelines in high consequence areas.
172.	Christina Sames, Vice President, American Gas Association, November 4, 2010.
173.	John Kiefner, "Overview of Hydrostatic Testing," presentation to the Hydrostatic Testing Symposium, California Public Utilities Commission, May 6, 2011, http://www.cpuc.ca.gov/NR/rdonlyres/1A47C67C-4398-49CA-B52A-A8B5CD13457B/0/HydrostaticTestingSymposiumPresentationMaterialsversiontopost.pdf.
174.	For an example of such a review, see "The Northern Great Plains at Risk: Oil Spill Planning in Keystone Pipeline System, Plains Justice," Billings, MT, November 23, 2010.
175.	Sharon Theimer, "Government Lacks Copies of Emergency Response Plans Developed by Gas Pipeline Operators," Associated Press, October 6, 2010.
176.	Andrew Black, President, Association of Oil Pipe Lines, Remarks at the Different Pathways to a Common Goal: PIPA, Damage Prevention, & Greater Public Awareness and Involvement Conference, Pipeline Safety Trust, New Orleans, LA, November 5, 2010.
177.	Rob Rogers, "Photo Shows Broken Silvertip Pipeline in Yellowstone River," Billings Gazette, September 7, 2011.
178.	Cynthia L. Quarterman, Administrator, Pipeline and Hazardous Materials Safety Administration, testimony before the House Committee on Transportation and Infrastructure, Subcommittee on Railroads, Pipelines, and Hazardous Materials Hearing on the Silvertip Pipeline Oil Spill in Yellowstone County, Montana," July 14, 2001, p. 4.
179.	American Gas Association, "Utilities Work Towards Increased Safety for Natural Gas Infrastructure," press release, November 14, 2012.
180.	Interstate Natural Gas Association of America, "Interstate Natural Gas Pipelines Committed to Safety," press release, November 14, 2012.
181.	Association of Oil Pipelines, "Pipeline Operators Welcome NTSB Focus on Pipeline Safety," press release, November 14, 2012.