PASS Training & Compliance

View Original

Securing Your Veeder-Root ATG: Protecting Against Vulnerabilities in Remote Connectivity

When considering the potential vulnerabilities of a Veeder-Root Automatic Tank Gauge (ATG) system, especially with remote connectivity, bad actors could exploit several critical settings that might affect the safety and operations of a gas station. Here are the key settings and areas that could be compromised:

1. Tank Alarms and Thresholds

  • Alarms for Overfill, Leaks, or Sumps: Bad actors could disable or modify these alarms, leading to undetected fuel overfills or leaks. This could result in environmental hazards and non-compliance with safety regulations.

  • Leak Detection Sensitivity: Adjusting sensitivity settings could prevent the detection of small leaks that may escalate into serious safety or environmental issues.


2. Fuel Inventory Data

  • Fuel Levels and Delivery Controls: Hackers could manipulate fuel inventory data, causing inaccurate readings. This might lead to operational disruptions, like stopping fuel deliveries prematurely or even triggering false emergency shutdowns.


3. Tank Ullage (Remaining Tank Space) Settings

  • Manipulating the ullage (free space in a tank) could cause tanks to be overfilled, increasing the risk of fuel spills and dangerous vapor build-up, especially if alarms are disabled.

Potential Impact

  • Environmental Harm: Undetected leaks, overfills, or fuel spills could cause significant environmental damage, leading to costly cleanups and legal ramifications.

  • Operational Disruption: Misleading inventory data and manipulated alarms could cause fuel shortages, false shutdowns, or interruptions in fuel supply.

  • Compliance Violations: Tampered alarms and reporting could cause non-compliance with regulations, resulting in fines and legal issues for the station owner.

  • Safety Hazards: Fuel spills or vapor build-up from manipulated overfill settings could create fire or explosion risks, endangering both employees and customers.

How PASS Connect can help.
PASS Connect can help protect your Automatic Tank Gauge (ATG) system from remote hacking attempts through several key security features:

  1. Push Technology: Unlike traditional methods that rely on polling data (which can open vulnerabilities like firewall holes), PASS Connect uses a push-based approach. This eliminates the need for direct external access to the ATG, reducing the chances of a security breach by preventing unnecessary exposure to the internet​.

  2. Cloud-Based Infrastructure: PASS Connect operates via a secure, cloud-based platform. This means no on-site servers are required, which limits local hardware vulnerabilities. The cloud system ensures secure data handling and backups, offering protection from both physical and cyber threats​.

  3. Secure, Modular Design: The system is designed with modularity in mind, allowing businesses to choose only the features they need, minimizing the potential attack surface. Additionally, by relying on industry-standard protocols and offering flexible connection options (Ethernet, WiFi, or cellular), PASS Connect ensures secure communication channels for the ATG​.

These combined features provide comprehensive protection against cyberattacks, helping gas stations secure their fuel monitoring systems effectively.