Baker Hughes FlexPIG AI · TDW SmartScan AI · Eddyfi ILI AI · PHMSA 49 CFR 195 Integrity Management · API 1160 · MFL corrosion detection AI · stress corrosion cracking (SCC) AI
Prompt injection in pipeline integrity inspection AI
The United States hazardous liquid and natural gas pipeline network spans approximately 3.3 million kilometres of onshore and offshore pipe operated by 2,700+ operators under PHMSA (Pipeline and Hazardous Materials Safety Administration) jurisdiction. Integrity management of this network relies on periodic inline inspection (ILI) — the deployment of instrumented “pig” tools that travel through the pipe interior and record magnetic flux leakage (MFL), ultrasonic wall thickness (UT), electromagnetic acoustic transduction (EMAT), and high-resolution camera imagery of the pipe bore surface — as the primary method of detecting corrosion, cracking, dents, and mechanical damage before a pipeline ruptures. PHMSA’s Integrity Management regulation (49 CFR 195.452 for hazardous liquids; 49 CFR 192.917 for natural gas) requires operators to assess pipeline segments in “High Consequence Areas” (HCAs — population centres, drinking water sources, ecological reserves) using ILI on a defined reassessment interval (typically 5–7 years for MFL, 3–5 years for SCC susceptible pipe). Baker Hughes FlexPIG, TDW SmartScan, Eddyfi Technologies, and PureHM Technologies have each deployed AI classification engines that process rendered MFL anomaly map images, UT B-scan cross-sectional images, and colour camera frames from the pig interior camera into defect call reports — the formal output that drives excavation and repair decisions. An adversarial pixel injection at the AI classification boundary — where a rendered MFL anomaly heatmap or UT B-scan is presented to a convolutional defect classifier — that suppresses a corrosion pit or SCC colony from the AI’s feature map can cause a false “no action required” fitness-for-service assessment for a pipe segment that should be excavated and repaired, leaving a weakened section of pipe in service until it fails. The 2010 PG&E San Bruno gas transmission pipeline rupture (8 fatalities, 58 structures destroyed, NTSB PAB-11-01) and the 2016 Colonial Pipeline gasoline release in Shelby County, Alabama (PHMSA INC201603081) are the proximate consequence envelopes for PHMSA-regulated ILI programme failures — not from ILI AI adversarial injection directly, but as data points on the consequence severity when ILI misses a critical defect.
TL;DR
Pipeline integrity inspection AI — ILI pig MFL AI, UT B-scan AI, and aerial corrosion patrol AI — processes rendered sensor images at classification boundaries where adversarial pixel injection can suppress corrosion pits, crack colonies, and SCC detections. A missed SCC colony in a high-consequence area that leads to pipe rupture produces a vapour cloud explosion or hazardous liquid spill with multi-kilometre consequence radius. PHMSA 49 CFR 195.452 / API 1160 do not yet require adversarial robustness testing for ILI AI classifiers. Glyphward threshold 40 for pipeline integrity AI contexts. Free tier — 10 scans/day, no card required.
Four adversarial injection surfaces in pipeline integrity inspection AI
1. MFL anomaly map image AI (Baker Hughes FlexPIG, TDW SmartScan, NDT Global)
Magnetic flux leakage (MFL) inspection pigs magnetise the pipe wall to near-saturation using permanent magnets and measure flux leakage at each discrete sample position using Hall-effect sensor arrays. The raw sensor data is rendered into an MFL anomaly map — a 2D colour-coded image where the horizontal axis represents the axial pipe position (in metres from a reference launcher), the vertical axis represents the circumferential sensor array position (clock position from 12 o’clock), and the pixel colour encodes flux leakage amplitude (red = high leakage = metal loss; blue = background). AI classification of MFL anomaly map images determines: whether a candidate flux leakage signal is a real metal-loss defect (corrosion pit, surface gouge) or a benign feature (weld seam, mill scale variation, circumferential weld cap); the defect depth (percentage of nominal wall thickness affected — the primary input to remaining strength calculations under ASME B31G or RSTRENG); the defect length and width in the axial and circumferential planes; and whether the signal matches patterns characteristic of stress corrosion cracking (SCC) — which produces a distinctive MFL signal profile of closely spaced low-amplitude anomalies that an MFL AI trained on SCC colonies identifies as distinct from corrosion pitting.
Baker Hughes’ FlexPIG AI classifier processes rendered MFL anomaly map TIFF images from the pig’s 1,000+ sensor channel output at a resolution of 1mm axial × 5mm circumferential per pixel. TDW’s SmartScan AI and NDT Global’s AI classification system process architecturally equivalent renders — the MFL anomaly map image format is standardized across ILI vendors under the Pipeline Operators Forum (POF) ILI data specification, meaning the adversarial injection surface is structurally identical across all major ILI providers. An adversarial perturbation on a rendered MFL anomaly map image that reduces the peak red-channel intensity of a corrosion pit signature — shifting the anomaly from 35% wall loss (above the ASME B31G 80% SMYS burst pressure calculation threshold for repair) to 25% wall loss (below threshold, “monitor only”) — causes the ILI AI to classify the defect as “no immediate action required” in the fitness-for-service (FFS) assessment, bypassing excavation and repair. In a high-consequence area (HCA) crossing within 200 metres of a population centre, the operator’s PHMSA-required 6-month remediation deadline for critical anomalies (49 CFR 195.452(h)(4)) is never triggered because the AI-generated defect call report does not flag the anomaly as exceeding the repair threshold.
2. UT B-scan cross-sectional image AI (ROSEN RoCorr UT-C, Eddyfi Technologies, Olympus NDT)
Ultrasonic testing (UT) ILI pigs transmit pulsed ultrasonic beams perpendicular to the pipe wall and measure the time-of-flight of the return pulse from the inner and outer pipe surface to compute wall thickness at each measurement point. The UT data is rendered into B-scan images — cross-sectional views of the pipe wall where the horizontal axis represents the axial pipe position and the vertical axis represents the wall thickness from ID to OD, with pixel intensity encoding the UT amplitude response at each depth. AI classification of UT B-scan images determines whether anomalies in the B-scan represent: general corrosion (broad wall-thinning zones, ID or OD surface origin); pitting corrosion (localised sharp-walled depressions, higher depth-to-width ratio than general corrosion); axial cracks (linear anomalies oriented parallel to the pipe axis — EMAT UT is the preferred tool but conventional UT detects large cracks); circumferential cracks (linear anomalies perpendicular to flow, detected by shear-wave UT); laminar flaws (hydrogen-induced cracking, anomalies at mid-wall depth rather than surface-origin). ROSEN’s RoCorr UT-C AI and Eddyfi Technologies’ UT AI classifiers process rendered UT B-scan JPEG or TIFF images from the pig’s circumferential transducer array, generating defect call reports in PHMSA-required ILI data formats (POF PODS 4.0 or operator-specific defect CSV).
An adversarial perturbation on a rendered UT B-scan image that introduces a smoothing artefact across the depth profile of a hydrogen-induced cracking (HIC) laminar flaw — blurring the mid-wall amplitude signature into the surrounding material noise floor — causes the UT AI to classify the B-scan segment as “sound metal” rather than “HIC colony.” HIC — which forms in pipe manufactured from high-sulphur steel in wet hydrogen sulphide (H2S) service environments (common in sour crude oil and produced water pipelines) — can propagate slowly for years before causing a step-change brittle fracture with no macroscopically visible deformation. A missed HIC colony in a sour gas transmission pipeline — operating at 8 MPa and transporting H2S concentrations above the OSHA IDLH threshold of 50 ppm — that ruptures in an HCA produces a toxic vapour cloud with a potential lethal-concentration zone (IDLH within 1 km downwind under ALOHA dispersion modelling) and a secondary explosion risk from the natural gas component. The 2011 PG&E San Bruno rupture (operated at 69 bar; SCC + pre-existing manufacturing defect in seam weld not detected by ILI programme) established that ILI defect call report quality is a direct proximate cause of pipeline rupture consequences.
3. Aerial drone corrosion and coating inspection AI (AeroVironment HAPS, Percepto Arc, Flyability Elios)
Above-ground corrosion inspection of pipeline rights-of-way, valve stations, compressor stations, and above-ground facility piping uses autonomous drone patrol systems equipped with RGB and infrared cameras to detect external corrosion, coating disbondment, and mechanical damage. Percepto Arc autonomous drone stations (deployed at Chevron, ExxonMobil, and BP facility sites), Flyability Elios confined-space inspection drones, and AeroVironment HAPS (High Altitude Pseudo-Satellite) airborne inspection platforms process RGB camera frames and infrared thermal images through AI corrosion classifiers that identify: pipeline coating holidays (areas of disbonded or missing coating where the bare steel substrate is visible as a colour contrast against intact coating); rust staining patterns (surface corrosion indicating early-stage metal loss on exposed steel); external pitting corrosion (the three-dimensional pitting texture visible in close-range RGB images); and thermal anomalies in insulated piping (hot or cold spots indicating insulation failure and potential CUI — Corrosion Under Insulation — condensation zones that drive external corrosion beneath the insulation blanket). The AI classifier processes rendered drone camera frames at 4K resolution (3840×2160 pixels per frame) and generates inspection reports flagging GPS-tagged anomaly locations for follow-up excavation or coating repair scheduling.
An adversarial perturbation on a rendered drone RGB camera frame that shifts the colour signature of a coating holiday — filling in the exposed bare steel brownish tone with the olive-green texture of intact epoxy coating using a ±8 DN pixel shift within the JPEG compression noise floor — causes the corrosion AI to classify the frame as “coating intact, no anomaly” for a section of pipe that has a coating holiday and active external corrosion initiation site. External corrosion detected by drone patrol that exceeds the 20% wall loss threshold under NACE SP0169-2013 (“Control of External Corrosion on Underground or Submerged Metallic Piping Systems”) would trigger a cathodic protection survey and potential excavation; adversarial suppression of the coating holiday detection prevents this trigger. For onshore liquid petroleum pipelines operating in high-consequence areas, PHMSA’s atmospheric corrosion inspection requirements (49 CFR 195.583) require annual inspection of exposed piping and surface facilities — inspection intervals that depend entirely on the fidelity of the drone camera AI classification output for anomaly rate estimation.
4. ILI pig high-resolution camera image AI (CREAFORM PipeCheck, Eddyfi Pipe Scanner, GE Inspection Robotics)
High-resolution optical camera ILI systems — deployed in gas transmission pipelines where the medium is transparent (unlike liquid-filled crude oil lines) — transmit a camera pig through the pipe bore and record continuous high-definition video of the pipe interior surface. AI classification of ILI camera frame sequences determines: dent severity and shape (smooth dent vs. gouged dent vs. dent with crack — the crack-in-dent combination is a primary SCC initiation site); manufacturing defect identification (longitudinal seam weld quality, surface lamination, rolled-in scale from the original steel manufacturing process); mechanical damage classification (third-party interference — e.g., a backhoe impact creating a fresh gouge on the outer pipe surface visible as a circumferential bright scratch on the camera image — that triggers PHMSA’s 72-hour emergency excavation requirement under 49 CFR 192.613 / 195.402(c)(10)); and geometry anomalies (ovality, wrinkling, buckle formation — which affect pig travel and may indicate external soil loading or landslide movement on a geohazard corridor). Creaform PipeCheck AI, GE Inspection Robotics’ camera pig AI, and Eddyfi’s optical inspection AI process individual camera frames at 1920×1080 resolution using CNNs trained on labelled defect libraries from vendor inspection histories.
An adversarial perturbation on a rendered ILI camera frame that suppresses a fresh mechanical gouge signature — smoothing the bright linear scratch of a backhoe strike against the existing surface texture noise of the pipe bore — causes the camera AI to classify the frame segment as “clean bore, no mechanical damage” rather than triggering the PHMSA 72-hour emergency excavation requirement. Unreported mechanical damage (third-party interference) is a leading cause of pipeline failure in populated areas: the National Transportation Safety Board (NTSB) identified third-party damage as the leading cause of fatal natural gas pipeline accidents in the period 2010–2020 (NTSB SS-21-01, “Safety Study on Natural Gas Distribution Pipeline Integrity”). PHMSA’s damage prevention programme (49 CFR 192.614) requires operators to investigate third-party contact reports within 1 hour if the pipeline is in a class 3 or 4 location (10+ structures within 200m of centreline) — a response timeline that the ILI camera AI’s defect call report directly drives when a pig run is in progress.
Integration: pipeline integrity inspection AI scanning with Glyphward pre-scan gate
The Glyphward scan gate for pipeline integrity AI belongs at the rendered image ingestion boundary before each AI classification step — before MFL anomaly map AI processes rendered heatmap images, before UT B-scan AI processes cross-sectional renders, before drone corrosion AI processes RGB camera frames, and before ILI camera AI processes pig video frames. Threshold 40 for pipeline integrity AI contexts reflects HCA consequence severity and the availability of complementary ILI technologies for cross-validation.
import asyncio, base64, hashlib, json
from datetime import datetime, timezone
from enum import Enum
from pathlib import Path
import httpx
GLYPHWARD_API_KEY = "YOUR_GLYPHWARD_API_KEY"
GLYPHWARD_SCAN_URL = "https://glyphward.com/v1/scan"
# Pipeline integrity AI contexts: threshold 40
# PHMSA 49 CFR 195.452 / 192.917, API 1160, ASME B31G / RSTRENG.
PIPELINE_AI_THRESHOLD = 40
class PipelineAIContext(Enum):
MFL_ANOMALY_MAP = "mfl_anomaly_map" # MFL pig rendered heatmap AI
UT_BSCAN = "ut_bscan" # UT pig B-scan cross-section AI
DRONE_CORROSION = "drone_corrosion" # Aerial RGB/IR coating inspection AI
CAMERA_PIG = "camera_pig" # ILI optical camera pig frame AI
class AdversarialPipelineImageError(Exception):
"""Raised when Glyphward detects adversarial pixel content in a pipeline
integrity AI rendered image above threshold 40.
Consequence if not raised: corrosion pit / SCC / crack suppressed from
defect call report → no excavation trigger → pipe segment remains in
service past repair threshold → rupture in HCA → vapour cloud explosion
or hazardous liquid spill with multi-kilometre consequence radius.
Fail-safe: suppress AI classification, route to qualified ILI data analyst
(per API 1160 Section 6.2.2 human review requirement) for manual review.
"""
def __init__(self, scan_id: str, score: int,
context: PipelineAIContext,
pig_run_id: str, chainage_m: float | None,
flagged_region: dict | None = None) -> None:
self.scan_id = scan_id
self.score = score
self.context = context
self.pig_run_id = pig_run_id
self.chainage_m = chainage_m
self.flagged_region = flagged_region
super().__init__(
f"Adversarial pipeline image: "
f"context={context.value} score={score} "
f"pig_run={pig_run_id} chainage={chainage_m}m scan_id={scan_id}"
)
async def scan_pipeline_image(
image_bytes: bytes,
context: PipelineAIContext,
pig_run_id: str,
chainage_m: float | None,
operator_id: str,
pipeline_segment_id: str,
is_hca: bool,
client: httpx.AsyncClient,
) -> dict:
"""Scan a pipeline integrity AI image for adversarial content.
Fail-safe contract: AdversarialPipelineImageError or httpx error →
suppress AI defect classification, route to qualified ILI analyst for
manual review per API 1160 Section 6.2.2. Do not issue FFS assessment
or generate repair priority without clean scan for HCA segments.
Args:
image_bytes: MFL heatmap render, UT B-scan image, drone RGB frame,
or ILI camera pig frame bytes.
context: PipelineAIContext identifying the inspection modality.
pig_run_id: ILI run identifier from the inspection vendor.
chainage_m: Axial pipe position in metres from reference launcher.
operator_id: PHMSA operator ID.
pipeline_segment_id: Operator segment identifier.
is_hca: True if this chainage is within a PHMSA-defined HCA.
client: Shared httpx.AsyncClient for connection reuse.
Returns:
Glyphward scan result dict.
Raises:
AdversarialPipelineImageError: if score exceeds threshold 40.
httpx.HTTPStatusError: on Glyphward API error (fail-closed).
"""
image_hash = hashlib.sha256(image_bytes).hexdigest()
payload = {
"image": base64.b64encode(image_bytes).decode(),
"source": f"pipeline:{context.value}:{pig_run_id}:{chainage_m}",
"metadata": {
"pig_run_id": pig_run_id,
"chainage_m": chainage_m,
"operator_id": operator_id,
"pipeline_segment_id": pipeline_segment_id,
"is_hca": is_hca,
"image_sha256": image_hash,
"context": context.value,
},
}
resp = await client.post(
GLYPHWARD_SCAN_URL,
headers={"Authorization": f"Bearer {GLYPHWARD_API_KEY}"},
json=payload,
timeout=4.0,
)
resp.raise_for_status()
result = resp.json()
await _write_pipeline_scan_audit(
image_hash=image_hash,
scan_id=result["scan_id"],
score=result["score"],
context=context,
pig_run_id=pig_run_id,
chainage_m=chainage_m,
is_hca=is_hca,
flagged=result["score"] > PIPELINE_AI_THRESHOLD,
)
if result["score"] > PIPELINE_AI_THRESHOLD:
raise AdversarialPipelineImageError(
scan_id=result["scan_id"],
score=result["score"],
context=context,
pig_run_id=pig_run_id,
chainage_m=chainage_m,
flagged_region=result.get("flagged_region"),
)
return result
async def _write_pipeline_scan_audit(
*, image_hash: str, scan_id: str, score: int,
context: PipelineAIContext, pig_run_id: str,
chainage_m: float | None, is_hca: bool, flagged: bool,
) -> None:
record = {
"ts": datetime.now(timezone.utc).isoformat(),
"scan_id": scan_id,
"image_sha256": image_hash,
"context": context.value,
"score": score,
"threshold": PIPELINE_AI_THRESHOLD,
"flagged": flagged,
"pig_run_id": pig_run_id,
"chainage_m": chainage_m,
"is_hca": is_hca,
"regulatory_refs": [
"PHMSA 49 CFR 195.452 (Hazardous Liquid Integrity Management)",
"PHMSA 49 CFR 192.917 (Natural Gas Integrity Management)",
"API 1160 (Managing System Integrity for Hazardous Liquid Pipelines, 3rd ed.)",
"API RP 1176 (Assessment and Management of Cracking in Pipelines, 1st ed.)",
"ASME B31.8S (Managing System Integrity of Gas Pipelines)",
"NACE SP0169-2013 (Control of External Corrosion on Underground Metallic Piping)",
"PHMSA 49 CFR 192.613 (Emergency excavation response requirements)",
],
}
audit_path = Path("/var/log/glyphward/pipeline_ai_scan_audit.jsonl")
audit_path.parent.mkdir(parents=True, exist_ok=True)
with audit_path.open("a") as fh:
fh.write(json.dumps(record) + "\n")
Deploy scan_pipeline_image at each ILI AI rendered-image ingestion boundary: before MFL heatmap AI (threshold 40), before UT B-scan AI (threshold 40), before drone corrosion RGB frame AI (threshold 40), and before ILI camera pig frame AI (threshold 40). On AdversarialPipelineImageError: suppress AI defect classification, route the image and chainage position to a qualified ILI data analyst for manual review per API 1160 Section 6.2.2. For HCA segments: do not generate fitness-for-service assessments or repair priority scores based on adversarially flagged images without human review. Get early access
Related questions
What is PHMSA 49 CFR 195.452, and why does ILI AI adversarial injection create a compliance gap?
PHMSA 49 CFR 195.452 (Integrity Management for Hazardous Liquid Pipelines) requires operators of hazardous liquid pipelines to develop and implement an Integrity Management Programme (IMP) that identifies, assesses, and mitigates pipeline segments in High Consequence Areas (HCAs) — defined as areas within 200 metres of a populated place, a commercially navigable waterway, or a drinking water source. The IMP must use risk assessment to prioritise inspection intervals, apply qualified integrity assessment methods (ILI is the preferred method), and evaluate the results of each assessment to determine whether anomalies exceed repair thresholds within defined timelines (critical anomalies: 6 months; scheduled anomalies: 12 months; monitored anomalies: 5-year reassessment). The regulation requires that ILI data be evaluated by a “qualified individual” using established sizing and severity criteria — but does not specify that the AI classification pipeline that generates the defect call report from raw ILI sensor data must be tested for adversarial robustness. Because the PHMSA IMP framework treats the ILI AI’s defect call report output as an authoritative input to the operator’s repair priority schedule, an adversarial injection that systematically downgrades defect severity classifications across an HCA segment creates a structural gap between the IMP’s regulatory intent (identify and repair critical defects within 6 months) and the operator’s execution (no excavation triggered because the AI defect call report does not flag anything above the repair threshold).
How does stress corrosion cracking (SCC) differ from general corrosion in MFL images, and why is it harder for AI to classify correctly?
Stress corrosion cracking (SCC) is a pipe degradation mechanism caused by the combined action of tensile stress (from internal pressure and residual manufacturing stress), a corrosive environment (typically carbonate/bicarbonate soil electrolyte at high-pH, or dilute CO2/H2S environments at near-neutral pH), and susceptible material (high-strength steel with yield strength above 414 MPa / 60 ksi, typical of modern X60–X80 grade pipe). SCC initiates as a colony of multiple hairline cracks aligned axially on the outer pipe surface (OD-initiated) in tape-coated segments under cathodic protection shielding. In MFL images, SCC colonies produce a distinctive pattern: a cluster of closely-spaced, low-amplitude flux leakage signals with high axial density (many anomalies per linear metre) rather than the fewer, higher-amplitude signals characteristic of corrosion pitting. AI classifiers trained primarily on corrosion pitting datasets — which are the numerically dominant defect type in ILI history — have documented false-negative rates for SCC colony patterns because SCC signatures are morphologically distinct from pitting (wide shallow corrosion signals vs. narrow deep crack signals) and because SCC colonies are historically underrepresented in training datasets relative to their occurrence in high-grade steel gas transmission lines. Adversarial injection that shifts SCC colony pixel signatures toward corrosion-pitting morphology exploits this existing classifier weakness — and the SCC-specific assessment standard (API RP 1176) requires hydrostatic pressure testing or EMAT inspection as the preferred methods precisely because MFL classification of SCC is technically challenging even without adversarial attack.
What is the Pipeline Operators Forum (POF) ILI data format, and how does it affect adversarial injection risk?
The Pipeline Operators Forum (POF) ILI Data Format specification (“Specifications and Requirements for Intelligent Pig Inspection of Pipelines”, version 2009 and PODS 4.0 successor) defines the data structure that ILI vendors use to deliver defect call reports to pipeline operators: standardised CSV/XML files containing defect type, axial position (chainage), clock position (circumferential), depth (% wall loss), length, and width for each detected anomaly, along with inspection tool metadata and data quality certificates. The standardised format means that the AI classification pipeline that generates the defect call report from raw sensor data must output to a fixed schema — which limits the ILI vendor’s ability to add adversarial detection metadata to the delivered report without extending the POF schema. The real-time adversarial scan gate (as implemented in the Glyphward integration above) sits upstream of the AI classifier’s input, before the raw sensor renders are submitted to the CNN — so it operates independently of the POF output format and does not require changes to the delivered defect call report structure. The scan audit log records the adversarial detection result for each rendered image by chainage position, providing a parallel evidence trail that the operator can retain alongside the ILI data delivery package for regulatory documentation purposes under 49 CFR 195.452(l) (records retention).
Can Glyphward detect adversarial attacks on both MFL heatmap images and UT B-scan images from the same ILI run?
Yes. Glyphward’s adversarial detection pipeline processes any rendered image format — MFL flux leakage heatmaps (colour-coded 2D maps with red/blue/green channels encoding MFL amplitude at each axial-circumferential position), UT B-scan images (greyscale or false-colour cross-sectional renders with pixel intensity encoding UT amplitude or wall thickness), and RGB drone camera frames — using the same format-independent spectral analysis pipeline. The adversarial perturbation that suppresses a corrosion pit in an MFL heatmap (shifting red-channel peak intensity downward by ±12 DN) produces a structurally different pixel-domain perturbation signature than the perturbation that smooths a defect in a UT B-scan (introducing a low-frequency Gaussian blur kernel on the wall-loss region), but both produce characteristic high-frequency or low-frequency spectral fingerprints in the rendered image that Glyphward’s detection pipeline identifies. The PipelineAIContext enum parameter in the scan call ensures that Glyphward logs the correct modality-specific context for each scan — MFL heatmaps and UT B-scans from the same pig run would be submitted with MFL_ANOMALY_MAP and UT_BSCAN contexts respectively, generating separate scan IDs for each modality with the same chainage_m parameter for correlation.
Does PHMSA require adversarial robustness testing for ILI AI classification software?
PHMSA does not currently require adversarial robustness testing for ILI AI classification software. The applicable regulatory standard is API 1163 (“ILI Systems Qualification Standard”, 2nd ed. 2013) which specifies tool performance specifications (probability of detection, probability of identification, sizing accuracy at 80% confidence interval) that ILI vendors must validate through controlled pull-through tests in machined defect samples. API 1163 defines performance benchmarks in statistical terms — e.g., “90% probability of detection for corrosion features with depth ≥ 20% wall loss at 80% confidence level” — but does not address adversarial injection into the AI classification pipeline. NIST SP 1800-10 (“Protecting Information and System Integrity in Industrial Control System Environments”) covers ICS/OT cybersecurity including pipeline SCADA but does not address AI classification adversarial robustness specifically. The PHMSA Advisory Bulletin ADB-2022-02 (“Adoption of Artificial Intelligence and Machine Learning Technologies in Pipeline Safety Management”) encouraged operators to ensure AI tools “are tested and validated for their intended use” but did not establish specific adversarial robustness requirements. Adversarial robustness testing for ILI AI is an identified gap in all current API and PHMSA regulatory frameworks.
Further reading
- Prompt injection in transmission line inspection AI — EPRI SmartLine, drone RGB+thermal+UV inspection AI adversarial attacks
- Prompt injection in smart manufacturing ICS AI — SCADA process camera AI and quality inspection adversarial attacks
- Prompt injection in offshore platform inspection AI — ROV camera corrosion AI and riser inspection adversarial attacks
- Prompt injection in dam safety monitoring AI — seepage detection AI and spillway inspection adversarial attacks
- Prompt injection scanning API free tier — 10 scans/day, no card required