Re: OK, here's a risk analysis question for you ...

[Dan Kaminsky <dan () doxpara com>]

> p.s. I have noticed that BP has assiduously avoided making an accurate
> estimate of the actual volume per unit time.  The press is still citing
> the long-obsolete, hastily-calculated 5000 bl/day figure, but it appears
> that multiple independent methods of estimating the rate all yield MUCH
> higher numbers, as in "an order of magnitude higher":
*shrugs*

It's been amateur hour in the independent estimates, I think in an attempt
to (in the long term) discredit the amateurs.  For example, there's this
piece:

http://www.examiner.com/examiner/x-8199-Breakthrough-Energy-Examiner~y2010m5d13-A-volcano-of-oil-erupting

...which has fun things like a delusion that the pipe is five feet in
diameter (it's 18 inches) and, of course:

===
What we are seeing now could be small compared to what may yet unfold if
things break apart, as they can do under such circumstances.  If this thing
blew, it could be like the Yellowstone
Caldera<http://en.wikipedia.org/wiki/Yellowstone_Caldera>,
except from below a mile of sea, with a 1/4-mile opening, with up to 150,000
psi of oil and natural gas behind it.
===

Dude goes on to discuss "extinction level events", like Ixtoc never
happened.  Hint:  We're still here (and that damn thing took 293 days to
shut).

Then there was the thing that hit CNN:

===

Wereley said he spent two hours Thursday analyzing the video using a
technique called particle image velocimetry. He said there is a 20 percent
margin of error, which means between 56,000 and 84,000 barrels could be
leaking daily.

"You can't say with precision, but you can see there's definitely more
coming out of that pipe than people thought," he said. It's definitely not
5,000 barrels a day."
===

I'm much more of a graphics/computer guy than you'd guess (I was into
graphics long before I was into security), but two hours?  Really?  From a
blurry, compressed, 30fps video?  PIV is clearly a real discipline, but
looking at the Wikipedia page (
http://en.wikipedia.org/wiki/Particle_image_velocimetry), it seems to
generally involve lasers and tracer particles, not a crappy repurposed
stream.

Anyway, the best estimates I've seen came from a random Slashdot post, which
actually cited some checkable mathematics (
http://slashdot.org/comments.pl?sid=1651510&cid=32201876):

===

With the actual size of the pipe, however, you can get a pretty accurate
flow rate by estimating the pressure differential between the reservoir and
the head. The pressure on the reservoir should be about 15,000 psi (not
150,000, like the article states) - 5,000 feet of water plus 11,000 feet of
granite. The pressure of the water column is about 2,000 psi, rough
estimate. With a pressure differential of about 13,000 psi, an 11,000 foot
length of pipe, an estimated density of about 900 kg/m3 (it could actually
be anywhere from 750-950, 900 seems close to what other oil is in area), and
assuming a smooth pipe, you get about 15.6 gallons per second, or 0.37
barrels per second.

Worst case scenario you are looking at around 30,000 barrels per day. Since
there are a lot of factors involved (like the amount of friction imposed on
the oil as it seeps out of the reservoir rock), and all I have are
estimations, it is almost certainly a lot less than that. 5,000 barrels is
not an unlikely figure for what is actually flowing out of the pipe. It
isn't likely to be more than that by much at all, either, as I used pretty
ideal conditions for flow. It isn't really possible for much more to flow
up.
===

Anyway, my personal suspicion is that we'll find out the flow rate was
larger than 5,000bpd, but nowhere near these crazy ass numbers that are
being pulled out of random engineer's asses.  Sometimes, the right answer
really is, "I don't know".  Not that the press quotes people who say that.

I gotta say, there's a reason the rest of the engineering world looks down
on "software engineers".

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.