Hydrant, Hydraulics, and Water System Data Disclosure Risks

Most fire departments spend years hardening their cyber perimeter and locking down patient data. Rightly so. Then they publish their entire tactical water supply picture on the city open data portal.

Hydrant flow rates, water main pressures, valve locations, relay pumping routes, and machine-readable GIS layers. All downloadable by anyone.

I want to be clear about the threat model. This is not about someone finding a hydrant location and vandalizing it. That is old risk, already managed. The new risk is someone assembling a complete hydraulic profile of your response district, identifying every weak node, and using that data to plan an attack.

Fire Department Hydrant Flow Data Security Risk

The data that matters is not the hydrant's location. That is public record in most states, and it should stay public. Firefighters need to find hydrants. The public deserves to know the city maintains coverage.

The data that matters is the performance characteristics behind each hydrant node.

• Gallons per minute at residual pressure. That tells an adversary exactly where suppression operations will fail.
• Static and residual pressure readings. That maps the weak edges of the distribution system.
• Valve position and isolation zone data. That shows where a small physical attack can disable water to a hospital, a power plant, or a high-density residential block.

A single hydrant flow test result is harmless in isolation. A hundred points plotted against a city GIS layer, analyzed for systemic weakness, gives an operator a targeting package. The adversary does not need to find the vulnerability. They download it.

Public Records Request Exemptions for Critical Infrastructure

The legal path here is clearer than most chiefs assume. FOIA and state open records laws typically include exemptions for records whose disclosure would jeopardize public safety or critical infrastructure security.

CISA has published guidance on Sensitive Security Information (SSI) for water systems. Many states have parallel statutes under their homeland security or infrastructure protection frameworks.

The mistake departments make is either: (a) denying every request outright, which guarantees a lawsuit they will lose on the hydrant-location question, or (b) handing over the full hydraulic model without review.

If someone wants a structured approach to hydraulic data classification, use structured disclosure. Release the location data but redact the node-level flow and pressure readings under the applicable security exemption. Release aggregated performance data by district as a compromise that satisfies transparency without providing a targeting package. Attach the legal citation to each redaction so the record is complete and the justification is visible.

If you have a CJIS or HIPAA compliance program already, you have the same record management framework. Apply it to hydraulic data the same way.

I wrote about CJIS Compliance for Fire and EMS a few months ago. The same principle applies here: general availability for basic data, verified-professional access with an agreement for the raw model, and audit logs for every query.

Securing Water System Hydraulic Maps from Cyber Threats

Most hydraulic data is now stored in modeling software, often cloud-hosted. Vendors provide public dashboards so contractors and city planners can view the system without logging in. Those dashboards are the leak.

Check your vendor's authentication model. If the hydraulic map dashboard can be accessed without a login, it will be scraped. If the API serving GIS layers to the public portal is the same API serving your internal model, the distinction between public and internal does not exist.

A few practical controls:

• Require authentication for all hydraulic map views, including contractor-facing dashboards.
• Separate the public GIS layer from the performance GIS layer. Two separate data stores, two separate access policies.
• Audit log any export, download, or bulk query on hydraulic performance data. This includes CSV exports, PDF generation, and API calls returning node-level data.
• Set up alerting on unusual query patterns. Three requests in a week for flow data at a specific hospital block is a signal. Five requests for the same valve cluster from five different IPs is an investigation.

The SCADA link is the harder problem. If an adversary knows which pumps serve the weakest pressure zones, they know which SCADA targets to hit first during a coordinated attack. Hydraulic data enriches a cyber attack on water infrastructure. It maps the terrain for someone who intends to cause harm.

How to Protect Fire Department Tactical Water Supply Data

Internally, the fire department's tactical water supply maps should be classified at the same level as pre-incident plans. They are operational intelligence, not public information.

A few departments I work with have adopted a simple three-tier model:

• Public: Hydrant location, color coding for approximate flow range (good, fair, low), and aggregated district flow averages.
• Department and mutual aid only: Node-level flow test results, static and residual pressures, preferred drafting locations, and relay pump routes.
• Engineers and water authority only: Full hydraulic model including pipe diameter, valve position, isolation zones, and SCADA telemetry points.

The public tier lives on the open data portal. The department-level tier lives in the RMS with access controls. And the engineering tier stays in the water authority's system with individual authentication.

This model survives a FOIA challenge because Tier 1 satisfies the transparency requirement. The data is public. It is just not tactical.

Frequently Asked Questions

Is hydrant flow data considered a public record?

In most states, the hydrant's location is public record. Whether flow and pressure data is public depends on whether your state's critical infrastructure or security exemption applies to water distribution systems. Many states permit redaction of performance data that would expose systemic weakness. You need to check your specific statute, but the exemption exists in most jurisdictions.

How can an adversary use water system data to cause harm?

Flow and pressure maps identify weak nodes in the water distribution system. An adversary can use that data to plan physical attacks on valves or pipes in the correct location, or to prioritize SCADA targets that would disable water supply to critical facilities during a coordinated event.

What is the best way to handle a FOIA request for detailed hydraulic maps?

If someone files a FOIA request for the hydraulic model, use structured redaction. Release the general information they asked for, but redact node-level performance metrics under your state's critical infrastructure exemption. Attach the specific legal citation to each redaction, and do it transparently so the record shows what was withheld and why. This approach is defensible in court because you gave them what they asked for at the level the law requires.

Who should have access to the full hydraulic model?

Verified professionals with a demonstrated need. Your water authority engineers, the department's fire prevention or planning officer, and contracted engineers under NDA. Everyone else gets the aggregated public tier.

---

The water supply is the tactical terrain of every working fire. Publishing precise node-level performance data removes your ability to choose the ground on which you operate. Separate the transparency requirement from the tactical risk. Release the aggregate and protect the node.

-- Steven