Now that I might have made you a little more capable with using AI... I need to point out one common negative I'm seeing that I'm sure isn't unique to my company.

Just because you can do something with AI doesn't mean you should. What I mean by that: I see people who are completely ignorant to basic security best practices. Do not assume AI will build you a secure website or put access controls in place that will prevent the outside world from accessing your company's internal data.

Don't assume AI knows what third party plugins are safe, or that it shouldn't download random packages off the web and instead should use your internal repos.

I can almost guarantee that at any large scale company in the near future you will hear about someone using AI to vibe code some solution that had zero security and ends up creating a massive data breach as a result.

AI is already able to take any random person with an idea and with enough persistence, build them an app or a website or some random tool. Every time I've seen a vibe coded solution, it has had massive security gaps.

Here's the real problem: the security tools we have today to scan, identify, and flag insecure configurations are being completely outpaced by AI's ability to turn any random person into a developer. We're generating insecure code faster than our security tooling can catch it, and that gap is only getting wider.

If you don't understand the basics of what makes something secure in your domain, AI isn't going to magically fix that for you. It will happily generate code that works but is completely insecure. You still need to know enough to ask the right questions and validate what it's giving you.

fulshearAg96 said:

---

Hoyt Ag said:

---

Dr. Doctor said:

---

I do chemical plant design work and they have been trying to do "AI" on our work for YEARS.

Every plant/site is different and by the time you designed for one case, the next case destroys the work you do. There are some things you can do to automate things from simulation to datasheets to vendors, but a lot of that has been embraced and (hopefully) implemented in my past life.

The other avenue that's been under scruntiny since at least 2012-2013 is plant automation. But the stream of data from a single unit much less the WHOLE plant is very difficult to map and each plant (even for a single company) is different and takes years to try to implement for each site.

~egon

---

I work in power generation and we see the same things you describe. Each of our plants are designed different, even if built by same company and within a year or two of being built. I would venture to say only about 40% of our facilities are synonymous and the rest is much different. We have been presented some AI tools, some successful, but most fail miserably since they are all custom designs and not interchangeable with our other plalnts.

---

In both of the above examples is this something y'all have been attempting internally or do you have a S.I. supporting this? What type of software package(s)?

In both chemical and power generation you would have some pretty standard opportunities that would scale regardless of differing design builds - predictive maintenance is one example... The difference in design isn't your show stopper. Data volume can also be addressed. Net is this would come down to the right implementation partner, appropriate platform, and a budget. But yes I could DIY as an uphill climb

---

There are quite a few companies out there, as well as internal projects, that deal with modeling and simulations on the plants. At one site had the same employee working for like 30+ years doing simulations and updates to process control to predict, adapt and control a single polymer reactor system. Mostly upgrading the systems through the years of computers and such, but still getting the plant to the point of "click here" to start the plant and it works.

As a point of reference, I've done lots of work with LNG and NH3 work. While the actual Inside The Battery Limit (ISBL) work is typically a license package from a vendor (APCI, KBR, HT, Casale, COP, etc.) the other 'stuff' is open art. This is where things get...fun. And even though we have the same licensor, with the same 'style' of plant (say NH3), the system(s) can still be wildly different. For example, once LNG is made, are there any other processing steps? A Nitrogen Rejection Unit (NRU)? How far are the tanks from the ISBL area? The dock from the tanks? That changes pressure profile (how much to pump it from point A to B to C), temperature profile, and boil-off gas (BOG) rates. Which affects the BOG compressors (and power and utilities). And those rates specify the line size, the material selection, civil works, structural steel and other stuff.

And riding on all of that? Where the site is. How I built civil and structural steel depends on building it in Alaska vs. LA vs. ME vs. Canada.

Long story short: you can speed up some of the initial 'guessing' of how stuff is start, project wise, but the details and calculations will still be wildly dependent on actual project details.

And predicting plant performance is something that Process Controls has been trying to work for since I first heard about it at A&M (and before then). And I'm one of the 'mid-career' guys. I know older ones have heard from other companies that there are groups wanting to predict either plant productions (see refining with different crude oil) or how to predict equipment failure/maintenance.

~egon

My experience is that AI fails pretty basic engineering problems.

In the next month or two I'd like to test the more premium models, but using it to write code with Cursor I have not been impressed with its reasoning.

When I know exactly what I want to do, great, it writes faster than I can type… but if I have any kind of prompt where it would need logic, it has too many errors in both assumptions and equations. Even citing sources and papers it writes the equations wrong from those sources. Leaves terms off, or applies them incorrectly.

How did I miss the ruling where saying "AI" allows you to violate every trademark, copyright, and patent in existence without compensation to owners of that intellectual property?

For internal use software, none of that matters. All of those are designed to protect commercial interests. Anyone can theoretically build a UI and workflow on top of an open source database for use within a company with no issues at all. Building a homegrown tool to use in lieu of commercial software isn't infringement.