Fleet Fueling Management System for a Top-5 U.S. Metro: Case Study

Last updated: April 2026
PCG built and deployed a custom fueling management platform for one of the five largest municipal fleets in the United States. The system now tracks 130,000+ fueling transactions per quarter across 65 sites and 21,000 equipment units. Transaction speed improved 300%. Cellular data costs dropped 80%. Fuel theft was effectively eliminated. The system has run at 99.5% uptime since deployment.
21,000+ Fleet equipment units tracked
130K+ Fueling transactions per quarter
65 Fueling sites across 50+ city departments
99.5% System uptime since deployment

❓ What was breaking in the city's fueling operation before this project?

The city was running a legacy fueling system that had accumulated years of unindexed transaction data. At the scale of 130,000 fueling events per quarter, that accumulation made the system progressively slower until daily delays became routine. Terminals timed out. Transactions failed to log accurately. Fuel dispensed did not always match what the database recorded, which created billing discrepancies and exposed the city to audit risk.

The underlying security architecture compounded the problem. Every time a vehicle was added, a fuel allowance changed, or a site was edited, the system retransmitted the entire vehicle whitelist to all sites. Unencrypted. In full. Across cellular connections. Data costs were high, the sync traffic was redundant, and the exposure was real. There was no dashboard showing tank levels or system health across the network. Each site operated in isolation.

Transaction Failures Inaccurate fuel logging led to billing discrepancies and created audit exposure across 50+ departments.
System Crashes Unindexed historical data caused daily slowdowns and outages that disrupted first responders and public works.
Security Gaps Full vehicle whitelists transmitted unencrypted with every data change. No authentication hardening at the terminal level.
No Visibility No centralized dashboard for tank levels, site health, or fuel usage. Every site was an island with manual Veeder Root data retrieval.

For a fleet this size, these were not inconveniences. Emergency responders, sanitation crews, and transportation vehicles all depend on fueling access around the clock. A system that crashes or loses transaction data is a liability problem, not just an IT problem.

🛠️ What did PCG actually build, and how does it work?

PCG engineered the platform in .NET Core from the ground up. The architecture handles three things simultaneously: ruggedized hardware integration at each pump, encrypted real-time communication between sites and the central server, and a centralized dashboard that shows the entire operation at once. Each layer was designed so that a failure in any one does not take down the others.

1
Custom fueling controller hardware

PCG built RFID vehicle identification directly into the terminal, with manual scan keys for backup authentication. Coil ring sensors verify nozzle engagement before dispensing can occur. The hardware is weather-resistant and designed for 24/7 outdoor use at unmanned fueling stations.

2
Proprietary compression-encryption protocol

Standard AES-256 encryption increases payload size. PCG developed a dual-layer protocol that compresses and encrypts simultaneously, reducing payload sizes by 50-60% before transmission. The city's cellular data costs dropped 80% as a direct result. This was not an off-the-shelf approach. It required custom engineering specifically for this problem.

3
Delta-based synchronization

The old system retransmitted the entire vehicle whitelist on every change. PCG replaced that with delta sync: only what changed gets transmitted, compressed, and encrypted. A single vehicle update no longer triggers a citywide data event.

4
Standalone localized mode with offline queuing

Each site can operate independently if the network goes down. Transactions queue locally and sync automatically when connectivity restores. No fueling operations lost. No manual reconciliation required afterward.

5
Role-based access and live monitoring

Access is controlled by department, user, vehicle, and site. The central dashboard shows real-time tank levels via Veeder Root integration, live system health, and fueling activity across all 65 locations. What previously required manual site visits to check is now visible from a single screen.

What we learned on this project

The data cost problem was not primarily a network problem. It was a protocol design problem. The city was paying cellular rates on redundant full-whitelist transmissions that could have been eliminated with delta sync from the start. Security and efficiency are usually treated as trade-offs. On this project, the compression-encryption layer made both better at the same time.

Fleet fueling systems fail quietly before they fail visibly. Transaction logging errors accumulate in the background for months before an audit surfaces them. The diagnostic work at the start of this engagement found data discrepancies that predated the visible crash symptoms by over a year.

🚀 What changed after the new system went live?

The most immediate change was operational stability. A system that had been crashing daily ran at 99.5% uptime from deployment forward. The 300% improvement in transaction speed was measurable at the terminal level within the first week.

Outcome Result How it was achieved
System uptime 99.5% Standalone site mode, offline queuing, performance-optimized SQL
Transaction speed 300% faster Indexed SQL, optimized data flow, high-efficiency query architecture
Cellular data costs 80% reduction Proprietary compression-encryption + delta sync replaced full whitelist retransmission
Fuel theft and misuse Effectively eliminated RFID authentication, AES-256 encryption, real-time audit logs, per-vehicle fuel limits
Departmental billing accuracy 100% transaction attribution Every fueling event linked to department, vehicle, and user at point of transaction
Tank monitoring Real-time across all 65 sites Full Veeder Root integration replaced manual site-by-site retrieval

The financial impact extended beyond data cost reduction. Real-time audit logs with encrypted user validation eliminated the fuel theft and misuse that had been difficult to quantify under the old system. The city recovered the cost of the project in the first year through a combination of direct theft prevention and accurate departmental billing that replaced a system of estimated allocations.

💰 Financial and operational benefits

The performance numbers are the visible part. The financial impact runs deeper, across three areas that the old system had no way to measure or prevent.

Fuel theft prevention and cost recovery

Real-time auditing, encrypted user validation, and per-vehicle fuel limits eliminated theft and misuse that had been accumulating undetected. The city recovered hundreds of thousands of dollars annually once every transaction was tied to a verified user and vehicle at the moment of dispensing.

Accurate departmental billing

Every fueling event is now attributed to the correct department, vehicle, and user at the point of transaction. The estimated allocations that had generated billing disputes across 50+ city departments were replaced with usage-based records that hold up to audit review without reconciliation work.

Fleet efficiency and performance data

Fuel consumption patterns surfaced vehicles consuming significantly more than their fleet class average. That data fed directly into maintenance scheduling and replacement planning, reducing the time between a performance problem appearing and a decision being made about it.

Cellular data cost reduction

The proprietary compression-encryption protocol cut cellular transmission costs by 80%. For a 65-site operation running continuous sync across a cellular network, that reduction is a recurring annual saving, not a one-time gain. The protocol paid for its own development cost within the first operating year.

💡 Does this apply if your fleet is smaller than a top-5 metro operation?

The architecture scales down as well as up. A municipal fleet running 500 vehicles across 8 sites faces the same core problems: authentication gaps, inaccurate transaction logging, data that is difficult to audit, and hardware that fails in outdoor environments. The engineering decisions on this project, particularly the standalone site mode and the delta sync model, are directly applicable to operations an order of magnitude smaller.

What makes this project transferable is not the scale. It is the problem class. Any operation where fuel is dispensed without real-time verification and logging is carrying risk that accumulates invisibly until an audit, an investigation, or a budget review forces the question. By that point, years of discrepancies are on the table.

PCG has built fueling systems for municipal operators since before most of the platforms now marketed as fleet management solutions existed. The work documented here is not a proof of concept. It is a production system managing one of the largest municipal fleets in the country, running continuously since deployment.

🔍 Technology stack

ComponentTechnology
FrontendASP.NET Razor, Bootstrap
Backend.NET Core, Entity Framework, LINQ
APIsRESTful JSON APIs, JWT authentication, HTTPS
SecurityAES-256 encryption, client certificates, RBAC
NetworkingEncrypted TCP socket services, proprietary compression-encryption protocol
DatabaseSQL Server with partitioning, replication, and indexing
HardwareRFID boards, manual scan keys, coil ring sensors
HostingOn-premise Windows Server cluster with redundancy

Frequently asked questions about custom fleet fueling software

Yes. PCG has integrated with existing fueling hardware including RFID readers, tank monitors, and dispensing equipment from multiple vendors. The approach depends on what communication protocols the existing hardware supports. In most cases, the software layer is rebuilt entirely while the physical hardware at pump sites stays in place. We document the hardware inventory during the diagnostic phase before any development begins.
The transition is staged by site. Sites go live on the new system one group at a time while the rest of the fleet continues on the legacy system. The standalone localized mode built into the architecture means each site operates independently during cutover, so a network issue at one site does not affect others. For mission-critical fleets with first responder vehicles, we schedule cutover windows during lower-volume periods and maintain a rollback path until the new system has 30 days of stable operation.
Project cost depends on fleet size, number of fueling sites, hardware requirements, and the complexity of reporting and access control needed. The starting point is a free 30-minute consultation where PCG reviews your current setup and gives you a realistic picture of what a project involves before any commitment is made. From there, if the scope warrants it, a diagnostic engagement produces a fixed-price proposal with no surprises after work begins.
Prevention is built into the authentication layer. RFID vehicle identification and encrypted user credentials mean every dispensing event is tied to a verified vehicle and a verified user before fuel flows. Per-vehicle fuel limits stop overdraws. The audit trail captures every transaction with a timestamp, user ID, vehicle ID, site ID, and exact volume dispensed. Discrepancies that previously accumulated undetected for months surface within hours on the new system. On this project, the city recovered the project cost in the first operating year through theft prevention and billing corrections alone.
Each site runs in standalone mode with its own local authentication and transaction queue. Fueling continues normally. Transactions log locally and sync automatically to the central server when connectivity restores. No manual reconciliation is required. For a fleet that includes emergency responders, this was a non-negotiable requirement. A network outage at one site cannot stop first responders from fueling.
Clients own the source code. Full ownership transfers at project completion, with documentation. PCG offers monthly support retainers for hosting, maintenance, and minor modifications. Most issues on PCG-built systems are resolved within hours, not days. If the system ever needs changes after deployment, the client is not dependent on a vendor who controls the code.
Smaller fleet operations with fewer sites and standard hardware typically complete in weeks, not months. Larger municipal-scale deployments with custom hardware integration and multi-site architecture take longer depending on the number of sites and the complexity of the existing systems being replaced. The diagnostic engagement comes first and produces a detailed scope document. Development does not begin until scope and timeline are agreed in writing.
About the engineer behind this project Allison Woolbert, Principal, Phoenix Consultants Group

Allison has been building custom software since the early 1980s, including work as a data analyst for the U.S. Air Force before founding PCG in 1995. The fleet fueling work documented here is one of more than 500 custom applications PCG has delivered across municipal operations, industrial safety, healthcare staffing, and environmental compliance. Her direct involvement in every project is not a policy. It is how PCG operates. When you call, she answers.

Running fleet operations on software that was not built for your specific workflow? PCG has built fueling systems for municipal operators since 1995. The diagnostic engagement takes two to three hours and produces a written scope before any development commitment.
Talk to PCG

All performance metrics cited in this case study are drawn from PCG's internal project documentation for this engagement.

PCG founded 1995. Allison Woolbert's personal experience in software development predates PCG's founding.