POWER SYSTEM SECURITY
By power system security, we understand a qualified absence of risk of
disruption of continued system operation. Security may be defined from a
control point of view as the probability of the system's operating point remaining
in a viable state space, given the probabilities of changes in the system
(contingencies) and its environment (weather, customer demands, etc.).
Security can be defined in terms of how it is monitored or measured, as the
ability of a system to withstand without serious consequences any one of a preselected
list of “credible” disturbances (“contingencies”). Conversely,
insecurity at any point in time can be defined as the level of risk of disruption of
a system's continued operation.
Power systems are interconnected for improved economy and
availability of supplies across extensive areas. Small individual systems would
be individually more at risk, but widespread disruptions would not be possible.
On the other hand, interconnections make widespread disruptions possible.Operation of interconnected power systems demands nearly precise
synchronism in the rotational speed of many thousands of large interconnected
generating units, even as they are controlled to continuously follow significant
changes in customer demand. There is considerable rotational energy involved,
and the result of any cascading loss of synchronism among major system
elements or subsystems can be disastrous. Regardless of changes in system load
or sudden disconnection of equipment from the system, synchronized operation
requires proper functioning of machine governors, and that operating conditions
of all equipment remain within physical capabilities.
The risk of cascading outages still exists, despite improvements made
since the 1965 northeast blackout in the United States. Many factors increase
the risks involved in interconnected system operation:
• Wide swings in the costs of fuels result in significant changes in
the geographic patterns of generation relative to load. This leads to
transmission of electric energy over longer distances in patterns
other than those for which the transmission networks had been
originally designed.
• Rising costs due to inflation and increasing environmental
concerns constrain any relief through further transmission
construction. Thus, transmission, as well as generation, must be
operated closer to design limits, with smaller safety (security)
margins.
• Relaxation of energy regulation to permit sales of electric energy
by independent power producers, together with increasing pressure
for essentially uncontrolled access to the bulk power transmission
network.
disruption of continued system operation. Security may be defined from a
control point of view as the probability of the system's operating point remaining
in a viable state space, given the probabilities of changes in the system
(contingencies) and its environment (weather, customer demands, etc.).
Security can be defined in terms of how it is monitored or measured, as the
ability of a system to withstand without serious consequences any one of a preselected
list of “credible” disturbances (“contingencies”). Conversely,
insecurity at any point in time can be defined as the level of risk of disruption of
a system's continued operation.
Power systems are interconnected for improved economy and
availability of supplies across extensive areas. Small individual systems would
be individually more at risk, but widespread disruptions would not be possible.
On the other hand, interconnections make widespread disruptions possible.Operation of interconnected power systems demands nearly precise
synchronism in the rotational speed of many thousands of large interconnected
generating units, even as they are controlled to continuously follow significant
changes in customer demand. There is considerable rotational energy involved,
and the result of any cascading loss of synchronism among major system
elements or subsystems can be disastrous. Regardless of changes in system load
or sudden disconnection of equipment from the system, synchronized operation
requires proper functioning of machine governors, and that operating conditions
of all equipment remain within physical capabilities.
The risk of cascading outages still exists, despite improvements made
since the 1965 northeast blackout in the United States. Many factors increase
the risks involved in interconnected system operation:
• Wide swings in the costs of fuels result in significant changes in
the geographic patterns of generation relative to load. This leads to
transmission of electric energy over longer distances in patterns
other than those for which the transmission networks had been
originally designed.
• Rising costs due to inflation and increasing environmental
concerns constrain any relief through further transmission
construction. Thus, transmission, as well as generation, must be
operated closer to design limits, with smaller safety (security)
margins.
• Relaxation of energy regulation to permit sales of electric energy
by independent power producers, together with increasing pressure
for essentially uncontrolled access to the bulk power transmission
network.
Development of the Concept of Security
Prior to the 1965 Northeast blackout, system security was part of
reliability assured at the system planning stage by providing a strong system that
could ride out any “credible” disturbances without serious disruption. It is no
longer economically feasible to design systems to this standard. At that time,
power system operators made sure that sufficient spinning reserve was on line to
cover unexpected load increases or potential loss of generation and to examine
the impact of removing a line or other apparatus for maintenance. Whenever
possible, the operator attempted to maintain a desirable voltage profile by
balancing VARs in the system.
Security monitoring is perceived as that of monitoring, through
contingency analysis, the conditional transition of the system into an emergency
state.
reliability assured at the system planning stage by providing a strong system that
could ride out any “credible” disturbances without serious disruption. It is no
longer economically feasible to design systems to this standard. At that time,
power system operators made sure that sufficient spinning reserve was on line to
cover unexpected load increases or potential loss of generation and to examine
the impact of removing a line or other apparatus for maintenance. Whenever
possible, the operator attempted to maintain a desirable voltage profile by
balancing VARs in the system.
Security monitoring is perceived as that of monitoring, through
contingency analysis, the conditional transition of the system into an emergency
state.
Two Perspectives of Security Assessment
There is a need to clarify the roles of security assessment in theplanning and real-time operation environments. The possible ambiguity is the
result of the shift of focus from that of system robustness designed at the
planning stage as part of reliability, to that of risk avoidance that is a matter
operators must deal with in real time. The planner is removed from the timevarying
real world environment within which the system will ultimately
function. The term “security” within a planning context refers to those aspects
of reliability analysis that deal with the ability of the system, as it is expected to
be constituted at some future time, to withstand unexpected losses of certain
system components. Reliability has frequently been considered to consist of
adequacy and security. Adequacy is the ability to supply energy to satisfy load
demand. Security is the ability to withstand sudden disturbances. This
perspective overlooks the fact that the most reliable system will ultimately
experience periods of severe insecurity from the operator’s perspective. System
operations is concerned with security as it is constituted at the moment, with a
miscellaneous variety of elements out for maintenance, repair, etc., and exposed
to environmental conditions that may be very different from the normal
conditions considered in system planning. In operations, systems nearly always
have less than their full complement of equipment in service. As a result, an
operator must often improvise to improve security in ways that are outside the
horizon of planners.
result of the shift of focus from that of system robustness designed at the
planning stage as part of reliability, to that of risk avoidance that is a matter
operators must deal with in real time. The planner is removed from the timevarying
real world environment within which the system will ultimately
function. The term “security” within a planning context refers to those aspects
of reliability analysis that deal with the ability of the system, as it is expected to
be constituted at some future time, to withstand unexpected losses of certain
system components. Reliability has frequently been considered to consist of
adequacy and security. Adequacy is the ability to supply energy to satisfy load
demand. Security is the ability to withstand sudden disturbances. This
perspective overlooks the fact that the most reliable system will ultimately
experience periods of severe insecurity from the operator’s perspective. System
operations is concerned with security as it is constituted at the moment, with a
miscellaneous variety of elements out for maintenance, repair, etc., and exposed
to environmental conditions that may be very different from the normal
conditions considered in system planning. In operations, systems nearly always
have less than their full complement of equipment in service. As a result, an
operator must often improvise to improve security in ways that are outside the
horizon of planners.
Security Assessment Defined
Security assessment involves using available data to estimate the
relative security level of the system currently or at some near-term future state.
Approaches to security assessment are classified as either direct or indirect.
• The direct approach: This approach evaluates the likelihood of
the system operating point entering the emergency state. It
calculates the probability that the power System State will move
from normal state to emergency state, conditioned on its current
state, projected load variations, and ambient conditions. It is
common practice to assess security by analyzing a fixed set of
contingencies. The system is declared as insecure if any member
of the set would result in transition to the emergency state. This is
a limiting form of direct assessment, since it implies a probability
of one of the system's being in the emergency state conditioned on
the occurrence of any of the defined contingencies.
• The indirect approach: Here a number of reserve margins are
tracked relative to predetermined levels deemed adequate to
maintain system robustness vis-a-vis pre-selected potential
disturbances. An indirect method of security assessment defines a
set of system “security” variables that should be maintained with
predefined limits to provide adequate reserve margins.
Appropriate variables might include, MW reserves, equipment
emergency ratings (line, transformer, etc.), or VAR reserves within
defined regions. The reserve margins to be maintained for each of
the security variables could be determined by offline studies for anappropriate number of conditions with due consideration to the
degree to which random events can change the security level of a
system in real time. Security assessment then would consist of
tracking all such reserve margins relative to system conditions.
For a number of years, security concerns dealt with potential postcontingency
line overloads and because line MW loading can be studied
effectively by means of a linear system network model, it was possible to study
the effects of contingencies using linear participation or distribution factors.
Once derived for a given system configuration, they could be applied without
further power flow analysis to determine post-contingency line loading even, by
superposition, for multiple contingencies. Such a computationally simple
method of analysis made on-line contingency assessment practicable for
“thermal security,” where reactive flows were not of concern.
More recently, post-contingency voltage behavior has become a
prominent element in security assessment. Assessment of “voltage security” is a
complex process because the behavior of a system undergoing voltage collapse
cannot be completely explained on the basis of static analysis alone.
relative security level of the system currently or at some near-term future state.
Approaches to security assessment are classified as either direct or indirect.
• The direct approach: This approach evaluates the likelihood of
the system operating point entering the emergency state. It
calculates the probability that the power System State will move
from normal state to emergency state, conditioned on its current
state, projected load variations, and ambient conditions. It is
common practice to assess security by analyzing a fixed set of
contingencies. The system is declared as insecure if any member
of the set would result in transition to the emergency state. This is
a limiting form of direct assessment, since it implies a probability
of one of the system's being in the emergency state conditioned on
the occurrence of any of the defined contingencies.
• The indirect approach: Here a number of reserve margins are
tracked relative to predetermined levels deemed adequate to
maintain system robustness vis-a-vis pre-selected potential
disturbances. An indirect method of security assessment defines a
set of system “security” variables that should be maintained with
predefined limits to provide adequate reserve margins.
Appropriate variables might include, MW reserves, equipment
emergency ratings (line, transformer, etc.), or VAR reserves within
defined regions. The reserve margins to be maintained for each of
the security variables could be determined by offline studies for anappropriate number of conditions with due consideration to the
degree to which random events can change the security level of a
system in real time. Security assessment then would consist of
tracking all such reserve margins relative to system conditions.
For a number of years, security concerns dealt with potential postcontingency
line overloads and because line MW loading can be studied
effectively by means of a linear system network model, it was possible to study
the effects of contingencies using linear participation or distribution factors.
Once derived for a given system configuration, they could be applied without
further power flow analysis to determine post-contingency line loading even, by
superposition, for multiple contingencies. Such a computationally simple
method of analysis made on-line contingency assessment practicable for
“thermal security,” where reactive flows were not of concern.
More recently, post-contingency voltage behavior has become a
prominent element in security assessment. Assessment of “voltage security” is a
complex process because the behavior of a system undergoing voltage collapse
cannot be completely explained on the basis of static analysis alone.
Implications of Security
The trend towards reducing the costs associated with robust systems
has lead to heightened requirements of active security control. This necessitates
an increase in the responsibilities of the system operator. Accordingly, it
requires operator training and the development and provision of tools that will
enable the operator to function effectively in the new environment.
has lead to heightened requirements of active security control. This necessitates
an increase in the responsibilities of the system operator. Accordingly, it
requires operator training and the development and provision of tools that will
enable the operator to function effectively in the new environment.
Security Analysis
On-line security analysis and control involve the following three
ingredients:
• Monitoring
• Assessment
• Control
The following framework relates the three modules:
Step 1. Security Monitoring: Identify whether the system is in the
normal state or not using real-time system measurements. If the system
is in an emergency state, go to step 4. If load has been lost, go to step
5.
Step 2. Security Assessment: If the system is in the normal state,
determine whether the system is secure or insecure with respect to a set
of next contingencies.
ingredients:
• Monitoring
• Assessment
• Control
The following framework relates the three modules:
Step 1. Security Monitoring: Identify whether the system is in the
normal state or not using real-time system measurements. If the system
is in an emergency state, go to step 4. If load has been lost, go to step
5.
Step 2. Security Assessment: If the system is in the normal state,
determine whether the system is secure or insecure with respect to a set
of next contingencies.
Step 3. Security Enhancement: If insecure, i.e., there is at least one
contingency, which can cause an emergency, determine what action to
take to make the system secure through preventive actions.
Step 4. Emergency Control (remedial action): Perform proper
corrective action to bring the system back to the normal state following
a contingency, which causes the system to enter an emergency state.
Step 5. Restorative Control: Restore service to system loads.
Security analysis and control have been implemented in modem energy
contingency, which can cause an emergency, determine what action to
take to make the system secure through preventive actions.
Step 4. Emergency Control (remedial action): Perform proper
corrective action to bring the system back to the normal state following
a contingency, which causes the system to enter an emergency state.
Step 5. Restorative Control: Restore service to system loads.
Security analysis and control have been implemented in modem energy
0 comments:
Post a Comment