DYNAMIC SECURITY ANALYSIS
security as “the prevention of cascading outages when the bulk power supply is
subjected to severe disturbances.” To assure that cascading outages will not
take place, the power system is planned and operated such that the following
conditions are met at all times in the bulk power supply:
• No equipment or transmission circuits are overloaded;
• No buses are outside the permissible voltage limits (usually within
+5 percent of nominal); and
• When any of a specified set of disturbances occurs, acceptable
steady-state conditions will result following the transient (i.e.,
instability will not occur).
Security analysis is carried out to ensure that these conditions are met.
The first two require only steady-state analysis; but the third requires transient
analysis (e.g., using a transient stability application). It has also been recognized
that some of the voltage instability phenomena are dynamic in nature, and
require new analysis tools.Generally, security analysis is concerned with the system's response to
disturbances. In steady-state analysis the transition to a new operating condition
is assumed to have taken place, and the analysis ascertains that operating
constraints are met in this condition (thermal, voltage, etc.). In dynamic security
analysis the transition itself is of interest, i.e., the analysis checks that the
transition will lead to an acceptable operating condition. Examples of possible
concern include loss of synchronism by some generators, transient voltage at a
key bus (e.g., a sensitive load) failing below a certain level and operation of an
out-of-step relay resulting in the opening of a heavily loaded tie-line.
The computational capability of some control centers may limit
security analysis to steady state calculations. The post-contingency steady-state
conditions are computed and limit checked for flow or voltage violations. The
dynamics of the system may then be ignored and whether the post-contingency
state was reached without losing synchronism in any part of the system remains
unknown. As a result, instead of considering actual disturbances, the
contingencies are defined in terms of outages of equipment and steady-state
analysis is done for these outages. This assumes that the disturbance did not
cause any instability and that simple protective relaying caused the outage.
Normally, any loss of synchronism will cause additional outages thus making
the present steady-state analysis of the post-contingency condition inadequate
for unstable cases. It is clear that dynamic analysis is needed.
In practice, we define a list of equipment losses for static analysis.
Such a list usually consists of all single outages and a careful choice of multiple
outages. Ideally, the outages should be chosen according to their probability of
occurrence but these probabilities are usually not known. In some instance the
available probabilities are so small that comparisons are usually meaningless.
The choice of single outages is reasonable because they are likely to occur more
often than multiple ones. Including some multiple outages is needed because
certain outages are likely to occur together because of proximity (e.g., double
lines on the same tower) or because of protection schemes (e.g., a generator may
be relayed out when a line is on outage). The size of this list is usually several
hundred and can be a couple of thousand.
For dynamic security analysis, contingencies are considered in terms of
the total disturbance. All faults can be represented as three phase faults, with or
without impedances, and the list of contingencies is a list of locations where this
can take place. This is a different way of looking at contingencies where the
post-contingency outages are determined by the dynamics of the system
including the protection system. Obviously, if all possible locations are
considered, this list can be very large.
In steady-state security analysis, it is not necessary to treat all of the
hundreds of outages cases using power flow calculations, because the operator is
interested in worst possibilities rather than all possibilities. It is practical to use
some approximate but faster calculations to filter out these worst outages, which
can then be analyzed by a power flow. This screening of several hundredoutages to find the few tens of the worst ones has been the major breakthrough
that made steady state security analysis feasible. Generally, this contingency
screening is done for the very large list of single outages while the multiple
outages are generally included in the short list for full power flow analysis.
Currently, the trend is to use several different filters (voltage filter versus line
overload filter) for contingency screening. It is also necessary to develop fast
filtering schemes for dynamic security analysis to find the few tens of worst
disturbances for which detailed dynamic analysis will have to be done. The
filters are substantially different from those used for static security.
From a dispatcher’s point of view, static and dynamic security analyses
are closely related. The worst disturbances and their effects on the system are to
be examined. The effects considered include the resulting outages and the limit
violations in the post-contingency condition. In addition, it would be useful to
know the mechanism that caused the outages, whether they were due to distance
relay settings or loss of synchronism or other reasons. This latter information is
particularly useful for preventive action.
The stability mechanism that causes the outages is referred to as the
“mode of disturbance.” A number of modes exist. A single generating unit may
go out of synchronism on the first swing (cycle). A single unit may lose
synchronism after several cycles, up to a few seconds. Relays may operate to
cause transmission line outages. Finally, periodic oscillations may occur
between large areas of load and/or generation. These oscillations may continue
undamped to a point of loss of synchronism. All of these types of events are
called modes of disturbances.
Motivation for Dynamic Security Analysis
(and credible) conditions and scenarios; analysis is then performed on all of
them to determine the security limits for these conditions. The results are given
to the operating personnel in the form of “operating guides,” establishing the
“safe” regimes of operation. The key power system parameter or quantity is
monitored (in real time) and compared with the available (usually precomputed)
limit. If the monitored quantity is outside the limit, the situation is
alerted or flagged for some corrective action.
Recent trends in operating power systems close to their security limits
(thermal, voltage and stability) have added greatly to the burden on transmission
facilities and increased the reliance on control. Simultaneously, they have
increased the need for on-line dynamic security analysis.
For on-line dynamic security analysis, what is given is a base case
steady-state solution (the real time conditions as obtained from the state
estimator and external model computation, or a study case as set up by the
operator) and a list of fault locations. The effects of these faults have to be
determined and, specifically, the expected outages have to be identified.Examining the dynamic behavior of the system can do this. Some form of fast
approximate screening is required such that the few tens of worst disturbances
can be determined quickly.
Traditionally, for off-line studies, a transient stability program is used
to examine the dynamic behavior. This program, in the very least, models the
dynamic behavior of the machines together with their interconnection through
the electrical network. Most production grade programs have elaborate models
for the machines and their controls together with dynamic models of other
components like loads, dc lines, static VAR compensators, etc. These models
are simulated in time using some integration algorithm and the dynamic
behavior of the system can be studied. If instability (loss of synchronism) is
detected, the exact mode of instability (the separation boundary) can be
identified. Many programs have relay models that can also pinpoint the outages
caused by relay operation due to the dynamic behavior.
To perform the analysis in on-line mode the time required for the
computation is a crucial consideration. That is, the analysis itself by a pure time
domain simulation is known to be feasible but whether this analysis can be
completed within the time frame needed in the control center environment is the
real challenge. The time taken for time domain analysis of power system
dynamics depends on many factors. The most obvious one is the length of
simulation or the time period for which the simulation needs to be done so that
all the significant effects of the disturbance can be captured. Other factors
include the size of the power system, and the size and type of the models used.
Additional factors like the severity of the disturbance and the solution algorithm
used also effects the computation time.
Determining the vulnerability of the present system conditions to
disturbances does not complete the picture because the solution to any existing
problems must also be found. Quite often the post-contingency overloads and
out-of limit voltage conditions are such that they can be corrected after the
occurrence of the fault. Sometimes, and especially for unstable faults, the postcontingency
condition is not at all desirable and preventive remedial action is
needed. This usually means finding new limits for operating conditions or
arming of special protective devices. Although remedial action is considered, as
a separate function from security analysis, operators of stability limited systems
need both.
Approaches to DSA
problem have been studied. To date, engineers perform a large number of
studies off-line to establish operating guidelines, modified by judgement and
experience. Conventional wisdom has it that computer capability will continue
to make it more economically feasible to do on-line dynamic security
assessment, DSA, providing the appropriate methods are developed.The most obvious method for on-line DSA is to implement the off-line
time domain techniques on faster, more powerful and cheaper computers.
Equivalencing and localization techniques are ways to speed up the time domain
solutions. Also parallel and array processors show promise in accelerating
portions of the time domain solution.
Direct methods of transient stability, e.g., the transient energy function
method, have emerged with the potential of meeting some of the needs for DSA.
They offer the possibility of conducting stability studies in near real-time,
provide a qualitative judgement on stability, and they are suitable for use in
sensitivity assessments. The TEF methods are limited to first swing analysis.
An advantage, however, is that the TEF methods provide energy margins to
indicate the margin to instability.
Eigenvalue and related methods, and frequency response methods are
used as part of off-line studies, for example, using frequency response method to
design power system stabilizers, but are not currently thought of as part of an
on-line DSA. Probabilistic methods have the advantage of providing a measure
of the likelihood of a stability problem. Their application in dynamic security
assessment appears to be in the areas of contingency screening and in
quantifying the probability of the next state of the system.
Artificial intelligence techniques including computational neural
networks, fuzzy logic, and expert systems have proven to be appropriate
solutions to other power system operations problems, and there is speculation
that these technologies will play a major role in DSA.