FOR DYNA~IC SECURITY

ASSESSMEN~
Task Force 38.02.13
Convener: B. MEYER (France),
Secretary: G. NATIVEL (France)
Members :
B. MEYER (France)
M. BEISSLER (Germany)
A. O. EKWUE (United Kingdom)
M. EREMIA (Romania)
N. HATZIARGYRIOU (Greece)
I. A. HISKENS (Australia)
P. KUNDUR (Canada)
W, LEVY (South Africa)
R.J. MARCEAU (Canada)
N. MARTINS (Brazil)
M. MOLLER-REINKE (Germany)
M. MOKHTARI (USA)
T.T, NGUYEN (Australia)
M. PAVELLA (Belgium)
P. SCARPELUN| (Italy)
M. STUBBE (Belgium)
H. TAOKA (Japan)
L. Kr. VORMEDAL (Norway)
L. WEHENKEL (Belgium)
G. NATIVEL (France)
CONTENTS
CHAPTER 1 : INTRODUCTION
CHAPTER 2 : DEFINITION OF DYNAMIC SECURITY ASSESSMENT
2.1.
2.2.
2.4.
Formal definitions
Security assessment in system and operations planning
Dynamic security assessment
Dynamic security criteria
CHAPTER 3 : OVERVIEW OF CURRENT PRACTICES
3.1.
3.2.
3.3.
3.4.
3.5.
3.6.
The choice of degraded networks
Stability limit determination
Use of Critical Clearance Time determination
Security limit determination
Understanding the challenge of Dynamic Security Assessment
Feedback from questionnaire to electric utilities
CHAPTER 4 : GE1WERAL NEEDS AND REQUIREMENTS
4olo
4.2
4.3.
4.4.
sources
~.6.
~.9.
Kinds of information required by control operators
Needs of screening to identify "critical contingencies"
Needs concerning external networks and data exchange
Needs of isolated system with a large penetration from renewable power
Performance requirements
Modelling requirements
Triggering mechanisms
Data management (data requirements to iron a DSA)
User interface
CHAPTER 5 : ANALYTICAL TECHNIQUES FOR DSA
5.1.
Analytical techniques
5.2.
Intelligent systems
5.3.
DSA techniques vs criteria
CHAPTER 6 : THE USE OF PARALLEL PROCESSING
6.1. Introduction
6.2. Cluster architecture
6.2.1. Serial implementation
6.2. 2. Parallel implemenation
6.3. Parallel computer
CHAPTER 7 : CURRENT DSA EFFORTS AROUND THE WORLD
7.1.
7.2.
7.3.
7.4.
7.5.
7.6.
7.7.
Transient Stabili~ Control System at Chubu Electric Power Company
Hydro-Quebec DSA project
DSA at BC Hydro and Power~ech Labs Inc., Vancouver, CANADA
Electricit6 de France DSA project
University of BATH / The National Grid Company On-Line DSA facflRy
A first nucleus of DSA at ENEL
Project Joule II : JOU2-CT92-0053
CHAPTER 8 : TECHNICAL CHALLENGES AHEAD
8.2.
8.3.
8.4.
8.5.
8.6.
8.7.
8.8.
Necessary computing speed-ups
System size reduction
Probabitistic procedures
Preventive vs corrective controls
Validation procedure
Advanced interfaces for the operations environment
Limit search strategies and technologies
Security theory and erRefia
CHAPTER 9 : MEASbT~I~v~ENT-BASED ASSESSMENT
9.1. Motivation
9.2. Analytical techniques
CONCLUSION
REFERENCES
ANNEXE
-4-
CHAPTER
INTRODUCTION
Power system security can be defined as the art and science of the "survival" of power
systems. In order to ensure their survival, power systems are operated within certain power
transfer limits, commonly referred to as security limits. If such limits depend on steady state
feasibility or adequacy criteria, they are called steady-state or static security limits ; otherwise,
if such limits depend on transient or long-term stability criteria, these are referred to as
dynamic security limits [13A92].
For many utilities around the world, there is considerable pressure to increase power flows
over existing transmission corridors [WU93]. Though this need is partially met by existing
energy management system (EMS) technology which provides comprehensive on-line
security assessment based almost exclusively on steady-state analysis (i.e. steady-state or
static security) [ST87], the optimisation of security limits on many power systems now
frequently requires taking account of dynamic security assessment. Due to the important
constraint of determining dynamic security limits in a time-frame compatible with their use
on-line, this requirement has historically presented serious obstacles in terms of computer
hardware and soRware limitations. Indeed, this explains why dynamic sectu-ity analysis has
long remained an off-line activity, performed for small numbers of umbrella networks, even
though operations plamaers have long understood the combinatorial nature of off-line dynamic
security assessment and the consequent impossibility of optimising security limits for every
probable system topology [FO88b].
The need of a consistent data set absent of the standard EMS data bases, to perform dynamic
studies, is also a challenge. Furthermore, indicators obtained from such DSA facilities should
be concise and easily tmable by operators in control rooms.
The difficulty of gravitatirtg to the on-line environment has had considerable impact on the
evolution of the justifiably conservative philosophies, practices and criteria which today
characterise dynamic security assessment. These, in turn, affect the dayotooday operations of
power systems around fi~e world. However, thanks to the rapid evolution of computer
technology, not only in terms of raw hardware performance, but also in such areas as software
paradigms, human-machine interaction technologies, and massive networking of processors,
many formerly insurmountable constraints are on the threshold of being cast away.
Opportunities are now begir~ng to emerge, even though important challenges remain.
The most obvious opporamity, of course, is the perspective of rapid dynamic security
assessment in the on-line environment, with the attendant consequence that the security limits
of individual transmission corridors are determined for the system topology actually in the
field at any given time. Compared to the off-line methods presently employed by many
utilities, this in itself represents a form of optimisation. The existence of this capability has the
potential of transforming power system operations in a fiandamental way : such a capability
provides new degrees of freedom, enabling the system operator to adjust power flows far
-5-
more rapidly and confidently in response to changing system conditions. However, new
degrees of freedom bring new responsibilities " one must anticipate that strategic decisions
affecting the economic performance and reliability of power systems will be made in shorter
time frames and at lower management levels.
The present report therefore attempts to describe dynamic security assessment as it is
practised today, identify the emerging trends which will shape the future as well as their
impact on power system operations. The report thus establishes what needs to be done in
order to assist in this task.
-6-
CHAPTER 2
DEFINITIONS OF DYNAMIC SECUPATY ASSESSMENT
This chapter presents the concept of Dynamic Security Assessment. It is introduced starting from thaz basic
definitions of power system security (2. I) and extending them in the dynamic dimension.
2.1. For.._._.~mal definitions
Most authors credit Dy Liacco for laying down the theoretical foundations of power system
security in a series of reports and papers published in the late 1960s and 1970s [DY67],
[DY68], [DY74], [DY78]. He originally defined security in terms of satisfying a set of
equality constraints over a subset of the possible disturbances called the "next contingency
set" [DY68].
Several definitions for power system security have since been proposed. For example, the
North American Electric Reliability Council (NERC) which provides reliability and security
guidelines to all the utilities in North America defines security as "prevention of cascading
outages when the bulk power supply is subjected to severe disturbances" ~A92]. More
recently, a CtGRE working group [HU93] has proposed that "power system security is the
ability of the system to cope with incidents without the operator being compelled to suffer
uncontrolled loss of load" : this definition implicitly includes the currently accepted criteria
used to perform deterministic security analysis in practice.
Beyond the specific details of each and every particular definition, it must be recognized that
security is a fundamental objective of power system operation and design. Also, if power
system security is achieved, one intuitively understands that system reliability arises as a
consequence. In a broad sense, hidden behind specialized power-domain termh~ology, lie
different attempts to circumscribe the capability of power systems to "survivC unexpected
events [FO88b]. Because of the need for creativity in addition to detailed technical knowledge
in ensuring power system security, one should preferably define power system security as the
art and science of ensuring the "survival" of power systems. However, the specific tasks
related to this function differ according to whether the focus is system planning or operations
planning.
2.2. Seeur~~ssmenCm s~em and o erations lannin
The objective of security assessment is to design and operate networks which will stuwive
unforeseen events. At the planning stage, networks are generally designed to meet or exceed
previously specified overvoltage, stability and adequacy criteria. Stated in the simplest terms,
the system planner seeks to meet some secure transmission capacity subject to established
criteria, and ~ the variabl_e (see Fig. 2. l).
-7-
Netwo~
Topology
]
F_~ure 2.1
The system planning problem : the search takes
p|ace in the space of topo|ogies
This is a far-reaching statement" it implies that transmission ca---and criteria-
~endent. Of course, the process must also yield a network design which is "demonstrably
operate" [GA92], a term usually equated with design simplicity.
For security to be assured in the ~ environment, it follows that system operations must
be consistent with fretwork design philosophy and criteria ; the original design criteria must
apply to every degraded topology of the complete, original network. Inherent to this is the
concept that the ne~ork to olo chart es in time, not ordy due to urLforeseen events but also
due to regularly scheduled mak,~tenanee.
F~_j~re 2.2
The operations plannh~g problem : the search takes
p|ace in the space of transmission capacities
-8-
The operations plaoaaing problem differs fundamentally from that of system plarming in that
the degraded topologies and criteria (i.e. such as overvoltage) a_re known at any given time,
and transmission cadre constitutes the onl remainin- de ree of freedo.._~m (see Fig.
2.2). Consequently, the guidelines provided to the system operator are transmission capacities
for the many possible degraded topologies, or as power engineers would say, for increasingly
weakened networks.
The security limits provided to the system operator are power flow values which guarantee
that a given degraded topology is secure for every one of a list of likely contingencies,
including the worst. Individual transfer limits must be found for each likely contingency and
for each degraded topology, and the most restrictive limit, whether resulting from steady-state,
or transient or long-term (i.e. voltage) stability considerations, is the security limit. Generally,
the security limit is the most restrictive power transfer limit which identifies, in turn, the
"worst contingency". Security limits are usually compiled in the form topology-dependent
tables [DE84, FO91] though decision trees have also been proposed [WE89, WE94a].
2.3. _Dynamic securit~ assessment
When referring to transmission capacity limits obtained in relation to post-contingency
thermal, voltage power-flow feasibility or adequacy criteria, these are called steady-state
security limits. When referring to limits obtained in relation to transient or long-terra voltage
stability criteria, the resulting limits are termed dynamic security limits. The various problems
and methodologies which call upon the use of transient or long-term stability software for
determining either i) system stability, ii) security limits or security margin, or iii) performing
different types of sensitivity studies which will optimize security limits in terms of various
network parameters is termed dynamic security assessment (DSA).
The dynamic security of a power system is characterised by the robustness of its operating
condition in ten~s of security margins with respect to defined operating constraints. The
dynamic security has to be guaranteed in order to maintain the reliability and quality of
service provided to the customers, mainly consisting of continuity and constancy of voltage
and frequency. Dangerous events, such as faults, loss of transmission equipment, loss of
generation and sudden change of load, cause imbalances between the mechanical power
inputs and the electrical power outputs of the generators, with consequent electromeehardeal
transients and long term dynamics of the system. In a dynamically secure power system, the
transients due to such phenomena are of small amplitude and well damped with little impact
on the quality of service. In an insecure system, during system transient evolution, voltage
and/or frequency large deviations may occur with possible cascade line tripping, loss of loads
and/or generators, which can lead to major incidents.
The dynamic security assessment aims at establishing whether the power system is able to
maintain a security condition in case of inception of predefmed contingencies. Such analysis
has to cover all the dynamic phenomena with the goal of verifying that the transient from the
initial to the final steady-state doesnt cause system crisis.
-9-
2.4 _D.ynam~c Security_
The security concept is strictly connected to the type of considered contingencies, in the sense
that the system must be able to withstand at least credible contingencies ie. contingencies with
not too low probability of occurrence. More in general, the concept of security level has to be
included in the wider concept of reliability, defined as the degree to which the performance of
the system components gives lieu in electricity being delivered within prefixed standards in
terms of quality and continuity. Therefore, the security concept is connected to the severity of
the contingencies and to their occurrence probability.
Before introducing security criteria, reference has to be made to the concepts of secure,
insecure, emergency and blackout state.
One cart say that the system is in secure or normal state if, following any credible
contingency, all loadings are within the continuous capabilities of system components, with
voltage and frequency within prefixed operational limits and overall demand supplied ; in
alert or insecure state if the system is in acceptable steady-state but there is at least one
credible contingency able to get the system to enter.the emergency state ; in emergency state
when loading, voltage or frequency unacceptable conditions exist or the demand has been
even partially lost or the system is split or some facilities have been lost.
Criteria for security assessment can be of various types - empirical, probabilistie, economic ;
such as"
i) The system robustness, mainly in terms of this ability to avoid topological changes in
the presence of classical (credible) disturbances.
2) The severity of the considered contingency, in terms of the type of the excited dynamic
phenomenon or in terms of its influence on the network structure or the acceptability (more ha
general the quality) of the final steady-state or the activation of special protection schemes
and/or defence plans.
3) The probability associated to the contingency.
4) The system vulnerability, defined as (I) system sensitivity with respect to one or more
operating parameters, (2) the security tor contingencies following the first one, (3) the
dil~culty of the restoration phase in ease of load disconnection or system breakdown.
Once assigned security criteria, the objective of DSA is to answer the following questions for
each postulated contingency, assuming that the precontingency steady-state of the system is
known-
. Are there any topological changes, following the contingency ?
This can be answered affirmatively if (a) the system is unstable and (b) the system
dynamic beha,Aour is such as to initiate the operation of protective devices which can result in
system configuration changes. In such cases lake final system state is an emergency state ; the
system is insecure and a second verification has to be carried out on the consequences of
topological modifications in order to deten~ine the final system conditions. The following
questions have to be answered. Is a steady-state reachable ? In such a case, what are the
system characteristics ? Acceptability of the steady-state condition may depend on the amom~t
of load and/or generation rejected at the end of the topological changes following the
inception of the contingency.
In case of topological configuration of the system maintained indefinitely or at least
over a prespecified time period, foIlowing the contingency, is the steady-state condition
acceptable ?
Assuming that the system has no human interaction from the instant of the inception of the
contingency to the instant of reaching the steady state, it has to be verified whether the state of
the system is secure or not secure, that is all the system components are close to their
precontingency values and anyway within their operating limits or some action has to be
executed to restore secure steady-state conditions.
/
,
The answers to the two previous questions imply different levels of security in accordance
with the final state reached by the system at the end of the possible transients deriving from
the first contingency.
In an alternative but equivalent way of defining system security indexes, it is possible to
search for combinations of contingencies able to determine system crisis conditions or
component operating limits violations. The selection of a set of combined contk,~gencies may
be based on the concept of "weak cutsets", or more severe contingencies than the usual
"credible contingencies" can be assumed, taking into account a sequence of outages or
considering individual more critical, but less probable, contingencies.
CHAPTER 3
OVERVIEW OF CURRENT PRACTICES
This chapter presents some main features of DSA as it is practiced today. Some important
concepts as the degraded network (3.1), the stability (3.2) and security (3.3) limits, the
critical clerance time (3.4) are introduced Also a summary of the responses to the
questionnaire to electric utilities is given in 3.6.
3.1. Thechoi~raded networks
One main difficulty for DSA is the choice of the initial operating conditions for the
simulations and thus, the preparation of the study file. It is necessary to integrate all the
existing -knowledge about the targeted operating conditions. If a good knowledge exists, it is
possible to consider a relatively small number of initiai conditions sets. It is also possible to
consider only one initial conditions set, but in this case it must take into account the most
constraining conditions for the stability. When the future operating conditions are not well
k~-aown, it is necessary to consider a large number of initial conditions sets.
Considering a small number of initial conditions sets
The initial conditions set is ideally obtained from a snapshot giving the state of the network at
a certain moment (i.e. topology, modules and phases of the voltages, active and reactive
powerflows). The snapshot can hhen be modified to take into account foreseen operating
conditions. Also different hypothesis can be applied, which are generally in disfavour with the
stability of the system. For example, generators outputs are raised to their maximums or to
their limits and, the voltage / reactive plan is put into its most constraining situation of the last
periods. This approach is convenient for short term operation studies.
Figure 3.1
The logic of dynamic security ana|ys~ in operations planning
-12-
Considering a large number of initial conditions sets
This approach is convenient for middle or long term operation studies. Dynamic security
assessment processes are typically applied to a network as illustrated as in Fig. 3.1. Given a
starting network topology, the base network Nb, the operations planner first selects a set of
probable degraded networks, Nd
i.
Each Nd
i
consists of the base network after the loss of an
EHV line section, a complete EHV line or a combination of line sections or lines in adjacent
transmission corridors. For each Nd
i
network, the plarmer assun~es unavailability of
combinations of voltage support components (SVCs, synchronous condensers or shunt
reactors) or of tie-lines between corridors ; this gives the Ndij networks. The Ndij networks are
those simulated for each of a set of normal contingencies C
k
: transient and long-term transfer
limits are obtained for each combination of Ndij and C
k
and dynamic security limits are
derived from these results. The studies which follow are therefore pararneterized in terms of
the unavailability of some subset of facilities. For each case, safe conditions are tabulated in
separate tables and, during on-line operation, a given network configuration is used as a key to
find and access the most applicable table [AV91]. The on-line use of these tables consists of
finding a previously studied network that is closest in terms of configuration and loading, and
secure operation of the network is ensured provided that system operators maintain power
transfers within these limits.
3.2.
Transient and long-term voltage stability limit determination is the key to this approach,
Typical examples are the stability transfer limit on a corridor and the active or reactive power
generation limits of some critical power stations. Finding such limits is a complex, iterative
process which requires the execution of many time-domain stability simulations and
considerable expertise.
DATA FILE INPUTS
Topology
Ndij
Contingency
LOAD FL OW
Ck
INPUT
ANALYSIS
MODIFICATIONS
F_jgu re 3.2
The power transfer limit deternfination process
-13-
Consider Fig. 3.2. To perform a single power transfer (or generation) limit search, one must
first execute a load-flow software package for a given topology, analyse the results, carry out
manual modifications to the data input and repeat the same procedure until a satisfactory
steady-state case is found. This initial step is not trivial : even such deceptively simple areas
as toad flow analysis and correction can be so complex as to warrant optimal load flow or
expert system tools on their own [CI93]. A satisfactory steady-state case is then used to
initialize the network for a transient-stability simulation, also manually initiated by the user.
When the sirrtuIation is finished, one will often need to extract results, perform transient or
long-term stability analysis, apply acceptance criteria, determine what the next step will be
(i.e. increase or decrease power transfer in the faulted corridor), modify load-flow software
inputs accordingly and re-enter the process. This is repeated until the required limit is found to
the desired accuracy.
In principle, to find the securit~ limit (for example, the transfer limit associated with a
transmission line section or corridor), one must repeat this process tor different contin ene
~and locations (i.e. on the line section or corridor) until the most constraining (i.e. lowest)
transfer limit has been identified.
3.3, Use of Critical Clearance Time determination
The critical clearance time (CCT) of a fault is a very co~,non transient stability indicator. It is
~ually defmed as the maximum duration time of the fault which is not leading to the loss of
synchronism of one or more generators. Thus, it is classically compared with the clearance
time of the fault after the action of a protection and breaker. It determines a k.k, ad of security
margin (in milliseconds) of the system.
Using time domain simulator, the CCT is computed by an iterative process based on a
dichotomy on the clearance time of the fault. Typically, 8 simulations are necessary to
compute one CCT with a precision of 10 ms. Each simulatioo ends with the detection of the
state of stability of the system following the etiminati~ of the fault stable or unstable
whether a generator has lost synchronism. The complete computation takes between 20 and 30
minutes on standard Unix workstations for a detailed modeling of a system composed of 1000
busses and 100 machines. However, this process can be easily parallelised. Also, direct
methods [CI95] can be used to improve computational efficiency.
CCT is usef~dl to know whether the system can sustain a certain contingency. It can be seen
also as a basic stage for transient stability security limits determination processes : being
given a contingency, the economically optimal operational conditions (for example, the
generator output limits) can be searched so that the CCT of the fault be superior or equal to
the typical clearance time of the fault.
3.4. See__~.q_~_~ limit determination
Dynamic security lkrrtit determination is a complex process which consists of many smaller,
individual problems. For on-line Dynamic Security Assessment (DSA) to provide useful
information, it must address the following basic problems "
14-
(i) Obtaining results of a power flow which reflect the reality of the topology and
production - consumption system presently in service ;
(it) The security status of the topology (i.e. is it stable or not ?) and the security
margin (how stable ?) with respect to some contingency, location and criterion (i.e. steady-
state, transient or voltage stability) ;
(rio The power ta-ansfer limit of a transmission corridor (or boundary) with respect
to said contingency, location, and criterion ;
(iv) The generation limit of some power stations with respect to said contingency,
location, and criterion ;
(v)
a n d ,
The security limit of a transmission corridor with respect to said contingency,
(vi) The associated worst contingency location.
As can be seen, the statement of each of these problems relies heavily on predetermined
choices relating to contingency type, location mad criteria rather than probabilistic
distributions involving system topologies and contingencies in time and space. Existing
security assessment and control practices are therefore seen to be based on deterministic
methods rather than probabilistic analysis in order to identify secure operating regions by
means of security limits. The comparison of security limits and actual line flows guides the
system operator in the choice of specific operating strategies at any given time.
Often, deterministic DSA adck, x~ses these basic problems wi~Jn a larger framework, for example,
through sensitivity analysis by optimising security limits as a function of some network parameter
or some aslxct of power system economies. Transfer limit determination, based either on Wansient
or voltage (long-term) stability criteria can be viewed as the dividing line between the low, ard
high-level p~ in DSA. Items (i) and (it) represent the elementary functions required in
accomplishing item (iii) and (iv) ; this, in turn, constitutes *.he fundamental building block for
findingitems (v) and (vi). For example, security limit determination follows directly from a simple
comparison of the different transfer limits obtained for different contingencies at different locations
and analysed according to different criteria : the lowest transfer limit is the security limit.
Sensitivity analysis represents yet another level of complexity : this requires entering a process in
which item (v) becomes the primitive, and this primitive is performed for different values of some
network parameter1.
3.5. Understanding the cha||en~namie Securit
E
Assessment
To fully appreciate the impact of the inherent challenge of security assessment, one need only
consider that a very large number of network situations (see 3.1.), in addition to all credible
For example, FACTS controller settmints may be regularly adjusted to maximise the security limit.
contingencies, must ideally be considered. Typical operations planning departments are
unable to consider all the combinations [AK89]. There are two main reasons for this :
1. Dynamic security assessment processes are extremely time-consuming, if only from the
point of view of expert analysis.
2. The analysis of every conceivable degraded topology is a problem of combinatorial
dimensions.
As a result, one clearly understands the importance of automating such processes and
gravitating them to the on-line environment. Additionally, when the system finds itself in an
insecure state, being given the high complexity of the dynamic phenomena in play, the
operator requires considerable expertise in order to crystallise a strategy which will bring the
system back to a secure state with minimum impact on utility customers. Software which not
only synthesises but also advises operators on possible courses of action and enables them a
real understanding of the dynamic behaviour of their system is therefore a vital component of
future EMS systems.
3.6, Feedback from ~uestionnaire to electric utilities
Introduction :
A questionnaire on the current DSA practices and requirements was prepared by the
Task Force and distributed to major utilities world-wide. More than 40 responses
were received from 20 countries. Most responses came from Germany, Japan and
Australia. The summary of the responses will be presented in this section. The
complete survey analysis is available in the annexe.
Structure of the questionnaire :
The questionnaire was divided into 3 parts. Section A addressed the defufition of the
DSA from the specific utility point of v/ew as well as the types of phenomena of
concern to that utility. Section B examined the current practices such as the types of
stability limits and the measures (preventive or corrective) being used to knprove
stability limits. The final section concentrated on the DSA needs e.g. size of system a
DSA software should handle, kinds of dynamic sect~ity indicators, importance /
economic benefits of a DSA facility to a utility, how to present information to the
control engineers, needs for screening, etc.
Questionnaire responses :
Most utilities see the DSA as either a short term operation or extended real-time
analysis from a snapshot. The main types of phenomena of concern were transient
and voltage stability. It was highlighted that any modern DSA facility should address
both subjects. Most utilities have suffered from transient instability, dynamic
instability or voltage collapse due to the pole slipping on long transmission lines with
remote generation, instability of a nuclear power plant, poor damping after a
switching phenomenon, AGC interaction on weak transmission system, etc.
The main preventive measures to improve stability were control of generation
system, control of transmission system, use of power system stabilizers, excitation
eontrot, addition of series/shunt compensators, etc. For corrective measures-
loadshedding including load curtailment tkrough voltage reduction, switching of
capacitors and reactors as well as full or partial rejection were mentioned.
The DSA is becoming important because of the increasing number of independent
power producers due to institutional changes such as open access~ The economic
benefit of having a DSA facility is difficult to quantify. The information to be passed
on to the control engineers should be easy to use so as to assist them in understanding
the location and types of phenomena as well as effeeting remedial actions. The User
Interface should have line diagrams with affected circuits hatched and warnings via
alarm that the system is in critical dynamic state. Screening is desirable to cover a
large number of configurations that would not have been studied otherwise, to select
the most critical contingencies from a list of eriticaI contingencies as well as to
achieve high speed of operation.
On general comments regarding a DSA facility, it was mentioned that a useful DSA
should be established on a detailed representation and modelling of the power system
in order to provide conclusions based on aeettrate results. It should also integrate a
user friendly interface and faster algorithm to be used by operators in real-time, as far
as tremendous progress made by computer ha calculation can help shorten the cycle
time.
-17-
CHAPTER 4
GENERAL NEEDS AND REQUIREMENTS
4.1.
Kinds of informa_~b
K
control o_.perators
According to Debs and Benson [DE75], the advantages of hhe operator in the control room
include
1.
He relies on a global perception of events in interpreting events.
2, He can take into consideration peculiar situations not originally programmed.
3. He can be trained to assess the impact of a given contingency.
4.
He can override the computer when the results are unreasonable.
whereas the disadvantages of the operator are
1. "Slow reaction time.
2. Judgement is dependent on training and intelligence of particular operators.
3. Knowledge of software capabilities and limitations is operator-dependent".
Generally, the requirements for the DSA varies. First-swing stability (1-2 seconds) may be
sufficient in some cases whereas in other cases, damper and stabiliser responses (10-15
seconds) may be more important. Others may require much longer periods. However, for
practical purposes, these may be classified into"
. stable/unstable,
damped/undamped and,
. margins to instability/undamped oscillation.
These are usually expressed (for transient stability) in terms of critical clearing times, which
are not helpful to the operators (control engineers). Tlae needs of the control engineer may
include
(a) Knowledge of the margin on power transfer from a particular machine or
across a boundary,
Co) A ranked list of the critical contingencies (about 10) using fast filterkng
techniques (which maybe AI based) for detailed dynamic study,
(c) The DSA analysis updated regularly, say every 15 minutes,
(d) Knowledge of how the future power systems will look like,
(e) What mechanisms caused the outages, were they due to loss of synchronism,
distance relay settings etc. and,
(f) The operator needs to know what control actions may be taken to move the
system to a more secure state. The boundaries between the secure and insecure states should
be stated so that the operator can easily recognise this and be able to control the system
[FO88b].
-18-
4~2o
Needs of screenin_g~ ~o id~encies,,
Studying the dynamic performance of a power system means to evaluate the ability of the
system to withstand -
the sudden loss of any major generator or transmission line,
. specified line faults maintaining stability and with no loss of generators,
. combined sets of contingencies, like loss of more than one generator, cascading line
outages, system splitting and loss of load.
Given the current steady-state of the power system, the operator has to check, following each
contingency, whether the transitions in system configuration are acceptable, Besides, he needs
to evaluate if the final condition of the system subject to each contingency is acceptable or
not. The steady-state condition reached subsequent to a contingency depends upon the
contingency. It is impossible to enumerate all possible contingencies and the corresponding
steady-state conditions, and then to check whether the steady state conditions are acceptable.
Hence, only a predefined set of contingencies is considered.
Appropriate selection of contingencies for further more detailed processing is very impor*.ant ;
the aim is to reduce reasonably the number of contingencies, without overlooking potentially
severe credible contingencies and study in detail only the worst and the most probable eases.
A contingency must be classified as non-critical or critical and contingencies belonging to
these two sets must be ranked in a severity order. Non-critical contingencies are those for
which the transitions of system configurations are limited to those implied by the predefined
events used to describe the eontingeney. In other words non-critical contingencies do not
result in unstable behaviour of the system or system protection operation, always causing
unforeseen modifications of the system structure. Critical contingencies determine system
configuration changes not included in the series of events used to describe the contingency.
Screening and ranking functions may be used to
...
.classify all contingencies of interest into severe and non-severe groups,
, rank all contingencies of each (critical or no-critical) set in order to analyse in detail
only the most severe ones (or all the contingencies included in the critieaI group) and the ones
near to the security limits,
. identify interfaces of concern and assess corresponding transfer limits.
Needs concernin externa| networks and dat_a exchan.gg
Power systems are interconnected hence many dynamic security problems are not confmed
within the boundaries of any utility. Also, problems result within the state estimation/security
assessment due to duff external data. Therefore, there is the need for co-operation ha shafng
19-
network data as technology advances ; better co-ordination between utilities and more
understanding shown to be able to resolve any organisational problems that may arise.
For example, Pacific Gas and Electric Company [FO88b] encompasses Not, them and Central
California and the bulk transmission consists of two 500 kv AC transmission lines that
transfer power between the North and the Southern boundaries hence it becomes vital to
become familiar with the transmission system "Mthin and outside the PG and E area of
operation. Also, between the England and Wales transmission network/Scottish boundaries.
Some of the issues which may affect such utilities, generally, include -
(a) the adequacy of communication facilities available to achieve the data
exchange,
(b) the requirement for a unified communication protocol,
(e) the potential regulatory difficulties which might prevent the exchange of all the
necessary data between different companies.
In analysing the responses from the utilities to the questionnaires, there were more concerns
regarding the adequacy of cormrmmication facilities as well as the requirement for a unified
communication protocol. Some of the specific comments of these utilities are
. the greatest difficulty is the reluctance to pass information which may affect the
competitive position of the utility due to the commercial sensitivity of data,
o the data exchange and the external network representation are adequate for off-line
studies but for on-line application a better process is needed for data exchange and the
development of an inter-utility data exchange consortium by that utility is in the right
direction,
where external information is received this may not be adequate hence this is being
addressed,
as there are no e-mail facilities in this particular utility, exchange of external data is
effeeted by fax or through the post,
. the communication protocol with neighbouring utilities may exist for data exchange
but different utilities have different protocols hence the need for better co-ordination,
. uses AC-DC interconneetion hence there is no need for external network data.
Needs of isolated system w~th a [are enetrat~on from renew~._~__~ower
The importance of renewable power sources for the production of electric energy has been
increasing in the last years. This is particularly the case with autonomous power systems
typically found on islands isolated from the mainland, In these cases, electricity is produced
by diesel twSts which make the investment for the exploitation of renewables particularly
attractive. A typical example is the situation found in the small and medium size autonomous
power systems operating on the islands of Greece, Portugal, etc. with high wind potential. For
instance, in medium size Greek islands with 25 MW peak demand, wind power penetration
exceeding 10 MW has been found to be economically and technieally feasible. In larger
- 20-
islands, like in Crete, with 300 MW of peak load, wind power penetration in excess of 80 MW
is foreseen.
The dynamic performance of autonomous power systems with a large penetration from
renewables presents a number of unique features, mainly because of the highly intermittent
natus-e of wind. Thus, fast wind power changes and very high wind speeds resulting in sudden
loss of wind generator production can cause voltage and frequency excursions and
dynamically unstable situations. It should be noted that, unlike classic power systems where
serious disturbances like faults etc. are relatively exceptional events, disturbances due to the
wind variability occur very frequently. In order to guard the system against these disturbances,
very conservative operation scheduling policies are applied which result in increased spirtning
reserves from the conventional urfits and underexploitation of the renewables. Therefore, in
order to achieve a large penetration of renewable sources without degrading secure operation,
it is very helpful for system operators to be equipped with on-line assessment of the dynamic
security of the system for fast wind power changes.
4.5. Performance requirements
An on-line DSA function must be capable of assessing hundreds of credible dynamic
contingencies in the time frame of the execution cycles of the real-time sequence of the
Energy Management System (EMS) which is in the order of 15 to 20 minutes. In other words,
when the results of state estimator become available, the DSA triggering mechanism should
start the DSA cycle to process the contingencies. DSA must complete the assessment of all
contingencies within 10 to 15 minutes.
The performance requirements of the DSA should be measured on a power system model of
some 1000 buses or more.
The performance requirements based on the sizing parameters above shall be as follows -
DSA execution periodicity - 10 to 20 minutes as requested by the operator
Pre-defmed contingencies " 300 contingencies with no more than 30 severe contingencies
(i.e., such that the screerting process would filter out all contingencies but 30 severe
contingencies for full time domain simulation).
Simulation time 10 seconds of time domain simulation with possibility of early
termination or in ease of long term dynamic phenomena, up to one minute or more.
DSA execution " DSA execution will include contingency selection, screertkqg,
classification, and ranking.
Limit calculation 5 minutes to compute transfer flow limits for the worst
5 contingencies.
-21 -
4.6. Mode|~uiremen~s
Network models
The network model includes topology and representation of branch devices (lines, series
devices, transformers, and phase shifters), generators, loads, DC converters, status of breakers
and configuration of bus bar arrangements in substations. Power transfer interfaces between
companies or zones shall be identified. The DSA network model shall be able to identify and
model different islands. As a minimum the following shall be represented :
a) _Static device power flow models
curve
t

.
lines represented as pi sections,
transformers represented as pi sections with admittance components as functions of tap
settings,
phase shifting transformers,
generators represented as constant real-power source with reactive power capability
shunt elements represented by their admittance,
DC lines with converter station modelling,
Static Var Compensators (SVCs),
loads represented as constant real/reactive injections.
b) ~ device models
. generator models shall include : swing equation with damping, machine models
including classical model, two axis model, representation of damper windings,
excitation systems,
governor models,
power system stabilisers,
DC line dynamic models,
SVC dynamic models,
FACTS device models,
capability to represent user-defined models,
. load models shall include non linear voltage dependence as in ZIP (constant
impedance, constant current, constant power) model and as a function of frequency. The load
model shall also provide representation of large induction motor loads.
On-Load Tap Changer
Automatic devices and relays (as loss of synchronism, overcurrent protection, power
protection, generator minimum and maximum voltage protection, generator and motor over-
and tmderspeed protection, static distance protection, frequency load shedding)
Modelling requirements of the DSA based on requirements of various components are listed
below:
~ Selectiorg~Definition
A predefined contingency list should be checked for validity of each contingency for the
current operating conditions and topology. For unbalanced faults the correct value of fault
- 22 -
impedance may be computed using a short circuit program. The following types of fault shall
be supported
three phase to ground,
phase to phase,
two phase to ground,
single phase to ground,
single pole tripping and reclosing,
three phase or single phase breaker reclosing,
bus split.
At a minimum the following types of switching shall be supported -
breaker opening/closing,
recloser action,
dynamic braking action,
capacitor/reactor insertions and/or removal,
generator and SVC tripping,
load shedding,
automatic transfer tripping.
screening
The contingency screening shall derive its models from the most detailed models available to
the DSA. However, in order to achieve required speed of solution, this component may use
approximate models.
Simulation en.g2~
The simulation engine shall have the capability to model all equipment necessary to conduct a
transient stability study for periods of 5-20 seconds.
4.7. Tri erin mechani~ns
The aim of a triggering mechanism is to start a new assessment when required. Its most
important function is to check whether the changes in system conditions are significant
enough to require a new cycle of DSA. A DSA cycle may be also activated by a specific
operator request and automatically at prefixed time intervals.
The triggering mechanisms may be connected to the system security monitoring and exploit
the same information available at all times to facilitate proper decisions during normal
operation, following a contingency.
Whenever in each control area potential problem caused by any events or significant changes
in power transfer capabilities are detected, reflecting voltage, reactive, thermal, and stability
limits, DSA shall provide information about possible contingency consequences and / or
- 23 -
possible remedial actions before or after further contingencies besides events or outages
modifying system conditions.
After the loss of any significant facilities, DSA shall be triggered ; scheduled outages of
facilities should be taken into account. When important deviations in operating conditions
occur, sufficient monitoring shall be provided through DSA so that the existence of possible
system crisis conditions may be checked.
The main triggering quantities, capable of activating DSA, should be :
- short circuits, implying transmission configuration changes,
- loss of important generation groups, or, more in general, any unit status modification,
- loss of important cormections,
- significant change of active or reactive power output of generating units.
A DSA cycle could be activated even by changes, greater than predefmed thresholds, of other
significant variables such as :
- phase angle difference between buses,
- speed deviation of generator or frequency deviation,
- rate of change of power transfer over one or more lines,
- rate of change of apparent impedance on important predefined connections,
- voltage at a bus or at generator terminals, or power in a critical interface.
The limits or control options are pre-entered and remain valid until changed by the operator.
- 24 -
4.8. Data mana~gemen~_~data requirements to run a DSA~
To run a DSA, the following data are required :
a) Solved Real-time State Estimator or Power Flow data describing the power system
network and associated components, as well as the static conditions at all network buses
(voltages, angles, loads and generation MW/MVar, etc.).
b) Dynarnie data describing the device characteristics required for a transient stability
study (generator inertia, exciter characteristics, governor models, etc.).
e) Contingency data describing the faults needed for DSA, plus related tripping
information.
d) Control data for DSA applications, such as convergence thresholds, time frame to be
simulated, etc.
The modelling requirements for DSA are already addressed in chapter 7.3. The objective
of this chapter is to describe :
- the construction ofthe DSA data model,
- the requirements for DSA data base,
- the requirements for data interfaces.
Construction of the DSA data model
The Principe construction of the DSA data model is shown in Fig. 4.1. The source of the
network model for On-line DSA is the results of On-line State Estimator, which normally
comprises the internal network and important parts of the external networks.
For Study and/or Off-line DSA the network model can also be based on Dispatcher Power
Flow Data or Off-line Power Flow results. Depending on the performance requirements,
importance of network pa~ts with respect to DSA and availability of appropriate external
dynamic model data, etc. a reduction of the network model is performed, especially for On-
line DSA. After merging DSA-specific dynamic device models and progr,an specific
parameters~ the DSA data model is ready for being used by UI functions, the DSA application
programs and other tasks, e.g. data export for exchange.
- 25 -
internal external
"\ /
I
Base Case from
State Estimator
(On-line DSA)
r
l
Base Case from
wl
Dispatcher Power Fio
On-line DSA)
Base Case from ~
or pff-line Power Flow
Model reduction for DSA
(On-line DSA) or use of full model (studies)
t
DSA-specific data
- governor models
~.xcitation systems
DSA - program
Time Domain Simulator
DSA Data Model
DSA
Applications
"""""*others
Data E x p o r t
F_Fjgure 4.1
Principle construction of the DSA data model
_~_quirements for DSA data base
For DSA the use of wide-spread RDBMS (e.g. ORACLE, SYBASE, 12qGRES, etc.) behag
available for various hardware platforms is highly recommended. The data base should be
object-oriented or support object-oriented access to the data to ease the connection of
powerful UI-packages.
- 26 -
The RDBMS should at least include all input and output data of DSA, which are to be
entered, modified or viewed by the "normal DSA user" ; internal data of DSA applications
including special data for DSA-specialists (e.g. debug infos) could be stored as flat files or
private data bases in order to avoid performance problems.
The data base used for DSA must allow easy definition of DSA cases and must be able to
efficiently manage a lot of study cases.
R_~e..quirements for data interfaces
Several types of interfaces are required :
-
interface to EMS applications and data,
- interfaces to other power system analysis software (e.g. Off-line Power Flow),
- i-nterface to UI-subsystem,
-data import and export using pseudo-standardised formats, such as IEEE-load flow
exchange format
- internal interfaces between DSA applications doing Contingency Selection, Screening,
Ranking, Time Domain Simulation and so forth.
4.9. User interface
The DSA user interface requirements have to take carefully into account several classes of
users. For each class, the User Interface has to be adequately adapted to the kind of
interactions which exist between the users and the power system.
~rators IOn-line DSA)
System operators need a DSA user interface supporting their task of maintaining the security
of the real-time system in an practical way, i.e. as simple and uncomplicated as possible.
Typical.answers of DSA, such as "system is stable", "system is trustable for contingency case
X", "allowable time for preventive/corrective actions", "overall system state is getting
better/worse" will be appreciated very much. The DSA environment should be easy to
understand and comfortable to manipulate.
_System eng~_neer/O~n-line DSA and/or Off-line~
System engineer/operation planer is assumed to be an experienced analyst, having detailed
knowledge of the power systems various phenomena impacting the security and economy of
the system. He tmderstands very well the DSA modelling aspects, knows how the DSA
applications work and his task includes to tune and tailor the DSA software to meet his
specific systems needs. System engineer needs a flexible UI, enabling him to view all details,
e.g. generator voltage angles vs. time, block diagrams and parameters of dynamic de-Ace
models, comparison of time domain simulation results vs. approximate screening, etc.
- 27 -
Manag.~
The UI of DSA should include features to create reports on system performance, statistics of
critical events, summary logs of critical equipment and last but not least diagrams comparing
actual versus computed results to demonstrate the validity of the DSA function and its
usefulness for their electrical power system.
Common requirement from all types of DSA users is, that DSA needs to have a state-of-the.
art, flexible and user-friendly brl, which among others has to fulfil following general
requirements
- provide an quick overview about the system stability status (e.g. traffic light symbols)
arid pinpoint the most critical contingencies and associated network parts,
- show ranked lists of severe contingency cases identifying the most critical network parts
and provide the possibility to perform detailed analysis by simple selections (e.g. cursor
click),
-present binding or near-to-binding operating lirnits associated with predescribed
contingencies,
- clear proposals for possible preventive and/or corrective measures,
-graphical display of time trends associated with expected system changes, e.g. system
changes, e.g. system is getting better/worse and show the available time for the operator for
interventions,
o in On-line DSA show period of the validity of the current DSA results and indicate
clearly when the results get invalid and what event caused the change,
-comfortable option to add and/or delete contingencies to/from contingency lists by
adopting drag & drop and copy/paste techniques, e.g. pick-up a network component from a
single lone diagram and drop it into a contingency list,
-capability to compare eases against each other, allowing the user to select key
parameters to be compared, e.g. stability indices, margins, sensitivities, etc.,
-provide the user with measures to evaluate the accuracy and reliability of the DSA
results,
-
capability of Off-line study mode with more detailed output and increased flexibility.
Major design principles for bq being well-suited for On-line as well as Off-line DSA
functionality should be
-extensive use of graphical displays like curves, bar-charts, strip-charts, dynamically
coloured symbols for quick assessment of complex situations,
o easy and flexible access from the currently used display to other displays,
- guided operation of the various DSA components via context-sensitive menus, toolbars,
buttons, pop-up windows, etc.,
- provision of a help mode that is easy to access,
-clearly doettmentation of DSA including functional descriptions and det~led user
guides,
-
multi user capability.
28-
CHAPTER 5
ANALYTICAL TECHNIQUES FOR DSA
The .tbllowing sections gather DSA techniques ( 5.1., 5.2.) and assess them in terms of
criteria of practical concern ( 5.3.). A relatively large place is dedicated to Intelligent
System( 5.2)for the reason that the knowledge of these new techniques still needs to be
developed in the Power System analysts community. This chapter contains also a table
techniques vs. criteria where each technique is rated through certain criteria relative to some
possible functions of a DSA tool
The results of the comparison are summarized in the Table of subsection 5.3.
5. I. Ana|yfieal technl uqy_.~
This section identifies well known DSA techniques. Next section will describe in some detail
Intelligent Systems.
General techniclues :time-domain methods
Time-domain methods represent the mainstay of existing DSA tools. Commercial time-
domain simulation sofiwares are able to treat large-scale disturbances, complex non-linear and
active network elements and elaborate contingency scenarios, including protections. Such
sowares are sufficiently reliable as to be capable of performing very short simulations, for
example in evaluating first-swing or mid-term stability for the study of voltage phenomena
evolving over tens of minutes.
Such sowares constitute the focal point of existing off-line DSA processes and are readily
considered as candidates to on-line DSA provided that seethe transmission levels and
operating margins can be identified within an acceptable time-frame. Needless to say,
computational speed is an issue. However, R&D efforts in DSA have begun to move towards
increasing the speed of limit search processes as a whole rather than concentrating ortly on
increasing the speed of execution of a single simulation (i.e. either through improved
algorithms, multiple or parallel processor strategies or advanced computer hardware
architectures [HA 93]).
The major advantages of time-domain methods are :
great flexibility with respect to power system modelling,
ability to provide time responses of machines rotor angles, speeds, accelerations, of bus
voltages and of other parameters of concern.
~ sensitivi~
- 29-
Trajectory sensitivity analysis provides a systematic approach to exploring the influence of
parameters on large disturbance behaviour. These ideas have recently been applied to power
system dynamic security assessment [LA95] [ST96].
Techni~ecific to transient stability : direct methods
Application of direct methods to transient stability have been developing for over 30 years
[FO92, PA89, PA93]. The most popular members are [CI95] : the transient energy function
(TEF) together with the exit point or BCU method to assess its limit value ; the extended
equal area criterion (EEAC).
Besides the "pure" approaches, v a r i a n t s coupling with time-domain methods makes them able
to comply with detailed power system models. Such a hybrid search strategy is the "second
kick" method, which requires less than 4 simulations [MA95a]. This development has led to
the implementation of an on-line dynamic security analysis system for B.C. Hydro [DE94].
Independently of transient energy function analysis, another strategy has emerged for
accelerating the transient stability limit search process [MA94]. It is based on the signal
energy analysis of power system simulation waveforrn behaviour and may be summarized as
follows : if two stable time-domain simulations of a normal contingency are performed at
respectively two different values of power transfer and the sigr~l energy of the transient rms
voltage response is computed, it is possible to estimate the transfer limit for the specified
contingency and the error in the limit estimate.
Yet another hybrid method emanates from the dynamic EEAC. It consists of computing
appropriate stability margins, using one stable and up to tbxee unstable time-domain
simulations. It assesses critical clearing times [ZH96a] or power limits [ZH96b] as
appropriate.
Techni ue eifie Ion -term stabili
Simp|ified time-domain techniques exploit the separation between long-term and
transient time scales, replacing the latter by equilibrium equations and concentration on the
former.dynamics. This yields the Quasi Steady-State (QSS) time-domain simulation, which
merely requires to solve at each time step the algebraic equations of the network together with
equilibrium equations of the transient dynamics.
Energy function methods have recently been extended to allow long-term voltage
stability assessment. Tbfis extension follows from the incorporation of load dynamics into
standard multimaehine energy function [HI96]. Reactive power limits, which play a major
role in long-term voltage stability, can be handled using the approach described in [I-[I91 ].
Continuation methods in general enable system equilibria to be tracked as a parameter
of the system is varied. Frequently the free parameter corresponds to a load, or a combination
of loads, and so describes movement in a particular loading direction. Continuation power
flows deal with the particular problem of tracking the system long-term equilibrium when bus
load is increased. It is an efficient way of performing successive load flows and dealing with
the nose point of the PV curves.
-30-
Post-contingency optimal power flows. The divergence of a post-contingency power
flow computation is a necessary but not sufficient condition of voltage instability (it may
result from numerical problems or other physical problems where there is no solution to the
load flow equations). Post contingency OPF may be useful to determine acceptable solutions.
Eigenanalysis (or modal analysis) involves both eigenvalue and eigenvector analysis.
The reduced QV load flow Jacobian or the long-term differential equations can be used. It is
aimed at finding instability mechanisms and suggesting corrective actions. In principle it must
be coupled to continuation power flow or time-domain methods. Interpretation of eigenvalue
far from the critical point is of limited use.
5.2.
Intelligent technl uq_u__~
We distinguish among expert systems and automatic learning methods. The emphasis will
essentially be put on these latter methods which have already provided innovative systematic
approaches to analysis, sensitivity analysis and suggestions to control, for both transient and
long-term voltage stability.
The basic components of an expert system are knowledge base (KB) and inference engine
(IE). KB is a collection of rules and dates. IE is mechanism of induction of decision tree
searching rules to find those that can be applied to specific cases. Tiffs mechanism is based on
the sentence and predicate logic.
Expert systems can contribute in two ways to improving power system stability evaluation.
Firstly, they can be used to guide the engineer in the choice of models and computer programs
for off-line stability analyses. Secondly, they can help on evaluating the present stability
situation of a power system with respect to the power system variables and control. Existing
knowledge-based system approaches to power system security assessment mainly focus on the
development of heuristics or empirical knowledge. The knowledge acquisition process is
aimed at identifying and representing knowledge from the expert. The objective of this
process is to understand, for a given load and generation state of the power system, how the
operators orgarhze their knowledge.
As an example of applications of knowledge-based methods for security assessment we
mention the following : the effect of contingencies and system conditions upon dynamic
security assessment are built in an ES, using sensitivity analysis of the transient energy
function [EL89] [EL90]o Further, using the concept of vulnerability, which indicates the rate
of deterioration in system security, an ES was developed which uses the energy function as a
stability measure. The identification of the conditions that may lead to voltage collapse and
the suggestions for necessary corrective actions are embedded in some expert system
frameworks. There are expert systems that evaluate power flow divergence indicators
concerning controls and parameters change to detect the voltage collapse knee-point.
-31 -
Automatic Learning (AL) in general is concerned w/th the design of automatic procedures
able to learn a task on the basis of a learning set of solved instances of this task, There exist
th.ree main families of automatic learning methods (i) machine learning, a subfield of
symbolic artificial intelligence ; (it) statistical pattern recognition and regression ; (iii)
artificial neural network based learning.
Two broad classes of AL problems may be distinguished : supervised and unsupervised
learning. Supervised learning usually aims at constructing a model for an assttmed
relationship between input and output parameters. Unsupervised learning (or clustering), on
the other hand, aims at either uncovering similarities among groups of instances or
correlations among groups of attributes used to describe such instances. The main focus will
be on supervised learning methods.
In what follows, we consider only non-parametric AL methods, that is, methods which make
no ass...urnption about the mathematical functional form of the underlying particular density
distr/bcttion (such as that of a normal, bell shaped curve). Indeed, parametric methods could
not properly solve the wide variety of dynamic security problems.
N.B___~ " The essential of this note is taken from [WE96b].
Supervised learning
Problem statement
In the context of power system security assessment - and hence of DSA, the general AL
approach may be schematically described by Fig. 5.1 : random sampling teelmiques are
considered to screen all relevant situations in a given context, while existing numerical
simulation tools are exploited - if necessary in parallel o to derive detailed security
information. The heart of the framework is provided by automatic learning methods used to
extract and synthesize relevant information and to reformulate it in a suitable way for decision
making. This consists of transforming the data base (DB) of case by case numerical
simulations into a power system sectary knowledge base (KB). As illustrated ha Fig. 5.1, a
large variety of automatic learning methods may be used in a toolbox fashion, according to
the type of information they may exploit and/or produce. The f;mal step consists of using the
etraet~d, synthetic information either in real-thne, for fast and effective decision rnakJng, or
in the off-line study environment, so as to gain more physical insight and to derive better
system and/or operation planning strategies.
How will this automatic learning based framework complement classical analytical methods
for security assessment ? In practice, t.here are three dimensions along which important
fallouts are expected.
32-
Random
Data base generation
Study Definition
Random Sampling
Numerical Simulations
G~.line. automaac, in parallel
Synthetic
Machine Learning
Statistical Analysis
Neural Networks
Off 4ine in s tu ~ " em,ironmenl
Fast Decision Making
Physical interpretation
Uncertainty Management
O n- line o r o f f q ine
F~_jg_ure 5.1
Automatic learning framework for security assessment
Computational efficiency. By using synthetic information extracted from automatic
learning, instead of analytical methods, much higher speed may be reached for real-time
decision making. Further, in terms of data requirements, whereas analytical methods need a
full description of the system model, the approximate models constructed via automatic
learning may be tailored to exploit only the significant and/or available input parameters.
Besides, the synthetic information may itself be complementary to and generally more
powerful than that provided in a ease by case fashion by existing analytical methods. In
particular, much more attention is paid nowadays to interpretability and management of
uncertainties, the two other important fallouts of automatic learning methods.
Interpretability. It was shown that machine learning may indeed efficiently generate
security rules from large bodies of simulated examples, even for as complex systems as are
real large-scale power systems. The extracted rules are found to express explicitly problem
specific properties, similarly to human expertise, and hence may be easily appraised, criticized
and eventually adopted by engineers in charge of security studies. The flexibility of the
automatic learning framework allows one to tailor the resulting information to analysis,
sensitivity analysis and control applications.
Management of uncertainties. The need to devise a rational way to take decisions
despite the existence of uncertainties about the power system state becomes more and more
apparent. Today, for example, operators are often sorely missing guidance in the context of
unusual system states reached after major disturbances, where reliable real-time L, fformafion is
generally lacking. Tomorrow, technological and economic changes will probably lead to a
higher and physically more irrational distribution of decision making and thus to more
uncertainties in routine operation and plmmJng activities. In particular, increased competition
among economic actors may reduce their willingness to share information on theh" respective
subsystems, despite the stronger physical interactions.
Su__qpervised learning methods
In what follows, we discuss three classes of methods providing three complementary ~s of
imeormation.
Symbolic knowledge via decision trees. Top down induction of decision trees is one of
the most successful classes of machine learning (i.e. symbolic learrfing) methods. Figure 5.2
shows a hypothetical binary decision tree : to hffer hhe output information corresponding to
given input attribute values, one traverses the tree, starting at the top-node, and applying
- 33 -
sequentially the dichotomous tests encountered to select the appropriate successor. When a
terminal node is reached, the output information stored there is retrieved. The right part of
Figure 5.2 shows how the decision tree decomposes its input space into non-overlapping
subregions. Ideally, the number of these latter should be as small as possible and at the same
time the states contained by each subregion should belong to a same class.
VI
Class
Class 1
V2 1
Class 2
F_j~re 5.2
Hypothetical decision tree and its corresponding input space decomposition
Single-layer perceptron
Multi-layer ~ r c e p t r o n
1 + exp(-ll i)
Input layer
a~
Hidden layers
Feed-forwsrd mulfil~yer perceptron
A main asset of decision trees lies in the explicit and logical representation of the induced
classification rules and the resulting tmique explanatory capability. In particular, the method
identifies the most discriminating at*aibutes and provides systematic correlation analyses
among them. From the computational viewpoint it is efficient at the learning stage as well as
at the prediction stage.
There are two generalizations of decision trees of interest in the context of DSA, namely :
regression trees which infer information about a numerical output variable [WE95a], and
fuzzy trees which ttse fuzzy logic instead of standard logic to represent output information in a
smooth fashion. Both approaches allow inferring information about security margins,
sim~larly to the techniques discussed below. In particular, fuzzy trees are able to combine
smooth input/ouput approximation capabilities of neur~M networks with haterpretability
features of symbolic machine learning [/3095].
- 34 -
Smooth nonlinear approximations via artificial neural networks. The field of
artificial neural networks (ANNs) has grown since the early work on perceptrons to an
important and productive research field. We restrict ourselves to multilayer perceptrons,
MLPs for short. Figure 5.3 illustrates the classical feedforward MLP. The first or input layer
corresponds to the attribute values, and the last or output layer to the desired security
classification or margin information. Intermediate layers enable the network to approximate
arbitrarily complex input/output mappings, provided that its topology and weights are chosen
properly [GE93, NI93],
Similarly to decision trees, an interesting property of MLPs is their ability to achieve feature
extraction and learning in a single step. However, one of their difficulties comes from the very
large number of weights and thresholds related in a nonlinear fashion, wl-dch makes it almost
impossible to give any insight into the relationship learned. All in all, one can say that MLPs
offer a flexible, easy to apply, but essentially black-box type of approach to function
approximation.
Memory based reasoning vh statistica| pattern recognition. The previous two
approaches essentially compress detailed information about individual simulation results into
general, more or less global security characterizations.
Additional information may however be provided in a case by case fashion, by matching an
unseen (e.g. real-time) situation with similar situations found in the data base. This may be
achieved by defining generalized distances so as to evaluate similarities among power system
situations, together with appropriate fast data base search algoritlh, ns.
A well known such technique is the "K nearest neighbors" (K- NN) method able to
complement decision trees and multilayer pereeptrons. It consists of classifying a state into
the majority class among its K nearest neighbors in the learning set. The maha characteristics
of this method are high simplicity but sensitivity to the type of distances used.
Unsupervised |ear~ing and clusCer~ng
In contrast to supervised learning, unsupervised learning methods are not oriented towards a
particular prediction task. Rather, they try to identify existing underlying relationships among
a set of objects characterized by a set of variables or among a set of variables used to
characterize a set of objects.
One of the purposes of clustering is to identify homogeneous groups of similar objects, Lrt
order to represent a large set of objects by a small number of representative prototypes.
Graphical, two-dimensional scatter plots may be used as a tool to analyze the data and identify
clusters. P,mother application of the same techniques is to identify similarities (and
redundancies) among t_he different attributes used to characterize objects. In the context of
DSA both applications may be useful as complementary data analysis and preprocesshag
tools.
-35-
Application of automatic [earning to DSA
Unsupervised learning for data pre-processing
In security problems, many different attributes often turn out to provide equivalent
information, due to the very strong physical correlations among geographically close
components of a power system. Thus, clustering methods may be used to define a small set of
representative attributes from a larger number of elementary variables.
For example, in the case of voltage magnitudes, correlation coefficients among any pair of bus
voltages may easily be computed then used as similarity measures by a clustering algorithm
searching for a reduced number of voltage "coherent" regions. In particular, two-dimensional
Kohonen feature maps may be exploited to visualize the relationships among voltage regions
and cpmpare them easily with the geographic location of busbars in the power system
[WE95a].
Clustering techniques have also been proposed in a more conventional way, to identify groups
of shnilar power system operating states. One possible purpose is to partition a very large data
base into smaller subsets for which the security assessment problem could be easier to solve.
Another interesting application would be to "condense" the full data base into a reduced
number of representative prototypes, thereby decreasing the number of required sec~rty
simulations and shortening the associated computation delays.
_~pervised learning of security criteria
Given a data base composed of examples, for which security margins have been pre-
determined for several contingencies and a number of candidate attributes have been
computed, supervised learning may derive appropriate security criteria. Below we point out
specific interesting aspects ofeach class of AL methods.
What can decision trees do ? First, we need to define security classes by appropriate
thresholds on the security margin. Then, the decision tree building includes (i) the automatic
identification of the subset of attributes among the candidate ones relevant for the prediction
of the secu.rty class (say ten to twenty among one or two hundred), a~d (ii) the definition of
appropriate threshold values for these attributes so as to provide an approximate mcrdel of the
dynamic security region of the studied power system area. In addition to a global tree
covering all disturbances simultaneously, s~gle-contingency trees may also be constructed to
provide tnore specific information and additional insight. Depending on the type of problem,
and upon whether normal pre-disturbance or just after disturbance attribute values are used,
the decision trees may be used either ha a preventive or in an emergency wise approach
~O94; VA93 ; WE91 ; WE94a].
What can neural networks add ? In addition to the decision trees simplified view of a
discrete model relating a small number of security classes and thresholds on attribute values,
one is generally interested in a continuous security margin, at least ha the neighborhood of the
threshold values used to define security classes [DI9 l ; EL89 ; FI89 ; Mc95a ; MO91 ; SH94 ;
SO89].
-36-
Since a strong point of the MLP is its nonlinear modeling capability, and of the decision tree
is the identification of the attributes relevant to a classification problem, a hybrid approach
may use the latter attributes as input variables to a MLP model, to get a normalized security
margin as output information.
What do distance based methods offer ? With the previous two approaches, we have
essentially compressed detailed inforrnation about individual simulation results into general,
more or less global security characterizations. This provides the required physical
understanding, tharuks to the data analysis component of decision trees and attribute clustering
techniques. In addition, the derived models may be used efficiently for on-line security
analysis.
In this latter context, further information may be obtained via memory based reasoning
exploiting appropriate distances to find the most similar pre-analyzed situations to the real-
time state. Once identified, these may be used in multitudinous ways. For example, their
distance to the current state would provide a measure of confidence of the security
information provided by any model derived from the data base. If the nearest neighbors are
sufficiently close to the current state, various kinds of detailed and specific security
information may be extrapolated from these states to the current situation, including detailed
contingency analysis and preventive and/or emergency controls.
Hybrid approaches. To preserve the advantages of (some of) the AL methods, while
evading their weaknesses naturally leads to their coupling.
For example, in the context of transient as well as voltage stability, such hybrid approaches
have already been proposed, combining crisp and/or fizzzy DTs with MLPs and/or k-NNs
[BO95 ; HO95 ; WE95b].
No doubt, hybridization provides a large variety of solutions full of promise.
Concluding ten, arks
One of the messages worth to convey is that to make automatic learning methods really
successful it is important to include the human expert in the process of deriving security
information. For example, to guide the security studies it is necessary to exploit his prior
expertise and then to allow him to criticize, assimilate and accept the new information. The
results must therefore be provided in a form compatible with his own way of thinking. In the
general class of a automatic learning approaches, decision trees are presently the only
approach able to meet this requirement ; it is therefore a key element of the toolbox.
The possibilities of automatic lean,ring methods open up new perspectives to power system
engineers to respond to the challenge of planning and operating future power systems ,Mth an
acceptable level of security, despite increasing complexity, level of tmcer~ainties, and
economical and environmental pressures.
-37-
DSA techn~aes vs. crReria
5.3.1,
The criteria
detailed models
1) Modelling possibilities " ability of the method to imbibe more or less
With reference to long-term voltage stability
+ Usual load flow modelling with PV or PQ type buses. Some
significant factors are neglected or simplified, such as the OLTC deadbands, the limited
machine behaviour and also controls which are depending on the system time evolution
and/or whose delay of action can make the difference between stability and instability.
++ Can take the above effects into account but neglects the
instability of the transient dynamics (e.g. cases where electrornechanical oscillations would
appear).
With reference to transient stability
+ Standard simplified system model (constant electromotive
force behind transient reactance and constant impedance loads).
++ Partly detailed machine and load modelling.
With reference to both, long-term voltage and transient stability
+ + + : Both long-term and transient stability phenomena are studied
with the same tool. Long-term simulation is however very computationally demanding. Used
as a benchmark for checking limit cases.
modelling)
2) Type of information required (vdth respect to the most detailed possible
Off-line
FD Fully Detailed information, including controllers.
PD Partly Detailed information, eoneerning essential parameters
relevant to the considered security problem.
LF Load Flow type of information.
Real-time
estimation.
CS Complete System picture, e.g. as provided by state
SV Selected Variable (a very few number of electrical and
topological variables), directly measured or easily computed, e.g. as provided by SCADA.
-38-
3) Management of uncertainties ability to account for uncertainties
irtherent to modelling imperfections, partly/momentarily missing data, unknown data, etc.
+
"ability,
-
inability.
4) Type of information provided
Analysis
D Detailed (e.g. bus voltages, swing curves, etc.) ; the type of
provided detailed information may change from one method to the other.
S " Synthetic (e.g. margins).
Interpretability of phenomena methods ability to uncover and
describe the main mechanism driving the phenomena of concern
+ very transparent information vs,
- " "black-box" type of information (e.g., yes or no ar~swer about
stability ; except for time-domain response).
Sensitivity analysis- in terms of computational overhead
parameter),
easy (e.g. via extrapolation-interpolation of margins
difficult (cut-and-try, e.g, diehotomie march).
v$
Means to control
P " preventive, i.e. means to reknAoree system robustness,
C" corrective, i.e. means to bring the system back
from
emergency to normal.
5) Off-line preparation tasks, mainly for the purpose of"
Validation and building a data base.
Validation, including evaluation of the applicability domain, tuning of
pa.~,meters, etc., is usually carried out every time a method is applied to a new power system
or when significant changes appear in the system. One distinguishes tasks requiring "
V

Validation and,
mV

minor Validation,
DB
"
Data bases, on the other hand, are built for the p~,pose of
intelligent systems, using human expertise and/or other methods, of the system hheory type ; a
data base has to be refreshed every time the system configuration and operating conditions
- 39-
change "significantly". Generally, this is required much more often than validation, and hence
implies more massive computations.
6) Real-time computational requirements
B : Bulky computations, e.g. required for time-domain
simulations with full model,
FB : Fairly bulky computations, e.g. required for time-domain
simulations with simplified model,
L : Light computations, e.g. required for fast direct met,hods,
EL : Extremely light computations, e.g. required when using a
decision tree to assess the stability of a state.
To fix ideas, B may correspond to hours of CPU time, FB to minutes,
L to seconds and EL to fraction of millisecond CPU time.
7) Contingency screening tool
A fast method may be not accurate enough (e.g. when complying with
simplified system modelling only), yet reliable enough to identify and filter out "uninteresting
contingencies", i.e. generally contingencies which are too mild to be dangerous. In general,
the more simplified the system model, the simpler and faster the method.
++
Ultra-fast screening tool.
+
Very fast screening tool.
5.3.2.
~ues vs criteria
The first part of the Table gathers techniques common to transient stability
and long-term voltage stability. The second part refers to transient stability, the third to long-
term voltage stability.
Cowanents on the Table"
I) Methods belonging to the same class have not necessarily equivalent
performances ; the table takes into account the best of the existing performances. Indeed, the
table attempts to highlight strengths of a class of methods, even if some of its members do not
meet them. E.g., only some automatic learning methods have the ability of interpretability. On
the other hand, interpretability may have various meanings ; e.g. a decision tree describes the
physical phenomena at hand in a synthetic way (which are the parameters and their threshold
values driving the phenomena), whereas a k-NN uncovers similarities of a given state with its
neighbour states.
2) The table Ifighlights complementary rather than competitive aspects of
the various techrfiques.
- 40 -
3)In terms of computational performances, the effect of power system size
is not considered here. This depends very strongly on various factors, in
pa~icula_r method implementation, software and hardware
envirom~ents... Likewise the possibility of exploiting parallel
computations is not taken into account.
4)Reliability and accuracy are not considered either. Admittedly, within a
class some methods may be more reliable and accurate than others,
depending on paaicu[ar system specifics. Nevertheless, there are reliable
and accurate members in each class.
5) There have been many efforts toward developing voltage as well as
transient stability indices to assess the robustness of a particular system
operating point with respect to instability. Concerning voltage stability,
there are two main categories of indices
- local indices, based on linearization and,
- large-deviation indices, e.g. a load power margin.
These indices are not considered as such in the table.
6)
An empty box means that the considered criterion is not of concern for
the corresponding technique.
TABLE : DSA TECHNIQUES vs CRITERIA
-41 -
1
Possib[Hties
2
Type of inform, req.
Off-[|no Real-time
3
Management
of
Uncertaint|es
Ana|ysis
Type of Information Provided
--- ,
of Phenomena
Control
5
Off-line
Preparation
Tasks
6
Real-time
Computationa
|
Requirements
7
Contingency
Screening
Tool
Time-domain
+++ FD
Off-line
Epen Prermr.
Re~Ltime
Systems Use
Aurora. Off-line
Prepnr.
Methods Use
+++
FD
CS
SV
GENERAL APPROACHES
D,S
mV
DB, V
+ D,S +
+ P,C EL
TRANSIENT (ANGLE) STAB|LITY
Direct "Pure" +, ++
~
PD
~
CS -
- + P V L
methods "Hy~4d" ~, ~
[ FD
~
CS -
" + P mV
I
S
D,S
FB
Simplified
time-domain
Continuation Power
flow
Post-condngency
Power flow or OFF
Eigenvalue Analysis
LONG-TERM VOLTAGE STABILITY
PD
LF
LF
PD, LF
CS
CS
CS
CS
Ycs/Ho
D
FB +
FB +
L ++
Eigenanalysis allows interpreting the voltage instability mechanism and identifying the best controls. Recent techniques, relying on geometric interpretation in the
parameter space allow determining how much control is needed This requires coupling with :
~continuation powerflowfor preventive control determination (~how to beat increase a loadpower margin ?"),
* time-domain methods for corrective control determination ("how to avoid this collapse ?") as well as validation of the proposed control.
Some validation with respect to full time-domain simulation is needed
There will be a discrepancy with respect to stability limits computed from full time-domain. Validation may include assessment of accuracy.
CHAPTER 6
- 42 -
THE USE OF PARALLEL PROCESSING
This chapter presents two different ways to implement parallelism in order to accelerate DSA computations :
running one single contingency per processor with several contingencies being runned in parallel (6.2) or
running a particular scenario or contingency faster on several processors in parallel (6. 3).
6.1. Introduction
A number of computational teclw~iques have been described for on-line DSA but its practical
implementation for large scale power system has taken a long time to be realised [13A92]. A
major challenge in developing an on-line DSA facility is to overcome the high computational
demands of the problem.
The need for assessment of several scenarios calls for important speed-ups in computer power.
This can be achieved by the use of more efficient processors, but also in the use of parallel
processing. The way to implement this parallelisation can be either :
a- rtmning a pa.~cular scenario or contingency faster on several processors in parallel ;
b- running one single contingency per processor with several contingencies being framed in
parallel.
The second alternative is probably the one to be followed for the development of DSA.
Considering the actual hardware architectures for parallel process, can be considered two
classes, namely :
- cluster architecture,
- parallel computers
6.2. Cluster architecture
The cluster implementation of the main computational components of on-line dynamic
security assessment (DSA), can be approached with either two paradigms :
- using a serial implementation of the DSA components in a cluster of two or more
workstations ;
- using a parallel implementation in a network of workstations.
6. 2.1. Serial implementation
In this section, the main concern is the knplementation of the DSA computational components
(transient stability simulation engine, contingency selection and ~g, power flow,
eigenvalue analysis etc.) in a distributed envkmnment using a network of workstations with a
cluster architecture. The main cb,aracteristic of such cluster, as far as DSA is concerned, is that
each of the computational units of the cluster performs exactly t.he same type of computation
- 43 -
but with different data input. For instance, one of the nodes executes the simulation engine
"~th a three phase fault at a selected busbar, while another node executes the engine with a
single-line to ground fault and a stuck breaker at the same busbar. The base c~e conditions
for each of the two contingencies are assumed to be the same. Therefore, the processing per
case is of the same type, but the data is different.
Another important characteristic of this type of cluster is that the hardware used at the nodes
can be of any available type and does not have to be homogeneous. In particular, the cluster
architecture can and should support the mixing of common workstations, personal computers,
multiprocessor super workstations, as well as any other hardware that can be networked and
that is supported by clustering tools such as the PVM [GE94].
The implementation of DSA in such cluster of workstations assumes availability of the core
DSA components as found in single stock-hardware workstation environments. The main
objeeti~ve here is to adapt those applications to function in a distributed fashion. In particular,
some of the redund~t tasks usually performed when ranning one simulation at a single time
in a single workstation must be done ovdy once at a main server node and from there
distributed to the remaining client workstations. Among these tasks are the data loading,
initialisation and faetorisation of network matrices, computation of the initial conditions for
the differential equation sets, and so on.
Figure 6.1 shows a schematic of a typical cluster configuration. Shown at the top is the case
Scheduler. The task of the scheduler is to distribute cases to the next available workstation. In
addition, the Case Scheduler prepares all the data to be shared among the contingency cases.
At the bottom of the figure the Post Processor exchanges control information with the Case
Scheduler to signal case termination, client availability, and other pertinent data. It also
produces ranked lists of eases according to any criteria to be defined, updates the results
database with appropriate termination indices and energy margins, prepares t~e final
simulation results for presentation, etc. The workstations in the middle of the figure process
the stability cases as they are received without any need for communication with any of the
other available workstations other than Case Scheduler and the Post Processor.
To process large numbers of cases in a cost-effective manner, many improvements to the
obvious.~..stmtegy of direct apportionh,~g cases among the available workstations may be
considered. These improvements are based on the reduction of repeated effort from case to
case. The simplest implementation of tkis concept, however, would for instance initialise any
single run of the simulation engine, in a workstation as if it were totally independent and
different case from any of the others. Since in most situations the cases are all based on the
same identical io.Jtial condition it is more effective to consider a solution in which the running
of a case is started from a "primed" condition in which a large portion of the preparatory work
for running stability cases has already been accomplished. In particular, reading of input data
formation of network ma~ces (and their faetorisation), irfitiaJisation of state-variable arrays,
etc., if common to afl eases, can be accomplished once and made available to all the
workstations in the cluster. The problem here is to identify those portions of the codes that can
be carried out only once and distributed to the client nodes. It is also important to consider
that clustering requires the implementation of the Case Scheduler and Post Processor. The role
of the Case Scheduler, besides the distribution of cases is to accomplish the initialisation of all
the workstations to the proper primed state. The Post Processor passes the output of the cases
to user interface component for vievAng and further analysis.
6. 2. 2. Parallel implementation
New parallel based computers based on the VLSI technology are now available, allowing for
supercomputer performance at a fraction of the cost.
The objective here would be to implement the DSA components also as a cluster of
distributed-memory workstations. This clustering approach, has not been explored in the past
with the same intensity as the traditional parallel implementations. Notice that this option,
although somewhat related to the architecture discussed above, is quite different. In this
implementation the solution of one case is share among all the workstations in the shared-
memory network, as opposed to each workstation running individual eases. The key idea here
is how to best apportion the DSA code among the workstations and how to manage the
communications among the machines to obtain the best possible performance for a particular
ran of the code. Tools such as p4, developed by Argonne National Laboratories, can be
considered for this purpose, p4 is a portable library of C and Fortran subroutines for
programming parallel computers. It includes feaOares for explicit parallel programming of
shared-memory machines, distributed memory machines, and shared memory multiprocessors
communicating via message passing [t3U93]. The PVM tool mentioned above can also be
used for this purpose.
This type of clustering requires extensive modifications to the DSA codes. It is necessary to
identify the proper locations within the programs where calls to the p4 or PVM primitives are
necessary to distribute the code among the processors. In general the target architecture is a
network of workstations. It is of interest to notice that once the effort of "parallelizing" the
DSA codes is accomplished, the same code may be executed on other parallel computers such
as the TMC CM-5, or the nCube which is described in the next section.
6.3 ParaHe| Co m~
A cluster architecture is an open heterogeneous computer system which is composed of
workstations. On the contrary, in a parallel computer is a tightly coupled computer system
which consists in a lot of CPUs in one integrated architecture. It is a very fast engine to solve
large problems in a homogeneous algorithm.
Typical example of a parallel computer for DSA applications
A digital power system simulator which was developed in TEPCO (Tokyo Electric Power
Company) is an example of the implementation of the DSA facility on a parallel computer
[TA92]. Their digital simulator was built on a parallel computer, coveting the analysis of
transient stability through long-term behaviour with a constant level of accuracy. At the
present stage, real-time simulation of their 491 bus system is realised on 512 parallel CPUs. A
user friendly man-machine h~terface mSmdcs the actual operating environment, including the
interactive settings of various system parameters and real-time data presentation on the CRT.
High speed A/D and D/A signal converters are also provided to connect the digital simulator
to actual equipment. Figure 6.2 illustrates the stracttu-e of the simulator.
- 45 o
Case
Scheduler
Data Server
Cluster
Cluster
Cluster
Node
Node
#1
#2
Node
" "
#3
Clients
Post-Processor
Cluster Architecture
The key feature of this simulator is the application of the hypereube computer which is the
most common type of the nCube. In a hypercube, each processor has its own memory and is
connected to other processors through a high speed communication network. The no
dimensionM hypereube computer consists of the 2
~
identical processors for modelling larger
power systems which makes it an attractive option to realise the much needed speed
advantage. Each processor corresponds to one bus, simulating the behaviour of all the power
system components connected to that bus such as generators (vhth the AVRS, governors etc.),
loads and transmission lines.
~ 46 o
EWS for
Human Interface
Hypercube Computer
Analog-
digital
Interface
Analog
Equipment
to be tested
~ure 6.2
- 47 -
CHAPTER 7
CURRENT DSA EFFORTS AROUND THE WORLD
This chapter presents the main DSA projects in development around the world.
7.1.
Transient Stabil~_[[~ Control SCS stem at Chubu Electric Power
Chubu Electric Power Company (CEPCO) has developed a new transient stability control
system (TSCsystem) for application to the trunk power (275-500 kV) system. The TSC
system prevents wide-area blackout by shedding optimal generators when a serious fault
occurs. The system performs detailed stability calculations based on on-line information
telemetered from the actual network, and it periodically evaluates the stability of the power
system against contingencies with high accuracy. It selects the optimum generators to be shed
for any power system configuration. CEPCOstarted the field test from August 1994, and put
it into service in ~une 1995.
Needs of the~
( i) Flexibility for any power system configurations (loop or radial),
(ii) Optimal generator shedding - based on off-line calculations and conditions of a
power flow and fault set in advance, there is a possibility of shedding surplus number of
generators,
(iii) Efficiency of power system operation reduces operator s burden.
The TSCsystem not only ensures system stability with high level, but also makes power
system operations independent from stability problems. This means system planners and
system operators can design various system configurations without reducing power supply
reliability. One of the reasons why there has been no commercial system that performs on-line
detailed stability calculations is because it is computationally expensive. To calculate system
stability with an adequate level of accuracy takes a few minutes for only one contingency
using presently available process computers. The TSCsystem must evaluate stability for only
about 100 contingencies within 5 minutes.
Methods ofs edin u calculation
( i)
Reducing lower power systems to an equilibrium simplified system,
(ii) A simplified calculation is adopted as the screening method and the detailed
stability calculation is omitted for apparently stable cases,
(iii) Using parallel processing by multi-proces,~r.
- 48-
Pre-processing
On-line data
acquisition
Selection of gene-
rator to be shed
Post-control
detection ....
shut-off
generau
TSC-P
p: Parent
TSCoC
C Children
TSC-T
T" Transfer Trip
Tasks for the future
Configuration of TSCsystem
(i) More speed-up of calculation- the calculation period is about 5 minutes, so for
some cases TSCsheds the generation ushag the previous result obtained 10 minutes earlier.
Reducing th~s delay is required,
(ii) Post-contingency calculation. TSCdetermines the generators to be shed before
fault occurrence, and fault scenarios are fixed. We use stepping-out-relays for such eases as at
now. To backup TSCsystem, we are studying post-contingency calculation system,
(iii) Total system- for supporting operators synthet/cally, we must take into account
the transient stability problem as well as the voltage instability or economic dispatching
problems.
H dro uebee DSA Proect
A software framework named ELISA has been in use since 1992at Hydro-Quebec for
mechartising a number of important off-line DSA tasks [MA93a], primarily the determination
of transfer and security Ikmits. The analysis criteria can be specified explicitly (transient or
long-term stability) and more constrair~g criteria can also be used (for example, if one
wishes to specify that the voltage must remakn " witNn certaha I/rrfits after a certain time at a
predetermined set of buses). The des/red pree/sion in the limit estimate can also be specified.
One of the more interesting contributions made in the course of this system s development ks
an attempt to categorise the high-level objectives and lower-strategies, methodologies and
details of DSA w/thout a rigorous taxonomy [MA93b] this taxonomy not only defines the
relationsh/ps between the various aspects of DSA, more importantly, it defines the language
- 49 -
of interaction between a DSA system (i.e. in this case ELISA) and the user. This opens the
door to implementing verbal DSA requests, a particularly attractive prospect for the
operations environment. Though a rt~dimentary binary search is used to perform the transfer
limit search process, experience has shown that this search strategy yields limits, on average,
v,4thin 5 or 6simulations. This system enables operations planners to free themselves from
time-intensive, routine but complex tasks, and concentrate on the more strategic aspects of
their responsibilities.
An advanced version of the ELISA DSA system has also been developed and is presently at
the prototype stage [MA95b]. Three new search strategies have been included within the
original system ha order to test the degree to which the transfer limit determination process
may be accelerated by means of existing technology. A key element of these accelerated
strategies is the estimation of transt er limits based on signal energy theory - in particular, it
has been found that a transfer limit can be estimated from the rms voltage waveforms obtained
from two step-by-step simulations of a normal contingency at different values of power
transfer [MA94, MA95a]. The theory also permits one to circumscribe the error in the limit
estimate. By adding this capability to t~he original ELISA search strategy, one f mds that
transfer limits can be obtained, on average, in less than 3.5 simulations. By combining this
new search strategy with the capability of running many simulations in parallel on available
workstations on a network, it is possible to determine a wansfer limit, on average, in less than
the time required for 2simulations.
Considerable work has also been performed ha the area of direct methods, such as the transient
energy function [FO88b] and the extended equal area criterion [XU89]. Though such methods
have traditionally been disadvantaged by difficulties in representing complex control system
as pointed out in [HI91 ], their proponents have long stressed the potential value of using such
methods in conjunction with other methods for accelerating security limit determination
[FO88b]. As described in [MN. 95], many attempts have been made at developing hybrid limit
search strategies, including those employing expert systems [FO91]. A successful hybrid
search strategy based on the transient energy function and transient stability simulations has
now emerged : energy properties are extracted from transient stability simulations, permitting
the calculation of the transient energy margin and, therefrom, a transfer limit (i.e. the " second
ldck" rnethod) in fewer than 4 simulations [MN95]. Th~s concept accelerates previous
automated limit search methods not only by reducing the number of simulations required to
determine a limit, but also through intelligent termination of simulations. This development
has led to the implementation of an on-line dynamic security analysis system for BCHydro
[DE94].
7.3
DSA at BC H dro and Powe~ ech L~ bs Inc. V~ ncouver CMnada
Transient Stability Assessment (TSA)
BCHydro has developed and implemented an on-line transient stability analysis package. The
package utilizes a thne-domain simulation engine, and a nurnber of peripheral techniques to
achieve speed and a high degree of automation [MN95]. Rule based approaches are used for
contingency selection to determine the outages that must be fully simulated. Additional
- 50-
intelligence was added in the expert system to take advantage of the relationship between
contingencies thereby reducing the number of cases for which f~all simulations must be
conducted. In fact, expert system tecl mology is embedded throughout the package to expedite
the analysis wherever possible. Special transient energy l~ataction (TEF) methods are
employed to provide early termination of simulations (to stop simulations as soon as possible
once the outcome is known) and to provide information about the proximity to instability.
This information is essential for efficiently finding the stability limits using time-domain
simulations. Aider each time-domain simulation ran, the stability margin calculated is used to
predict the necessary increase in critical parameter to reach the stability limit. In addition, the
package determines enabling of generation rejection required to ensure stability for
contingencies that cannot be made stable without post contingency control actions. For many
conditions in the BCHydro system, voltage stability rather than transient stability is the
limiting factor. The successful development of the TSA package, therefore, motivated the
development of a similar package for voltage stability assessment as described below.
Voltage Stability Assessment (VSA)
...
BCHydro currently uses off-line studies to determine voltage stability operating limits and
required generation rejection armings. The study results are loaded in to look-up tables for on-
line use. However, the required number of such studies is enormous. Establisbfing of the look-
up tables requires finding m x n lirrfits (some with remedial measures), where n is the number
of possible system states and m is the number of contingencies. The total number of lirrfits
needed (mx n) may run into the thousands. To add to the complexity, each Iimit may require a
series of PV or QV curves or, if remedial measures are needed, may involve several time-
domain simulations. The system states considered must include different loads levels, transfer
conditions, topologies, and equipment status. The contingency list must include all credible
contingencies established from experience.
If the studies can be performed on-line, the actual system state is known and the equivalent of
only one column of the m x n limit matrix need be computed (one state for m contingencies).
This represents an tremendous savings of effort and will produce more accurate results
because all studies are carded out using the actual system state.
PLI and BCHydro have begun development of key components for the engine of a full-
function VSA package. The engine will be used for on-line analysis of the current system
state as well as for analysis of conditions specified by the operator (test mode). The
computational engine is designed to be genetic to all installations, with built-in flexibility to
provide margins computed in a variety of ways (to allow adherence to various criteria). The
functions of the individual engine components are as follows.
Contingency Screening and Ranking Module It is h npractieal and unnecessary to analyze in
detail the impact of eve
D,
conceivable system contingency. Generally, on/y a limited number
of contingencies will be of immediate concern although these might be quite different from
the contingencies critical for transient stability, thermal overload, or voltage decline. It is
desirable therefore to be able to screen the contingencies such that a list of those most likely to
cause problems can be assessed in detail. These should also be ranked according to their
expected impact.
-51 -
Secure Region Module Operators need to know how far the system is from instability in
terms of key system parameters (such as load, transfers, or dispatch patterns) when subjected
to all the selected contingencies. This module computes the region in which the system
remains secure. In the case of simple systems this could be a simple two dimensional area
with axes corresponding to key parameter. In complex systems the region could be a volume
bounded by a hypersurface corresponding to the transition from stability to instability. If
insufficient margin is detected (ie the operating point is not sufficiently far into the secure
region), control actions are required to move to a more secure posture, or to arm controls that
will be invoked following the troublesome contingencies. Because accurately determining a
stability limit when only one parameter is varied can in itself involve significant computation,
generating the secure region when several parameters are varied and when many
contingencies are involved presents a formidable challenge for on-line assessment.
Preventive Control Action Module If it is found that the system has insufficient margin for
any contingency, actions must be determined to move the system state in such a way as to
create sufficient margin. These consist of pre-contingency measures. Even if the system is
found to have sufficient stability margin in, it is generally possible at any time to move the
system state to increase the security margin. This may result in economic benefits by
permitting changes in generation dispatch or the increase in transfers (import/export). The
VSA package should provide information regarding the change in secure operating region
with changes in various parameters, and strategies for increasing security for any given
condition.
Corrective Control Action Module " In the event of multiple (or severe) contingencies, special
corrective control actions may be necessary to prevent voltage instability. These are generally
impactive on customers (interruption or degradation of power quality) and therefore are
reserved for use in response to very severe system disturbances. The most common control
action of this type is load shedding. The VSA package must be able to determine the best
location and minimum amount required. Other control schemes such as b|ock~g to
transformer under-load tap-changers, or capacitor/reactor switching are also possible.
Time Domain Simulation Module This module will be used to validate corrective actions
(such as load shedding) and will also be used to run specific detailed simulations in Test
Mode). Whenever detailed chronology of events is important, this module is used.
Conventionally formulated t~me-domain simulation programs are much to slow for on-line
use and therefore a highly specialized method is required. The program must run extremely
fast and be capable of capturing dynamics and timings important for voltage stability.
T-he development of the engine components described above is to be completed and will be
extensively tested in simulated on-line environments by four host utilities to be selected at a
later date. As this is designed to be a portable engine, the development phase will be followed
by an integration stage in which the engine is installed in selected utility EMS environments.
- 52 -
E
t~
7.4.
~ France DSA Proiee~t
EdF DSA project is essentially composed of two parts "
The first one, which is finishing, aimed at easier the actual transient stability studies which are
realised in operation planning for the national grid. It consists in two actions. The ftrst action
is the development of a special gateway, between the time domain simulator in use in EDF
and an operational database. This gateway gives access to real pictures of the network,
whereas dynamic data are provided from a second database. Thus, operational studies can
directly be made on the basis of very realistic configurations. The second action is the
development of a specific critical clearing time computation procedure, which is based on the
use conjointly of a direct method (developped in collaboration with University of Li6ge) and a
traditional time domain simulation software, the direct method being ordy used to initiate the
computations.
As a consequence, the studies durations have been shortened and operation problems can be
addressed in a nearer future (from a week to a few days) and in a systematic way.
The second goal of t.he project, which is beginning, is to experiment a dynamic time domain
simulator in regional operation plarafing studies, in order to demonstrate the added value of
dynamic simulation tools compared to the traditional approach based on an active-reactive
loadflow. This experimentation is based on a software originally developed by the University
of Li6ge (ASTRE) which is a fast voltage phenomena simulator with some specific analysis
functions such as the consumable active power margin (before voltage collapse) calculation.
This margin is a measure of the distance to the voltage collapse of the system.
The experimentation started up with a voltage study. Different solutions were compared in
order to increase the voltage plan and the consumable active power margin. The number of
generating units in the system, their levels of active/reactive production, the compensation
means and the voltage setpoint on a pilot point (secondary voltage control) in the a.,~.a are
some of the parameters which were analysed with the software. The simulations were
played with the soWovare Eurostag. The errors were approximately of 1 kV for the 400 kV
voltages and 50 MW t-or the active power margins. The first results were found consistent by
the operational engineers. Thus, the experimentation will now enter a more intensive stage
and will be extended on another part of the French power system.
In March 1992, the National Grid Company pie (NGC) initiated a tta~e-year research project
with the University of Bath through the then Science and Engineering Research Council (now
Engineering and Physical Sciences Research Council o EPSRC) under the Electricity Research
Co-funding Scheme. The alms of t~he project were-
(i) To do research leading to new algorithms that can utilise a real-thee
electromeehanical power system simulator (previously developed at the Bath University
Power and Energy Systems Group) to determine transient and dyp~mic stability ranking of
contingencies for complex power systems.
- 53 -
(ii) To create a DSA facility that integrates the above new algorithms with
appropriate hu.rnan computer interfaces in a distributed, heterogeneous, parallel computing
envirom, nent.
The standard laboratory scale power system model, a 20-machine 100 busbar reduced model
of a snapshot of the NGC system with 838 contingencies, were simulated extensively at the
University befiore field trials at National Control Centre in November 1994. During the field
trials, system snapshots approximately 900 busbars and 100-140 generators (depending on
system loading) were studied.
For the field trials, the DSA facility was installed on a single Silicon Graphics Indy
workstation. The Indy was directly covmected to the operational ethemets and used a file
transfer program to download the latest power system state information from one of the EMS
computers. A database of 10 severe contingencies was compiled by NGC engineers and the
cycle time was approximately two and half minutes.
The objectives identified earlier for the field trials "
To determine the requirements for interfacing the DSA to the EMS,
(ii)
and,
To assess the performance of the DSA within the NGCs on-line environment
(iii) To assist in defining the MMI requirements,
were all achieved. As a result of this success, future extensions of the project, for operational
applications within the NGC, have been identified. Also, the University of Bath have
investigated the use of ANN for transient stability screening for the full NGC system. The
results achieved from the exercise are encouraging.
7.6.
A first nue|eus of DSA at ENEL
A project aiming to include in EMS a certain number of ftmetions for assessing in short time
the system dynamic sectu"ity has been started at ENEL.
The first and more important function consists of an updated version of power system time
domain simulator. Therefore, the SICRE power system simulator, in its third version
including very sophisticated modelling of system protections and automatons, has been
located in the Control Room of the National Control Centre. Directly connected to the EMS
system, the SICRE simulator can offer to operators a valid tool for assessing the system
dynamic security, starting from operating conditions acquired in a relatively short time (about
15). A preventive check of the dynamic response of the system following severe
disturbances, allows the dispatchers to operate the system in more stressed conditions with
economical gain but still guaranteeing security.
54-
The operator has the possibility to examine in detail contingencies chosen by himself, or to
run contingencies predefined on the basis of a list taking into account the automatic
emergency control action of load/generation discomaection, following line tripping in critical
interfaces,
Another function included, and in testing stage, consists of a direct met~hod, based on the
concept of transient energy function, aiming to screen the overall set of n-I contingencies
from the view-point of transient stability.
The project should lead to realise a number of integrated functions for a complete analysis in
time as short as possible of the dynamic security conditions of t~he power system.
7o7~
Procot JOULE II : JOU2-CT92.0053
European Commission, Directorate General XII for Science, Research& Development
in collaboration with PPC
"Development and Implementation of an Advanced Control System for the Optimal Operation
and Management of Medium Size Power Systems with a large Penetration from Renewable
Power Sources"[JO95].
CENTRE DENERGETIQUE - ARMI"NES, FRANCE
NATIONAL TECHNICAL UNIVERSITY OF ATHENS, G~ECE
AMBER S.A., GREECE
RUTHE~ORD APPLETON LABORATORY, U.K.
INESC, PORTUGAL
IPA S.A., ROMANIA
Within the JOULE-II European Community research pro~e an advanced control system
for medium size isolated power systems with high utilisation of renewable energy units has
been installed on the Greek island of Lemnos. The control system provides on-line assessment
of the dynamic security of the system for fast wind power changes. Despite the small size of
the system, a full time simulation of wind disturbances cannot generally produce practical
results for on-line use, especially when various wind disturbances need to be simulated.
Moreover, the control system equipped with relatively limited computing power has to deal
with several other tasks, that prevent the on-line execution of dynamic simulations in due
time. For tb.is reason, the application of fast methods, namely Decision Trees (DTs), Artificial
Neural Network (ANNs) and Pattern Recognition (PR) methods has been explored.
With the learning Set and Test Set used all methods achieve a total classification success rate
higher than 95 %, which renders them very suitable for the on-line dynamic security
assessment of autonomous power systems with high penetration from renewables. It is proved
that AWNs not ordy can provide security evaluation in terms of two classes, but they can
-55-
emulate the actual frequency excursions experienced by the system for the selected
disturbances with remarkable accuracy.
Based on the above results, the on-line Dynamic Security Assessment capabilities of the
Lemnos control centre are currently provided by two modules, each serving a different
objective. First, during the planning of the system operation by an economic dispatch module,
the dynamic security of each of the proposed schedules is evaluated arid the implementation
of operating plans that might result in large frequency excursions or loss of syncbaonism, in
ease of severe wind power disturbances, is prohibited. For this purpose Top Down Induction
of Decision Trees is used, due to their capability of providing explanation in the form of rules
and their greater suitability for corrective control actions, in ease a potentially insecure
situation is detected. Second, a real-time quantitative evaluation of the system security for its
current operating state is provided, expressed by its frequency deviations if a preselected wind
power disturbance occurs. Tiffs is acb.Jeved via ,adqNs. In tiffs way, the operators of the system
are notified for its security and preventive control action can be taken, if it is considered
neeessary.[HZ94a] [HZ94b] [HZ94c] [I-LZ94d]
- 56-
CHAPTER 8
TECHNICAL CHALLENGES AHEAD
This chapter presents the main technical challenges ahead. Some are relative to computational performances, in
8.1, and 8.2, this last paragraph describing the issue of system size reduction the interest of probabilistic
procedures is presented in 8. 3. 8. 4 analyses the advantages and disadvantages of preventbae and corrective
controls. 8.5 concerns the validation procedures. The three last subsections address difficult ard important
challenges for the future (advanced interfaces, limit search strategies, security theory and criteria).
8.1o Necessa corn utin s eed-u s
One final target is to realise the on-line faster-than-real-time dynamic security assessment.
The need of speed and size of power systems to take in an account will be increased as the
performance of computer gets higher. The requirement for computing speed-ups will
continuously exist. Among many technological developments in computer, parallel processing
is now a hopefid one to get high speed. A parallel processor sometimes has its special
language and hardware architecture. But it will be more common. It will be expected to realise
the on-line faster-than-real-time dynamic security assessment. Technology will advance day
by day, but the security assessment is an eternal theme in power systems. Requirement of
computing speed-ups will also be an eterr~ subject.
Faster-than-real-time (FTRT) computing, an emerging reality, has the potential to generate
fundamental changes in operating philosophies if such technology is used to close the
dynamic security assessment and control loop in real-time.
For example, when a contingency occum, FTRT computing can determine whether the system
is able to sustain the contingency before it as fufished responding to the contingency itself: if
it is, nothing more is required ; if it is not, the amount of load shedding and generation
rejection required to restore system integrity is determined by finding the transfer limit
relative to the known contingency. Other possible strategies might include changing control
settings on Flexible AC Transmission System (FACTS) devices which may be in a position to
address the problem provided that t~he settings are optimized momentarily for a specific
contingency. Such strategies, of course, require the software wtfich will use real-time on
FTRT hardware effectively and this requires, in turn, new indicators for on-line monitoring,
analysis and control of each of the basic problems of DSA.
8.2. .System size reduction
In the context of DSA, demarcating the relevant region of a large power system is a question
of great concern. A prh-nary incentive comes from t.he "curse of dimensionality" and the
interest in reducing their computational burden by reducing the power system size while
presereing its "relevant" parts. Another interest in defmis~g the relevant region is linked to
sensitivity type of concerns ; for example, when an important power plant deserves particular
-57.
attention, delimiting its "study region" allows avoiding tmnecessary bulky explorations by
focusing on the parameters of this region.
System size reduction essentially proceeds in two steps identification, and model reduction.
Identification
j
aims at determining those elements (or parts) of the power system which
should be kept intact, as opposed to other parts which may be reduced or even suppressed.
Model reduction, on the other hand, deals with the building of dynamic equivalents, e.g. by
aggregating system elements (generators, loads, ...) or eliminating eigenvalues. Obviously, the
two steps are interdependent, and the quality of the resulting reduced system depends on the
adequacy of their combination.
In what follows, we first present a general procedure that could describe most of existing
approaches, and then we give a rough outline of the main classes of techniques.
First :of all the procedure takes into account the two aspects (See also Fig.8.2). Near the
boundaries of the "system under study", that is of the system in which disturbances are
simulated, a part of the remaining system (denoted as the grey zone) is used as a buffer zone
and is preserved in detail to obtain a correct dynamic behaviour for the under-study system of
the reduced system. The remaining part of the external system, where the large perturbations
applied on the under-study system have a very small influence from the viewpoint of
eleetromechanical transient and voltage stability, is reduced by resorting to a multi-area
dynamic equivalent.
A possible equivalence procedure that may be suggested is presented in the following.
For most of approaches, a linearized system of a classical system model is used at this step.
The claim is that the st~t~e of system-wide dynamics in the power system is substantieally
reflected in the electromagnetical modes of a simple linearized undamped swing,equation
model of the system.
Identification in this context has a different meaning from "system ident~u:ation
~
where the concern is on the
building of equivalent external systems without knowing their detailed structure and parameters.
- 58~
System under
study
Grey zone
External
system
Figure 8.2 Identification
The eigenvalues-eigenvectors computation (relatively fast and easy due to the drastic
simplification in system dynamic modelling) makes possible the L, aowledge of the periods of
the electromechanical oscillation modes and, for each mode, the ratio among the oscillation
amplitudes of the generator speeds. In particular, the set of the "inter-area oscillation modes"
is singled out : for this set, the generators having the same amplitude are identified (every
technique uses a different criterion at this step) and coherent groups are formed. Based on this
decomposition, one or several groups are then selected to be the steady group and the
remaining groups compose the external system to be reduced. Each coherent group comprises
generators that are considered to be "electrornechanically coherent", that is to have nearly the
same oscillation amplitudes on the modes relevant to the "inter-area oscillations".
2. Reduction
Once the areas of the external system to be reduced are defined, the computation of the
dynamic equivalem of each area is made, sta.~ng from a "basic" load flow results, under the
following hypotheses : the loads are represented by means of constant admittances, the
generators belonging to the same area are supposed to be coherent, both in terms of rotor
speeds and in terms of frequencies at generator-terminals.
The above hypotheses allow to retain the following basic equivalence
property ~ the simplified or reduced model of the external system maintains unchanged the
values of real and reactive power flows on the interconnections among the areas, both from
the static and the dyna~ufic points of view.
Afterwards, each equivalent generation node is equipped with an equivalent generator
(reactanees and time constants along the d and q axes), an equivalent voltage regulator
including power system stabilisers and an equivalent speed governor. The parameters of these
equivalent components are evaluated on the basis of typical and standard values.
As a conclusion, it is worth noting that-
- 59 -
a) Even if the procedure is basically oriented to electromechanical transients and voltage
stability phenomena it is intrinsically valid also for the "mean frequency transients" thanks to
the presence of a detailed representation of speed governors and supply systems in the
network under study as well as in the grey zone and to the equivalent speed governors in the
multi-area equivalent. In particular the LFC is considered without simplification in the overall
system.
b) The multi-area equivalent is computed starting from a "basic" load flow situation. For
different static conditions the multi-area equivalent is assumed to remain constant in terms of
swt~eture and parameters, while variations on equivalent delivered powers and on the
equivalent loads, for each area, are taken into account in order to match with the new
operating conditions.
Descfi tion ofthe main a roaches
Approaches based on generators coherency. The notion of generators coherency dates
back to Kimbark [K.I48]. It is on the basis of many approaches which often have common
features with others (singular peaurbations, modal analysis, generators coupling and distance
measures) [LE73], [SP76], [PO77], [SP77], [OS78], [PO78], ~O79], [HI81],
[WU83], leA84], [HA88].
Singular Perturbation. Tiffs approach was developed in the context of taansient stability
by the group of Kokotovic, Avromovich, Chow, Winkelman [AVS0], [WIS0], [WIgl],
[CH82]. It relies on the decomposition of the dynamical phenomena into two thee-scales,
their separation into fast and slow dynamics, and the resulting mathematical decomposition
into two subsystems. This allows reduehag the dynamic system size by transforming the
subset of fast dynamic equations into algebraic ones.
Based on this approach, the "slow-coherency" technique is aimed at identifying the groups of
machines which are "slowly coherent". Accordingly, a set of coherents groups is chosen to be
the study system and an equivalent machine is built to replace each external coherent group.
Modal Analysis. The method consists of lineafizing the external system to identify the
non-domhaant modes, i.e. the modes which are not sigrfificant for the considered distt~-bance.
[UNTI.a], [UN71b], [SP75], [SP76], [GE87], [SC87]. The nature of be eigenvalues associate
to the~non-dominant modes suggests how to eliminate or negteet them.
Selective Modal Analysis is a variant of this approach for large systems, developed by Perez-
Arfiaga, Verghese et aI.,[PE82], [VE82], [SA88], [PE88].
Synchronic modal equiva|enc~g for st~ctu~ preserving dynamic equivalents, This
approach proposes dynamic equivalents for detailed models described ha structure preserv;,.ng
differential/algebraic equation form. It grows out of slow-coherency and multi-area selective
modal av.atysis, to define a study area that is kept intact, and extervatl areas, then to retain a
detailed model for a single reference generator from each external area ; the dynamics of the
remaining external generators are modally equivaleneed [R.A93], [RA94], [VI94], [RA95a],
[R~95b].
o 60 -
Distance measures approach. The objective here is to decompose the power system into
zones "concentric" v,4th respect to the region where the disturbances are applied. To this end,
distance measures are used, which aim at appraising the relevance of the generators with
respect to the region of concern. Among the many contributions in this area we mention Lee
and Schweppe [LE73 ], [SP77], Pai and Angaonkar [PA84] and Spalding [SP76].
Different types of distance may be used, and in the case of the composite electromechanical
distance, several kinds of distance measures are combined to determine the generator
relevance, [BE89], [BE91a], [BEglb], [BE93], [HA95].
Statistical approach. This approach departs significantly from all previous ones. It relies
on unsupervised lemming and comprises tahree steps " (i) generate operating states via a
random sampling approach so as to screen all situations deemed relevant ; (ii) pre-analyse
each state by numerical computation so as to compute the relevant electrical parameters ; (iii)
apply automatic unsupervised learning technique to extract the information sought about
electrical regions. Among various such techniques used in [WE95e], we mention the Kohonen
self-organising-feature.map.
Discussion
A major incentive to size reduction teeb~niques of large-scale power systems is the non-
linearity of the phenomena and the resulting curse of dimensionality and related
computational burden. At the same time, the non-linear character of the phenomena make the
problem terribly hard.
The sheer number of approaches investigated so far testify of the interest and the difficulty. In
particular, approaches relying on lineafization and/or coherency require important validation
efforts. This applies to each power system, and within a power system, to each new topology.
Another question of concern is how to make a met~hod work in real-time : many of the
methods seem very burdensome, indeed.
Nevertheless, among the large variety of existing approaches it may be possible to find
various satisfactory ones for various power systems and specific needs. Human expertise
provide useful, if not indispensable additional pieces of information.
The statistical approach proposed recently aims at alleviating most of the difficulties of
previous approaches but does not escape the general need - it also heavily relies on human
expertise, especially for the proper data base generation.
Final remark " besides system size reduction, the techniques discussed in this section may
receive various other interesting applications in the context of power systems dynamic
security, such as the identification of relevant real-time measurement (e.g. pilot nodes or
phasor measurement locations) and mitigating controls.
-61 -
8.3.
Probabilisfic _rocedures
Probabilistic vs. deterministic securi assessment
In general, power system security assessment aims at taking decisions so as to reach an
appropriate compromise between operating costs and robustness with respect to possible
disturbances. The very probabilistic nature of power system security (dynamic and static) has
been well recognised since the early days of power system operation and control [DY67]
[FI78] [SC78]. However, even today this problem is still essentially approached in practice in
a deterministic fashion, as described in Fig. 8.3.
1. Assumption of a given well defined pre-contingency state together with a
power system static and dynarnie model.
2. Definition of a contingency list which is essentially a rather small subset
of all possible disturbances (e.g. the three-phase fault umbrella, the N-1
rule ...).
3. Choice of a criterion of acceptable post-contingency performance (e.g. no
loss of synchrordsm, voltage levels and frequency within deterministic bounds
4. Declaration of the system to be secure if all contingencies in the list lead
to acceptable performance, as simulated.
5. Operation within the above security constraints and possibly
optimisation of economic operating cost therein.
Deterministic security ~ssessmen~ framework
Note that in order to make sure that this approach leads indeed to a sufficiently robust system,
given that many among the possible disturbances are not explicitly considered arid given the
unavoidable modelling errors and other approximations, the list of contingencies as well as
the pe~fformance criteria have to be carefully designed. This is generally done in a utility in a
problem specific fasbAon, and updated from time to time, when new problems appear. While
certainly under-optimal, this approach has now been w/dely accepted and used in practice.
- 62 -
One step further would consist of using a probabilistie framework, in order to enable one to
model ~ the main factors which should influence the decision making process. This
may be approached as is described in Fig. 8.4, showing the steps leading to the evaluation of
alternative decisions, in terms of their impact on the operating costs and economic risks
generated by disturbances. Notice that the trade-off between normal operating costs and
security will be a consequence of the choice of a risk function.
I. Assumption of a prior probability distribution of possible pre-
contingency states (st) and dynamic models (m) of the power system, depending
on the decision making context and the information available therein .
p(st, m/ctxt, info).
2. Asstunption of a conditional probability distribution of all possible
disturbances (dist) according to the context and the information at hand (this
could model faults as well as random load variations)- p(dist/etx-t, info, st, m).
3. Definition of a severity function, which evaluates the expected
economical consequences of a particular disturbance (e.g. taking into account the
various costs of load-shedding, voltage and frequency degradations, brownouts,
...)" Severity (st, m, dist, ctxt, info).
4. Evaluation of the overall risk as the expected value of the severity
5. Evaluation of a decision by summaing its expected effect on the operatk~ag
cost, on the one hand, and on the risk, on the other hand.
F_j~re 8.4
ProbabilisCic security assessment framework
A main outcome of this probabilistic framework is that the impact of a disturbance on
decision making is now ~ by the probability of the system being in.a certain state, the
probability of the disturbance occurrence and its impact in terms of global economic
consequences. The probability of occurrence may vary with equipment |oeation and
comiguration as well as with the meteorological conditions. The economic consequences may
be small (e.g. loss of a small plant without important variations in frequency and voltages) or
large (e.g. a partial blackout in a region).
Another very import.ant aspect is that by requiring probability distributions instead of precise
values, the probabilistic approach obliges the user to model his degree of ignorance, not only
on the state and dynamic model of his own power system, but also on its environment
(neighbour utilities, customers ...). This allows him to randomise the information which is not
perfectly known in a given context (e.g. unobservable parts such as neig,hbouring utilities or
badly defimed modelling aspects such as load behaviour ...). On the other hand, it allows him
- 63 -
also to assess the effect of information gathering on this ignorance (sharper probability
distributions).
Finally, the probabitistic approach is fairly general and may in principle be used in an
integrated fashion at the various steps of decision making, from long term system planning to
real-time decision making.
Difficulties of the robabilistiea roach
In the last twenty years much theoretical progress has been made, e.g. in exploiting
probability theory for decision making in intelligent systems. However, the major difficulties
inherent to the probabilistic approach to power system security assessment are practical ones.
Indeed, the first major difficulty concerns the data collection problem, in other words "How to
develop good enough probabilistic models of the power system ?". This question entails, on
the one hand, the gathering and processing of statistical information about p~wer system
states, models and disturbances, and, on the other hand, the use of engineering judgement to
fill inmissing information. In this respect, the good news arc that utilities start collecting large
amounts of real-time data in a systematic fashion, which may be easily stored thanks to the
low cost of modem storage devices. Further, automatic learning techniques are progressing
and will hopefully allow one to extract the required probabilistie models from such very large
data bases.
The second difficulty lies k,a the definition of a risk function, which requires the economic
evaluation of (short term and long term) consequences of a disturbance, in particular the
customers perception of service interruptions, and quality variations. This is certainly a non-
trivial a problem. Further, in order to assess correctly the risks of certain very large
disturbances, it may become necessary to develop more detailed arid more global dynamic
simulation models than those used today in sectwity assessment.
The third difficulty is related to computational aspects, in other words "How to compute the
expected risk with sufficient accuracy ?". Whatever its precise definition, the risk is
essentially a non-linear, highly complex function of the state and the disturbance, and its
computation via brute force would involve massive numbers of Monte-Carlo trials, consisting
each one of one or several detailed numerical simulations. The ~e challenge will be to
develop integrated frameworks combining screening tools and detailed simulations in order to
make t~s possible. Again the good news come from the hardware resources side" first of all it
is worth to notice that the Monte-Carlo simulations are very easy to parallelize ; second, when
compared to the possible economic earnings computing powers are excessively cheap today.
- 64 ~
Another related question concerns the extraction of decision making strategies from the
Monte-Carlo simulations, in other words "How to identify decisions leading to a better
economic trade-off between risk and operating costs ?". In this context again, the automatic
learning techniques will be valuable tools in order to extract and exploit useful information
from the Monte-Carlo simulations.
Promises of the ~ilistic a_gt2proach
Power systems tend to become larger and larger with more and more sophisticated devices, in
particular more and more effective emergency controls and defence plans mitigating the
possible consequences of distuxbances.
These technological changes lead to intrinsically more robust and more economic systems,
but the economic pressure is growing even faster, which leads towards operating closer to the
present day deterministic security limits. Within this context, the probabilistic approach
provides a promising framework for the objective arbitration among alternative decisions.
Further, in the present days tendency towards free third-party access to the transmission
systems and increased competition, the number of decision makers will grow very quickly. In
order to ensure co-operation among these latter, information sharing (i.e. information trading)
will become a major concern in future power system planning and operation. Here also, the
probabilistic approach may be useful in allowing one particular decision maker to evaluate the
economic impact of information (about neighbour utilities systems and strategies, customer,
environment ...). This is a prerequisite to information trading, since it allows one to evaluate
the economical payoff for information and therefore the price one is ready to pay.
In terms of research, we quote some of the pioneering work done in the eighties [BI80]
[AN83] [WU88] as well as some more recent publications [AL91] [-FI94] [WE96c] [JA95]
[MC95b] [IR95]. Clearly the very rapid changes in the power systems industry, together with
the important progress in information processing theory and hardware, will lead towards
making the probabilistie approach sooner or later at the same time feasible and necessary.
8.4.
Preventive vs. corrective controls
The overall security assessment task comprises the three following items.
1. Analysis. Is the system smfSciently secure with respect to all credible contkngencies,
and if not, which are the most dangerous contingencies ?
2. Sensitivity analysis. Which parameters changes would influence most strongly the
security level, and how much ?
3. Control. Which actions are the most appropriate to improve the security level, or what
are the margins in terms of variables which can be controlled by the operator ?
~ 65 -
One main subject of DSA is thus to know the current operating point and its margin to keep
the dynamic security, then to suggest the way to secure from some troubles after disturbances.
The DSA fianction is simplified as shown in Fig. 8.5.
Dynamic Security Limit
Stable Area
~ Unstable Area
Margin
)~ Operating Point
Fig 8.5
In most cases there are two different types of possible control actions.
1. Preventive actions. To move current operating point to get the large margin of
security as shown in Fig. 8.6. These consist of acting on the system in its normal state, so as to
bring it back within the security constraints or to improve its security margins.
2. Corrective ~cfions. To enlarge a security limit by changing power system condition
when a fault or severe disturbance occurs as shown in Fig. 8.7.These consist of waiting until
the contingency occurrence in order to act on the system (in the emergency state), quieldy
enough to mitigate the impact of the contingency.
Stab|, Area
Dynamic Security Limit
..
....." Operating Point
Stable Area
Unstable Area
Operating Point
Fig. 8.6
Fig. 8.7
Ideally, the best compromise among these ~,vo schemes should be decided by the operator
depending on the information at hand.
- 66.
The advantage of preventive control is flexibility and available time. Hence, many different
control options may be investigated and the operators expertise may be called upon in order
to select the optimal one. The main disadvantage is economic impact, since typically a
preventive control action will lead to a higher operating cost, even though the constraining
contingency may be very unlikely to occur.
Emergency control may therefore reduce operating costs by acting only on purpose, when
contingency actually occm~s. In the context of DSA, the main difficulty of emergency control
is the necessity to react very quickly, faster khan the physical phenomenon itself which is
being mitigated (particularly for transient stability problems). Typical emergency controls are
for example
, the tripping of a number of generators in an hydro-plant within fractions of a second
after the fault clearing, to avoid loss of synchronism of the whole plant,
capacitor or reactor switching, or tap changer blocking, useful in order to avoid voltage
collapse,
. load shedding schemes, e.g. to avoid voltage collapse or low frequency problems.
Whether a given such emergency control is a routine action or an exceptional one will depend
on the operating policy of the utility.
There are different strategies for implementing emergency control schemes depending on the
time frame of the phenomena which are covered (from fractions of seconds, to minutes and
tens of minutes) and on the type of problems which are tackled (e.g. local vs. global
problems). One may distinguish between-
1. Fully automatic, last resort system protections which rely on real-time information
only (e.g. the French defenee plan, which isolates from the UCPTE network a region loosing
synchrovSsm and co-ordinates load shedding in the remaining system and the transient
stability control system of Chubu Electric Power Co. which sheds optimal generators selected
by on-line stability calculation for preventing wide-area blackout at a serious fault).
2. Semi-automatic actions, which are .armed in preventive mode in. particular system
conditions and associated with particular disturbances (e.g. the generation shedding system of
Hydro-Qudbec, which trips 1, 2 or 3 generators in a Hydro-plant upon specific line faults, in
order to avoid loss of synchronism of the whole plant).
3. Manual controls (e.g. Nleviating line overloads via corrective switching).
The first type of systems are designed off-line by system protection specialists. The last type
of controls concern only the very slow phenomena, which fall out of the scope of this Task-
Force. -
The main parameters of the second type of systems are also designed off-line by speeiNists.
However, on4ine during normal operation the operator is in charge of taking some simple
decisions, e.g. whether to arm the emergency control, and maybe which action to proge-~rn. In
- 67 ~
this context, the on-line DSA function should ideally provide the appropriate support to the
operator for choosing between preventive a_rld emergency control, and for determining the
appropriate controls of either type.
In the shorter tern-t, we believe however that the deterministic on-line DSA function should
also provide some simple support, in order to help the operators to choose among preventive
and emergency control, and to determine the appropriate amount of control. It is worth noting
that the problem is likely to require a utility specific solution. In the long term the
probabilistic approach discussed in paragraph 8.5. should provide a systematic tool to arbitrate
among preventive and emergency control.
Projecting even fitr~er into the future, it can be anticipated that the underlying philosophy of
power system operations is called upon to undergo a fundamental shift when faster-than-real-
time (FTRT) dynamic security assessment is inserted into the power system control loop -
essentially, the very concept of operating security limits may no longer be necessary, given
the occurrence of a real contingency which has just been cleared, an FTRT simulation of the
same contingency would take place in order to determine whether the power system is stable
befo~e~the power system has had time to respond in real time- if the system is found stable,
the contingency can be sustained without loss of load. If not, the best corrective action is
determined. For example, the transfer limits are computed in order to estimate the amount of
load and generation which must be rejected to ensure system survival.
85
Va|~dation rocedures
For the validation of the entire DSA procedure, one can think of making a series of validations
connected to each other. Defined time domain simulation as the main tool for carrying out
DSA, as power system simulator is able to reproduce the dynamic behaviour of the power
system with the highest fidelity, all the other functions, generally simpler but faster, should be
tested and validated through comparisons with the simulator.
Concerning the validation of the simulator itself, a systematic procedure of comparison
between transients, obtained through simulations, and corresponding transients, derived from
experimental recording, should be orgartised. Real and reproduced transients, caused by
elementary perturbations, should be frequently compared so that one can choose the most
proper component models, upgrade data and trust results and simulation use.
A further advantage of such activity is an increased ability in assessing a correct error margin,
which is always connected to the use of a simulation tool, however it is refined in terms of
component modelling.
Using the simulator as a reference model, one can start validating the various fimetions
utilised during the various phases of DSA procedure. Stated that such functions are used for
preliminary analyses in order to select and screen contingencies, systematic comparisons with
time domain simulations can provide useful indications about their precision and the
complication to be introduced in modelling.
68-
For example, concerning methods based upon TEF functions, a relatively simple (i.e., the 2
nd
order dynamic model for synchronous machines) power system model is usually used. In
todays power systems the classical model is of limited validity, even in the analysis of first
swing transients, mad some improvements in the modelling of components have been
introduced in the TEF method, mainly concerning synchronous machines and excitation
systems.
In developing new power system models to be included in TEF method and in comparing
time simulation results with that obtained by means of TEF method, the following issues have
to be considered.
As the TEF method is used to determine first swing transient stability, modelling
improvements of interest are those able to get a better accuracy of the results during the first
swing transient.
. Transient stability analysis through time simulation is performed by analysing the
system variables of interest during the transient and the system behaviour in terms of stability
is decided by examining the time response of these variables and/or verifying topology
changes. In the TEF method the transient system behaviour is examined through the transient
energy responsible for the separation of one or more generators from the rest of the system.
Therefore, in the TEF method model improvements are of interest only to the extent that they
give a better estimate of the relevant system transient energy duhng the first swing and new
components or more detailed system descrption are needed if some information has to be
acquired in terms of topology modifications due to protection or automaton interventions.
Regarding the modelling complexity, the critical questions is whether the model used is able
to capture the important phenomena which govern the system dynamic behaviour in the
period of interest. More complex: models need more data than a simpler mode[ and a simpler
model for which the parameters are known with confidence may be better than a more
complicated model with inaccurate data. But a simpler model is in general more approximated
and, consequently, less able to reproduce phenomena of interest. Therefore, even .if simple
model are generally conservative, a valid criterion to be followed is to try to validate models
with the highest degree of detail so as to reproduce for the better the experimental ~msients
and only afterwards introduce margin of safety.to guard against tmcertainties.
Concerning direct methods for transient stability analysis two approaches have been
followed" one analytical and system-theoretic based ; the other practical and using also
simulations. According to many researchers, both routes have reinforced each other. Indeed,
the current state of the art could not have been reached without key contributions achieved in
each route. Anyway, the problem is still open about the validity of results obtained using
simulation based reasoning, which have yet to receive solid analytical proofs and how good
are the analytical theorems which give impractical results.
Each of them presents some doubts about the validity of results. The analytical one doesnt
give good results from a practical point of view while the simulation-based approach is
lacking in anal~ieal proofs. Therefore both of the two approaches have to be continuously
tested to meet performance criteria established by means of time domain simulation.
o 69u
8.6. Advanced Interfaces for th~nv~ronment
The system control environment offers a considerable challenge to energy management
systems in many areas, not the least of which is the implementation of appropriate interfaces
enabling operators to access the data, in.formation and advice they require to ensure the correct
operation of the system. Most system control envirorm-tents today employ human-machine
interface paradigms based on multiple monitors, pointing devices and large transmission
system mimic panels. Such interface strategies sorely tax the capabilities of power systems
operators who must often deal with circumstances which challenge a) their ability to find the
correct information they need in very little time, b) their memory, c) their ability to translate
theory into practice, and d) their capacity to analyse situations, correctly synthesize the cause
and propose solution while under considerable stress. This implies that much remains to be
done in this area, not only in the system control room, but in the area of operator training
systems. Perhaps it will not be enough to continue the incremental development of existing
conventional interfaces, but to explore new avenues such as irrunersive, virtual reality ~R)
interfaces in order to deal with all of these complex issues. For example, rather than
interfacing with complex computer systems and software through pointing dev/ces, it may be
more effective to use speach synthesis, where a running dialogue is entertained with the
energy management system. VR has so far been used in simulator technology and such
simulators have begun to emerge in various areas such as scientific data visualization [BR93],
medicine [HN93] and robotics applications [MI94] though the best known VR simulators are
certainly commercial flight simulators lAD94]. Notwithstanding the fact that published
results on the efficiency of VR training technology are rare, existing commercial
implementations give convincing evidence of the economics and efficiency of the approach as
compared to conventional methods [AD95] [AD93]. Some have already shown the feasibility
of developing such interfaces in the power field, as in the case of a ~ reality (VR) station
operator trainLag system known as ESOPE-VR [OK96] this trah~g system places the
operator inside a virtual world ha which he or she can nay/gate and interact with station
equipment as if the latter were real. Trainees can practice all necessary switching operations ha
complete safety, while maint~ning a high degree of realism. A speech-recogrfit/on system
allows for complete control of the lmhaing session by the operator trainee and prov/des a
written log of all operator actions, wh/le sound immersion adds realism to the v/rt~ world.
A particularly unique feature of ESOPE-VR is the generation of three-directional station
models:from single-line diagrams by mcnms ofan automated conversion process: th/s permits
an operator to be trained economically for a large number of stations. In the short term, one
can certainly env/sage decision-support tools as interfacing with the operator in similar ways.
In the very long term, one can imagine the tables being tamed, the human operator being the
"expert system" of a.n intelligent energy management system, the "brains" of the power
system.
8.7. Limit Search Strate "es and Techno|o "es
Though real-time simulation is a corranercial reality ~dL91] [GG94], conventional dynarrric
secur/ty analysis requires such large numbers of time domain simulations that faster-thanoreal-
t/me simulations are now regarded as essential for such analysis to be effective in the system
operations environment. Nevertheless, it is also believed that hardware costs can be reduced
significantly if effective search strategies can i) reduce the number of time-doma/n
- 70 o
simulations required to find tr~.sfer limits and ii) employ lower cost, networked computers as
opposed to specialized, parallel-processor hardware.
To address the issue of minimizing t.he number of simulations, tb, ree basic theories
have emerged in recent years for estimating transient stability transfer limits, namely single
machine equivalent criterion, signal energy limit estimation [MA96a] and the second-kick
method [MN95], but the search is still on tbr comparable methods in the ease of time-domain
voltage stability limit determination. Such methods are important because they offer the
perspective of accelerating limit determination by i) estimating a limit from one or two
simulations, ii) anticipating the error in the estimate and iii) performing additional simulations
if the anticipated error is too large. In relation to the issue dedicated, high-cost parallel
processing as opposed to lower-cost, general-purpose hardware, an important innovation
presently being explored is that of parallelizing limit search processes by means of a "one-
processor - one-simulation" approach [MA96b]. This approach attempts to exploit the
potential of existing networked (workstation) processors and emerging, multi-processor
worksuations. The challenge is now to implement these new ideas effectively within
appropriate decision-support systems so that they find their way to the on-line environment.
8,8. eeuri~
$
As we have seen elsewhere in this report, a large number of variables in the on-line systems
control environment are inherently probabilistic in nature. However, power systems are
presently operated on the basis of deterministic criteria, which are in effect a means of
simplifying the complexity of systems operations by ensuring a uniform basis on which all
decisions are made by means of a pre-determined set of choices. However, deterministic
methods require the evaluation of a limit for each and every corridor, assuming that nothing
will change in the remainder of the network. From the point of view of their detem~ation"
deterministic limits should theoretically be updated constantly with respect to changing
system conditions, translating into quite considerable and cosily computation requirements.
From the point of view of their application, such limits i) assume very robust systems at the
outset, ii) give little flexibility in the operations environment beyond the options of
redispatching twits and switching lines, and iii) ultimately minimize the return on investment
of every utility. A genuine theory of power system security therefore constitutes an knportant
objective of future research, beyond the patchwork of arbitrary or heuristic system criteria
presently used in. different parts of the. world. Such a theory should i) clearly define the
concept of the (security) limit, its determination and its application, ii) incorporate
probabilistie methods (which clearly have the potential to improve on existing, eonstrairting
approaches to power system design and operations), and iii) provide a seamless passage
between existing determirfistie methods and more risk-oriented practices (thereby permitting
operators to understand their options in terms of one or the other approach). In other words,
existing methods of security analysis and control, based on the use of deterministic criteria,
should appear as a specific instance of a more general theory on power system security.
CHAPTER 9
- 7~.
MEASUREMENT-BASED ASSESSMENT
This chapter presents an alternative approach to model-based DSA.
9.1. Motivation
As indicated in Chapter 5, the usual approach to dynamic security assessment (DSA) is model-based. The
starting point is the development of a model for the power system which closely represents actual system
behaviour. Validation of the model is an important part of the development process. Dynamic behavioral
properties of the real system are then inferred from properties of the model. For example, if the model
indicates that the power system will lose stability for a particular disturbance, then one suspects that the
actual system will also lose stability. Model-based assessment is extremely useful. It does of course
depend on the accuracy of the model.
In power system planning and operation, critical power transfer limits are determined by numerous
model-based analyses involving simulation of critical contingencies, and more recently modal analysis
through eigenanalysis. The system is then controlled to maintain limits below the critical levels. Such a
strategy has proven to be effective, but may be quite conservative because of two main issues:
1.
Simulation and eigenanalysis models require accurate mathematical representations of generators,
transmission systems, and loads. Because of the complexity and extreme size of modem power
systems, many system models do not adequately represent the actual system.. (Through extensive
testing, this has been recognized at least by the operators of the western North American power
system.) In an attempt to mitigate the effects of poor modeling, common practice is to place max/mum
allowable power transfer levels well below the stability lirn/ts encountered from model-based analysis.
2. An infinite number of contingencies and operating conditions can occur in a power system, while
engineers can only conduct simulation of a finite number of cases. To a certain extent, eigenanalysis
addresses this problem, at least for small-signal stability issues. Typically, engineers study the "key"
contingencies and then again place maximum allowable power transfer levels below the stability limits
encountered from model-based analysis.
Measurement-based assessment provides an alternative approach to DSA. In this case the security of the
(
system is inferred directly from measurements. These concepts are well established for static security
assessment. For example, it is common to compare measured line flows with transmission line ratings.
Appropriate control action is taken if the line flows are too high. However the ideas arc not so well
established in a dynamic sense.
Measured signals often display appreciable dynamic activity, even when the system is not subjected to
large disturbances Power systems are contk,~ually buffeted by small random disturbances. These
disturbances tend to excite the "natural oscillatory, modes of the system.
9.2. Anal ileal techni ues
Spectra/analysis of normal system measurements provides a reference spectn~,-a or signature [I-/A94].
Variation of the spectrum from the reference indicates that a change has occurred in the system. These
ideas form the basis for fault detection in modem control applications. In particular, a decrease ha the level
of damping of modal oscillations would provide an indication that a system change had led to a reduced
ANNEXE
Feedback from ~luestionnaire ~o electric utilities
Surve A~Lvsis
A. Definition of Dynamic Security_Assessment (DSA)
I.
The responses on the utiliW concept of the DSA
44 utilities responded to the questionnaire from 21 countries ; most responses
were received from Germany, Japan and Australia. The list of these utilities is given in the
Appendix. Every effort has been made not to identify any particular utility.
(a)
short term operation
22
(b) long term operation
16
(c) extended real time analysis from a system snapshot
19
(d)
on-line suite of network analysis sotV,~are
11
Some of the specific comments made are :
, the DSA needs to be integrated and co-ordinated as a result of the different time scales
involved
2. The types of phenomena of concern are :
(a) transient stability
33
(b)
small signal (or dynamic) stability
20
(c) longer term stability
22
(d)
voltage collapse
29
ANNEXE- 1
Current p_E~ctices in secu~sessment
3. The types of static security assessment carried out in the control centres
(a)
(b)
(c)
(d)
(e)
thermal overloading of transmission lines and transformers
voltage variation
frequency variation
generator active and reactive power overloading
other practices specified include capability equations (or
curves) ; topology error detection ; control of reactive power
reserves (on-line reserve monitor) ; fault level calculations.
39
33
21
26
4. The types of stability limRs currently in use
(a) transient stability
(b) voltage stability
(c) poorly damped local or inter-area oscillations
(d) long term stability of power plant processes and auxiliary
induction motors under severe voltage and frequency
disturbance conditions
27
20
13
Some of the descriptions include :
. Limiting situations are encountered dtuing maintenance periods as well as during
serious perturbations. In 50 % of these periods, these are thermal constraints ; in 10-20 %
voltage constraints and in 5 % transient stability constraints.
Transient stability is caused by power transfers over long transraission lines portrayed
by the inability to retain generator synchronism whereas voltage stability results from heavy
loading of bulk power transmission system adjacent to a heavy load centre portrayed by the
inability to control voltage and var supply.
. Normally, all three types of limits will exist at once - transient stability (first or second
swing) ; dynarrde stability (i.e. insta~eient damping of oscillation) ; voltage stability (i.e.
voltage, collapse or excessively low voltages after contingency). Limits are therefore applied
in the .on-line dispatch process to avoid these.
5. Measures usual|y adopted to improve stability limits
Preventive measures which are applied to the pre-contingency case
(a)
(b)
(c)
(d)
(e)
(0
control of generation system
control of transmission system
control of distribution system
management of load
addition of series and shunt compensations
application of special control schemes such as
- excitation control
- power system stabilisers
- speed control
- braking resistors and capacitors
- SVC
- modulation of power flows across DC lines
- other special schemes such as secondary voltage control,
power swing block relays, fast protection schemes, generator
dropping, modulation of SVC MVAr support as a function of
of line flows
(g) operational strategies related to dispatching of active generation 20
(h)
other preventative measures such as a change in the activation
times of protection
- arming cross tripping of one unit with one line
29
25
6
14
21
21
25
18
7
13
5
Corrective measures which are applied only if certain contingency occurs
(a) full or partial generator rejection
26
(b) load shedding including load curtailment through voltage
reduction
switching of capacitors and reactors
others measures include line switching, under frequency
tripping of domestic heating, tap changer blocking on voltage
criterion in an area as well as block of ULTCs, fast autoreelosure
of ~ansmission lines as well as tie line cross tripping scheme
reseheduling of generators, start-up of generators
support of the neighbouring companies, switheing of lines
(c)
(d)
27
25
6. Several systems have suffered in the past 10 years from the following phenomena
(a)
transient stability
22
(b) small signal (or dynamic) stability
17
(c)
longer term stability
10
(d)
voltage collapse
13
ANNEXE - 3
7. Some of the reasons for the above include
Pole slipping on long transmission lines with remote generation ; instability of a nuclear
power plant ; poor damping after switchir~g phenomena ; AGC interaction on weak
transmission system ; line cascading tripping ; temporary absence of power system stabitisers
; frequency drops due to insufficient load shedding.
8. For the problems listed in 6 above, 20 utilities used a computer program
developed in-house or other commercial packages such as EUROSTAG, PTIs PSSE,
MASS, EARS, ETMSP to study what actually happened.
C~ ~ents for a DSA
The Dynamic Security Assessment (DSA) should cover
(a) transient stability
(b) voltage stability
(e) poorly damped local or inter-area oscillations
(d) long term stability of power plant processes and auxiliary
induction motors under severe voltage and frequency
disttubance conditions
(e) others mentioned are long-term frequency behaviour and
island operation of a power plant
(f) import of wind power variations in the system
31
32
23
15
10. 26 utilities (against I0) did not expect conflicting results and required
control actions related to different aspects of static and dynamic security assessment.
11.
Some of the concerns of those who expected conflicting results are :
. static security assessment uses constant load representation whereas the DSA
uses voltage dependent loads hence there is the need to use same load models,
o
the same control action (such as active power rescheduling) may be carded out in
different ways according to different phenomena to be controlled,
interrelationships exist between different forms of stability,
. conflicts with economic and topology objectives may arise,
to modify the set point of a generator for reasons of transient stability could
induce a problem of power tmrtsrnission limit on a line,

the need to observe circuit breaker fault level limilation means, that substations
have to be nat split, particularly at generating stations. Tiffs cordliets with the need for a
strong system to avoid risk of transient and particularly dynamic instability. This may require
an iterafive process to satisfy both sets of requirements.
ANNEXE - 4
12. The kinds of dynamic security indicators required are :
(a) Rule based indicators such as the occth,rence of certain
events under certain conditions ; e.g., the loss of a major
transmission line when the active power generation is
dispatched in a certain way,
(b) Calculated indicators such as :
- post-contingency active power flow, reactive power
flow, and bus voltages,
- simulated time responses of different system variables
following the critical contingencies.
(c)
Other indicators specified are small signal indicators;
severity indices for contingency rankdng ; expert systems ;
power flow margins; regression equations for transient
stability based on off-line studies, distance from voltage collapse
weak spot detection
22
25
13.
handle
The size of the system a DSA application program is expected to
(a) less than 100 buses
(b) 100 to 500 buses
(c) 500 to 1000 buses
(d) 1000 to 2000 buses
(e) 2000 to 5000 buses
(f) more than 5000 buses
5
12
7
11
2
4
Some of specific comments made are :
Theres no one answer because this is a compromise between simplifying :
computation requirements,
. level of modelling and/or details : which are the acceptable assumptions and
whats the degree of conservation required.
14. The expected cycle time from SCADA sample to the end of one
complete DSA analys|s
(a)
less that~ 1 mn
5
Co)
1 to5mn
13
(c) 5 to I0 nan
8
(d)
10 to 20 n~,a
9
(e)
20 to 30 mn
3
(f) 30 to 60 mn
2
(g)
more than 60 rrm
2
ANNEXE - 5
Specific comments made :
. (c) is appropriate for answering a question from the operator whereas (f) and (g)
are for global transient stability analysis,
, the expected cycle time really depends on the rate of change in system
conditions.
15.
Rating the importance of having a DSA faciilty on a scale of I to 4 (1 being
the lowest)
(2)
7
(3)
(4)
7
Specific comment made :
DSA 1.becomes more important because of the increasing number of small independent
producers.
The reason why a DSA facility cannot be important to an utility :
DSA is still in the development phase, and the technology is not yet proven,
some utilities would agree that they have no stability problem and the stability
problems which may occur are faced in the extension planning,
the system is relatively secure and not pushed beyond its capability,
. the system is rather small, with short lines (< 100 Lm) highly meshed and well
embedded in a large system,
present day steady state sectaSty assessment looks sufficient for the 2-3 years
ahead because, due to the nature of the system, the range of preventive or corrective measures
is limited,
many other aspects are given priority in the investment program and t.he level of
mastering new technologies is not fairly advanced to allow well identLqed needs concerning
DSA facility and evaluation ofexpeeted economical gains.
17. Estimation of the economic gain which may result by having a DSA
facility, some proposals are :
a coarse estimation based essentially on voltage consideration of $5M/year,
$2M/year extra sales for each 10 MWincrease in transfer capability,
more than 100,000 pa,
$1000/HR for each 1000 MWgain in lim./ts
Reduction of probability of system shutdown by 10 % from 1 in 20 years.
AN~_rqEXE - 6
Specific comments made
. DSA would require less engineers to produce operating secu_r/ty limits, avoid
the consideration of very consereative margins in the planrfing of the generation dispatching,
bring about et~cient generator operation and put off transmission line construction,
. DSA would reduce about 5 to 10 % the non supplied energy due to incidents on
the HV and EHV grid, reduce the amount of load shedding,
the economic gain is very little as most of the power system limits are
thermal/plant based.
18.
The use of a DSA facility
(a) as part of the on-line suite of network analysis software
8
(b) for education and training
3
(c) no answer
17
Specific comments made :
. off-line DSA facility is used for network planning studies, for plamaLng
transmission system expansions and deriving operating security limits (load flow analysis,
time domain simulation, eigenvalue analysis),
. DSA is used for supporting such that it gives various stability support
information to operators ; stability limits calculated off-line are introduced in the on-line
supervising system,
an on-line transient stability monitor is c~,*rently being developed (expected in
service mid 1996) ; this will simply be an interface between EMS and an off-line simulator,
using sknple machine modelling and predefined set of contingencies.
Lets notice that many utilities are expecthag to be provided with an on-line DSA facility,
to be used for real time assessment of stability and for training.
ANNEXE - 7
require
Kinds of informations and graphical user interface control engineers
Information easy to use, which assists system operators in understanding location and types
of phenomena and to make remedial actions in case rite system has entered into an insecure
state.
trend curves,
data concerning network, generators, turbines, boilers, control systems,
protection and automation,
voltage in order, overloaded lines, limit warning, margins and tendencies,
system mode (on operation or stand-by), present and historical transmission
information should be presented on-line, as operating parameters versus their
respective limits ; something like PV curves, active power-voltage ctwves, simple display
showing maximum angle of the swing curve (future needs would encompass swing curve
display),
kfformation should be filtered ; intuitive output that can be read with tired eyes.
Graphical user interface :
corrective actions,
situation,
and paper outputs,
line diagram with affected circuits hatched,
one-line diagrams, time domain representation of critical quantities,
output data display on system figure image,
graphical display of data of the installed power system and the actual load
all information presented in tables and graphics on full-graphic displays
complete SCADA information of process on a full graphical workstation,
. a warning via alarm that the system is in critical dynamic state ; then open
a window where the operator is advised about remedial action.
21.
Needs for screening to identify "er~fical contingencies"
yes
no
no answer
com/nents
9
3
17
11
ANNEXE - 8
Specific comments made :
Screening is desirable -
. to cover a large number of configurations that would have not been studied
otherwise,
. to select the most critical conthagencies from a list ofcritical contingencies,
to concentrate on the few work contingencies, rather than concentrating on
all possible contingencies, that should be fully analysed,
.
to improve turn-around time from data input result,
,
to achieve high speed of calculation.
Screening should take into account system size and current HWand SWperformances.
Critical contingencies should be displayed in an easy way to identify manner such as a grid-
picture with different colours depending on the load or risk.
Screening is needed at the moment that a switching action is selected to be executed ; a sort of
extension of the "security checked switching" function.
22. Changes brought~ or expected to be brought, by DSA facility to the way
companies are operated at the moment :
answer missing
19
clear answer -
-
none
2
- not much
3
- yes or comment
14
Specific comments made :
operators have become more aware of potential problems (more conclusive
information on security margins),
operation secmJty and programming are improved,
. more risks are taken (less consereation is needed) and systems are allowed to
be operated nearer to the stability limit,
. system operation will not be changed, but the security will be improved, better
ability to adopt limits to the present network and generation situation,
. a notable improvement in system operation is noticed, due to a more careful
assessment of the system "global" security ; at the short and medium term operation planning,
, the turn-around time for DSA has been reduced significantly, allowing more
operating scenarios to be analysed ; this trend has resulted in t.he provision of "on-demand"
development of specific limits,
DSA is expected to change from pre-calculated type to on-line system.
23.
General comments/requirement regarding DSA facility, here are some
proposa|s :
DSA must be integrated and co-ordinated following the different time scales of power system
operation studies, from the planning stage (first step) to the control room (last step) ; each new
step must increase the knowledge of the power system stability margins based on the previous
steps.
The DSA facility should include the following features :
. ranking of contingencies in terms of severity,
. screening for the critical contingency with respect to transient stability, voltage
stability and thermal overloading,
assessment of the margin to stability,
.
modelling capability to analyse a wide range of stability phenomena,
. automated processes for deriving operating security limits, reasonable turn-
arotuld time.
A useful DSA should be established on a detailed representation and modelling of the power
system in order to provide conclusions based on accurate results ; it should also integrate a
user friendly and faster algorithm (or strategy) to be used by operators in real time, as far as
tremendous progress made by computer in calculation can help to shorten the cycle time.
ANNEXE. 10
!
2
3
5
6
7
8
9
11
12
13
16
19
22
23
25
26
27
28
29
3O
32
33
35
36
37
38
39
4O
APPENDIX
Following companies answered the questionnaire
- SONELGAZ
- Power Lion Queens Land
-
Transgrid
- Western Power Corporation
- ETSA Transmission
-
CPTE
- BC Hydro
-
Hydro Quebec
- Ontario Hydro
- Company ofCroatia
- ELSAM
- NESA Power Company
- Electricit6 de France
- Bayemwerk
- BEWAG
- Preussen Elek-tra
- RWE Energie AG
- VEWEnergie
- NGC
- Public Power Corporation
- ENEL
- CEPCO (Chubu Electric Power Co.)
- Electric Power Development Co.
- KEPCO (Kansai Electric Power Co.)
- TEPCO (Tokyo Electric Power Co.)
- MEGA Limburg
- NV DELTA
- SEP
- ZEH
- Transpower
- Stanett SF
- DEN (National Energy Dispatching)
- ESKOM
- R~E
- Svenska Kraftnet
- BKWEnergie AG-FMB Energie SA
- Nordostsehweizerische Kraffwerke AG
- ABB NETWORK PARTNER
- EOS
- MAPP (Mid-Continent Area Power Pool)
- PSE G (Public Service Electric and Gas Co.)
o INE$C
- Public Power Corporation
- Entreprises Eleetriques Fribourgeoises
ALGERIA
AUSTRALIA
AUSTRALIA
AUSTRALIA
AUSTRALIA (SOUTH)
BELGIUM
CANADA
CANADA
CANADA
CROATIA
DENMARK
DENMARI<
FRANCE
GERMANY
GERMANY
GERMANY
GERMANY
GERMANY
GREAT BRITAIN
GREECE
ITALY
JAPAN
JAPAN
JAPAN
JAPAN
NETHERLANDS
NETHERLANDS
NETHERLANDS
NETHERLANDS
NEWZEALAND
NORWAY
ROMANIA
SOUTH AFILICA
SPAIN
SWEDEN
SWITZERLAND
SWITZERLAND
SWITZERLAND
SWITZERLAND
US
US (New Jersey)
PORTUGAL
GREECE (CRETE)
SWITZERLAND
ANNEXE - 11
REFERENCES
lAD931
{ALgll
JAN831
[AVS0]
|AVgl]
[BA921
[BE891
J.A. Adam, "Virtual Reality is For Real", IEEE Spectrum, October 1993.
E.C. Adam, "Tactical Cockpits: The Coming Revolution",
IEEE Aerospace And Electronics Systems Magazine, Vol. 9, No. 3, pp.20-
26, 1994.
N. Adams, L. Lang, "VR Improves Motorola Training Program", AI Expert,
May 1995.
Aldmoto, Y., Tanaka, H., Yoshizawa, J., Klapper, D.B., Price, W.W.,
Wirgau, K.A., "Application of Expert Systems to Transient Stability
Studies", Second S~m sium on Ex err S_ stems~lieations to Power
~ Seattle, July, 1989.
Alvarado, F., Hu, Y., Ray, D., Stevenson, R., and Cashrnan, E. "Engineering
foundations for the determination of security costs"; IEEE Trans. on Power
Systems, Vol. 6, N

3, pp. 1175-1182, 1991.
Anderson, P.M. and Bose, A. "A probabilistic approach to power system
stability a~lysis". IEEE Trans. on Power Apparatus and Systems, Vol. 102,
N

8, pp. 2430-2439, 1983.
Avramovic B., P.V. Kokotovic, J.R. Winkeknan and J.H. Chow (1980) Area
decomposition for electromechanicaI models of power systems. Automatica,
Vol. 16, N

6, November, pp. 637-648.
Avramovie, B., Fknk, L.H., LLrtificiaI IntelALgenee in Power~
n~~Y~~fi~, Research report performed under National Science
Foundation award number ISI-9060250 (U.S.A.), September 30, 199I.
Balu, N., Bertram, T., Bose, A., Brandwajn, V., Cauley, G., Curtice, D.,
Found, A., Fink, L., Lauby, M.G., Wollenberg, B.F., Wmbel, J.N., "On-Line
Power System Security Analysis", Proeeedin~ Vol. 80, N
.
2,
Febrttary i 992, pp. 262-280.
Belhomme R., M. Pavella, Y. Xue (1989) Electromeehanieal dist,,aces for
identify~g contingency propagation in transient stability studies.
Proceedhags of the IFAC International Symposium on Power Systems, and
Power Plant control, Seoul, Korea, August 22-25, pp. 940-945.
REFERENCES I
chp.
1, 2,
IBg9|bl
[BO95]
[cA89]
[CHgl]
[CHgSa]
Belhomme R. and M. Pavella (1991) A composite electromechanical
distance approach to transient stability. IEEE Transactions on Power
systems, Vol. PWRS-6, N

2, May, pp. 622-631.
Belhomme R., H. Zhao and M. Pavella (1991) Power system reduction in
transient stability studies. Proceedings of the 13
t~
IMACS World Congress
on Computation and Applied Mathematics, Dublin, Ireland, July 22-26, pp.
1246-1249.
Belhomme R., H. Zhao and M. Pavella (1993) Power system reduction
techniques for direct transient stability methods. IEEE Transactions on
Power systems, voI. PWRS-8, N

2, May, pp. 723-729.
Billinton, 1L and Kuruganty, P.R.S. "A probabilistic index for transient
stability". IEEE Trans. on Power Apparatus and Systems, Vol. 99, N

1, pp.
195-206, 19g0.
A. Bose. "Speeding Up Time Domain Techniques for DSA". EPRI Control
Centre AUTOMATION, Issue 5 December 1991, pp. 4.
Boyen X. and Wehenkel L. "Fuzzy decision tree induction for power system
security assessment". Ir~ Proc. of SIPOWER95, IFAC Syrup. on Control of
Power Plants and Power Systems, Dec. 1995, pp. I51-156.
S. Bryson. "Virtual Reality in Scientific Visualization",
Computers and Graphics, vol. 17, no. 6, pp. 679-685, 1993.
R.M. Butler and E.L. Lusk. "Monitors, Messages, and Clustem - the p4
Parallel Prograwaning System", ANL, 1993.
Carpentier, J.L., Gillon, A., Jegouzo, Y., Candre, A., Caramaa, F., Pellen,
C., Tournebise, P., "Multimethod Optimal Power Flows at Electricit6 de
France", Proceedin~ Pow~m and Power
PIant Contro_2,l August 22-25, 1989, pp. 129-134.
Chow, J.H. (1982) time-Scale Modelling of dyrmmie Networks with
Applications to Power Systems. Lecture Notes in control and Information
Sciences, Vol. 46, Sprhnger-Verlag, New York.
T.SI.Chung, K.L. Lo and C.S. Chang, "On the Effectiveness of Applying
On-Line Dynanfic Security Assessment in Power System Optimal
Operation", ~__nal.Confe____~.n.ee.. on_Advances in Power S stems
Control Operation and Management, Hong-Kong, November 1991, pp.
158-163.
K.W. Chart, A.R. Edwards, R,W. Dunn and A.R. Da.nSels. "Reed-Time
ElectromeehanJeal Transient Simulator for On-line Applications". First
REFERENCES 2
[CH95bl
[C196]
[DE75]
[DEg~I
1D67l
[DY74]
International Conference on Digital Power System Simulators held in Texas,
U. S. A. during April 1995, pp. 259-263.
K.W. Chart, R.W. Dunn, A.R. Daniels, J.A. Padget, P.H. Buxton, A.O.
Ekwue and M.J. Rawlins. "On-line Dynamic Security Contingency
Screening and Ranking". Submitted to the lEE Proceedings Part C, 1995.
Cicoria, R., Migliardi, P., Mararmino, P., "Knowledge Based Methodologies
versus Conventional Optimisation Algorit,hrns Applications to Reactive
Power Compensation", ~of the 11
t~
PowerS stems Corn utation
Conference_, Aug. 30-Sept. 3, 1993.
CIGR.E Task Force Report << Indices predicting voltage collapse including
dynamic phenomena >>, prepoxed by CtGRE WG 38-02 Task Force NI I
(Convenor J. VAN HECKE), June I994
CIGRE Task Force Report. "Assessment of practical fast transient stability
methods" (Convenor S. Geeves). Phase l, June 1992. Phase 2, March 1995.
J.J. Paserba (Convertor), Analysis and Control of Power System
Oscillations, CIGRE Task Force 38.01.07 Report, Paris, 1996.
A S Debs and A R Benson, Security Assessment of Power Systems, Status
Engineering for Power, Status and Prospects, Henniker, New Hampshire,
USA, August 17-22 1975 pp 144- 176
Drnomrnr, F., Vincelette, M., "Security Monitoring of the Hydro-Quebec
Power System", Proceedin s of the Pan-American Congress of Mechanical
Electrical and Allied En ineerin Branches Buenos Aires, Argentina, Oct.
1-5, 1984,
K. Demaree, T. Attay, K. Chung, Y. Mansour, E. Vaahedi, A.Y. Chang,
B.R. Corns and B.W. Garett. "An on-line Dynamic Security Analysis
System Implementation". IEEE Transactions on Power Systems, Vol. 9, N

4, Nov. 1994, pp. 1716-1722.

Dillon, T.S. "Artificial neural network applications to power systems and
their relationship to symbolic methods". Int. J. of Elee. Power and Energy
Systems, Vol. 13, N

2, pp. 66-72, Apr. 1991.
Dy Liaeco, T.E. "The adaptive reliability control system". IEEE Trans. on
Power Apparatus mad Systems, Vol. PAS-86, N

5, pp. 517-53I, May 1967.
Dy Liaceo, T.E., .Control _of.Power Systems via the Multi-Level Concep!,
Case Western Reserve University, Systems Research Center, Report SRC-
68-19, june 1968.
Dy Liacco, T.E., "Real-Time Computer Control of Power Systems", 2
REFERENCES 3
5,7
2,8
ProceedS, Vol. 62, pp.884-891, July 1974.
[EL891
|ELg0I
Dy Liacco, T.E., "System Security The Computers Role", I_EEE S c_~,
Vol. 15, pp. 43-50, June 1978.
EI-Sharkawi M.A., Marks II, R.J., Aggoune M.E., Park D.C., Damborg
M.J., and Atlas L.E. "Dynamic security assessment of power systems using
back error propagation artificial neural networks". In Proe. of the 2
"d
Symposium on Expert Systems Application to power Systems, pp. 366-370,
1989.
EL-Kady M.A., Fouad A,A., Liu C.C., Venkataraman S. "Use of expert
systems in dynamic security assessment of power systems". In Proc. I0
L~
PSCC, Graz, 1990.
Fimk, L.H. and Carlsen, K. "Operating under stress and strain". IEEE
Spectrum, Vol. 15, pp. 48-53, Mar. 1978.
[FI891
{FO88ai
[FO88bl
[FOgll
[FO921
[GAgl].
Fischl R., Karn M., Chow J.C., and Ricciardi S. "Screening power system
contingencies using back propagation trained multi-pereeptrons". In Proc. of
the IEEE Int, Symposium on Circuits and Systems, pp. 486-494, 1989.
Vieim Filho, B.X., Pereim, M.V.F., Gomes, P., and Nery, E. "A
probabilistic approach to determine the proximity of the voltage collapse
region". CIGRE, paper 38-201, 1994.
A.A. Fouad and V. Vittal. "The Transient Energy Function Method".
Electrical Power and Energy Systems, Vol. 10, N

4, October 1988, pp. 233-
246.
Fouad, A.A. (Chairman), "Dynamic Security Assessment Practices ha Noah
America", Report by IEEE Working Group on Dynamic Security
Assessment, Power Systems Engineering Committee, IEEE Tr. on Power
~ Vol. 3, N
.
3, Aug. 1988, pp. 1310-1321.
Fouad, A.A., Venkataraman, S., Davis, J.A., "An Expert System for
Security Trend Analysis of a Stability-Limited Power System", rEEE Tr. on
Power System_.,s Vol. 6, N
.
3, Aug. 1991, pp. 1077-1084.
Fouad A.A., Vittal V. Power System Tramient Stability Azaalysis Using the
Transient Energy Function Method. Prentice-Hall, Englewood Cliffs, N.J.,
1992.
G. Cauley. "The Challenge of On-line Dynamic Security Assessment".
EPRI Control Centre AUTOMATION, Issue 5 December 1991, pp. 2
2,7
REFERENCES 4
[GA92]
{GE871
[GE931
{c;Gg,q
[GI921
{HAgl]
[ P - A 9 3 1
Galiana, F.D., Me Gillis, D., Marin, M., "Expert Systems in Transmission
Planning", Proceeding3_ of the IEE.____~E, Vol. 80, N
.
5, May 1992.
Germond A., F.R. Graf, J.P. Clert%uille, F. Saccomanno, R.A.M. Van
Amerongen and S. Geeves (1987) External Equivalents. State of the Art
report, Task-Force of CIGRE Working-Group 38-02 (Prepared in May).
Germond A. and Niebur D. "Neural network applications in power
systems". In Proe. of the 11
t~
PSCC, Tutorial session, pp. 61-70, Aug. 1993.
A. Geist, A. Berguelin, J. Dongarra, W. Jiang, R . Manchek and V.V.
Sunderam. "PVM-Parallel Virtual Machine A Users, Guide and Tutorial
for Networked Parallel Computing". The MIT Press, 1994.
Gagnon, C., Sood, V.K., B#1anger, J., et al., "Hydro-Qu#becs Power
System Simulator", IEEE Canadian Review, No. 19, Spring-Summer 1994,
pp.6-9.
Mc Gillis, D., Galiana, F.D., Loud, L., Marceau, R.J., "The Influence of the
Choice of Criteria on System Design", _P~roceeding~ of the 9
-0-
Conference on
the Electric Power Su~, Hong Kong, Nov. 23-27, 1992.
Haque M.H. and A.H.M.A. Rahim (1988) An efficient met.hod of
identifying coherent generators using Taylor series expansion. IE E E
Transactions on Power systems, Vol. PWRS-3, No.3, August, pp. 1112-
1118
J.F. Hauer, "Application of Prony analysis to the deterw~nation of modal
content and equivalent models for measured power system responses", IEEE
Transactions on Power Systems, Vol.--6, No.--3, August 1991, pp.~1062-
1068.
Handseltin E., Schliicking U. "Real time simulation of the short term
dynamics using parallel computers", 11
aa
Power Systems Computation
Conference (PSCC), Avignon, Aug. 30-Sept. 3, 1993, Vol. 1, pp. 647-653.
J.F. Hauer, "BPA experiences in the measuremem of power system
dynamics", in Inter-Area Oscillations in Power Systems, IEEE Publication
No.95~TP-d 01, October I994.
Hakra H., R. Belhomme, C. Gagnon, C. Thomassin and J. Gag, non (1995)
Dynamic equivalents of sub-transmission networks for transient stability
studies. Proceedings of the Stockholm Power teci, KT"H-IE E E /PE S Joint
International Symposium on electric Power E ngineering, Stoeldaolm,
Sweden, June 18-22, Vol. "Power Systems", pp. 296-301
Hiyama T. (1981) Identification of coherent generators using frequency
response. IE E Proceedings, Vol. 128, Pt.C, No.5, September, pp. 85-90
REFERENCES 5
l H 19 6 1
IHN931
[HO951
[ H R 9 4 1
[HU931
[HZ94al
[HZ94c]
[HZ94dl
I.A. Hiskens arid D.J. Hill. "Incorporation of SVCs into Energy Function
Methods". 1991 IEEE Summer Meeting, 9I SM424-2.
Hiskens I.A., Da,
G
R,J., ~< Lyapounov function analysis of power systems
with dynamic loads ~, Proc. 35th IEEE Conference on Decision and
Control, Kobe, 1996
I. Hunter et al., "A Teleoperated Microsurgical Robot and Associated
Virtual Environment for Eye Surgery", Presence, vol. 2, no. 4, pp. 265-280,
1993.
Houben I., Wehev&el L., and Pavella M. "Coupling of K-NN w/hh decision
trees for power system transient stability assessment". In IEEE Conference
on Control Applications, Albany (NJ), 1995, pp. 825-832.
J.F. Hauer, "Application of Prony analysis to the determination of modal
content and equivalent models for measured power system responses", IEEE
Transactions on Power Systems, Vol. 6, N

3, August 1991, pp. 1062-1068.
J.F. Hauer, "BPA experiences in the measurement of power system
dynamics", in Inter-Area Oscillations in Power Systems, IEEE Publication
N

95 TP 101, October 1994.
Haubrich, H.-J., Nick, W.R., "Adequacy and Security of Power Systems at
Planning Stage", Electra, N

. 149, August 1993

N.D. Hatziargyriou, S.A. Papathanassiou, M.P. Papadopoulos. "Decision
Trees for Fast Security Assessment of Autonomous Power Systems with a
Large Penetration from Renewables". IEEFJPES Summer Meeting, paper 94
SM368-1 EC, San Francisco, CA, July 24-28, 1994.
N.D. Hatziargyriou, S.A. Papathanassiou, J.A. Pecas Lopes, V. Van Acker.
"Pattern Recognition versus Decision Trees Methods. A Case Study in Fast
Dynamic Security Assessment of Autonomous Power Systems with a Large
Penetration from Renewables". Proceedings of ISAP94 (Intelligent System
Application to Power Systems), Montpellier, France, September 5-9, 1994.
N.D. Hatziargyr/ou, S. Papathanassiou. "Effect of Statistical Hypothesis
Testing on the Reliability of Decision Trees for Security Assessment". Proc.
of PMAPS94, 4
~
Intern. Conference on Probabilistie Methods Applied to
Power Systems, R/o de Janeffo, Braz/l, Sept. 25-30, 1994.
N.D. Hatziargyriou, J.A. Pecas Lopes, S.A. Papathanassiou, LN. Fidalgo, V.
Van Acker. "Fast Dynamic Security Assessment of Autonomous Power
Systems with a Large Penetration from Wind - The Lerraaos study Case".
Proceedings of EWEC94 (European Wind Energy Association conference
and Exl~bition), Thessaloniki, 10-14 October 1994.
5,7
1,2
REFERENCES 6
[JA951
1,IO951
[LA951
[LE731
T. Inoue, M. Tsukada, H. Itoh, E. Suzuki, H. Shimi, Y. Kokai and Y.
Nakata. "Development Plan for Wide-Area Power Network Blackout
Prevention System Based on On-line Stability Calculation". CIGRE SC-39
Colloquium, Sydney, September 1993.
Irizarry-Rivera, A.A., Mc Calley, J.D., and Vittal, V. "A theoretical
foundation for computing probability of instability in electric power
systems". Submitted for publication, 1995.
Jacquemart, Y., Wehenkel, L., Vain Cutsem, T., and Pruvot, P. "Statistical
approaches to dynamic security assessment : The data base generation
problem". In Proc. of SIPOWER95, IFAC Syrup. on Control of Power
Plants and Power Systems, Dec. 1995. To appear.
"Development and Implementation of an advanced control system for the
optimal operation and management of medium size power systems with a
large penetration from renewable power sources",
Final Report of JOULE II : JOU2-CT92-0053, June 1995.
S.M. Kay, "Spectral estimation", in Advanced Topics in Signal Processings,
J.S. LIMand A.V. OPPENHEIM(Editors), Prentice Hail, Englewood
Cliffs, 1988.
S.M. Kay, Modem Spectral Estimation - Theory and Application, Prentice
Hall, Englewood Cliffs, 1988.
Kimbark E,W. (1948) Power system Stabili,~y. Volume I: E lements of
Stability Calculations. John Wiley & Sons, Inc., New York
K_dshnaparan&hama T., S. Elangovan and A. Kuppurajulu (1981) Method
for identifying coherent generators. International Journal of E lectrical
Power and E nergy systems, Vol. 128, Pt.C, No.6, November, pp. 325-333
A.B.R. Kumar, V. Brandwajn and A. Ipakehi. "Applying Artificial
Intelligence Tech~ques to DSA". EPRI Control Centre AUTOMATION,
Issue 5 December 1991, pp. 5.
S. Kurnano, Y. Miwa, Y. Kokai, M. Yatsu, K. Omata and T. Asano.
"Evaluation of transient Stability Controller System Model". CIGRE SC-38
Colloquium, Paris Sept. 1994.
Laufenberg M.J., Pal M.A., ~ Sensitivity theory in power systems :
application in dynamic .security analysis ~, Proc. Conference on Control
Applications, 1995
Lee S.T.Y. and F.C. Schweppe (1973) Distance measures and coherency
recognition for transient stability equivalents. IE E E Transactions on Power
8,9
8,9
REFERE~NCES 7
[MA93a]
[MA93b]
[MA95a|
[MAgSbl
|MA96a|
[MA96b]
[McgSa]
[Mc95b]
Apparatus and systems, Vol. PAS-92, No.5, September/October, pp. 1550-
1557
R.J. Marceau, F.D. Galiana and R. Mailhot. "A Generalized Shell for
Dynamic Security Analysis in Operations Planning". IEEE Transactions on
Power Systems, Vol. 8, N

3, August 1993, pp. 1098-I 104.
R.J. Marceau. "Mechanizing Dynamic Security Analysis". Ph. D thesis, Me
Gill University, Department of Electrical Engineering, Montreal, Canada,
September 1993.
Marceau R.J., Galiana F.D., Mailhot R., Denomme F., Me Gillis D. "Fourier
met,hods for estimating power system stability limits". IEEE Trans. on
Power Systems, Vol. 9, N

2, May 1994, pp. 764-77 I.
R.J. Marceau, "Estimating Transient Stability Transfer Limits for Normal
Contingencies", _StockhoJ_m___Powe_____~eeh Conference_, June 1995, pp. 623-628
(Power Systems Volume).
R. J. Marceau, M. Sirandi, S. Soumare, X. Do and R. Mailhot. "Stmtrgies
daccrlrmtion des proeessus de recherche de lh-nites de transit et de
srcuritr". Canadian Conference on Electrical and Computer Engineering,
Montreal, 5-8 Sept. 1995.
Marceau, R.J., Soumar#, S., Sirandi, M., Do, X.D., "Transient Stability
Limit Estimation Using the Signal Energy of Different Network Quantities:
A Comparative Study", 1996 Power System Computation Conference
(PSCC), Dresden, Aug. 19-23, 1996, pp. 528-535.
Marceau, R.J., Sirandi, M., Soumar#, S., Do, X.-D., Oaliana, F., Mailhot,
R., "A Review of Signal Energy Analysis for the Rapid Determination of
Dynamic Security Limits", accepted June 28, 1996 for publication in the
Canadian Journal of Electrical and Computer Engineering.
Me Calley J.D. and Kranse B.A. "Rapid transmission capacity margin
determination for dynamic security assessment using artificial neural
networks". Electric Power Systems Research, 1995.
Me Calley, J.D., Fouad, A.A., Vittal, V., Irizarry-Rivera, A.A., Agrawal,
B.L., and Farmer, R.G. "A risk-based security index for determining
operating limits in stability limited electric power systems". Paper # 96 SM
505-8 PWRS, to appear in !EEE Trans. on Power System, 1996
N.E. Miner, S. A. Stansfield. "Interactive Virtual Reality Simulation
System for Robot Control and Operator Training", Proceedings of the 1994
IEEE International Conference on Robotics and Automation, Pt. 2, 1994, pp.
1428-1435.
5, 7
5, 7
REFERENCES
[MN951
|Mog|i
|NI931
[NOg,~l
1OK961
|OS781
[OS931
|OT951
McLaren, P.G., Kuffel, R., Wierckx, R., "A Real-Time Digital Simulator for
Testing Relays", IEEE Surm-ner Meeting, Paper 91 SM319-4 PWRD.
Y. Mansour, E. Vamhedi, A.Y. Chang, B.R. Corns, B.W. Garrett, K.
Demaree, T.A. Tray, K. Cheung, "B.C. Hydros On-Line Transient Stability
Assessment (TSA) Model Development, Analysis and Post-Processing",
IEEE Transactions on Power S~, Vol. I0, N
.
1, Feb. 1995, pp. 241-
253.
Mori H. and Tamura Y. "An artificial neural-net based approach to power
system voltage stability". In Proc. of the 2
"a
Int. Workshop on Bulk Power
System Voltage Phenomena - Voltage Stability and Security, pp. 347-358,
Aug. 1991.
Niebur D. and CIGRE TF 38-06-06. "Artificial neural networks for power
systems" a literature survey". Engineering Intelligent Systems for Electrical
Engineering and Communications, Vol. 1, N

3, pp. I33-158, 1993.
E. Nogaret, O. Stavrakakis, J. BoNn, G. Kariniotakis, B. Papadias, G.
Contaxis, M. Papadopoulos, N. Hatziargyriou, S. Papathanassiou, G.
Gatopoulos, J. Halliday, G. Dutton, J. Pecas-Lopes, A. Androutsos, P.
Pligoropoulos. "Development and Implementation of an Advanced Control
System for Medium Size Wind-Diesel Power Systems". Proceedings of
EWEC94 (European Wind Energy Association Conference and Exthbition),
Thessaloniki, 10-14 October 1994.
Okapuu-von Veh, A., Mareeau, R.J., Malowany, A., Desbiens, P., Daigle,
A., Rizzi, J.C., Garant, E., Gauthier, R., Sheikh, A., "Design and Operation
of a Virtual Reality Operator-T~,Aning System", presented at the 1996 IEEE
Winter Meeting (96 WM157-8 PWRS) and published in the IEEE
Transactions on Power Systems, Aug. 1996, Vol. 11, No. 3, pp. 1585-1591.
Ohsawa Y. and M. Hayashi (1978) Coherency recognition for transient
stability equivalents using Lyapunov function. Proceedings of the 6th Power
systems Computation conference (PSCC), Vol. 2, Darmstadt, August 21-25,
pp. 815-818
D,R. Ostojie, "Spectral monitoring of power system dynamic
performances", IEEE Transactions on Power Systems, Vol. 8, N

2, May
1993, pp. 445-451.
H. Ota, Y. Kitayama, H. Ito, N. Fukushima, K. Omata, Ko Morita and Y.
Kokai. "Development of Transient Stability Control System (TSC System)
based On-line Stability calculation". IEEE PES 1995 Summer meeting.
Pai M.A. and R.P. Adgaonkar (I 984) Electromechanical distance measure
for decomposition of power systems. International Journal of E lectrical
Power and E nergy Systems, Vol. 6, No.4, October, pp. 249-254
7,8
8,9
REFER~ENCES 9
IPA891
Pal M.A., Energy Function Analysis for Power System Stability. Kluwer
Academic Publ., Boston, 1989.
[PA931
Pavella M., Murthy P.G. Transient Stability of Power Systems. Theory and
Practice. J. Wiley, 1993.
P6rez-Arriaga l.J., G.C. Verghese, and F.C. Schweppe (1982) Selective
modal analysis with applications to electric power systems, part I" heuristic
introduction. IE E E Transactions on Power Apparatus and Systems, Vol.
PAS- 101, No.9, September, pp. 3117-3125
P~rez-Arriaga I.J., L. Rouco, F.L. Pagola and J.L. Sancho (1988) The role of
participation factors in reduced order eigenanalysis of large power systems.
Proceedings of the 1988 IE E E International Symposium on circuits and
Systems (ISCAS), Espoo, finland, June 7-9, Vol. 1, pp. 923-927
[PE941
J.A. Peeas Lopes, J.N. Fidalgo, V. Miranda, N. Hatziargyriou. "Neural
Networks Used for On-Line Dynamic Security Assessment of isolated
Power Systems with a Large Penetration from Wind Production - A Real
Case study". Proc. of RSSC94, Third International Workshop on "Rough
Sets and Soft Computing", San Jose, California, November 10-I2, 1994.
[PO771
J.W. Pierre, D.J. Trudnowski and M.K. Dormelly, "Initial Results in
Electromechanieal Mode Identification from Ambient Data", IEEE
Transactions on Power Systems, (to be published), Paper No. 96SM523-
IPWRS, 1996 IEEE~ES Summer Power Meeting, Denver, CO, July 1996.
Podmore R. and A. Germond (1977) Development of dynamic E quivalents
for Transient Stability Studies. Final Report on EPRI Research Project
RP763, Vol. I, EPRI Report No.EL-456, May
[PO781
[PO791
Podmore 1L (I978) Identification of coherent generators for dynamic
equivalents. IE E E Transactions on POW E R Apparatus and Systems, Vol.
PAS-97, No.4, July/August, pp. 1344- | 354
Podmore R. (I979) dynamic E quivalents for Transient Stability Studies of
Very Large Synchronous Networks. Final Report on EPRI Research Project
RP763 - Phase II, EPRI Report No.EL-! 132, July
[RA931
Ramaswamy G.N., G.C. Verghese, C. Vialas and C.L. DeMarco (1993)
Going beyond coherency - synchrony as a basis for dynartfie equiva!encing
in power system models. North American Power symposium, Howard
University, Washington D.C., October
IRA941
Ramaswamy G.N., G.C. Verghese, L. Rouco, B.C. Lesieutre and O. Fillatre
(1994) Syneba~onie modal equivalencing (SME) a new framework for
consh~acting dyrmmic equivaJents in power systems. North American Power
P, zEFEPO~NCES 10
[RA95al
IRA95bi
IRO9gl
1SC781
|SC871
symposium, Kansas State University, Manhattan, Kansas, September
Ramaswamy G.N., G.C. Verghese, L. Rouco, C. Vialas, C.L. DeMarco
(1995) Synchrony, aggregation and multi-area eigenanalysis. Paper No.
95~I192-5 PWRS, IE E E /PE S W inter Meeting, New York, January 29 -
Februmy 2
Ramaswamy G.N., L. Rouco, O. Fillatre, G.C. Verghese, P. Panciatiei, B.C.
Lesieutre and D. Peltier (1995) Synchronic modal equivalencing (SME) for
structure-preserving dynamic equivalents. Paper No. 95WMI t3-1 PWRS,
IE E E /PE S W inter Meeting, New York January 29 - February 2
Rovnyak S., g.retsinger S., Thorp J., and Brown D. "Decision trees for real-
time transient stability prediction". IEEE Trans. on Power Syst. Vol. 9, N

3, pp. 1417-1426, Aug. 1994.

Sancha J.L., and I.J. P6rez-Arriaga (1988) Selective modal analysis of
power system oscillatory instability. IE E E Transactions on Power Systems,
Vol. PWRS-3, No.2, May, pp. 429-438
Schweppe, F.C. "Power systems 2000 - hierarchical control strategies".
IEEE Spectrum, Vol. 15, N

7, pp. 42-47, 1978.
Schlueter R.A. and P.A. Rusche (1987) Dynamic equivalents in rapid
analysis of transient stability methods. In g7THO 169-3-PWR RapM
Analysis of Transient Stability, IEEE/PES winter Meeting, New Orleans, pp.
30-36
[SH941
[SO891
[SP751
[SP761
|SP771
Short M.J., Hui K.C., Macqueen J.F.and Ekwue A.O.R. "Use of artificial
neural networks for voltage stability monitoring at NGC". CIGRE paper 38-
205, Paris, Sept. 1994.
Sobajic D.J. and Pao Y.H. "Artificial neural-net based dynamic security
assessment for electric power systems". IEEE Trans. on Power Syst. Vol.
PWRS-4, N

4, pp. 220-228, Feb. 1989.
Spalding B.D., D.B. Goudie, H. Yee and F.J. Evans (1975) Use of dynamic
equivalents and reduction tech~ques in power system Iransiem stability
computation. Proceedings of the 5th Power System Computation
Conference (PSCC), Vol.2, Paper 3.2/10, Cambridge, U.K., September
Spalding B.D. (1976) Techniques for the Analysis of Power system Stability.
Ph.D. Thesis, University of New South Wales, Australia, July
Spalding B.D., H. Yee and D.B. Goudie, D.B. (I 977) Coherency recognition
for transient stability studies using singular points. IE E E Transactions on
Power Apparatus and Systems, Vol. PAS-96, No.4, July/August, pp. 1368-
1375
R~FERENCES 11
[ST871
[ST96]
[TA921
[TR96]
[UNTIal
[UN71bl
Stott, B., Alsac, O., Monticelli, A.J., "Security Analysis and Optimization",
Proceedin s.~_~f hhe IEE._.E.E, Vol. 75, N
.
12, Dec. 1987, pp. 1623-1644.
Stroev V.A., Putiatin E.V., ~~ The use of equations in variations for the
forecast of electrical power system transients ~>, Proc. 12th Power Systems
Computation Conference, Dresden, 1996
H. Taoka, I. Iyoda, H. Noguchi, N. Sato and T. Nakazawa. "geM-Time
Digital Simulator for Power System Analysis on a Hypercube Computer".
IEEE Trans. on PWRS, Vol. 7, N

I, February 1992, pp. 1-10.
D.J. Trudnowski, M.K. Donnelly and J.F. Hauer, "A Procedure for
Oscillatory Parameter Identification", IEEE Transactions on Power Systems,
Vol. 9, No. 4, November 1994, pp. 2049-2055.
D.J. Trudnowski, M.K. Donnelly and J.F. Hauer, "Estimating Damping
Effectiveness of BPAs Thyristor Controlled Series Capacitor by Applying
Time and Frequency Domain Methods to Measured Response," IEEE
Transactions on Power Systems, Vol. 11, No. 2, May t996, pp. 761-766.
Undrill, J.M. and A.E. Trainer (1971) Construction of power system
eleetromechanical equivalents by modal analysis. IE E E Transactions on
Power apparatus and Systems, Vol. PAS-90, No.5, September/October, pp.
2049-2059
Undrill J.M., J.A. Casazza, E.M. Gulachenski, and L.K. Kirchmayer (1971)
Eleetromeehanieal equivalents for use in power system stability studies.
IE E E Transactions on Power Apparatus and Systems, Vol. PAS-90, No.5,
September/October, pp. 2060-2071
Van Cutsem T., Wehenkel L., Pavella M., Heilbrorm B., and Goubin M.
"Decision tree approaches for voltage security assessment". IEE Proceedings
- Part C. Vol. 140, N

3, pp. 189-198, May 1993.
Van Cutsem T., Maikhot R. "Validation of a fast voltage stability analysis
method on the Hydro-Qu6bec system". Paper 96WM280-8 PWRS presented
at the 1996 IEEE~ES Winter Meeting, Baltknore, Jan. 21-25, 1996.
Verghese G.C., LJ. P6rez-Arriaga and F.C. Schweppe (1982) Selective
modal analysis wihh applications to electric power systems, part II : the
dynamic stability problem. IE E E Transactions on Power Apparatus and
Systems, Vol. PAS-101, No.9, September, pp. 3126-3134
Vialas C., G.C. Verghese, J.N. Rees and G.N. Ramaswamy (1994) Prony
identification of modal dynamic equivalents. North American Power
symposium, Karmas State Urfiversity, Manhat~., Kansas, September
REFERENCES 12
[wr, sgl
[WE94a[
[WE94b]
[WE95a]
[WE96a]
[WE96b[
Wehenkel L. "Artificial intelligence methods for on-line transient stability
assessment of electric power systems". In Pro<:. of the I
ra
Int. Syrup. on
Expert Systems Application to Power Systems, Stochholm-Helsinki, pp.
5.1-5.8, Aug. 1988.
Wehenkel, L., Van Cutsem, T., Pavella, M., ".An Artificial Intelligence
Framework for On-line Transient Stability Assessment of Power Systems",
IEEE Tr. on Power S~, Vol. 4, N
.
7, May 1989.
Wehenkel L. and Pavella M. "Decision trees and transient stability of
electric power systems". Automatica, Vol. 27, N

1, pp. 115-134, 199 I.
Wehenkel L., Pavella M., Euxibie E., and Heilbronn B. "Decision tree based
tra.n_sient stability method - a case study". IEEE Trans. on Power Syst. Vol.
PWRS-9, N

I, pp. 459-469, 1994.
Wehenkel L., Van Cutsem T., Pavella M., Jacquemart Y., Heilbronn B., and
Pruvot P. "Machine learning, neural networks and statistical pattern
recognition for voltage security : a comparative study". Engineering
Intelligent Systems for Electrical Engineering and Communications, Vol. 2,
N

4, pp. 233-245, Dee. 1994.
WehenkeI L. "A statistical approach to the identification of electrical regions
in power systems". In Proe. of Stockholm Power Tech (IEEE paper # SPT
PS 17-03-0237), pp. 530-535, June 1995.
Wehenkel L., Houben I., Pavella M., Riverin L., and Versailles G.
"Automatic learning approaches for on-line transient stability preventive
control of the Hydro-Qurbee system - Part I. Decision tree approaches". Part
II. A toolbox combining decision trees with neural nets and nearest neighbor
classifiers optimized by genetic algorithms". In Proe. of SIPOWER95,
IFAC Syrup. on Control of Power Plants and Power Systems, Dee. 1995. To
appear.
Wehenkel L. "Contingency severity assessment for voltage security using
non-parametric regression techniques". IEEE Trans. on Power Syst.,
Vol. I1, N

l, pp. 101-111, 1996.
Wehenkel L. "Machine learning from Monte-Carlo Simulations. Application
to power system security assessment". To appear in IEEE Expert InL Syst.
and their Applications, Vol. 1 I, N

6, Dee. 1996.
[wls01
Winkelman J.R., J.H. Chow, PV Kokotovic and B. Avramovic (1980)
Singular ~bation analysis of power system dynamics. Report on DOE
Contract DE-AC05-77ET29104, Electric Utility Systems Engineering
Department, General Electric
REFERENCES 13
~ W U 8 8 1
[ZH96a]
[ZH96b]
Winkelman J.R., J.H. Chow, B.C. Bowler, B. Avramovic, and P.V.
Kokotovie (198 l ) An analysis of interarea dynamics of multi-machine
systems. IE E E Transactions on Power apparatus and Systems, Vol. PAS-
100, No.2, February, pp. 754-763
Wood, A.J., Wollenberg, B.F., Power Generati_on_, ~ration and Control,
John Wiley and Sons, New York, 1984.
Wu F.F. and N. Narasimhamurthi (1983) Coherency identification for power
system dynamic equivalents. IE E E Transactions on Circuits and Systems,
Vol. CAS-30, No.3, March, pp. 140-147
Wu, F.F., Tsai, Y.K., and Yu, Y.X. "Probabilistie steady state and dynamic
security assessment". IEEE Trans. on Power Systems, Vol. 3, N

1,
pp. 1-9, 1988.
Y. Xue, T. Van Cutsem and M. Ribbens-Pavela. "Extended Equal Area
Criterion. Justifications, Generalizations, Applieations". IEEE Transactions
on Power Systems, Vol. 4, N

1, Feb. 1989, pp. 44-51.
Zhang Y., WehenkeI L., Rousseaux P., Pavella M. "Transient stability
transfer limits of the Hydro-Quebec system by the hybrid extended equal-
area criterion". Proc. of MELECON, May 1996.
Zhang Y., Rousseaux P., Wehenkel L., Pavella M. "SIME - a comprehensive
approach to fast transient stability assessment". IEEE Japan, Aug. 1996.
REFERENCES 14
Le CIGRI~ a apport6 le plus grand soin/t la r6alisation de cette brochure tMmatique num~rique afin de vous
fournir une information compl~te et fiable.
Cependant, le CIGRt~ ne pourra en aucun cas ~tre tenu responsable des pr6judices ou dommages de quelque
nature que ce soit pouvant r6sulter dune mauvaise utilisation des informations contenues dans cette brochure.
Publi6 par le CIGRt~
21, rue dArtois
FR-75 008 PARIS
T61. : +33 1 53 89 12 90
Fax : +33 1 53 89 12 99
Copyright 2000
Tous droits de diffusion, de traduction et de reproduction r6serv6s pour tous pays.
Toute reproduction, mame partielle, par quelque proc6d6 que ce soit, est interdite sans autorisation pr6alable.
Cette interdiction ne peut sappliquer /t lutilisateur personne physique ayant achet6 ce document pour
limpression dudit document/~ des fins strictement personnelles.
Pour toute utilisation collective, pri~re de nous contacter/t sales-meetmgs(a;,clgre.oAg
The greatest care has been taken by CIGRE to produce this digital technical brochure so as to provide you with
full and reliable information.
However, CIGRE could in any case be held responsible for any damage resulting from any misuse of the
information contained therein.
Published by CIGRE
21, rue dArtois
FR- 75 008 PARIS
Tel : +33 1 53 89 12 90
Fax : +33 1 53 89 12 99
Copyright 2000
All rights of circulation, translation and reproduction reserved for all countries.
No part of this publication may be produced or transmitted, in any form or by any means, without prior
permission of the publisher. This measure will not apply in the case of printing off of this document by any
individual having purchased it for personal purposes.
For any collective use, please contact us at sales-meetings(i~