to provide sufficient detail for transient analysis, expanded internal generator represen-

tation is accomplished by mapping any aggregated machine output to an assumed ex-

plicit machine output as derived from more detailed planning models. The first step in
creating a transient stability base case, therefore, is to internally expand the latest state
estimate and to solve the expanded case.
6.3.1.2 Modeling the External System
The external equivalent portion of the Southern state estimator network model is also
inadequate for performing transient stability analysis, again primarily because of insuf-
ficient machine detail. A replacement external equivalent is generated from a reference
planning base case that has a custom-built, dynamically reduced external model. The
second step in creating a transient stability base case is to remove the external equiva-
lent from the state estimate and to attach the dynamic equivalent. In order to balance
the dynamic equivalent to the state estimate, first the boundary buses of the state esti-
mate are temporarily treated as swing buses, with voltage magnitude and angle set to
state-estimate values.
The transient base case is iteratively solved, distributing boundary swing mismatch-
es to external buses using distribution factors based on short-circuit impedance from
the swing to those external buses. This methodical distribution of the balancing injec-
tions helps to maintain a relative voltage profile in the equivalent external system that
is similar to its preinjection state, which contributes to similarly robust performance
during the power flow solution. Once convergence on each boundary swing is within
some tolerance (i.e., 50 megawatts), the remaining mismatch is added as load to the
boundary bus. The bus types of the boundary buses are then restored and the base case
is finally solved using a standard NewtonRaphson iterative technique.
One unique aspect of this enhanced state estimator model is a highly reduced exter-
nal system, which provides a virtually identical dynamic response as the much larger
original from which it was derived. An empirical process was developed to build this
special dynamics-ready external equivalent, which included use of a small-signal
analysis program to identify the interarea modes of oscillation that should be retained.
After extensive experimentation, a set of parameters relating to mode shape and unit
participation was successfully developed to identify the critical generator buses that
must be retained in order to successfully preserve the dynamic behavior of the much
larger original model. For any interarea modes in which Southern Company units ei-
ther contribute to or are impacted by the oscillations, all generators participating above
certain thresholds are explicitly retained. A study area including the Southern control
area and a few buses into the neighboring systems have also been preserved, along
with the 345 kV and above network for the entire Eastern Interconnection. The EPRI
DYNRED program was then used to identify coherent machines using the weak links
method, and subsequently to aggregate any nonretained coherent generators into a sin-
gle classical machine model.
6.3.1.3 Benchmarking the Results
A comparison of time-domain simulation results from the base case and the reduced
case is shown in Figure 6-4. The solid line represents an observed power swing in the
146 ONLINE DYNAMIC SECURITY ASSESSMENT AT SOUTHERN COMPANY
c06.qxd 11/24/2008 8:49 AM Page 146
original base case, and the dashed line represents the same generator in the heavily re-
duced equivalent case. A severe disturbance consisting of a critical stabilizer out of
service as the base condition, followed by a normally cleared three-phase fault on a
500 kV tie line at the edge of Southern Companys control area, was selected as one of
the benchmark contingencies.
As illustrated in the previous figure, the dynamic behavior of the much larger origi-
nal model is quite accurately captured in the custom-built, dynamically reduced model,
and the results are obtained with only 15% of the CPU time required for the original
case. The initial reduction yielded a CPU time of 30% of the original case. The reduc-
tion also eliminated some numerical instability, whereby the reduced model can now
be simulated using a half-cycle, rather than a quarter-cycle, time step. A summary
comparison of the two models is shown in Table 6-1. The CPU time represents a total
number of seconds for the entire set of benchmark contingencies evaluated.
6.3.1.4 Preparations for Dynamic Simulation
Base-case preparation is performed in the SCADA/EMS environment on Unix
servers. Once created, the transient stability base case is transferred to the DSA win-
dows server for analysis. To allow machine dynamics data and contingency defini-
tions to be defined on the DSA server, a static bus-numbering convention is used.
The final step in creating the transient stability base case is to renumber the buses
6.3 TRANSIENT SECURITY ASSESSMENT IMPLEMENTATION 147
Figure 6-4. Power swing in base case and reduced case.
c06.qxd 11/24/2008 8:49 AM Page 147
and then to convert the case to PSS/E format. Once the case creation process is com-
pleted, the base case is transferred to the TSAT server, which is further described in
Section 6.3.2.
When the transient case is initialized in TSAT, a number of checks are performed to
ensure the quality of the simulations in the presence of spurious state estimation or ex-
treme conditions. These checks include updating governor limits to reflect the mea-
sured unit output, netting out units with load when a steady-state negative field current
is calculated, and adjusting the rating of devices to ensure a reasonable initialization.
All these checks may be enabled or disabled while the system is online.
The contingency list is generated each cycle using generic criteria applied to the
current power flow and dynamic data. At the Southern installation, these generic cri-
teria specify three-phase faults on branches emanating from generator high voltage
buses in the Southern area. The only input requirements are the area identifier for
Southern, the minimum MVA rating of generators for a contingency, and the fault
clearance times. Other contingency types are available as well, such as unit tripping
or common tower events. By using generic criteria, the contingency list adapts to the
current configuration of the system and ensures coverage throughout the Southern
area.
6.3.2 System Architecture
Southerns online TSA system is based on two pieces of software from Powertechs
DSATools package, TSAT and DSA Manager.
The TSAT (Transient Security Assessment Tool) is the computation engine that ac-
tually performs TSA. TSAT uses time-domain simulations as the core technology
from which a number of TSA functions are built, including swing-based stability mar-
gin calculation, Prony analysis for damping determination, a versatile stability limit
computation module. Special features for online applications are also included, such as
early termination of simulations and automatic detection and correction of bad data in
real-time cases.
The DSA Manager is the interfacing module for online operation. It provides three
main functions: (1) data connection between SCADA/EMS and TSAT, (2) online sys-
tem configurations, and (3) computation monitoring and result visualization. Shown in
Figure 6-5 is the conceptual overview of Southerns SCADA/EMS system. Figure 6-6
shows the online TSA system architecture.
148 ONLINE DYNAMIC SECURITY ASSESSMENT AT SOUTHERN COMPANY
Table 6-1. Size comparison of base and reduced case
Original Reduced % of Original
Buses 43,138 7,977 18.5%
Branches 57,740 16,950 29.5%
Machines 7,019 2,548 36.3%
D-States 296,086 111,254 37.6%
CPU time (sec) 9,285 1,405 15.1%
c06.qxd 11/24/2008 8:49 AM Page 148
The TSA software (TSAT and DSA Manager) processes the cases primarily on the
DSA Client (a workstation with dual 2.4 GHz Xeon CPU), with options to include
multiple servers so as to distribute computation scenarios. Users can access TSA re-
sults on the DSA Client as well as on any workstations in the network on which the
DSA monitoring software is installed.
The initial phase of the TSA project implemented at Southern in June 2005 has the
following capabilities and features:
The real-time system snapshots are created on an hourly basis.
For each system snapshot, roughly 250 contingencies are processed to evaluate
transient security of the system. This study cycle takes about 30 minutes without
optional computation servers.
Security assessment results, including insecure contingencies, stability margin
information, swing curves, and so on, can be examined on any workstations
properly configured by operators, operation support engineers, and planners.
6.3 TRANSIENT SECURITY ASSESSMENT IMPLEMENTATION 149
DAC
EMS2000
APN
DAC
EMS2000
APS
DAC
System
Control
Center
EMS2000
GLF
Scheduling
System
DAC
EMS2000
PCC
EMS2000
GPC
DAC
EMS2000
SAV
DAC
DAC
EMS2000
MPC
DSA
Manager
Advanced
Applications
Environment
Southern Company Transmission
Figure 6-5. Conceptual overview of Southern Company Services SCADA/EMS. The
EMS2000 PCC bubble refers to the Power Coordination Center SCADA/EMS. The
other bubbles, such as EMS2000 APS, refer to the SCADA/EMS of the operating
companies.
c06.qxd 11/24/2008 8:49 AM Page 149
Real-time cases of up to one month are archived in a form that can be directly
opened in TSAT. These cases can be readily used for various off-line scenario
studies.
6.3.3 Examples and Operation Experiences
Southern Company has already derived significant benefit from incorporating key re-
sults of this real-time stability assessment into the reliability decision-making process.
Following Hurricane Katrina in late August and early September of 2005, hourly real-
time studies revealed problems with damping and transient voltage recovery in Missis-
sippi and Alabama. Additional studies were quickly performed offline to determine
safe generation limits in the Gulfport/Biloxi (Mississippi), Mobile (Alabama), and
Pensacola (Florida) areas as the transmission system was being restored. On other oc-
casions during periods of heavy transmission system maintenance, certain other gener-
ators were identified as contributors to stability limit violations, and appropriate sys-
tem adjustments were then made to alleviate the reliability concern.
Although the initial online TSA implementation can presently be made available to
Southern Company transmission system operators, results are presently monitored by
an operations support engineer on an as-needed basis. Deployment to real-time floor
operations is being deferred until the next phase of development (as described in the
next section) is complete, and a suitable operator training program has been developed.
6.3.4 Future Development Plan
Recognizing the benefits that the initial implementation of the online TSA system
bring, Southern and Powertech are working together on the next phase of the develop-
ment which will include the following:
150 ONLINE DYNAMIC SECURITY ASSESSMENT AT SOUTHERN COMPANY
Ethernet
EMS
Real-time
system
snapshot
DSA Client
Optional
computation
Servers
Figure 6-6. Southerns on-line TSA architecture.
c06.qxd 11/24/2008 8:49 AM Page 150
Enhancing the selection of contingencies to be evaluated.
Increasing the processing power; multiple servers will be used to distribute com-
putation scenarios.
Improving the system reliability; a dual client structure will be used to allow bet-
ter failover protection. This is already a standard feature in DSA Manager.
Including advanced analysis features; under consideration are stability limit
computation and preventive control measure determination, which are also stan-
dard features of TSAT and DSA Manager.
Including other security assessment options; voltage security assessment using
Powertechs VSAT software will be added.
Integrating summary results of the stability studies into Southerns SCADA/
EMS alarms processing subsystem.
6.4 CONCLUSIONS
The implementation of online DSA systems is growing worldwide and the deployment
of this advanced technology is expected to improve the real-time security and, hence,
the reliability of power systems. Though not insignificant, the cost and effort required
to install online DSA tools are minor compared to the benefits of reducing the volume
of offline studies required and, more importantly, the benefits of identifying and avoid-
ing potential security problems in the systems so as to reduce the risk of blackouts.
Based on practical experience, a process of DSA system integration is presented
that can assist utilities and grid operators in addressing key issues during the specifica-
tion, development, and installation of such tools. An online DSA project implemented
at Southern Company Services is discussed to illustrate the viability and practicality of
such applications, even for large complex power systems. The penetration of online
DSA tools is expected to continue to grow as operators seek timely and cost-effective
approaches to enhance system performance. In the meantime, work is continuing on
new methods of online analysis, advanced preventive and corrective control tools, and
improved hardware architectures.
6.5 REFERENCES
[1] IEEE/CIGRE Joint Task Force on Stability Terms and Definitions, Definition and Classi-
fication of Power System Stability, IEEE Transactions on Power Systems, Vol. 19, No. 2,
pp. 13871401, August 2004.
[2] CIGRE WG C4.6.01 Special Task Force publication on Review of On-line Power System
Security Assessment Tools and Techniques, January 2007.
[3] V. Vittal, P. W. Sauer, and A. P. Meliopoulos, On-line Transient Stability Analysis Scop-
ing Study, PSERC Final Report, 2005, http://www.pserc.org/cgi-pserc/getbig/publicatio/
reports/2005report/ vittal_pserc_report_s-21_2005.pdf.
[4] K. Morison, L. Wang, and P. Kundur, Power System Security Assessment, IEEE PES
Power and Energy Magazine, September/October 2004.
6.5 REFERENCES 151
c06.qxd 11/24/2008 8:49 AM Page 151