Keywords

1 Introduction

External natural disasters have been the main cause of grid failures [1,2,3]. In recent years, blackouts caused by natural disasters have occurred from time to time, it has become a consensus that the blackout defense framework extends to the early warning of natural disasters [4]. The spatial and temporal distribution characteristics of natural disaster evolution and the uncertainty of induced grid faults, is urgent to expand the safety and stability analysis based on deterministic criteria to the grid operation risk assessment, and extend the three lines of defense control which are based on the deterministic scenarios of the technical guide for electric power system security and stability control [5], to the risk control of the dynamic fault scenarios.

The concept of risk is the quantification of the degree of risk when an event has not yet occurred. The risk value of an event can be expressed as the product of the loss after the event occurs and the probability value of the event. Reference [6] proposed to replace the uncontrolled loss of power with the loss of active power outage, and to express the risk of power grid operation by multiplying the control cost that must be paid in order to make the event not happen, solving the problem that the power outage loss is difficult to evaluate beforehand.

Reference [7, 8] pointed out the importance of scheduling disaster prevention, and summarized the shortcomings of information collection, risk analysis and control decision-making in dispatching disaster prevention. References [9,10,11] deeply rethought the imperfections of the N–1/N–k deterministic safety guidelines exposed in the rare ice disasters in southern China in early 2008 and Fukushima nuclear spill in Japan in 2011, pointed out that the probability of occurrence of events is relative in the time window and space of interest, clarified the need to expand the connotation of three lines of defense under natural disasters and implement risk control.

Scholars and institutions in China have made preliminary explorations and practices in the field of power grid dispatching and disaster prevention. In 2006, Tsinghua University proposed a grid operation risk assessment system based on credibility theory, developed and applied a risk assessment software that takes into account meteorological factors in Zhejiang Jinhua [12,13,14]. In 2009, NARI proposed a grid security and stability intelligent defense system for adaptive external environment and developed a comprehensive defense system for application in Jiangxi Power Grid [15, 16]. In 2013, Zhejiang University designed a grid security risk management system (SRMS) for dispatch operation, which was applied in Hunan and Anhui power grids [17,18,19] and proposed the functional architecture of grid disaster prevention dispatch system based on big data platform [20] in 2016. East China Power Grid has carried out multi-dimensional grid security risk prevention and control system construction [21], and Central China Power Grid has constructed a meteorological disaster risk analysis and early warning system [22]. At present, it is necessary to review the overall framework of power grid risk prevention and control under natural disasters and the problems and development trends of key technologies for dispatching disaster prevention, based on preliminary engineering practice, to further promote the practical application of power grid operation risk control under natural disasters.

In this paper, we firstly summarize the current status and problems of key technologies such as fault probability assessment of power transmission components, expected fault set generation and screening, operational risk assessment and risk control decision under natural disaster, then the general framework of risk control suitable for the characteristics of natural disasters and compatible with the three lines of defense theory is discussed, after that, several development directions of key technologies are proposed under the framework, aiming at the problem of how to prevent the grid operation risk under natural disasters.

2 Status Quo of Power Grid Operation Risk Control in Natural Disasters

2.1 Probability Assessment of Transmission Components Failure Under Natural Disasters

The traditional grid reliability assessment adopts a fixed annual average failure rate model of components, which is difficult to adapt to the needs of power system operation risk assessment. References [23, 24] compared the essential differences between operational risk assessment, traditional reliability assessment and traditional security analysis, and pointed out it is the difficulty and core technology of operational risk assessment to find the time-varying outage probability of components.

The probability assessment model of transmission component failure under natural disasters is roughly divided into statistical model and mechanism model. Statistical models are generally applicable to medium- and long-term (year, season, month) component failure rate assessment [25], and often face the problem of lack of samples [26, 27]. In terms of mechanism model, scholars have explored the types of common external natural disasters that affect grid safety (such as lightning, heavy rain, ice, mountain fire, typhoon, high wind, insulator contamination, sandstorm, magnetic storm, earthquake, etc.) [28,29,30,31,32,33,34,35,36,37,38]. However, due to the numerous factors involved in the disaster caused by disasters and the complicated mechanism, there are some problems that the model parameters are difficult to be fixed or even difficult to analyze.

In the case of compound disaster research, the Ref. [31] uses the co-factor coefficient and the truncation coefficient to describe the coupling relationship of different disaster factors to achieve the comprehensive failure probability calculation of different disaster paths under the ice hazard. Reference [39] established a fault probability model for transmission components based on the combination of multiple meteorological elements based on grey fuzzy theory. Reference [40] proposed the risk analysis of complex failures caused by complex natural disasters, pointing out that various disaster types and faulty line segments are considered as independent events, in the integration of line failure rates under the action of composite disasters, if the external equipment factors and the physical connection between the lines are accurately taken into account when assessing the failure rate of the grid equipment under each natural disaster. However, the probability assessment under the compound disaster is still mostly based on the study of independent events.

2.2 Contingency Generation and Screening in Natural Disasters

It is highly possible for multiple failure probability to be greater than the probability of N-1 failure [40], on account of the occurrence of natural disasters that drastically change the external operating environment of the power system. Therefore, the contingency under natural disasters is closely related to the evolution process of natural disasters and the operational structure of the power system, which is different from the contingency predefined by dispatchers based on experience in traditional dynamic security analysis (DSA) [39].

Reference [40] divides multiple severe faults into steady-state successive failures and transient successive failures, according to different distribution characteristics of faults caused by different disaster types in time dimension. Reference [42] pointed out that it should be considered the combined effect of single component failure and multiple component failures for the expected fault concentration. Reference [43] qualitatively describes the relationship of values of probability between the “independent N-m fault” and the “relevant N-m fault”. However, the current research on multiple combined faults mainly focuses on cascading failures.

At present, the contingency screening and sorting algorithm in traditional DSA is mainly based on artificial intelligence and transient energy function. Reference [44] defined the performance indicators that reflect the severity of contingency, and put forward an contingency screening comprehensive index method that synthesize these quantitative indicators, to filter out serious contingencies. Reference [45] proposed a method for generating contingencies based on generalized weighted Borda sorting. Reference [46] proposed a method for contingency screening that needs to be recalculated based on the last results of DSA. Reference [47] achieves a quick ordering and evaluation of the severity of the transient power angle stability for a specified N-2 fault set. However, the development speed of natural disasters is much greater than the change of the operating state of the power grid. The contingencies to be evaluated in each time are dynamically changed, which makes the application of the traditional DSA contingency screening method inadaptable. The current solutions are mostly based on the ordering method of combination probability with certain probability thresholds [41, 48, 49].

2.3 Risk Assessment of Power Grid Operation in Natural Disasters

In view of the power systems operation uncertainties, CIGRE proposed the concept of power system operation risk assessment [50] for the first time in 1997, which involves three aspects: disturbance scenarios, possibilities, and severity. The disturbance scenario and its possibilities have been mentioned above, and the severity is emphasized as follows.

The Vittal team of the American Electric Power Research Institute (EPRI) was one of the pioneers to study on power grid operation risk [51,52,53,54]. Reference [53] proposed the overall concept of power grid operation risk online assessment, established the severity functions for low voltage, overload, voltage stability and cascading failures, and studied the software implementation problem [54]. Reference [55] carried out operational risk research earlier in China, and proposed an operational risk indicator to overcome the “shadowing” defect based on Ref. [53]. The operational risk indicators can be divided into out-of-limit-driven (e.g. overload severity) and event-driven (e.g. loss-of-load expectation) indicators [18]. Based on the above operational risk indicators, Refs. [56, 57] took the impact of fault paths and power grid topology into consideration. Reference [58] described the severity of the fault based on the control cost.

With the maturity of the online assessment of grid operation risk, it is urgent to explore the characteristics and online features of relevant engineering indicators [59]. Reference [60] defined the risk indicator structure to retain more risk information and explored the risk rating scheme. Reference [61] used multi-dimensional risk matrix analysis to express the law of risk change, providing new ideas for engineering application of risk indicators.

2.4 Risk Control of Power Grid Operation in Natural Disasters

The power outage defense system in natural disasters includes preventive control, emergency control, correction control, recovery control, and the coordination between them [62,63,64,65]. At present, the mainstream power grid operation control based on the deterministic criteria, is difficult to properly coordinate the safety, stability and economy of the grid operation under small probability and high risk events. The risk control applied in the industrial field is mainly based on the risk management concept to achieve hierarchical management according to the severity level [66].

Preventive control and emergency control technologies based on operation risks have begun to explored domestically. The goal of risk-based preventive control is generally to reduce operational risk or control within an acceptable range in a cost-effective manner [67], and the solution method includes sensitivity method, optimal power flow method and artificial intelligence method [68]. The risk-based emergency control mainly solves the problem of high cost of preventive control and contradiction of preventive control measures, providing measures to control risks for specific disturbance scenarios, and the focus of this research includes startup criteria and timing, control space adjustment, and optimal control strategy development. Reference [69] characterized the risk of post-disturbance system from the possibility of emergency control initiation and system loss, and proposed the risk startup criterion for emergency control. Reference [70] proposed a method for dynamically adjusting the candidate control measures set according to the external environment changes of power grid, and realized the coordination of preventive control and corrective control to adapt to environmental changes. Reference [71, 72] proposed a screening method for security and stability control measures based on risk quantitative evaluation, which realized risk-based thermal and transient stability control. Reference [73] established a coordination model based on risk-based preventive control and emergency control, and pointed out that the emphasis is on emergency control in normal weather and on preventive control in severe weather.

Reference [74] combined risk control with the guide for electric power system security and stability [75] and proposed the basic principles for risk control decisions. However, the possibility and severity of multiple failure scenarios in natural disasters are often higher than conventional N-1 faults. In this case, strict adherence to the guide for electric power system security and stability will miss the opportunity to implement preventive control.

In summary, the power grid operation risk preventive control system and its key technology roadmap in natural disasters can be logically divided into three stages as shown in Fig. 1. It is currently in the transitional period from the second phase to the third one.

Fig. 1
figure 1

Power grid operation risk preventive control system and its key technology roadmap

Full size image

3 General Idea of Power Grid Operation Risk Control in Natural Disasters

3.1 Extension of the Three-Defense-Lines for Risk Control Adapting to Natural Disasters

According to the requirements of the technical guide for electric power system security and stability control [5], the traditional three-defense-lines control is divided into three levels of different severity based on the failure mode, each of which corresponds to one defense line. Among them, the characteristics of preventive control and emergency control are that the disturbance scene is determined in advance (N-1/N-k specified in the guidelines), which is not suitable for the need of random multiple disturbance defense in natural disasters. For example, in the process of increasing the impact of natural disasters on the power grid, it should trigger corresponding emergency plans, which has entered the emergency control stage from the perspective of disasters, but the traditional three-defense-lines system does not have an effective solution to the prevention control phase. Therefore, it is necessary to review the traditional three-defense-lines from the perspective of natural disaster risk, as shown in Fig. 2. As the evolution of natural disasters intensifies, risk early warning, risk preventive control, and risk emergency control are implemented separately, based on the comparison of power grid operation risks and related thresholds. Its triggering criterion is only related to the relative risk value, and no longer to the failure mode of three-defense-lines.

Fig. 2
figure 2

Comparison of three-defense-lines from different perspectives

Full size image

3.2 Risk Assessment and Control Process of Power Grid Operation in Natural Disasters

Compared with the traditional reliability assessment and power system security and stability analysis, the power grid operation risk assessment and control referred to in this paper is aimed at uncertain factors such as natural disasters and equipment status in the short-term scale (e.g. minute, hour and day), giving a comprehensive measure of likelihood and severity, and the scope of the study covers the risk early warning, risk preventive control and risk emergency control shown in Fig. 2. The control process includes probability calculation, contingency generation and screening, severity calculation, risk assessment and sequencing, risk early warning, and risk control decision making, as shown in Fig. 3.

Fig. 3
figure 3

Operation risk control flow of power grid under natural disasters

Full size image

The description of the improvement ideas and methods of several key technologies of the process mentioned above is as follows in order to enhance the feasibility and credibility of risk control decision making.

4 The Development Direction of Key Technologies for Power Grid Operation Risk Control in Natural Disasters

4.1 Improvement Direction of Probability Assessment Model

The failure mechanism of transmission components in natural disasters is complex for involving many factors. It is almost impossible to accurately calculate the instantaneous failure probability caused by disasters. Therefore, fully integration the advantages of the mechanism model and the statistical model is the development trend of the failure probability assessment model in natural disasters. With the post-evaluation of the online probability assessment results and its application in the improvement of model parameters, it is the engineering feasible method to screen out the key components that severely affected by the disasters.

At present, the failure probability of a transmission component in natural disasters can generally be abstractly described as follows:

$$ P = f(X,k,D) $$
(1)

where P is the failure probability of the transmission component, X is a severity variable of the natural disasters associated with the disaster-causing mechanism and pathway, which may be a predicted value, a measured value or a fitted value, and k is the PID coefficient in the model, D is the threshold value associated with the disaster-tolerant capacity of transmission components.

It is necessary to explore the comprehensive evaluation indicators and prior knowledge to improve the practicality of the probability assessment model of transmission components in natural disasters, supporting to indicate the direction of improvement for model parameters k and D with small sample data, which can make the probability assessment results agree with operators’ experience.

4.2 Improvement Direction of Contingency Generation and Screening Method

The law of space-time evolution of natural disasters shows that it is unreasonable to filter the contingency only by specifying the number of failure multiplicity and the maximum failure scale. And if representing the massive failure simply in the form of simultaneous faults, the disturbance on power grid may be amplified artificially. Therefore, the contingency generation in natural disasters should take the characteristics of disaster homology, and the spatial and electrical coupling characteristics of transmission channels into account. The sorting indicators which are closely related to natural disasters and the concerned trends of power grid operation risks should be introduced in contingency screening. It is accurate to sort contingency based on the final risk assessment results, but it is not feasible. It is necessary to study the method of estimating the risk in natural disasters beforehand based on the information of the number of failure multiplicity, the failure probability, and the security and stability margin of last assessment.

Under the natural disaster, the contingency set (CS) is made up of the concerned and detected faulty components in the form of exhaustively combination with a probability threshold. According to the trend of disaster development and the operating state of power grid, the successive contingency set (SCS) with disaster simultaneity or correlation is a subset of CS. Considering that it is impossible and unnecessary to analyze the impact of each contingency on power grid operation risk in the risk assessment and early warning, the risk-evaluating contingency set (RECS) for evaluation is composed only of high-risk failures, which is a subset of CS with the SCS prioritization.

4.3 Improvement Direction of Risk Assessment

The power grid operation risk R can be described as the maximum value of the product of the probability Pi and the severity Si in case of contingency scenarios i which is belonging to the RECS. The formula is as follows,

$$ R = \mathop {\hbox{max} }\limits_{i \in RECS} \{ P_{i} S_{i} \} $$
(2)

There are three main types of assessment methods for the severity of a contingency: power outage loss, security margin and control cost. And the different dimensional severity is difficult to accumulate directly. On the other hand, risks have ambiguous and relative attributes, so strict and precise values are not engineering-instructive [59]. Therefore, the risk definition needs to be flexible and open, and the technical route of the segmentation grading risk that meets the relevant operational specifications in engineering is more reasonable and feasible. For the case that there are multiple types of severity levels caused by the same failure scenario, the following saturation processing is recommended, in order to eliminate the “shadowing” effect caused by a large number of low-level severity overlays.

$$ S_{i} = \hbox{min} {\text{\{ }}S_{i\_\hbox{max} } { + }\sum\limits_{{j \in S_{i} ,j \ne i\_\hbox{max} }} {k_{j} S_{i - j} } ,\begin{array}{*{20}c} {} \\ \end{array} S_{i - \hbox{max} + 1} \} $$
(3)

where, Si represents the severity level of the contingency scenario i, Si_j is the jth type severity level, kj ∈ [0,1] represents the corrective factor of the jth type severity level, and Si_max is the maximum of each type of severity level, Si_max+1 represents the highest level, the severity level of which is one level higher than Si_max and does not exceed the evaluation model.

In the process of risk early warning, information such as the leading factors related to risk and the key components of risk preventive control should also be retained.

4.4 Improvement Direction of Optimization Method of Risk Control Decision Making

If power grid operation risk is greater than the risk acceptance threshold, the risk control function will be activated. However, the traditional optimization model, which targets the minimum control cost with rigid security and stability constraints under the severe fault caused by natural disasters, does not meet the needs of risk control in natural disasters. On the other hand, it is necessary to dynamically identify and prioritize different control measures according to the grid operation risk level, due to the evolution of disasters changes the controllable measures space.

In order to control power grid operation risk to the acceptable level in a certain time window, the risk preventive control model in natural disasters is established as follows, which meets the power flow equation constraint, and control variables meet control space and their ordering requirements as constraints. The formula is as follows,

$$ \begin{array}{*{20}l} {\hbox{min} } \hfill & {\left\| {{\mathbf{R}}_{t} - {\mathbf{r}}} \right\|_{2} } \hfill \\ {s.t.} \hfill & {g({\mathbf{u}},{\mathbf{x}}) = 0} \hfill \\ {} \hfill & {{\mathbf{u}} \in {\mathbf{A}}_{cmr} } \hfill \\ \end{array} $$
(4)

where, Rt represents the power grid operation risk vector within a certain time window (e.g. 30 min), r represents the vector consisting of acceptable thresholds for operational risk in this time window, ||∙||2 represents the 2-norm of the vector, g represents the power flow equation, x is the static power flow variable vector, u is the vector of control variables, Acmr indicates the adjustment space of the control variable with the adjustment priority.

Compared with the traditional security and stability preventive control optimization model [76], which reflects the economic indicators in the objective function and describes it as the optimal control cost, this paper maps economic indicators to Acmr in constraints, and it demonstrates an acceptable economic cost with controllable measures of space and priority that match the level of risk. Different from the rigid constraints that state variables belong to the security domain in traditional model, this article implies the security indicator in the operational risk of the objective function, and allows the existence of residual security operation risks after taking preventive control measures (corresponding to the risk acceptable threshold r).

5 Conclusion and Outlook

This paper summarizes the status quo of power grid operation risk control in natural disasters, and discusses the overall framework of risk control suitable for natural disasters and compatible with the three-defense-lines theory. In this framework, the improvement idea and method was put forward to develop failure probability assessment, contingency generation and screening, risk assessment early warning and risk control decision optimization.

From the perspective of continuously promoting the practical application of power grid operation risk control in natural disasters, this paper still has the following defects. The coordination of prevention and emergency control in natural disasters is mentioned but not discussed in-depth. Key technologies for power outage time and recovery control caused by disasters are not involved. The technology of multi-level dispatching and collaborative disaster prevention among different departments is not involved. Finally, it is necessary to establish power grid operation risk control criteria in natural disasters to guide related work.