Analysis of EMS Outages

Size: px

Start display at page:

Download "Analysis of EMS Outages"

Donald Hamilton
6 years ago
Views:

1 Analysis of EMS Outages Venkat Tirupati, LCRA, Supervisor EMS & Advanced Applications NERC 2 nd Annual Monitoring and Situational Awareness Conference September 22, 2

2 Agenda Introduction Common themes with examples Analysis of EMS outage restorations Contributing and Root Cases Q & A 2

3 Introduction Energy Management Systems (EMS) are extremely reliable EMS Outages increase the risk to the reliability of the grid From October 26, 2 September, 2 86 Category 2b events reported From October, 2 September, 2 7 Category 2b events & 57 Category h events reported entities reported either a h or a 2b or both 7 experiencing multiple outages Several noticeable themes

4 Introduction Event Category (Oct, 2 Sept, 2) 2b - Complete loss of SCADA, control or monitoring functionality for minutes or more - 7 h - Loss of monitoring or control, at a control center, such that it significantly affects the entity s ability to make operating decisions for continuous minutes or more - 57 Examples include, but are not limited to the following: I. Loss of operator ability to remotely monitor, control Bulk Electric System (BES) elements, or both - 5 II. Loss of communications from SCADA RTUs - 6 III. Unavailability of ICCP links reducing BES visibility - 7 IV. Loss of the ability to remotely monitor and control generating units via AGC - 6 V. Unacceptable State Estimator or Contingency Analysis solutions - 2

5 Introduction Event Category Counts (Oct, 2 Sept, 2) Event Category Counts 25 2 Event Count b - Complete h.i - Partial h.ii - RTUs h.iii - ICCP h.iv - AGC h.v - SE/CA Event Analysis Category 5

6 Common Themes for Complete Outages Facilities maintenance affecting EMS Planned UPS work led to events. Software failures Bugs in network infrastructure firmware Latent bugs in network encryption software Bug in vendor front end code Incorrect scripts Configuration Firewall Improper VLANs Switch Memory allocation File system mounts 6

7 Common Themes for Partial Outages Software bugs Contingency Analysis code ICCP code AGC code Initialization routines Modeling of external network Inadequate Incorrect statuses Incorrect tap positions Human Performance Error Set tuning parameters Turn on automatic SE/CA runs Alarm for failed SE/CA runs 7

8 Common Themes for Partial Outages External Vendor or Contractor Leased lines from ATT, Verizon etc. SONET ring maintenance Hardware failure NIC Cards Inverters Routers Failover Testing Incorrect procedures Missing files Corrupted executables 8

9 Analysis of Complete Restoration Times (Oct, 2 Sept, 2) 25 Mean Complete Outage Restoration Time = 6 Minutes 2 Restoration in Minutes Events Complete Outage Restoration Time Mean Complete Outage Restoration Time 9

Characteristics of Complete EMS Outages (Oct, 2 Sept, 2) 8 6 No, 5 No, Number of Events 2 8 6

10 Characteristics of Complete EMS Outages (Oct, 2 Sept, 2) 8 6 No, 5 No, Number of Events Yes, 2 No, 6 Yes, 2 Yes, Scheduled Maintenance Activity occurring CIP related Activity Weekday

11 Complete Outage Time of the Day (Oct, 2 Sept, 2) Number of Events 2 2 : - 2: 2: - : : - 6: 6: - 8: 8: - : : - 2: 2: - : : - 6: 6: - 8: 8: - 2: 2: - 22: 22: - 2: Scheduled Maintanance in progress Outage Unforeseen

12 Characteristics of Complete EMS Outages (Oct, 2 Sept, 2) 2 No, 5 8 No, 57 Number of Events 6 No, 9 Yes, 86 Yes, 2 Yes, Scheduled Maintenance Activity occurring CIP related Activity Weekday 2

Complete Outage Time of the Day (Oct, 2 Sept, 2) 2 6 Number of Events 8 6 2 5 9 8 8 7 7 2 5 5 5 2 2 : - 2: 2: - : : - 6:

13 Complete Outage Time of the Day (Oct, 2 Sept, 2) 2 6 Number of Events : - 2: 2: - : : - 6: 6: - 8: 8: - : : - 2: 2: - : : - 6: 6: - 8: 8: - 2: 2: - 22: 22: - 2: Scheduled Maintanance in progress Outage Unforeseen

14 Analysis of Partial Restoration Times (Oct, 2 Sept, 2) 2 Mean Partial Outage Restoration Time = 6 Minutes Restoration Time in Minutes Total Partial Outage Restoration Time Mean Partial Outage Restoration Time

15 Characteristics of Partial EMS Events (Oct, 2 Sept, 2) 6 5 No, 2 Number of Events No, No, 5 2 Yes, Yes, 2 Yes, Scheduled Maintenance Activity occurring CIP related Activity Weekday 5

Partial Outage Time of the Day (Oct, 2 Sept, 2) 9 8 7

16 Partial Outage Time of the Day (Oct, 2 Sept, 2) Number of Events : - 2: 2: - : : - 6: 6: - 8: 8: - : : - 2: 2: - : : - 6: 6: - 8: 8: - 2: 2: - 22: 22: - 2: Scheduled Maintanance in progress Outage Unforeseen 6

17 Trend of the outage restoration time Mean Complete Outage Restoration Time Mean Partial Outage Restoration Time 7 6 Restoration Time in Minutes

18 2b Outage Restoration Time vs. Category vs. Event count Restoration Time of Minutes Number of Events EMS Hardware EMS Software Facilities Network Infrastructure Outage Event Category 8

19 h Outage Restoration Time vs. Category vs. Event count Restoration Time in Minutes Number of Events EMS Hardware EMS Software - Ex Vendor EMS Software - HP EMS Software - Network Model EMS Software - Vendor Bug Facilities Network Infrastructure 2 Mean Outage Restoration Time Count 9

20 Root Causes by Category AX-Overall Configuration % AZ-Information LTA 2% A- Design/Engineering 5% A2- Equipment/Material 2% A5- Communication % 2 A- Management/ Organization % A-Individual Human Performance %

21 Root Causes Top Root Causes Information to determine cause LTA (AZ) Testing of Design/Installation LTA (ABC2) Software Failure (A2B6C7) Insufficient Job Scoping (ABC8) Inadequate Risk Assessment of Change (AB5C) 2 2

22 Contributing Causes by Category A7 - Other % A6 - Training % A5 - Communication 8% AX - Overall Configuration A - % Design/Engineering 6% A - Management/ Organization 26% A2 - Equipment/Material % A - Individual Human Performance 9% 22

23 Top Contributing Causes Top Contributing Causes Software failure (A2B6C7) Design output scope LTA (AB2C) Inadequate vendor support of change (AB5C) Undesired operation of coordinated systems (A2B7C) Defective or failed equipment (A2B6C) Testing of Design/Installation LTA (ABC2) Communication path LTA (A2B7C) System interactions not considered or identified (AB5C5) Post maintenance/post-modification testing LTA (A2BC) Inadequate Risk Assessment of Change (AB5C) 5 A2B6C7 AB2C AB5C A2B7C A2B6C ABC2 A2B7C AB5C5 A2BC AB5C AB2C8 A2BC2 A5B2C8 A2BC AXB AXB2 ABC AB2C AB2C5 ABC ABC8 AB5C A5BC A5BC AZBC2 A2B2C ABC8 A5BC A7BC2 AX AB2C5 AB5C2 A2B7C2 ABC2 ABC6 ABC ABC ABC9 AB2 AB2C8 AB ABC9 AB5C9 A6BC2 A7B A7B 2

24 Things we all can improve.. Change management particularly job scoping Use of EMS test systems such as QA/QC, DEV etc. Network infrastructure testing Routine failover testing Vendor relationship Communication Internal/External Training 2

25 Contact Information: 25

Analysis of EMS Outages

Analysis of EMS Outages Venkat Tirupati, LCRA, Supervisor EMS SW & Advanced Applications NERC 3 rd Annual Monitoring and Situational Awareness Conference September 29-30, 2015 Agenda Introduction Common