Western Power supplies a large percentage of the state of Western Australia with electricity. Our power stations and power grid do not attach to or interface with any other company's power grid, ie we are a stand alone power utility. I have just been advised that some of our SCADA engineers believe our GE Harris 9000 series SCADA (running on an AIX operation system) can be switched to manual operation. Basically, the belief is wherever there is an automated system, there is also a manual override. Remember that this switching will take a finite amount of time using a finite number of staff members. Some others in our organisation dispute the manual operation idea. The questions I put forward to this forum are: 1) Can the SCADA system be successfully switched into manual, albeit for a brief time? Hours, days, weeks??? 2) The same SCADA system has a base/start date of 1973 and include events that utilise the day of the week. One contingency plan in the offing is to roll-back the SCADA system's date 28 years so that the leap year matches the days of the week. The problem I have is if we roll-back our SCADA system 28 years to 1972 will the SCADA accept a date one year before the base/start date? (This may not work with some old PC based systems either.)

-- Anonymous, April 14, 1998

Answers

By operating the SCADA/ EMS in a manual mode during the Dec 31, 1999 period, are you expecting to cross the hurdle ? Manual operation in the context of SCADA/ Energy Management System conveys a different picture as compared to any other automation system. SCADA is a real-time system and there is nothing like a manual operation. You basically have a Supervisory mode, wherein a person or subsystem assists the SCADA system to carry out a task. Take for example, a Circuit Breaker tripping - in a normal mode the SCADA system will sense the state of the breaker by acquiring the status of interposing relays and then proceed to CLOSE/ OPEN the breaker. In a supervisory mode, an operator will click on a console the status of the interposing relay which may not be acquired due to some telecommunications problem. Hence you CANNOT operate a SCADA/ EMS in a MANUAL mode.

About the roll-back for the SCADA system to 28 years - the SCADA software is built above the Operating System Kernel. The OS time stamping or UTC is used by the SCADA software modules. Hence any manipulation with the time in a SCADA system basically involves the OS kernel. To start with, a compliant version of OS (in your case AIX 4.15) has to be installed and then the SCADA modules have to be scanned for any two digit date representation.

Hope I have made the picture clear.

-- Anonymous, April 22, 1998

Mr. Rajsekar is correct. There is no real manual mode for entire SCADA or EMS system. You could however use the system to monitor and display, but to do no control. Perhaps that's what the others mean.

There is also the possibility of running the power system without the aid of any SCADA or EMS system. As evidence that this is possible, consider the fact that a few decades ago there were no SCADA or EMS and that some power companies still today don't own one.

Neither SCADA nor EMS are critical systems in the sense that if they fail the lights go out. Their purpose is, to (1)increase reliability and security (2)save labor, (3)allow economic optimization. While imporatnt, none of these qualify as mission critical

-- Anonymous, April 30, 1998

Our SCADA and DCS/EMS systems are highly integrated into our generation, transmission and distribution operations. Although it may be feasible to run these systems in non-automatic, I believe that this would be physically impractical or even impossible. When you consider that the design and operation of an automatic system usually accommodates such items as; boiler temperature/pressure, flame control, automatic load and frequency adjustments/compensations, cooling water controls, steam regulation, the list goes on. A large number of devices that ensure human safety in a plant are tied into automatic systems. Put the systems in manual and you possibly override the safeties.

Talking from experience, the systems I've inventoried so far have complete control over most (if not all) of the operation and several safety functions. New systems have been installed into older stations that have had ALL of their old controlling and monitoring equipment removed or disconnected. The staff who knew the old systems backwards have been made redundant or have been shifted sideways. Brand new stations are now being installed that have full computer control.

Every now and then people have to maintain automated systems and isolate part of the system or switch it into manual override. A good design should allow for this, its crazy to think that anything is that automatic does not sometimes require human intervention to replace a bearing, filter, panel etc. It should be standard practice to incorporate these segmented manual overrides into any automated system but I doubt it if you could put the entire automatic system in manual operation. It could be disastrous.

According to power station operations staff, a power station can be operated in manual. But you would more than likely override some safeties and they don't have the people to run in manual anyway. By placing the SCADA system in manual, again if we had the people, station staff would be driving blind and would not know how many generating units to run up nor how much power to output. To much power output will trip other station on the grid whilst not enough will possibly trip your own.

Can humans match the control and monitoring speed required to run a station? Will we be able to communicate efficiently and effectively with others in distant parts of the SCADA system to retain full control?

The only ones on the planet who can not worry about receiving power are those who are supplied by stations that have OLD clunkers with no automated systems. Every thing else requires investigation.

I do agree with Dick Mills that these automated systems:

(1) Increase reliability and security

(2) Save labour,

(3) Allow economic optimisation.

But I disagree with his statement "While important, NONE of these qualify as mission critical". I would rather say that a few of these don't qualify as mission critical. The job is to find the ones that are mission critical.

-- Anonymous, April 30, 1998