Abstract
1- Introduction
2- Understanding serverless computing
3- Emergency generation dispatch in case of loss of EMS or SCADA
4- Cloud-hosted framework for emergency generation dispatch
5- Serverless-based emergency dispatch solution
6- Conclusion
Appendix A. Supplementary material
References
Abstract
Operating a modern power grid reliably in case of SCADA/EMS failure or amid difficult times like COVID-19 pandemic is a challenging task for grid operators. In [11], a PMU-based emergency generation dispatch scheme has been proposed to help the system operators with the supply and demand balancing; however, its realization highly relies on the control center infrastructure for computing and communication. This work, rather than using the on-premises server and dispatch communication system, proposes and implements a cloud-centric serverless architecture to ensure the operation continuity regardless of local infrastructure’s availability and accessibility. Through its prototype implementation and evaluation at ISO New England, the solution has demonstrated two major advantages. Firstly, the cloud infrastructure is independent and fault-tolerant, providing grid monitoring and control capability even when EMS loses the corresponding functionality or when operators need to work remotely away from the control center. Secondly, the overall design is event-driven using serverless cloud services in response to the SCADA/EMS failure event. Thanks to “serverless”, the burden of the server provisioning and maintenance can be avoided from the user side. The cost of using public cloud services for this solution is extremely low since it is architected and implemented based on the event-driven Function-as-aService (FaaS) model. This work also develops a comprehensive cyber security mechanism to comply with critical infrastructure requirements for the power grid, which can serve as an exemplary framework for other grid operators to secure their cloud services.
Introduction
Power grid is a typical cyber-physical system [1], which means that at any time, there is not only the energy flow travelling from one location to another in the network, but also information flow moving across the power grid and control centers. Secure and reliable grid operation requires controlling the energy flow in a manner that supply and demand can be well balanced in real time by employing the information flow. Ensuring the information moves as expected is thus a prerequisite for the sustained operation of power systems under normal conditions. Alternatively speaking, any interruption of information flow would disturb the right behavior of energy flow, and further undermine the system’s secure and reliable operation.
To enable real-time monitoring and data acquisition that is essential for the system operation and control, the modern power grid primarily relies on the Supervisory Control and Data Acquisition (SCADA) system, which is tightly coupled with the Energy Management System (EMS) to guarantee the critical information is transferred reliably. After decades of development, the SCADA/EMS has been designed to be fault-tolerant and highly available. The system is usually built with physical redundancy by means of dual servers and software redundancy through in-memory data replication mechanism [2]; however, loss of SCADA/ EMS system, either partially or entirely, could still happen from time to time. Statistics show that in the past four years from October 2013 to April 2017, there are 318 such events reported to North America Electric Reliability Corporation (NERC), the regulatory authority in North America who develops and enforces electric power grid reliability standards. In this report, communication interruption was found to be the major factor leading to these system failures [3]. According to a guideline developed by NERC, loss of SCADA or EMS is categorized as an “Emergency”, and each Transmission Operator and Balancing Authority (BA) must have operating procedures and plans to mitigate its effects on the grid operation [4].