The assessment of probabilities and risk of rare events in electric power industry

Issues related to the assessment of probabilities for significant but rare events, extreme and catastrophic situations in the electric power industry are herein examined and analyzed. Special attention is paid to methods of the quantitative assessment of technological risk and its factors. Certain examples

In view of possible disastrous consequences of failures and incidents in the operation of complex technical systems (CTS) the problem of their functioning reliability assessment both at the stage of design, the selection of basic technical solutions and during the operation is one of the priority objectives when studying the problems of the human and environmental safety assurance.The task is significantly complicated for unique CTS because of the lack or limitation of statistical data on the reliability of such systems under actual operating conditions and any unavoidable uncertainties in the assessment of their behavior in case of any rare design and "beyond-design" situations associated with equipment failures, human errors, various external influences caused through the incomplete knowledge about real operating conditions.
The problem of the assurance of human safety and potentially hazardous facilities has been and remains very urgent.It turned to the scientific category because of revealing severe after-effects of rare events arising with a "near-zero" probability.
The safety is in most cases defined as a condition when under threat the level of possible harm to property or personnel is assessed through a risk category with its values not exceeding the permissible (standard) value [1].The essence of the problem is the quantitative assessment of the degree of danger (risk) and its admissible levels.Danger is herewith considered as an objectively existing possibility of a negative impact on the society, an individual and environment, which may result in social harm, technological, economic or environmental damage.Risk here characterizes any potential danger, the possibility for the implementation of negative events (any worst alternatives) causing harm.
The assessment of the risk of extreme, emergency and catastrophic situations occurring in energy systems consists in the need to assess their probabilities.The main complexity of such an assessment is in the small amount and uncertainty of the relative unreliability of retrospective information.So, it practically does not enable us to obtain the effective, unbiased and consistent statistical estimates of reliability, safety, and survivability indicators.The threat of acts of God, natural calamities and man-made disasters, terrorism, cyber attacks, various kinds of conflicts and any other rare events has turned into a system regularity of the late twentieth century and the early twenty-first century [2].It is evoked by the modern technological mode of life with new technical, economic, social, political and other artificial systems, which may be more vulnerable because of their complexity to all kinds of accidental and deliberate disturbances and consequently less persistent, less reliable, less safe.
Any extreme (catastrophic) events are associated with rare emissions of a random process, for which no reliable statistics is available.The pulse occurrence time and amplitude are random and indefinite values.
Traditional factors of the possibility of a rare (unpredictable) event are uncertain.The values of a series of dynamic quantities, which determine them, lie on the "tails" of distributions getting within an unlikely (critical) region, which is generally "fuzzy".Therefore, we have to shift to the Fuzzy Sets methods, confining ourselves to the conservative estimate of this area, deliberately expanding it due to the uncertainty which is inevitably associated with more or less justified extrapolation based on "conservative (safe)" expert appraisals.
An increasing risk of the hazardous situation occurrence at electric power facilities is accompanied with the sharp raising cost of compensations for their technical, economic and social consequences with simultaneously reducing safety for operating personnel and the population as a whole.
After the Chernobyl accident (1986) some extraordinary safety precautions were taken all over the world.Risks have significantly and sharply decreased.We hope that such large-scaled accidents will not occur frequent-E3S Web of Conferences 58, 02003 (2018) https://doi.org/10.1051/e3sconf/20185802003RSES 2018 ly.But the question is how unoften?The statistical analysis carried out by British and Swiss mathematicians on 216 accidents and emergencies registered for the entire nuclear power engineering history showed that accidents in fact became far less frequent.Notwithstanding, based on the available data [6], it is assumed that Fukushimalike or larger accidents will occur every 60-150 years with probability of .
2 Elements of Risk in Electric Power Systems.
The reason for off-design and hypothetical accidents is a chain of events or a scenario with a system getting to a dangerous state, the probability thereof is irrelevant, if damage is significant and inadmissible for system users [2,3].Moreover, it is incorrect to introduce the concept of "average time till disaster" for rare events.The main task is related to the search for "vulnerability windows" and its solution is performed by methods of the multicriterial evaluation of such generalized factors like "effectiveness", "reliability", "security", "vulnerability", "acceptability", "efficiency", "ergonomics," "competitiveness" and so on.[1].Danger is characterized not only by the probability (relative frequency) of the crisis (emergency) situation commencement but also by the severity of its consequences.It is shown in earlier publications [2] that the numerical value of risk R in failure of the normal operating mode of equipment in power engineering systems may be assessed as where is the probability of a hazardous event (accident, failure, incident, etc.); is the mathematical anticipation of damage to be resulted from this event.
The quantitative risk level is consistent with the intuitive perception thereof and it divides its evaluation procedure in the following two stages: 1) the determination of probabilities for adverse outcomes; 2) the estimation of damages following the said outcomes.
To solve the technotronic security problem, the following two concepts [4] are available: deterministic (of "absolute" safety) and probabilistic (of acceptable risk) ones.
The first concept is based on a normative approach and a logical analysis of the technological process features and sources of possible accidents, the elaboration of a system of mandatory measures (emergency protection, instructions, personnel training).The main drawback of this concept is the lack of the quantitative assessment of safety and sensitivity to specific features of a particular facility as the actual effectiveness of a set of mandatory security measures remains undetermined.
The second concept is based on the statistical analysis of the hazard (risk) level, the results of simulation modeling to identify possible ways for the transition of emergency situations to accidents, the identification of acceptable risk levels.To this end, information is needed on probabilities for the occurrence of accident initiating events and the readiness of protective means, the representativeness thereof is obviously insufficient.When analyzing the risk some difficulties arise related to the initial data completeness and reliability, the adequacy of models of the facility transition to an emergency condition.
The both concepts contain therewith at least two kinds of uncertainties [4]: 1) the uncertainty in assessing the adequacy of security measures taken; 2) the uncertainty associated with the unenumerability of the accident initiating events at power facilities.The said uncertainties are also reflected in recommendations for the critical risk assessment.So, in [5] it is noted that the drift of key safety factors over a critical level is considered disastrous and in [6] that the risk level of the hazardous situation occurrence currently admissible to society in terms of reasonable damage and costs is acceptable or permissible.The identification and prevention thereof enables you to reduce damage to 10% of an expected one.

A Few Examples.
In simulated technical systems (elements and facilities of electric power industry) from time to time emergency situations from time to time occur with rapid nearly instantaneous developing events.When solving the reliability assurance problems an important significance is given to statistical appraisal methods.But the statistical estimates of reliability factors give acceptable results only, if an event is characterized by a mass scale and homogeneity, non-observable in a number of problems.
1).The probability of a design accident on offshore drilling platforms was estimated as one accident per 20 million years (p = 0.00000005).However, accidents have already happened at 15 drilling platforms, including the largest one in the Gulf of Mexico in 2010 [5].
2).The estimated probability associated with the possible overflowing of the storage reservoir in the Zeyskaya HPP was p = 0.001.Nevertheless, that event occurred in 2007 as a result of heavy rains.
3).By the early 20 th century protective structures of the unprecedented 390 cm level were designed in the Netherlands [7].However, in the course of their construction the height was assumed to be 340 cm; that was by 12 cm higher the maximum recorded for the 25-year monitoring (once per 70 years with the probability of p = 0.014).The construction cheapening resulted in the tragedy of 1953.About 2,000 persons perished and huge destructions occurred.Currently hydraulic structures in the Netherlands are built up to the maximum level of 500 cm (once per 10,000 years (p = 0.0001)).
4).Moscow, May 2005.The accident occurred at the Chagino-500 kV substation.Its consequences were: 4 million human sufferers and the loss exceeded 3 billion rubles.
5).August 2009 the Sayano-Shushinskaya HPP accident.Its consequences were: 75 persons perished, the loss exceeded 40 billion rubles.6).It was assumed that the probability of an accident at a nuclear power plant under the normal probability law shall be -per year The above examples are just random events with the objective assessment of their probabilities to be impeded because of the relatively high reliability of unique energy object functioning and limited retrospective information.

The Elementary Estimation of the Rear Event Probability.
Having identified any practically possible risks, their probability and possible consequences are assessed.
1).Supposing that the designed maximum power of a load centre in the electrical system is P m = 500 MW.It is known that it's excess at ΔP = 1 MW (0.2%) is possible with the probability of p = 0.01.In this case, all consumers supplied from this center are disconnected because of the input overload.Obviously, in a number of cases such a probability (possibility) for a similar mode may be neglected.Notwithstanding, when solving the problem of the reliability for power supply systems at explosive or fire hazardous industries, life support systems of the maximum transmission capacity of a power transmission line, the probability of p = 0.01 should be considered sufficiently large and to be taken into account when designing the structure of power supply systems.To the point, in 1965 in the USA, the cutting off of the power transmission line with a load of about 2.5% of the capacity of the power system components connected thereby resulted in the bulk failure and a long-term power supply interruption in an area with 30 million inhabitants.
2).In addition to the usually considered numerical characteristic of the position of the random variable (RV) Xthe mathematical expectation M(X)the need often arises to use initial moments of its distribution.The initial moment of the s th order for RV X shall be determined by the mathematical expectation of the s th degree of this RV as .Let us analyze the consequences of a sudden power failure of different duration for a conditional production resulting in its idle time t idle with the following probability distribution t idle 0.1 0.5 1.0 8.0 р i 0.5 0.3 0.15 0.05 Mathematical expectation for RV t idle : . Mathematical expectation for squared RV t 2 idle : .Thus, the transition from M (t idle ) to M (t 2 idle ) enables to take into account with a lesser degree of risk the influence of a possible value of (t idle ), which is large and has a small probability.If RV X had several large and unlikely values, then the transition to the calculation of the initial moments of higher orders a 3 (X), a 4 (X), etc. would further strengthen their role.
3).Let us consider the case when on the studied electric power facility no extreme event should occur within the supposed time of its operation t op =50 years.So, in accordance with [8] and the Poisson distribution law, the lower confidence limit of failure-free time tn may be determined for the confidence probability α.If α = 0.95 is taken, what is typical for the majority of technical solutions, the lower limit for the time of the non-failure operation will be t n = 16.6 years.Under more stringent conditions with α = 0.99 we obtain t n = 10.8 years.4).A system (a two-transformer substation) consists of two parallel operating elements.Each of them fails in accordance with the exponential distribution law and the parameter λ.In case of independent failures the probability of failure within time t shall be . ( In accordance with [9] we assume that independent failures of elements occur with intensity λ 0 and with intensity λ 1 critical failures happen, under the impact thereof each element may become faulty with a probability of .With the exponential property is preserved but with the reliability of the system significantly changes.If , there is the probability for availability of i faulty elements at the time t, then in [9] a system of two Kolmogorov's differential equations is given, their solution under the initial conditions ; takes the form of , where the probability for failure of the system is determined as: . ( In the limiting case with , , we obtain: ; , i.e., -- If failures are independent and acc. to (1) -In fact, according to (3) and taking into account (2) - The results are self-explanatory.Therefore, it is necessary to check the conditions for the possibility of disaster occurrence in case of the disability of the electric power facility under the exposure to certain flow of damaging factors.

Discussion.
Ideally, the cumulative impact of multiple unrecordable factors (sudden failures causing the cascade-like development of accidents, harmful emissions, explosions, fires, rainfalls, their intensity, heat and moisture exchange of the atmosphere with the surface, etc.), according to the central limit theorem of the probability theory corresponds to the normal distribution.
For the majority of technical systems, the normal (Gaussian) and exponential random parameter distributions "with short tails" are typical.For example, the distribution of power load maxima of stably working consumers is close to normal and their numerical values do not fit generally within the range of ± 3σ with the probability of p = 0.0028.But their values herewith fall be-E3S Web of Conferences 58, 02003 (2018) https://doi.org/10.1051/e3sconf/20185802003RSES 2018 yond the limit of 5σ with the probability of .In [5] it is recommended to use the exponential or power law distribution, which is referred to the class of distributions with "heavy (or long) tails", since the statistics of the major natural and man-made accidents, catastrophes, disasters such as earthquake, flood, snowslides, hurricanes, tornadoes, droughts have a power law of probability distribution.This is due to the fact that all natural and man-made systems apt to major accidents, catastrophes, crises are quite complex, contain a lot of interrelated and mutually dependent elements subjected to the exposure to many random factors with a wide range of parameter values.Their description may not be reduced to a simple sum of a great number of independent terms and the normal distribution law, since the consequences of such events may not be disintegrated into a set of independent sub-processes.It is known that even minor nonlinearities of a dynamic system shall essentially change the "tails" of distributions and, consequently, the estimates of probabilities of catastrophes.Their integral (systemic) research and description is herein required.
Since hardly probable accidents and catastrophes within a limited period of time are quite possible, the neglect of values of random variables falling into the "tail" of such distributions is already inadmissible.To illustrate the foregoing, Fig. 1 shows a typical form of the distribution of the random variable probability densities under the normal, exponential and power distribution laws and it is seen therefrom that the "tail" of the powerseries distribution is significantly "heavier", changing very slowly. .The less is , the more dangerous is the process.For all problems considered The difference between the normal and power distributions is of a principal nature.In terms of the safety and risk assessment, the "tail" of the distribution corresponds to the so-called hypothetical accidents and catastrophes; the possibility thereof is practically zero.But as for lack of statistics the "tail" zone is not determined and the reliability of analytical calculations causes "distrust", it is necessary to assume that the actual value of the distribution density functions is unknown in this field.
The availability of the power law of the probability distribution radically changes the perception of the system reliability, possible consequences of extreme events, risk.
The statistics described by power distributions is distinguished by the fact that rare events occurring at the "tail" of the distribution are not such seldom as to be ignored.For the power distribution, the probability of disastrous consequences may be by an order of magnitude more than the probabilities calculated on the basis of the exponential or normal distribution.

Comparative Results.
1. Comparative results.To illustrate catastrophic nonlinear effects, in literature data are presented on the results of natural spontaneous phenomena (disasters).In some publications [1,7,10,11] the probabilities for the occurrence of catastrophic events related to extreme floods in accordance with the power and gamma probability distributions were calculated.Their comparison is presented in Table 1.It is noted in [7,11] that the exponential and gamma distribution densities in the studied small probability region nearly coincide, but the gamma distribution has a greater "flexibility" and therefore it is preferable.The densities of the power and gamma distributions well coincide in the middle part and differ greatly in the region of anomalous events.It explains the difference in their expected repeatability.In other words, the occurred catastrophic floods are not near incredible event but have a fairly high probability of recurrence even during the lifetime of the current generation.Therefore, such distributions should be taken into account, when assessing the reliability and safety of facilities and systems of vital importance.The proposals presented in this paper open up the prospect for the further study of the extremely important problem of estimating the probabilities of rare events and catastrophes in the electric power industry.Time series characterized by the slow decrease in the number of rare events should be represented by the power distribution.Statistics described by the power distribution states that:

Table1. Estimated Probabilities of
-events falling on the "tail" of the distribution are not so rare as to be ignored; -catastrophic events are not exceptional but have rather a high probability, which is to be taken into account; -for the power distribution the probability of catastrophic consequences may exceed the probabilities calculated on the basis of a normal, exponential or gamma distribution by an order of magnitude or more.

Fig. 1 .
Fig.1.Comparative densities of the normal -1, exponential -2, power -3 laws of the random value distribution The power law of the probability density distribution has the following form:.The less is , the more dangerous is the process.For all problems consideredThe difference between the normal and power distributions is of a principal nature.In terms of the safety and risk assessment, the "tail" of the distribution corresponds to the so-called hypothetical accidents and catastrophes; the possibility thereof is practically zero.But as for lack