Incident 1: Summer load shedding in Victoria
Date: 24 – 25 January
Location: Victoria, Australia
Description: Over two hot summer days the market operator (AEMO) was forced to shed load across the state of Victoria.
Consequences: Over 200,000 people lost power for up to 2 hours. $34.2 million was spent on Reliability and Emergency Reserve Trader (RERT) payments so the market operator could secure reserve power from participants of its demand response program.
Cause: Record-breaking temperatures in South Australia, and near-record heat in Victoria resulted in high electricity demand. At the same time, supply was constrained due to thermal inefficiencies, unexpected plant failure and urgent maintenance. The market operator activated RERT contracts, however this did not fully meet the shortfall and load shedding was required.
Incident 2: Cyberattack on the U.S. grid
Date: 5 March
Description: A first-of-its-kind cyberattack on the U.S. grid created blind spots at a grid control center and several small power generation sites in the western United States. A flaw in an unnamed utility’s firewall allowed the cyber attacker to repeatedly reboot firewall devices. This caused brief communication outages between field devices at sites and, between sites and the utility’s control center. It’s unclear if the attacker was aware that they were attacking an electric utility. Although there was no risk of outages, the incident temporarily blinded operators to parts of the network. The attack appears to have exploited a known firewall vulnerability for which a firmware update had already been released.
Consequences: The event highlighted the need for significant cyber security process improvements at the victim entity and drew the attention of the industry at large. NERC released a Lessons Learned document urging NERC-registered entities to follow a number of cyber security policies and procedures to reduce the risk of such an event.
Cause: A NERC Lessons Learned document titled “Risks Posed by Firewall Firmware Vulnerabilities” states, “A vulnerability in the web interface of a vendor’s firewall was exploited, allowing an unauthenticated attacker to cause unexpected reboots of the devices. This resulted in a denial of service (DoS) condition at a low-impact control center and multiple remote low-impact generation sites. These unexpected reboots resulted in brief communications outages (i.e. less than five minutes) between field devices at sites and between the sites and the control center.” Click here for the NERC Lessons Learned > https://www.eenews.net/assets/2019/09/06/document_ew_02.pdf
Incident 3: Venezuela outage
Date: 7 – 14 March
Description: March saw the worst electricity outage in Venezuela’s history, which lasted seven days and affected most of the country. Outages continued throughout the month, with the country suffering at least 10 days in total without power.
Consequences: Airports and hospitals lost power with at least 43 deaths attributed to the outage. Water supplies were cut off or degraded to at least 2/3rds of the country, and the loss of refrigeration caused shortages in some food supplies. Venezuelan industry was brought to a standstill with estimated economic losses of US$220 million. Most schools were closed and 96% of Venezuela’s telecommunications were disabled.
Cause: The causes are unclear. The outages occurred in the midst of the presidential crisis, prompting some government officials to make accusations of sabotage.
Experts point to other causes.
80% of Venezuela’s power is provided by the San Geronimo B substation, which is connected to the hydroelectric power plant at the Gurí Dam via one of the longest high-voltage lines in the world. Reports of a brush fire near the lines suggest they may have overheated, triggering load rejection mechanisms. A cascading series of unexpected equipment functioning, overloads, activation of safety control systems and forced disconnections by operators led to country-wide outages. There were at least four failed attempts to restart the Gurí Dam station during the blackout. This has been attributed to a lack of maintenance, shortage of fuels for thermoelectric plants, and a ‘loss of experienced personnel’ from Venezuela.
Incident 4: Rotating brownouts to Metro Manila and Luzon
Date: 22 – 24 April
Location: Manila, Philippines
Description: Metro Manila and Luzon faced rotating 2-hour brownouts after a magnitude 6.1 earthquake.
Consequences: A combined loss of 1,911MW capacity. The earthquake was responsible for at least 18 deaths.
Cause: A magnitude 6.1 earthquake north-west of Manila led to unplanned outages for units at two coal-fired power plants: The SMC coal-fired power facilities in Limay and the Pagbilao coal-fired power plant. The earthquake triggered the protective tripping of some units at its refinery, which caused the plant to shut down. Several generating facilities had also been in a derated state or had constrained generation capacity.
Incident 5: Argentina, Paraguay and Uruguay outage
Date: 16 June
Location: Argentina, Paraguay and Uruguay
Description: At 7:07am the Argentinian grid collapsed. By 7:50 most of Argentina, Uruguay and parts of Paraguay had lost power.
Consequences: 48 million people were without power across most of Argentina, all of Uruguay and parts of Paraguay. Some power was restored to Buenos Aires by 10am, but most areas were not fully restored until the evening. The outage caused subways and trains to come to a standstill, impacted the supply of drinking water, and disrupted local elections in Argentina, with people left trying to vote in the dark.
Cause: The failure is currently believed to have started in the Argentine Interconnection System and led to a cascading series of failures. Investigations are still underway. One independent energy expert blamed systemic operational and design errors in the country’s energy infrastructure. Click here for more information > https://apnews.com/a29b1da1a91542faa91d68cf8e97a34d
Incident 6: Jakarta outage
Date: 4 August
Location: Java, Indonesia
Description: More than 30 million people lost power in and around Indonesia’s capital, Jakarta.
Consequences: 10 million customers in Jakarta, 20 million in surrounding suburbs and many millions more in neighbouring provinces lost power for up to 9 hours. The metro train system failed causing evacuations that went viral on social media with the hashtag #matilampu (power failure). Digital payment systems also failed. This included the payment system for public transit buses, which were the only public transport still running. These failures, combined with disruption to traffic lights, caused chaos on Jakarta’s already notoriously congested road system.
Cause: Initially, there were failures in gas turbines at the Suralaya Power Plant and at the Cilegon Power Plant. According to PLN, the state-owned electricity company of Indonesia, this power outage occurred due to disruptions on a 500kV transmission line resulting in a failure of energy transfer from east to west.
Incident 7: UK outages
Date: 9 August
Location: United Kingdom
Description: Just before the evening peak, two power plants suffered unplanned outages causing widespread blackouts across England and Wales, including London, where the Underground Rail network was severely affected.
Consequences: Almost 1 million customers were affected across England and Wales. Effects included tunnels on London’s Underground going dark, trains stopped on the tracks, and Ipswich Hospital left without power after its backup battery failed.
Cause: After almost simultaneous outages at the Little Barford gas-fired power plant and the Hornsea offshore wind farm, frequency dropped below safety limits, tripping safety mechanisms and causing outages to almost 1 million customers. The situation could have been far worse if not for standby batteries located around Great Britain, which prevented more widespread outages.
Incident 8: Cyber intrusion at nuclear facility
Description: A malware intrusion was detected on the systems of the Kudankulam nuclear power plant.
Consequences: The reactor was unaffected, but the incident exposed a poor safety culture and inadequate cyber security systems. There have been 20 known cyberattacks on nuclear facilities since 1990, prompting questions around the lack of preparedness and prevention measures illustrated by this incident.
Cause: The publicly-owned Nuclear Power Corporation of India Ltd (NPCIL) has stated that the malware was associated with state actors. It was designed to download data from the affected systems. The malware is thought to be linked to a North Korea based cybercrime organization, which has been associated with attacks on India’s banking sector, ATMs and the WannaCry ransomware attacks that rocked the UK’s NHS in 2017.
Incident 9: Alice Springs outage
Date: 13 October
Location: Northern Territory, Australia
Description: At 2:30pm, on a 38 °C day, Alice Springs experienced its second mass outage in as many weeks.
Consequences: Up to 12,000 people were without power for between 30 minutes and 10 hours. A subsequent inquiry resulted in the heads of both Territory Generation and Power and Water Corporation leaving their posts.
Cause: The events began with an unforeseen drop in solar generation from the Uterne solar farm and household rooftop solar. This was then magnified by unexpected function from the Battery Energy Storage System (BESS) and Under Frequency Load Shedding (UFLS), as well as insufficient spinning reserve and zero regulating reserve. The result was the loss of power to most of Alice Springs.
Insufficient training, documentation and staff preparedness around black start procedures at the two main baseload generators caused significant delays in the restoration of power, with an up to 10-hour outage in some areas.
Incident 10: California Public Safety Power Shutoffs (PSPS)
Date: October – November
Description: To prevent wildfires, several utilities cut power across more than 30 counties in California during periods of high wind.
Consequences: During the peak of the cuts up to 2.5 million people lost power, many for days. The blackouts continued through October and into November.
Cause: Under California law, utilities are held responsible for any wildfires caused by their lines, even if they are fully compliant with safety and regulatory requirements. Two thirds of California’s transmission and distribution lines (more than 430,000 km) are above ground. Over the past decade, overhead lines have sparked numerous wildfires; the 2017 Northern California wildfire and 2018 Camp Fire caused 95 deaths and resulted in billions of dollars in damage claims against utilities. One utility estimated that undergrounding their lines would cost up to $15,000 per customer. PG&E, SCE and SDG&E all cut power to avoid line-caused wildfires during the characteristically dry and windy months of October and November that have come to typify the California “fire season.”