Engineering standby power systems
Standby systems design requires focusing on electrical protection to ensure safe, reliable operation and the physical protection of standby system equipment and distribution from natural catastrophes and vandalism.
Protecting standby power systems and safeguarding the systems from natural catastrophes have several factors and common themes. Electrical engineers have both the ability and the responsibility to lead and influence these factors throughout the design process. In the context of this article, standby power refers to the generator backup system serving emergency, legally required, or optional standby loads. Codes and standards provide minimum criteria that must be augmented with experience and sound engineering practice. The NFPA standards—particularly NFPA 70-2008: National Electric Code—are the primary code references for system design.
The NFPA and NEC are prescriptive for the standby system distribution equipment, feeders, and circuiting. Protection from natural catastrophes and vandalism are referenced in the NEC, and it is the engineer’s responsibility to assess the risk and address protection via prudent equipment specifications and appropriate physical location of equipment and supporting infrastructure.
Power and power quality
The capacity of the power system and the quality of the power provided are initial design functions the electrical engineer must perform on the project. Once the project is defined in terms of the nature of use, facility type, and gross area involved, an overall load and consumption estimate can be developed. The facility type has significant influence on design and operational performance expectations as the critical nature of the load will drive electrical infrastructure requirements.
External and internal power quality factors also drive design decisions with respect to additional protection of systems in the form of transient voltage surge suppression (TVSS), static or rotary uninterruptible power supply (UPS), electrical distribution design for segregation of sensitive and non-sensitive loads, and harmonic mitigation and cancellation techniques to address known high-harmonic producing loads. The grounding topology for UPS power and transfer schemes for normal and standby modes of operation have significant impact on power quality and system protection. The use of 3-phase, 3-wire UPS units or transfer switches with separately derived systems created on the downstream of the UPS or ATS output is often the most effective approach to ensure the integrity of the grounding system. When the load served requires a 3-phase, 4-wire source, transformers can be used to create separately derived systems, or 4-pole ATS units (with switched neutral) should be incorporated into the design.
The utility service is the primary source of power and, generally speaking for the United States, is typically the most reliable source of electricity for a facility. Although there are locations with less reliable service, particularly for large-scale developments built in remote locations, in general, weak utility infrastructure is the exception rather than the norm. The core business for utilities is the generation, transmission, and distribution of electricity. Most utilities are highly regulated and have extensive maintenance programs to ensure reliability of their system and continuity of service to consumers.
The initial phase of design includes dialogue with the serving utility and review of historical outage records. The information from the outage history enables the engineer to evaluate the level of exposure for the facility and develop design strategies to align level of exposure and operational expectations for the power system. Initial utility coordination for the specific proposed service should include review of the utility system to identify utility switching locations, reclosure switches, voltage regulators, switching capacitors, and similar utility equipment as all create regular events on the utility distribution that have potential to impact system loads. Depending on operational expectations, the outage history will have strong influence on the standby power strategy for the project. Often specific power quality data or disturbances are difficult to obtain from the utility. Typically utilities document significant outages, but other data such as voltage sags, swells, and other disturbances may not be monitored or provided.
Evaluation of options for providing robust power begins with the utility evaluating the anticipated loading in the context of its system. Typically, utilities have an obligation to address minimum-to-serve requirements with a revenue justification based on anticipated consumption for the property. Available enhancements such as dual source feeders or backup feeders may be available. Typically enhanced service features will require additional investment in the form of increased first and ongoing costs. For large-scale developments, multiple services or service feeders are often required to meet capacity requirements. The diversity of the utility sources in terms of transmission, substation, substation transformers, and physical route to the property served influences the resilience of the electrical service.
The requirement for emergency systems is dictated by NFPA 101: Life Safety Code. Once it is determined that emergency power is required based on the facility type and function per NFPA 101, the NEC and NFPA 110: Standard for Emergency and Standby Power Systems define the basic requirements for the system. NEC articles 700, 701, and 702 dictate minimum requirements for emergency, legally required, and optional standby systems.
In addition, several other articles address specific applications, such as Article 695 for fire pumps, Article 517 for healthcare facilities, and Article 708 for critical operations power systems (COPS). The emergency classification is the most prescriptive as the system is essential for life safety and must be on line in 10 seconds or less per NEC 700.1. Legally required system requirements are also prescriptive, though slightly less stringent than emergency as they take second priority to the emergency system and are required to be on line in 60 seconds or less per NEC 701.11.
In general, legally required loads are those that if disrupted could create hazards or hinder rescue or firefighter operations (NEC 701.2 FPN). The optional standby system is least stringent from a code perspective and is often referred to as “business critical,” as the focus is on continuity of service to maintain an acceptable minimum level of operation for the facility. The acceptable minimum level of operation is typically defined by the business function and end-user tolerance for downtime in the event of a utility outage.
The system overviews that follow are based on having a generator as the primary source for standby power. Although there are several permissible sources for standby power systems, generator sets are the most common application for facilities with requirements beyond egress lighting. The generator is typically the main power source, with battery-based technologies augmenting the system with ride-through power until the generators are able to start and assume load.
NEC 700.5(A) and NEC 701.6 are clear with respect to system capacity as both state the system shall be of sufficient capacity and rating for the anticipated maximum simultaneous load. The language is significant; in the past, systems were often sized based on connected load resulting in grossly oversized generator systems. Oversized engines created problems with testing as the connected load was insufficient to load the generator beyond a fraction of the nameplate and challenges with wet stacking would develop necessitating load banks in order to properly test systems. This challenge can be addressed by sizing the generator closer to the anticipated running load and having a base load available to ensure the load exceeds 40% of generator capacity. Load bank connection provisions or a fixed load bank are options but use of the building load is the most cost-effective approach.
From a cost perspective, a single generator arrangement (see Figure 3) is typically the least expensive because it is geared to an installation that meets minimum requirements. The main drawbacks of a single-engine generator system are multiple single points of failure. If there is a malfunction with a transfer switch, the generator fails to start, or a single overcurrent device proves problematic, the facility is subject to a brownout or blackout condition. It is not uncommon to see multiple single-generator systems serving different areas within a large facility. With a system made up of a single generator or multiple generators in single generator subsystems, the risks are similar, except portions of a facility are exposed as opposed to the entire facility. In many cases this is acceptable to the owner, meets code requirements, and aligns with the owner’s budget and operational expectations. The shortcomings of a single generator approach need to be clearly communicated with the developer, owner, and/or end user to ensure their expectations are aligned with the system capabilities.
From a power quality perspective, the single generator systems can prove less robust than an aggregate bus arrangement. With a single generator, the magnitude of motor starting currents, anticipated nonlinear loads, and other block loads must be evaluated and compared to the generator rating to ensure stability through start-up and steady-state operation. When compared to a single-generator system, multiple generators on an aggregate bus results in a power source that is much more stable and better able to maintain quality of power to the load.
The multiple generator parallel arrangement is superior to a single generator system in that there are multiple engines that make up the system. A problem or failure with one engine does not result in total failure of the system. With multiple generators, selective load shed and load add strategies are much more configurable and flexible as the controls are programmed at the programmable logic controller (PLC) local to the paralleling switchgear. There are numerous configurations for parallel generation deployment. The topology of the system varies depending on system interfaces with the load during normal operation and the utility interface, if any, when transferring from utility to generators and back to utility from the generators.
The simplest and least costly parallel system approach is a normally de-energized system comprised of standard circuit breakers for the load and power circuit breakers for the generator mains. The system shown in Figure 4 is in a de-energized state with engines paralleled on a common bus with the standby loads. In this type of system, the generator mains control connection of the generator to the load bus, and transfer switches in the distribution system control connection of the load to the generator system load bus. Load shed is achieved through control interface with the automatic transfer switches.
For increased functionality and more flexibility with respect to system operation, a parallel generation system with a distinct generator bus, distinct load bus, and active devices (power circuit breakers) for generator mains and load feeder breakers should be considered. On large systems, multiple generator buses and separate load buses are advantageous to reduce single points of failure. In larger complex systems, the system must be equipped with means to isolate problems within the equipment and also provide selectivity with regard to sources. Multiple utility sources and ties for load and generator buses enable isolation of a faulted bus section or access to power via a different path in the event of device failure. Robust bus design and alternative source options must be paired with control power and PLC logic that is of a commensurate level of redundancy to complement the physical equipment configuration and design. Dual hot-swappable PLCs, redundant dc power supplies with best battery selector, and means to take manual control of the switchgear are all considerations for maximizing reliability as well as flexibility for system recovery and event response. Large multiple generator systems are often provided with centralized fuel storage with pumps to transport fuel to the individual engines. The fuel pumping system is critical, and dual pumps with diverse emergency electrical sources should be provided to protect against system failure.
Even with the prescriptive criteria for emergency and legally required systems, there is no standard arrangement for generator backup systems. System requirements are unique to each project. The required functionality of the system must be determined through dialogue with the customer. Once desired functionality is identified, the budget needs to be reviewed in the context of the system requirements.
This is one of the most critical phases in the design process as the owner has expectations with respect to system functionality and often the budget does not support the desired functionality. Functional expectations need to be adjusted or the budget increased to align with desired functionality. Rationalization of the design to the budget is often ignored until the project is out for competitive pricing or bid. When the budget challenge becomes evident, it is often the contractor driving the system modifications, which may or may not be in the best interest of the project. At the other extreme, if engineers choose to design a code minimum system that, although code compliant, does not meet the operational expectations of the owner, the end result is a dissatisfied client with a standby system that does not perform to expectations.
Protecting standby systems
The technical focus for protection of standby systems is on electrical engineering to ensure appropriate system design in the form of grounding, overcurrent protection, selective coordination, and physical segregation of the various subsystems that comprise the standby system. Physical provisions such as fire sprinkler systems or rated construction to house equipment also protect the system. The final step in safeguarding the system is achieved through an ongoing testing and maintenance program administered throughout the life of the facility.
For emergency systems, the NEC is specific regarding measures required to ensure the equipment, feeders, and branch circuit wiring associated with distribution of emergency power remain free of negative influence from less critical infrastructure. Selective load pickup and load shedding are required by NEC 700.5(B) to ensure emergency loads are the highest priority for the system. NEC 701.6 also references selective load controls to ensure legally required loads have priority over optional standby loads. Segregation of the emergency, legally required, and optional standby systems begins at the standby power source equipment with separate vertical switchboard sections or separate enclosures for each subsystem.
NEC 700.9 requires clear identification of all enclosures, boxes, and raceways for the emergency system to ensure they are readily identifiable as part of the emergency power system. In addition, segregation of emergency feeders from legally required, optional standby, and normal power must be maintained except within transfer equipment, exit signage, or unit equipment to ensure the emergency system is not compromised due to an event with one of the other systems. For certain high-rise occupancies or assembly occupancies with 1,000 or more occupants, special provisions apply to the emergency feeders and equipment to ensure both remain operational during a fire event.
Both emergency and legally required systems are required to be selectively coordinated in accordance with NEC 700.27 and 701.18 to ensure only the closest upstream device from a fault trips. Optional standby loads must also be selectively coordinated to ensure faults do not result in loss of emergency or legally required power. Selective coordination requires analysis of device-specific time current curves and is critical to ensure a single system fault does not subject the facility to a partial or total outage due to lack of coordination between the overcurrent devices. In order to further ensure continuity of service, the ground fault protection criteria are limited to indication instead of initiation of device trip.
System maintenance and testing are required by NEC 700.4 and NEC 701.5. Both sections provide general criteria for testing and maintenance, and reference NFPA 110 for more detailed criteria. When relying on a single generator or multiple generators configured as discreet systems, monthly testing, inspections, and maintenance are even more critical to the reliability of the system as a single engine failure results in total or partial system failure. If the system is not tested under load and the engines are merely started, the transfer switch is not exercised and confirmed operational. One of the operational challenges with testing under load is the short-term outage for open transition transfer switches (break before make). Closed transition transfer switches are more costly and provide the ability to transfer seamlessly between sources such that there is no noticeable disruption to the load. If the short-term disruption is unacceptable operationally, the closed transition switches should be provided to facilitate monthly testing. Maintenance and testing under load are also essential to the reliability of a parallel generator system. However, with closed transition capability and multiple engines, the system is more robust and also more likely to be tested under load since the test can be conducted using the facility load without disruption of power.
Generator annunciation is another tool used to protect the standby system. NFPA 110 indicates the different alarms and indication lights required based on the system classification. The output overcurrent device on the generator should be monitored and annunciated for closed or open position. The output breaker is turned off during generator maintenance activities and, if not restored to closed position, the system cannot serve the load. With a single generator arrangement, the monitoring, maintenance, and exercise of the engine, batteries, transfer switches, and output breaker are essential to ensure the system operates when called to run.
It is not a matter of if an electrical system will fail; it is simply a matter of when. Electrical systems fail at some point and no level of design, redundancy, or maintenance can make a system 100% reliable or available indefinitely. However, with appropriate design, installation, and ongoing maintenance, the probability of failure and number of unplanned outages over the life of the system can be significantly reduced. Planned and preventive maintenance are key factors as failures that surface during planned maintenance or testing operations occur in a controlled setting with the appropriate resources available to address the situation. A system that is designed to facilitate ongoing maintenance and testing with minimal disruption to the facility is essential to the integrity of the standby system for ongoing operations.
How to protect standby systems from natural catastrophes
NEC 700.12 provides a general statement regarding equipment designed and located to avoid complete failure due to flooding, fires, icing, and vandalism. For areas exposed to natural or man-made bodies of water, the engineer must consider NEC Article 682 with specific attention to the electrical datum plane. Each installation is unique with different types of hazards. The electrical engineer must assess the risk based on local conditions and design to minimize potential for catastrophic failure.
At a fundamental level the location and proximity of the normal power service to the standby power source(s) must be a consideration for the design. Whenever possible, the normal and standby power sources should be remote from each other to avoid complete failure of both systems due to a single event. If they are adjacent or in close proximity, appropriate separation via concrete walls and/or listed fire rated assemblies should be incorporated in the building design to protect against common mode failure of the systems.
In areas prone to flooding, locating the critical equipment above the flood or surge level for hurricane-prone geographies must be considered. System survivability in the event of a fire must be reviewed to determine what protective measures can be incorporated to avoid complete system failure. Listed electrical protective systems, thermal barriers, fire-rated assemblies, and fire suppression systems are all features that increase survivability of the system. In cold weather climates, integral heaters and appropriate equipment enclosures can provide appropriate protection from the elements. Protection from vandalism is addressed by locating standby system equipment in locked interior spaces or in a controlled segregated area when exterior to the building. Controlled access to the equipment and appropriate protection for exposed equipment or components must be incorporated into the design. Depending on exposure and local authority requirements, vehicle impact protection and projectile resistance may be required. Earthquakes are another hazard that must be considered to ensure the standby equipment and distribution are equipped with appropriate features to address seismic concerns.
Miller is CEO of JBA Consulting Engineers where he is responsible for the long-term strategic vision of the firm. He remains active in the electrical and telecommunications engineering disciplines, focusing primarily on master plan development, critical infrastructure, and schematic/design development phases of complex major projects.