Monday, August 24, 2009

Lessons from Russian Hydroelectric Plant Accident

Most of the time, hydroelectric plants are one of the safest ways to generate electricity. The technology has been well established for a century or more, there are few toxic substances or chemicals involved, pollution and other environmental problems are at a minimum, and all in all, hydropower is a pretty benign enterprise. But on Aug. 17, a week ago today, Russia's largest hydropower facility, the Sayano-Shushenskaya plant in Siberia, experienced a massive explosion and flood that at last report killed at least 69 people, knocked out the entire facility, and sent an oil slick down river for miles. What happened?

According to the Wikipedia website on the plant, there have been four major accidents including this one since construction was completed in 1978. The earlier mishaps in 1979, 1985, and 1988 were caused by spring floods that overwhelmed the dam's capacity. This does not give one a positive feeling about the overall balance of the system design. Again according to Wikipedia, the sequence of events last week apparently went like this.

The way a hydroelectric dam works is to direct water under high pressure to turbines. Of course, this means you have a lot of pipes, valves, and regulator mechanisms, and great quantities of water flowing at high speeds and pressures. Somehow a "water hammer" developed in the system. This is basically the same kind of thing you will sometimes hear in domestic plumbing when a toilet or washing-machine valve shuts off suddenly. Moving water has inertia, and when a column of water moving in a confined place suddenly has nowhere to go, the energy stored in the water's motion turns into a sudden pressure surge that makes the pounding noise. In homes, this is usually no more than an annoyance, but at a hydropower facility, the much larger volumes and energies involved can have serious consequences. Well-designed plants have surge absorbers of various kinds installed to prevent this sort of thing, but either the Sayano-Shushenskaya plant didn't have the right kind, they didn't work right, or perhaps an operator error caused a water hammer that exceeded the system's capacity to deal with it.

In any event, a severe water hammer ruptured a conduit leading to a turbine, immediately flooding the engine room and turbine room. This would have been bad enough, but apparently the flood caused a transformer to explode. Transformers used in power plants are filled with oil for insulation and cooling purposes. Ideally this oil is non-flammable, but the high cost of non-flammable oil sometimes means that flammable kinds are used. Whether or not a fire resulted, the explosion wrecked a large area of the turbine hall, apparently breaching outside walls, as some photographs show. As of Sunday, 69 bodies had been recovered from the wreckage, making this the worst hydropower accident in recent memory.

The worst regional consequences of this accident involve the oil slick previously mentioned, and the economic harm to Siberia's aluminum-smelting industry, which used 70% of the power-plant's output. These, while serious, are nothing like the global effects of the Chernobyl disaster, which also involved a power plant in the former Soviet Union. That 1986 accident was caused by operator error at the nuclear facility and emitted tons of highly radioactive material into the air. Nevertheless, I believe more people died in the hydropower incident than died immediately following the Chernobyl accident, so in that sense the hydropower disaster was worse.

Normally, hydroelectric plants do not need large numbers of personnel, especially in areas of the plant that could become hazardous if something went wrong. Small hydroplants can go for days or weeks under totally automatic operation with no personnel present at all, and while a huge facility like the Sayano-Shushenskaya plant would need some operators, it is at least odd that seventy or more people were in harm's way when the explosion occurred. Perhaps this is a legacy of the old Soviet Union days when facilities were often designed to maximize employment rather than efficiency or profit. If that is the case, I hope operators of similar plants realize that even hydroplants are dangerous places, and allowing large numbers of employees to congregate in places that could be flooded if something went wrong, is a bad policy.

If the operation records can be reconstructed, we can eventually discover the cause of the fatal water hammer—whether it was a design flaw, an operator mistake, or a combination. And while I am no hydroelectric-plant designer, floods are fairly easy to model, and if there was some way to keep transformers from exploding in the event of a flood, taking such measures would have at least mitigated the size of last week's accident.

Our sympathies are with those who lost loved ones and friends in the Sayano-Shushenskaya accident. If we can learn that even apparently safe facilities such as hydroelectric plants have their hazards, and prevent such accidents in the future, they will not have died in vain.

Sources: The Wikipedia article referred to is at http://en.wikipedia.org/wiki/Sayano–Shushenskaya_hydroelectric_power_station, and is being updated currently as more information emerges. I also referred to news articles on the disaster at http://news.yahoo.com/s/ap/20090818/ap_on_re_eu/eu_russia_power_plant and http://hosted.ap.org/dynamic/stories/E/EU_RUSSIA_POWER_PLANT?SITE=MOSTP&SECTION=HOME&TEMPLATE=DEFAULT.

4 comments:

  1. Dear Sir,
    Its is very sad that more than seventy people lost their lives in the tragedy that struck Russia's biggest hydro power plant.Perhaps a thorough scientific investigation could only reveal the exact cause of the accident. The abnormal increase in the pressure in the pipe due to the occurence of water hammer is an area which may give some clue to the nature of the accident. The faulty or non operation of the pressure relief valve, which are mostly hydaulically operated in older plants could be one cause. World over there are hydro power plants which are older than the Russian plant and many of these plants are running excellently after renovation that was carried out at the end of their economic life. A scheduled periodical maintenance of the dam structures, penstock, supports, butterfly valves, pressure relief valves and also a total thorough check up of the entire plant and machinery after say 5 years could be carried out as a remedial measure.It is the customary practice that always one or two machines will be in the annual maintenance schedule and the presence of 70 people in such a big plant is not extra ordinary.

    ReplyDelete
  2. Dear Sirs,
    I believe that this accident is more likely causssed by failure of servomotor links causing fast operation of wicket gates.
    The damage on other units cannot be explained unless there is only one location where the protectiction DC is located and that too near Unit2.
    Most of the havoc should have been avoided with properly functioning protections.
    Why the protections failed on all units designated by electrical damage allover the station points to single or adjacent paths of DC destryed in unit 2 failure.
    The only other explanation I can think of is some body switched the DC off for maintenance.
    I have seen both foreign material
    damage to the runner and wicket gates 300mmI Beam and failure of links at a low head station.
    The failure of links caused the wicket gates swing from open to close veryfast and the head cover bolts were found to have slightly elongated. About 20metrs head and headgate partly closed at that time.
    Thus for a high head high output sytm thsese forces can be great causing headcover failure and consequent damage.
    The damage to other units can only be explained by failure of protections simultaneously.

    hydropower is a low tech industry and the sysems are not complex.


    Raju Indukuri

    ReplyDelete
  3. I have been following news of this accident in detail. The press release from ITAR-TASS had nothing but vague generalities about the final report (15 Sep 09). If, however, you read ALL the 'body count' notes, you find some interesting details. The most provocative was, 'human factors could have exacerbated the failure' since the event developed in a period of over ONE HOUR.
    I urge everyone to look at the Brasilian PowerPoint presentation. It is a good starting point for an international discussion.

    Based on our experience with Chernobyl, I feel the cause of the several failures will be 'human-caused' and even political in nature. All of the truth is certainly presently in hands of local engineers, but it is not forthcoming to the rest of the world.

    We can be assured thet the facts will eventually come out. "Bent machinery never lies".
    John Kessler

    ReplyDelete
  4. It's interesting but not surprising to note that the cause of the catastrophe has now been correctly attributed to bolt fatigue. I made this call within hours of learning about the horrific failure yet was ignored because the "water hammer" theory was much sexier at the time.

    I was involved in a similar situation where a head cover had also lifted (unintentionally!) and flooded a turbine hall. After careful analysis of the root cause of the bolt fatigue (a hint: it had nothing to do with materials of construction but rather with procedure) we were able to eradicate some long-held misconceptions, do a few rather important things much differently and return the unit to service without risk of similar failure.

    It is unfortunate that the same "vood-doo engineering" mentality regarding bolted joint integrity is still pervasive within industry. This will surely mean that we will continue to read about and experience such tragic events.

    ReplyDelete