Microgrid load shedding priority represents the critical control logic required to maintain system stability when a microgrid transitions from a grid-tied state to an islanded state. In an islanded configuration, the balance between generation and consumption is precarious; any deficit in power production relative to the active load leads to a rapid decay in frequency and voltage. The primary problem addressed by this failsafe architecture is the prevention of a total system blackstart event caused by cascading failures. By implementing a tiered hierarchy of loads, the system can selectively disconnect non-essential assets to preserve the operation of critical infrastructure such as life safety systems, medical equipment, or command and control servers. This technical manual details the integration of programmable logic controllers and SCADA systems into a unified Microgrid Load Shedding Priority framework. It ensures that shedding decisions are made based on real-time telemetry rather than static assumptions, providing a dynamic response to fluctuating distributed energy resource availability.
TECHNICAL SPECIFICATIONS
| Requirement | Default Port/Operating Range | Protocol/Standard | Impact Level (1-10) | Recommended Resources |
| :— | :— | :— | :— | :— |
| Communication Bus | Port 502 / 443 | Modbus TCP / HTTPS | 9 | Quad-core ARM / 4GB RAM |
| Frequency Trigger | 58.5 Hz – 59.2 Hz | IEEE 1547.4 | 10 | High-speed I/O Module |
| Latency Tolerance | < 20ms - 100ms | IEC 61850 (GOOSE) | 8 | Cat6a / Fiber Optic |
| Voltage Threshold | 0.88 pu - 0.92 pu | ANSI C84.1 | 7 | RMS Voltage Transducer |
| Command Execution | Idempotent Logic | JSON-RPC / REST | 6 | 128-bit Encryption Engine |
THE CONFIGURATION PROTOCOL
Environment Prerequisites:
Implementation requires a compliant Industrial Control System (ICS) environment. The primary controller must support IEC 61131-3 programming languages. Hardware must be rated for the localized thermal-inertia of the power generation equipment; specifically, the internal clock must synchronize via PTP (Precision Time Protocol) to within 1 microsecond. Minimum software requirements include Ubuntu 22.04 LTS for the supervisory layer, OpenPLC Runtime v3, and a secured PostgreSQL instance for historical telemetry logging. Ensure all User Permissions are set to Least Privilege; only the mgrid-admin service account should have write access to the Priority Array configuration files.
Section A: Implementation Logic:
The engineering design relies on a deterministic state machine. When the Main Point of Interconnection (POI) breaker opens, the microgrid loses the “infinite bus” stability of the utility grid. The controller must calculate the Power Gap between current Distributed Energy Resource (DER) output and the total load payload. If the gap is negative, the system enters a shedding cycle. The logic is idempotent: repeating the shed command for an already disconnected breaker must result in no change to the system state and no additional overhead on the communication bus. We utilize encapsulation to wrap priority commands within GOOSE messages to ensure high-speed delivery over the local area network, bypassing the typical latency associated with standard TCP/IP stacks.
Step-By-Step Execution
Define the Priority Hierarchy:
The first step involves identifying and tagging all load assets within the inventory.yaml file located in /etc/mgrid/config/. Assign an integer value from 1 to 5, where 1 is the highest priority (last to be shed).
System Note: This action populates the internal lookup table of the logic controller. The kernel-level scheduler uses this table to map hardware addresses to software priority flags.
Initialize the Frequency Monitoring Daemon:
Execute the command sudo systemctl start mgrid-freq-monitor. This daemon interfaces with the SEL-751 feeder protection relay via the RS-485 serial interface or Modbus TCP.
System Note: This service monitors the rate of change of frequency (ROCOF). If the frequency drops below the 59.2 Hz setpoint, it triggers a hardware interrupt in the PLC to bypass standard processing loops for immediate action.
Configure the Virtual Local Area Network (VLAN) for Shedding:
Run ip link add link eth0 name eth0.100 type vlan id 100 followed by ifconfig eth0.100 up.
System Note: Separating control traffic onto a dedicated VLAN minimizes packet-loss and prevents throughput bottlenecks by isolating broadcast storms from the general management network.
Map Physical Relay Outputs to Logical Bits:
In the OpenPLC editor, map the %QX0.0 through %QX0.7 registers to the physical Trip Coils of the branch breakers. Use a fluke-multimeter to verify that a logical “1” in the software results in a 24VDC signal at the relay terminal.
System Note: This creates the direct link between software decision-making and mechanical disconnection. High signal-attenuation in the control wiring can lead to failed trips; ensure all shielded cables are properly grounded at one end.
Establish the Fail-Safe Heartbeat:
Configure a Watchdog Timer that expects a “Keep-Alive” pulse every 500ms from the primary controller. If the pulse is missed, the local logic-controllers must default to a “Safe State” defined in /etc/mgrid/failsafe.conf.
System Note: This prevents a “frozen” controller from leaving the microgrid in an unstable state. If the controller hangs, the heartbeat failure forces an autonomous shed of all Priority 4 and 5 loads to provide a safety margin.
Section B: Dependency Fault-Lines:
The most common point of failure is a mismatch between the Modbus Register Map and the physical wiring. If the payload of a status request returns an unexpected data type (e.g., 32-bit float instead of 16-bit integer), the logic engine may crash or ignore the shedding trigger. Another bottleneck involves latency in the wireless bridge components if the microgrid is spread across a large campus. High signal-attenuation due to multipath interference can delay a shed command beyond the 100ms stability window, leading to a frequency collapse before the breakers can open.
THE TROUBLESHOOTING MATRIX
Section C: Logs & Debugging:
Monitor the system in real-time using tail -f /var/log/mgrid/shedding.log. Look for specific error patterns.
- Error Code 0x82: Slave Device Timeout. This indicates that a remote load controller is not responding to the poll. Check the physical layer for disconnected fiber or power loss to the switch.
- Error Code 0x44: Invalid Priority Map. This occurs when inventory.yaml contains duplicate IDs. The system will default to shedding no loads to prevent accidental blackouts; immediate manual correction is required.
- Log Entry “ROCOF Threshold Exceeded”: This is not an error but a diagnostic. It indicates that the rate of frequency decay is faster than the generation source can compensate for; usually a sign of excessive thermal-inertia in spinning reserves.
- Path: /sys/class/gpio/: Verify the status of physical pins by reading the value file. A value of “0” when the software indicates Shed Mode suggests a hardware failure in the GPIO opto-isolator.
OPTIMIZATION & HARDENING
To enhance Performance Tuning, the system should utilize concurrency within the control loop. By parallelizing the status checks of multiple breakers, the total cycle time for a shedding event can be reduced from 50ms to 12ms. For Security Hardening, all Modbus traffic must be tunneled through an IPsec VPN or Stunnel, as the protocol itself lacks native encryption. Implement a stateless firewall rule using iptables to allow only the IP of the master controller to communicate with the port 502 on the field devices.
Scaling Logic requires a transition to a distributed “Gossip Protocol” for load management. As the number of DERs and loads increases, the overhead on a single central controller becomes a single point of failure. By implementing a decentralized priority queue, each Node Controller can make independent shedding decisions based on local frequency readings while heartbeating their status back to the central SCADA for global optimization.
THE ADMIN DESK
How do I temporarily bypass a load for maintenance?
Navigate to the /etc/mgrid/override.json file. Set the “Bypass” flag to “True” for the specific DeviceID. This is an idempotent action; ensure you revert it after maintenance to maintain the integrity of the safety system.
What causes a ‘Priority Conflict’ error during boot?
This occurs when two disparate loads are assigned the same priority rank in the inventory.yaml. The system requires a strict linear hierarchy to resolve sheds sequentially. Assign unique values and restart the mgrid-controller service.
How is signal-attenuation mitigated in large microgrids?
Ensure all long-distance communication is handled via Fiber Optic media converters. If using copper, utilize RS-485 with termination resistors or Active Ethernet Extenders to maintain signal integrity and minimize packet-loss across the network.
Why did the system fail to shed during a frequency dip?
Check the Under-Frequency Load Shedding (UFLS) deadband settings. If the latency between the sensor and the breaker exceeds the decay rate of the system frequency, the microgrid will collapse before the command executes. Tighten the timing intervals.
Can I integrate renewable forecasting into the shedding logic?
Yes. By feeding the JSON output of a weather forecast API into the mgrid-predict module, the system can preemptively adjust the shedding threshold based on the projected throughput of solar or wind generation assets.