Fault Management in Speed Control Systems of Hydroelectric Power Plants Through Petri Nets Modeling: Case Study of the Alazán Power Plant, Ecuador

Abstract

This study addresses the challenge of improving fault management in hydroelectric systems using Petri nets. The objective is to propose a novel methodology for efficient fault diagnosis and intervention in the Governor system, a critical component in regulating turbine speed. Traditional diagnostic approaches often rely on manual inspection and expert intuition, and they lack formal mechanisms to model concurrent or asynchronous system behavior—leading to delays and reduced accuracy in fault identification. Our approach introduces a structured modeling technique using Petri nets, enabling dynamic analysis of the system’s behavior and response to faults. A detailed methodology was developed, beginning with a thorough characterization of the system and its translation into a Petri net model. Simulation results demonstrate the model’s effectiveness in significantly reducing diagnostic and intervention times compared to traditional methods. Results show that using Petri nets improves fault detection accuracy, accelerates decision-making, and optimizes resource allocation. This research concludes that the proposed model offers a robust framework for enhancing fault management in hydroelectric plants, providing both operational efficiency and reduced downtime. Future work will focus on integrating real-time monitoring and further validating the model in live environments to ensure scalability and adaptability to other power generation systems.

1. Introduction

Due to population and industrial growth, there is a continuous pursuit of new methods for producing renewable energy in a consistent manner and with minimal environmental pollution [1]. Although various methods of power generation exist, hydro-based sources remain among the most common and historically established worldwide [2]. These types of power plants exploit the geographical characteristics of each location and operate based on river flows [3]. From a technical standpoint, the process harnesses the head or fall of water, converting the fluid potential energy into kinetic energy within the hydraulic turbine, which is subsequently transformed into mechanical energy and then into electrical energy in the generator. In addition to its long operational lifespan and high reliability, this generation system is distinguished by its rapid response capability for startup, load increase, load shedding, and tracking of load variations in the interconnected power system, making it a highly cost-effective and flexible source of electricity generation [4].

In Ecuador, hydroelectric power represents more than 78.00% of annual energy production, according to statistics from the National Electricity Operator (CENACE), based on energy generation data from the year 2024 [5]. When considering a hydroelectric power plant as a set of subsystems that interact with one another toward a common goal, it becomes critically important to efficiently address and manage any disturbance or failure that may occur. Failure to do so can affect electricity generation, leading to significant expenditures of time and resources, and negatively impacting the plant’s availability and reliability indicators [6]. Based on this, the importance of an effective and well-structured maintenance plan for hydroelectric plants is established, along with the ongoing search for new fault detection alternatives. This has become a significant area for studies and analysis related to operational and maintenance behavior [7]. In this context, one essential system for power generation is the Speed Governor, whose primary function is to control grid connection. It accomplishes this by comparing the system’s electrical frequency with the mechanical frequency of the turbine, allowing synchronization with the national interconnected system [8].

Additionally, it is responsible for regulating the turbine’s speed, ensuring that it remains constant despite any disturbances that may enter the system. Another of its vital functions is the startup and shutdown of the generator under both normal and critical operating conditions. Given all its tasks and the Governor’s significant importance within the generation system, it requires a strict maintenance process to prevent potential failures that could compromise its operability [9].

Failures are random events that, in certain cases, require a specific methodology for early diagnosis, identification, and damage mitigation within hydroelectric power plants. Within this scope, two primary categories of identification and diagnostic methods are recognized: traditional methods, which involve extracting information from equipment historical records and personnel experience; and intelligent methods, which rely on the application of novel processes for data extraction and analysis, incorporating technological resources such as algorithms and machine learning. Although traditional methods are still widely employed, they are limited by the system information scarcity, which hinders the diagnostic and identification process [6].

Intelligent methods have emerged from research into innovative approaches for fault identification in industrial systems, where machine learning, neural network implementation, and diagnostic algorithms predominate. These techniques yield efficient and acceptable results that can be applied to hydroelectric plants. Such methods enhance fault analysis by enabling fault classification and the development of more accurate and automated databases [10].

Another key feature of these methods is their ability to identify critical fault characteristics, while minimizing human factor influence and maintaining high performance when processing new and unknown data. This enables real-time event analysis and prediction, supporting the simultaneous management of multiple event types and improving the integrity and reliability of diagnostic process [6].

With the objective of identifying tools that enhance the efficiency of fault management within the systems of a hydroelectric power plant, various studies have evaluated the reliability and availability of such systems through simulation models. These models are particularly useful for complex systems, as they allow for the detailed analysis of system characteristics [11]. Among the most innovative modeling and simulation methods, Petri nets stand out compared to traditional approaches due to their ability to capture and represent the dynamic behavior of systems during operation [12]. Based on this criterion, Petri nets are used to model and analyze complex systems such as communication networks and industrial processes. Their application spans a wide range of scientific and technological fields, including industrial automation, control, and resource management, demonstrating valuable results [13].

In particular, quantitative studies have demonstrated the significant improvements enabled by Petri net-based simulation models. Mehdi et al. (2024) applied colored timed Petri nets and Monte Carlo simulation to a mechatronic system, achieving a mean time between failures (MTBF) of approximately 50,000 h and component availabilities exceeding 98% [14]. Similarly, Singh et al. (2025) developed a reliability, availability, and maintainability (RAM) model for hydropower components—including turbines, governors, and generators—using Petri nets integrated with FMEA and FTA data, and reported system availabilities ranging from 95% to 97% [15]. Additionally, Melani et al. (2016) demonstrated that a Petri net-based fault diagnosis strategy in a hydroelectric power plant reduced false positives by 30% and decreased fault localization time compared to traditional SCADA systems [16].

In this context, our work proposes the design of a Petri net model for the Speed Governor (hereafter referred to as the Governor) of an operational and functional hydroelectric power plant. In this case, Alazán Hydroelectric Plant, located in the city of Azogues, Ecuador, has been selected. Specifically, a horizontal-axis Pelton turbine equipped with two injectors is analyzed. Using the proposed Petri net, a fault management analysis is conducted on this equipment to demonstrate the feasibility of implementing such a model within the plant.

The article is organized as follows: Section 2 presents related works on the application of Petri nets in various types of processes, highlighting their results and contributions to efficient maintenance management. Section 3 provides a detailed description of the methodology used in this proposal. The process is followed systematically, beginning with a comprehensive characterization of the Governor system, followed by its translation into a Petri net. Section 4 presents the main results and analysis regarding potential fault management. Finally, Section 5 summarizes the main conclusions derived from this proposal.

2. Related Works

In the context of our research, it is important to identify related works that can provide valuable insights for our study. Related works identified in the literature present various applications of Petri nets in electrical and industrial systems, particularly in fault diagnosis and monitoring.

Table 1. Summary of relevant studies on the application of Petri nets in the optimization and diagnosis of power generation and industrial systems. Overview of Petri net applications from 2006 to 2023.

Ref.	Objective	Methodology	Findings	Limitations
[17]	Explore applications of Petri nets in electrical systems.	Literature review and theoretical analysis.	Identifies key application areas in the planning and operation of electrical systems.	Lack of demonstrated practical applications.
[18]	Introduce an advanced methodology for fault diagnosis in power systems.	Development of a novel fault diagnosis approach using Petri nets.	Introduces significant improvements over conventional fault diagnosis methods.	Application limited to highly specific contexts.
[19]	Develop a fault diagnosis method adaptable to multiple systems.	Design and validation of a Petri net model.	Demonstrates effectiveness in identifying and diagnosing faults in large-scale systems.	Requires case-specific adjustments for each application.
[20]	Investigate the utility of Petri nets in the analysis of electrical systems.	Literature survey and synthesis.	Compiles and evaluates analysis techniques using Petri nets in the electrical sector.	Strong dependency on operator experience and empirical knowledge.
[21]	Evaluate and improve model accuracy in automated electrical systems.	Development of stochastic Petri net models and evaluation.	Enhances performance evaluation accuracy in automated electrical systems.	Complexity in programming efficient operating cycles.
[22]	Propose a fault diagnosis model for hydroelectric plants.	Development and validation of a diagnosis model.	Validates model effectiveness in industrial environments for fault diagnosis.	Challenges in validating the model under fluctuating operating conditions.
[23]	Optimize maintenance strategies in coal plants using Petri nets.	Optimization through stochastic Petri net models.	Improves efficiency and reduces downtime in coal plant maintenance.	Focused on specific components, such as gearboxes.
[24]	Improve efficiency and reliability of electric distribution networks using cyber-physical systems.	Integration of cyber-physical systems with Petri net modeling.	Demonstrates advantages of integrating cyber-physical systems for grid optimization.	Complex interactions between physical and digital components remain unresolved.
[25]	Optimize operational and maintenance tasks in power systems.	Development of estimation and optimization models.	Optimizes maintenance and operational tasks, reducing costs and increasing efficiency.	Does not consider operational errors or human factors.
[26]	Improve management and coordination in distributed generation systems.	Supervisory control modeling with Petri nets.	Enhances coordination and management in distributed energy generation systems.	Requires further development in policies and regulations for effective implementation.
[27]	Optimize planning and real-time operations of electrical networks.	Planning and optimization using stochastic Petri nets.	Facilitates power grid management, enabling more efficient real-time response.	Based on assumptions that may not reflect real operational variability.
[28]	Optimize inspection and maintenance in electrical substations.	Modeling and optimization of maintenance activities.	Enables more efficient and cost-effective management of maintenance tasks.	Restricted to certain types of equipment and substation configurations.
[29]	Propose a fault localization method for hydroelectric units under limited fault samples.	Experimental study using an SG-WMBDL model combining sparse autoencoder (SAE), GAN, wavelet noise reduction, and AdaBoost with deep learning; validated using real sensor data.	High accuracy in fault identification with limited samples; notable improvement compared to traditional methods.	High model complexity; validation limited to specific datasets without testing across multiple plants or real-time environments.
[30]	Analyze the application of Petri nets in smart grid systems.	Interdisciplinary literature review and classification of Petri net models.	Identifies applications in fault detection, load optimization, and energy management.	Limited field validation; predominantly simulation-based; lack of standardized frameworks.

shows a summary of several relevant studies involving Petri nets, highlighting the objectives of each study, methodologies employed, key findings, and identified limitations.

One of the earliest related works was presented by Lin et al. (2006) [17], who conducted a concise and systematic study on the applications of Petri nets in electric power systems. These authors formalized the definition of Petri nets (places, transitions, arcs, and tokens) and reviewed advanced extensions of the technique, such as colored Petri nets, object-oriented Petri nets, and timed hierarchical Petri nets, even proposing the integration of Petri nets with genetic algorithms for global optimization. Their study revealed that Petri nets have been extensively researched in this domain; however, most prior works were preliminary and limited to small-scale systems. Lin et al. highlighted the lack of practical implementations in large-scale power systems, identifying this gap as a key direction for future research.

Subsequently, Peng et al. (2009) [18] proposed a novel fault diagnosis method that combines component-oriented Petri nets with temporal ordering information, aiming to enhance the recognition of causality among alarms and reduce the combinatorial explosion in the modeling of power system protection schemes. In their approach, each critical power system element is individually modeled with a Petri net based on its operational protection philosophy, incorporating the temporal sequence of events to filter imprecise data and increase diagnostic accuracy. The results showed that this novel method improves fault detection accuracy by eliminating spurious information, and the case studies confirmed its potential effectiveness for real-time applications assisting operators during emergencies. Nevertheless, the authors acknowledged that constructing Petri net models for each element involves high complexity and workload, and difficulties persist in scaling the method to large power systems due to the potential residual combinatorial explosion.

In 2013, Mansour et al. [19] developed a simplified fault diagnosis method for large power plants using Petri nets. In their approach, they constructed individual Petri net models for each section of the plant (case study: the High Dam Hydroelectric Power Station in Egypt), using SCADA system data to initialize the system’s conditions and analyze the status of switches and protection relays to isolate the faulty section. Computer simulations demonstrated that the proposed method effectively identifies faults in approximately one second, without requiring prior parameter training, providing accurate diagnostics that support timely decision-making by operators. Although the Petri net model needs to be slightly adapted when applied to different plants, this adjustment is relatively straightforward compared to other techniques (e.g., fuzzy logic or Bayesian networks, which typically require parameter recalibration and learning), making the solution by Mansour et al. particularly notable for its practical feasibility with minimal configuration effort.

In 2014, González et al. [20] presented Petri nets as a viable alternative for modeling and analyzing electric power systems. Their work introduced the formalism of Petri nets (including their symbols and firing rules) and reviewed relevant case studies from the literature where Petri nets were applied in protection schemes, fault diagnosis, risk analysis, and power service restoration procedures. The authors demonstrated that Petri nets enable effective representation and analysis of complex phenomena in the power grid, from fault detection to post-fault reconfiguration, especially when combined with complementary techniques such as fuzzy logic or expert systems to enhance their capabilities. However, they emphasized that the design of Petri net models for protection purposes still heavily relies on empirical rules and engineer experience, and that formal handling of operational uncertainties and multiple reconfiguration options remains challenging due to the risk of combinatorial complexity. Furthermore, the accuracy of Petri net-based analysis may be constrained by the quality of available system data.

In the same year, Avram et al. [21] proposed a simulation model based on fluid stochastic Petri nets (FSPN) to capture the dynamic behavior and interactions within a chain of micro-hydropower plants. In a real case study (multiple small hydropower plants along the Someș River basin), they modeled various hydroelectric components using FSPNs coupled with automata networks and conducted simulations under different operating conditions using the UPPAAL tool to verify system behavior. Additionally, they integrated validated control modules within a SCADA system, enabling complex automation for the coordinated operation of the microplants. The resulting model successfully reproduced and optimized water resource management and the performance of the generating units, demonstrating its validity through successful application to the selected case study. The main challenge identified by the authors was the difficulty of programming the startup of each generating unit based on incoming flow, as well as the significant increase in computation time and model complexity as the number of power cells grows—suggesting the need for additional tools to scale the approach to larger networks.

In 2016, Melani et al. [22] developed a model-based fault diagnosis system for the thrust bearing cooling and lubrication subsystem in a hydroelectric plant, integrating Petri nets with the HAZOP analysis technique to automate fault identification. Their approach first conducted a HAZOP study of the system to identify hazards and abnormal conditions, then translated those safety requirements into a goal-oriented model (KAOS), and, finally, applied an algorithm that converts the resulting KAOS model into an equivalent Petri net, which was validated by comparing its behavior with actual sensor readings. This innovative procedure systematically identified potential faults in the thrust bearing, improving the operational safety of hydraulic turbines and highlighting the value of formally incorporating risk analysis (HAZOP) in the development of Petri net models. However, full validation of this methodology presents challenges, as it depends on the accurate translation of KAOS diagrams into Petri nets and currently does not handle probabilistic information. Furthermore, the study was limited to a single practical case, so further research is needed to demonstrate its generality and effectiveness in other contexts, as well as to deepen the formal analysis of the underlying KAOS model properties.

In the field of maintenance, Melani et al. (2019) [23] employed generalized stochastic Petri nets (GSPN) to optimize the maintenance strategy for the cooling tower of a coal-fired power plant, examining how the size of the maintenance team impacts system availability and performance. The GSPN model was fed with actual operational data from the plant, adjusting failure and repair distributions through maximum likelihood estimation (using Weibull++), and enabled the simulation of various staffing scenarios using the GRIF tool, complemented by a thermodynamic analysis linking the cooling tower’s performance to the overall plant efficiency. The results indicated that increasing the maintenance team from one to two or three technicians significantly improves system availability and yields substantial fuel savings (over USD 1 million in costs, due to reduced coal consumption), highlighting the advantages of GSPNs for modeling complex systems and evaluating operational decisions compared to traditional static methods. A noted limitation is that the study only considered failures in the tower’s gearbox due to data availability, and it assumed that components are “as good as new” after repair; as a result, the predictions critically depend on the quality and representativeness of the data used.

In 2020, several relevant studies were identified. De Carvalho et al. [24] introduced a new perspective on hydroelectric control modeling through the concept of cyber-physical systems, using Petri nets to represent the interaction between control (cyber) components and physical processes. In their work, they developed a modular and hierarchical Petri net model describing the startup and shutdown sequence of a generating unit at the Jirau Hydroelectric Plant (Brazil), separating the system into a cyber control level and a physical level, interconnected through input and output signals. This qualitative approach demonstrated that Petri nets can effectively capture the complex dependencies between control systems and physical equipment in a hydroelectric plant, serving as a foundation for future research on hydroelectric control modeling.

Murad et al. [25] presented a stochastic model based on Petri nets to predict the availability of generation systems, with particular emphasis on the influence of human errors during maintenance. The model, built as a generalized stochastic Petri net (GSPN), explicitly incorporates human error rates into the stochastic transitions (assuming Weibull and exponential time-to-failure and repair distributions) and uses simulations to estimate how different maintenance scenarios impact equipment availability. The results showed that maintenance-related human errors can significantly reduce the availability of generating units (by up to approximately 10%), underscoring the importance of improving maintenance practices to maintain high levels of system reliability.

Maschio et al. [26] addressed the supervisory control of microgrids with distributed energy resources by modeling these systems as discrete event systems, integrating Petri nets into the control and generation customization process. In their framework, asynchronous events (such as state changes in renewable generators) were modeled using finite automata, while uncertainties and probabilistic variations (such as fluctuations in generation or demand) were captured through generalized stochastic Petri nets (GSPNs) to dynamically adapt the microgrid’s operational strategy. Using a communication platform based on MQTT/HTTP, they interconnected generators, the microgrid, and the main grid, enabling the simulation of various coordination scenarios and the evaluation of cooperative energy management policies. The proposed approach demonstrated a more balanced and efficient use of resources compared to non-cooperative microgrids, accurately reproducing real system behavior with over 90% precision, which is valuable for capacity planning and system sizing.

In 2022, Melani et al. [27] extended the application of generalized stochastic Petri nets (GSPNs) to the domain of maintenance logistics planning in distributed energy systems. In this study, they modeled a company operating two small hydroelectric power plants (SHPPs) using GSPNs to assess how spare parts availability and shared allocation of maintenance crews affect the overall system availability. Historical failure and repair data of the assets were collected, along with travel times for maintenance personnel and spare part delivery times, to parameterize the model. They then simulated multiple scenarios, varying the number of maintenance teams and the spare parts inventory, and evaluated the impact on system availability and associated costs. This approach enabled the identification of the optimal logistical configuration, demonstrating that GSPNs are an effective tool to address maintenance challenges in remote plants and to optimize inventory and service resource management. However, the authors noted that the model relied on simplifying assumptions regarding costs and was not intended to deliver precise forecasts without case-specific calibration. Additionally, the evaluation focused exclusively on financial metrics, and they suggested incorporating multi-criteria decision-making frameworks in future work to strengthen decision robustness.

Nasrfard et al. (2023) [28] proposed a probabilistic maintenance model based on Petri nets aimed at optimizing inspection and preventive maintenance policies by incorporating both random failures and age-related degradation. In their approach, the degradation of a circuit breaker (the component under study) was modeled using a two-parameter Weibull distribution, defining several deterioration states. Various inspection frequencies within a given range were simulated to evaluate their effect on system performance metrics such as availability and cost. Through Petri net simulations, the authors identified optimal inspection rates that minimize total inspection and preventive maintenance costs, demonstrating that their model can be integrated into maintenance decision-making and asset management tools to improve operational efficiency. Although the study focused on circuit breakers, the authors suggest that the approach could be extended to other electrical system components (such as generators or transformers) and highlight the need to explore multi-objective optimization methods, as the current model assumes perfect inspections and considers only a single optimization criterion.

Finally, in 2024, Ge et al. [30] conducted an extensive survey on the application of Petri Nets (PNs) in smart grid systems, focusing particularly on their role in fault detection, energy management, and load optimization. The authors categorized over 50 recent studies based on the type of PN used—such as stochastic and timed Petri nets—and their specific functions within the smart grid domain. Through this taxonomy, the study highlighted how PNs facilitate structured modeling of discrete event-driven behavior, enabling better predictability and automation in energy systems. However, the survey also revealed that most implementations remain confined to simulation environments, lacking real-world validation or standardized benchmarks for performance comparison. In the same year, Huang et al. [29] proposed a novel fault localization method for hydroelectric units under conditions of limited fault data. Their approach involved the development of a hybrid deep learning model (SG-WMBDL) that integrates sparse autoencoders (SAE), generative adversarial networks (GAN), wavelet-based noise reduction, and AdaBoost techniques. The model was trained and tested using real-world sensor data and demonstrated high accuracy in fault localization with minimal samples. This technique significantly outperformed traditional methods, especially in data-scarce conditions, but its complexity and the lack of multi-plant or real-time validation were noted as key limitations.

In general, several studies have proposed optimized maintenance models that analyze the evolution of Petri net applications in power generation and industrial contexts. Most of these works highlight advantages such as the accurate modeling of complex systems and the ability to simulate different scenarios. However, they also point out limitations, such as the restricted application to certain equipment or traditional technologies, and identify research gaps, including the need to extend studies to a broader range of industrial systems or to incorporate emerging predictive technologies. These observations open the way for contributions based on the design of tailored proposals for specific systems, as is the case in our work.

3. Methodology

The proposed method consists of four steps, as shown in Figure 1. In first stage, a study of Governor is conducted, in which its operating principle is described in detail through the review and validation of technical drawings and manuals provided by the manufacturer. Subsequently, in second stage, the most common faults associated with the system are identified, and the time required for their diagnosis and correction is determined, thus establishing an initial framework for assessing the effectiveness of the proposed model. In third stage, Petri net-based model is developed, ensuring a technically accurate and faithful representation of the real system, which enables precise identification of the component responsible when a fault occurs. Finally, in fourth stage, model is validated by systematically introducing various combinations of faults and disturbances; the results are then rigorously analyzed to verify the accuracy and robustness of the proposed model.

3.1. Study Area Location

For this proposal development, Governor of Alazán power station is taken as the reference. This plant is part of Mazar-Dudas hydroelectric project, located on the border between the provinces of Cañar and Azuay in Ecuador (Figure 2). Although the overall project comprises three run-of-river power stations, Alazán Governor is selected as the case study, as it is currently the only station within the project contributing energy to the national power system.

Mazar–Dudas hydroelectric project was established through a joint institutional effort involving the Provincial Government of Cañar, the Municipality of Azogues, and the Azogues Electric Company on 22 November 2007, with the objective of developing clean energy infrastructure focused on environmental sustainability. On 3 January 2012, the Ecuadorian national utility CELEC EP created the Hidroazogues Business Unit to oversee the management and construction of the Mazar–Dudas project, which has an installed capacity of 20.82 MW. Alazán, being the first plant constructed and commissioned within this system, faced considerable challenges during its implementation phase—particularly due to the unilateral termination of the original construction contract, which resulted in limited documentation and system knowledge. These limitations have posed ongoing operational difficulties, making the plant a relevant subject for fault management research. Due to the confidential nature of official maintenance records, the data used in this study are based on internal reports and operational knowledge accumulated by technical staff over years of experience at the facility.

3.2. Diagram of Governor Under Study

To maintain constant speed despite disturbances occurring in the plant’s system, Governor is composed of a control system and a hydraulic system. The control system includes a PLC along with analog and digital modules, while the hydraulic system consists of step motors, main pressure distribution valves, one-way flow valves, deflector solenoid valves, and an emergency shut-off solenoid valve. A schematic representation of this system is shown in Figure 3, and the main components are described in

Table 2. Identified components in Governor.

Id.	Description	Id.	Description
1	Accumulators	11	Main valve
2	Pressure indicator	12	Solenoid valve
3	Drain valve	13	Solenoid valve
4	Retention valve	14	Servo motor
5	Safety valve	15	Accelerators
6	Motor	16	Distribution valve
7	Pump	17	Brake valve
8	Filter	18	Injector
9	Temperature indicator	19	Deflector piston
10	Oil indicator	20	Brake piston

.

This system comprises multiple interacting components, which makes early fault identification and correction complex. As a result, corrective maintenance times become excessive, affecting not only the system availability itself but also the availability of the generating unit within the National Interconnected System.

3.3. Most Common Faults Identified in Governor

Based on the experience of operating personnel and limited maintenance records of Governor, a list of the most common system faults and their corresponding intervention times has been compiled.

Table 3. Common Governor faults and intervention times.

Failure	Intervention Time [min]
External communication failure	65 to 120
Injector control failure	60 to 120
Deflector failure	60 to 240
Hydraulic brake failure	60 to 120
Turbine speed failure	60 to 180
Position sensor failures	60 to 180
Failure in components external to the system	60 to 120
Communication failures	30 to 120
Charging socket failures	60 to 120
Communication failures with the PLC	30 to 60
Synchronization failures	60 to 180
Oil pressure faults	60 to 120
AC power failures	60 to 120
DC power failures	60 to 120
Mains frequency faults	30 to 60

presents the main identified faults along with their estimated intervention times.

The classification of failures presented in Table 3 was based on a combination of factors: the type of component affected, the origin of the failure (electrical, mechanical, or control-related), the impact on the operational functionality of the Governor system, and the estimated time required for technical intervention. For instance, a fault in the speed sensor was considered high priority due to its immediate impact on system stability, while other issues—such as minor deviations in injector response—were addressed within broader maintenance windows without compromising immediate plant operation.

This categorization was developed from field observations and historical maintenance records compiled by technical staff at the Alazán hydroelectric plant, as well as expert input from supervisory personnel. Although it is not derived from a formal standard, it aligns with common industrial practices that prioritize failures according to their impact on operational safety, availability, and reliability. Accordingly, Table 3 represents a classification based on the operational impact of each component involved and the estimated technical response time required. The listed failures are those that demand prompt attention to prevent generator shutdowns or critical loss of control.

3.4. Petri Net Design Process

Based on the interaction relationships among components, Petri net provides a graphical representation in which different interactions are described as places, transitions, and arcs. Figure 4 shows a basic example of Petri net elements used in this work. These graphical representation features allow for effective application in complex systems.

To begin the Petri net design, we started with the flow diagram of the regulation system shown in Figure 5. The Petri net must be designed considering the detailed process to ensure it aligns as closely as possible with real-life operation.

Using the system components listed in Table 2 and their operational relationships represented in Figure 5, the Petri net model was constructed. The main tool used for developing the model was the simulation software WoPeD (Workflow Petri Net Designer Version 3.8.0.2020).

The places were defined to represent both physical elements of the system and discrete operational conditions. Places were assigned to states requiring temporal persistence, prior validation before action, or the presence of a signal to trigger activation—such as the availability of the speed sensor signal, the activation of the hydraulic system, the enabling of the PID controller, the injector position, or synchronization with the grid. This representation captures the system state at each stage of the regulation and startup process.

The transitions were defined to model dynamic events that induce state changes within the system, such as the validation of operational conditions, the execution of control actions, and progression between operational stages. For instance, the verification of the speed sensor signal or the activation of specific modules were modeled as transitions, since these represent processes that, upon the satisfaction of certain places, enable the logical progression of the system. This definition allows an accurate depiction of the sequence of events that drive the system’s behavior under varying configurations.

In the proposed model, tokens represent the effective availability of a condition or resource within the system. The presence of a token in a place indicates that the corresponding condition has been met and can be used as a prerequisite for triggering a transition. In this way, tokens simulate the system’s evolution over time, allowing for the evaluation of its behavior under different operational scenarios and failure conditions, and ensuring compliance with the logical dependencies required for safe operation.

The configuration of arcs between places and transitions was based on the causal relationships between conditions and events in the system. A directed arc from a place to a transition indicates that the condition represented by the place is required for the corresponding event to occur. Conversely, an arc from a transition to a place indicates the logical consequence of that event, resulting in a new operational condition. This structural criterion ensures that the Petri net accurately reflects the sequential and conditional behavior of the system, both under normal operating conditions and in the presence of faults or unavailable signals.

4. Results

4.1. Designed Petri Net

The proposed Petri net model of the Speed Governor is shown in Figure 6. This model represents the system complete architecture, encompassing all modules involved in the operation and control sequence. The Petri net is composed of multiple places, which represent system states or logical conditions, and transitions, which symbolize events or state changes. These elements are interconnected by directed arcs that define the logical sequence of operations.

The model is organized in a functional block sequence, enabling the clear visualization of the system’s operational flow. At the beginning are the input modules, responsible for establishing the necessary conditions for startup. These are followed by logical processing blocks, which manage the system’s progression based on received signals. Subsequently, control elements are integrated to validate the required parameters before activating the actuators. Finally, output modules—such as solenoid valves and motors—are located at the end of sequence, executing the physical actions resulting from the control process. Additionally, the network includes auxiliary components whose role is to ensure system supervision, synchronization, and feedback for proper operation.

Table 4. Identifiers and components of the Petri net.

Id	Component	Id	Component
OA	Start	BACEI2	Oil pump 2
BE	Emergency button	PACEIB	Low oil pressure
CE	External conditions	PACEIAD	Oil pressure
FR	Network frequency	CPID	PID controller
DC	DC	MO1	Orientation module 1
AC	AC	EV1	Solenoid valve 1
CC	Approved conditions	MP1	Stepper motor 1
FH	Hydraulic brake	SP1	Position signal 1
D	Deflector	SPI1A	Position sensor 1 injector 1
SI	Inductive sensor	SPI2A	Injector 1 position 2 sensor
ACEI	Governor oil pressure	FEEDBACK	Feedback
FA	Hydraulic brake activated	MO2	Orientation module 2
EVFH	Hydraulic brake solenoid valve	EV2	Solenoid valve 2
FL	Free brake	MP2	Stepper motor 2
DA	Deflector activated	SP2	Position signal 2
SFD	Deflector activated sensor	SPI1B	Position sensor 1 injector 2
SID	Deflector disabled sensor	SPI2B	Injector 2 position 2 sensor
MD	Deflector solenoid valves	CI	Machine switch closure
DD	Deflector disabled	INC	Load increase
DV	Speed device	DEC	Load decrease
SVM	Mechanical speed sign	US	Synchronized
BACEI1	Oil pump 1	ABE	Emergency button activation
AL	Powered	DMP1	Stepper motor 1 activated
AEVFH	Activate solenoid valve	PFSA	Signal end position injector 1
PD	Deflector position	AMP2	Stepper motor activation 2
AMD	Activate deflector solenoid valve	PI2	Injector position 2
ADV	Speed signal input	V300	Speed at 300 rpm
PACIE	Governor oil pressure	OTC	Load entry order
AMO	Activate orientation module	TC	Load socket

shows the main elements designed within the Petri net, highlighting those that are essential along with their operational requirements.

4.2. Validation of Designed Petri Net

Petri net validation was carried out using the same modeling software (WoPeD) to ensure the absence of errors and infinite loops, and to confirm the resolvability of the model. Semantic analysis revealed that the structural design contains no deadlocks.

Table 5. Model validation.

Net Statistics	Value	Qualitative Analysis	Result
Places	48	Structural analysis	Well structured
Transitions	31	Soundness	Workflow net property
Operators	11	Source places	OA
Subprocesses	0	Sink places	Synchronized unit
Arcs	90	Liveness	Dead transitions: 0

presents network statistics including the number of places, transitions, and arcs, along with quantitative results such as initial and final nodes and operational cycles. Additionally, the Petri net workflow is linear, which confirms that it follows the properties of a well-defined workflow diagram.

Figure 7 shows the simplified interaction diagram of system’s Petri net model, which highlights the complexity of interactions that occur during real network operation. This visual representation helps to understand the system’s overall flow while preserving the original model structural complexity. It is especially useful for identifying key dependencies and control paths between subsystems.

Table 6. Functional interaction table.

Functional Block	Included Modules	Connections with Other Modules
Input	ABE, AC, AI, BE, OA, PC, SI	AEV 1, AEV 2, AMP 1, DMP 1, MO 1, SP 1, EV 1, MP 1
Processing	AMP 1, AMP 2, DMP 1, DMP 2, MP 1, MP 2, SP 1, SP 2	PI 1, PI 2, EV 1, EV 2, MO 1, MO 2
Control	AE, CC, CE, CI, CN, CPID, DECINC, PI 1, PI 2, SPI 1A, SPI 1B, SPI 2A, SPI 2B, TC	MP 1, MP 2, AEV 1, AEV 2, MO 1, MO 2, EV 1, EV 2
Actuators	AEV 1, AEV 2, EV 1, EV 2, MO 1, MO 2	PACEI, PACEIC, BACEI 1, BACEI 2, MP 1, MP 2
Support/Supervision	AMD, BACEI 1, BACEI 2, CHF, D, DA, DFH, FLFH, FR, OCD, PACEI, PACEIC, PACEIAD, SID, SFD, UNIDAD SINCRONIZADA	CI, CN, CPID, MO 1, MO 2, EV 1, EV 2, SPI 1A

summarizes the main modules of Governor system, organized into functional blocks according to their operational role: input, processing, control, actuators, and supervision. Each block groups its internal components and outlines relevant connections with other system modules.

Based on Figure 7 and Table 6, consistency between the model and the real system is validated, confirming that Petri net accurately reflects the behavior of Governor. The match between the interaction structure and the workflow demonstrates that model appropriately captures the system’s operational conditions and transitions, enabling detailed analysis and reliable diagnostics.

4.3. Simulation

Based on the model, simulations were conducted to analyze the system’s response to component failures, assessing their impact and associated severity levels. To create an environment as close as possible to real conditions, simulation incorporated the sampling limitations of the equipment currently installed in the system, considering technological obsolescence.

In practice, the system’s data acquisition board only supports sampling rates up to 10 Hz. Additionally, due to the aging of RS-485 converters, frame losses occur, introducing communication delays of 1–2 ms between the PLC and SCADA systems.

Given the limitations of the data acquisition equipment, the sampling rate was varied in simulation across three frequencies—5 Hz, 7 Hz, and 10 Hz—to determine the maximum and minimum response times, which were then compared to traditional response times.

As a first step, potential faults were classified along with the Petri net elements associated with each failure.

Table 7. High-severity faults.

Failure Effects	ID Components
Emergency stop	FR, OCD, SFD, SID, AMD, MD, PFD, DD, DV, EVM, SVM, PACIE, BACEI1, BACEI2, PACIEC, PACEIB, PACEIAD, CN, CPID, AMO, FEEDBACK, VI300, CI, OTC, US
Does not initiate the startup sequence	ABE, BE, CE
No power supply to the equipment	DC, AC
Unit synchronism failure	CC
No water entering the turbine	D
Failure in control of injectors, deflectors, hydraulic brake	ACEI
Generator wrapping	PD, ADV
Damage to the flywheel and generator	CFH, FA, AEVFH, EVFH, DFH, FL

presents high-severity faults, which affect overall system availability and cause complete interruptions.

Table 8. Medium-severity faults.

Failure Effects	ID Components
No start-up sequence	PC, AE
No power to modules, PLC, pumps, sensors	AL
Unable to synchronize the unit	SI
Bearing vibrations and active power control	DA
No load control	TC
Injector 1 and active power control fault	MO1, AEV1, EV1, AMP1, MP1, DMP1, SP1, PI1, SPI1A, SPI2A, PFSA
Injector 2 and active power control fault	MO2, AEV2, EV2, AMP2, MP2, DMP2, SP2, PI2, SPI1B, SPI2B, PFSB

presents medium-to-low severity faults, which only affect specific components without compromising overall system availability. In both cases, unresolved faults impact the generating unit operation.

Based on fault classifications in Table 7 and Table 8, a series of simulations were conducted to evaluate the model behavior. In each simulation, a fault was introduced into a specific component, and the sampling rate was varied in order to analyze its impact on system response time. The results were compared against traditional response times and further associated with the typical intervention times of maintenance personnel.

The results for the Place elements of model are presented in

Table 9. Intervention times (Places).

ID	Variations (min)			ID	Variations (min)
	1	2	3		1	2	3
OA	47	35	30	BACEI2	12	10	10
BE	47	35	30	PACEIB	12	10	10
CE	60	60	60	PACEIAD	12	10	10
FR	57	45	40	CPID	60	60	60
DC	12	10	10	MO1	52	40	15
AC	12	10	10	EV1	52	40	15
CC	52	40	30	MP1	52	40	15
FH	52	40	30	SP1	52	40	15
D	52	40	30	SPI1A	52	40	15
SI	52	40	35	SPI2A	52	40	15
ACEI	20	20	20	FEEDBACK	52	40	30
FA	52	40	35	MO2	52	40	15
EVFH	52	40	35	EV2	52	40	15
FL	52	40	35	MP2	52	40	15
DA	52	40	30	SP2	52	40	15
SFD	52	40	30	SPI1B	52	40	15
SID	52	40	30	SPI2B	52	40	15
MD	52	40	30	CI	120	120	120
DD	52	40	30	INC	112	30	95
DV	52	40	30	DEC	112	90	60
SVM	52	40	30	US	112	80	65
BACEI1	12	10	10

, highlighting a notable improvement in response speed to disturbances in control and signal components (sensors and actuators). These improvements stand out compared to other elements, leading to a significant reduction in diagnostic time and an overall increase in operational efficiency.

Table 10. Intervention times (Transitions).

ID	Variations (min)			ID	Variations (min)
	1	2	3		1	2	3
ABE	47	35	30	AMO	52	40	15
PC	10	10	10	AEV1	52	40	15
AE	22	10	10	AMP1	52	40	15
AL	22	15	15	DMP1	52	40	15
CFH	52	40	35	PI1	52	40	15
AEVFH	52	40	35	PFSA	52	40	15
DFH	52	40	35	AEV2	52	40	15
PD	52	40	30	AMP2	52	40	15
OCD	52	40	30	DMP2	52	40	15
AMD	52	40	30	PI2	52	40	15
PFD	52	40	30	PFSB	52	40	15
ADV	52	40	30	VI300	52	40	35
EVM	52	40	30	V300	112	90	60
PACIE	20	20	20	OTC	112	30	95
PACIEC	12	10	10	TC	112	80	65
CN	120	120	120

shows the corresponding response times for the Transition elements, where components related to management and event sequencing (commands, logical programming sequences, and preconditions) demonstrate the most optimized performance. This improvement reflects the model’s enhanced ability to manage state transitions and facilitate faster intervention in the presence of system faults.

Figure 8 and Figure 9 show a comparative analysis of intervention times for the system’s model elements. The vertical axis represents system’s fault response time, while the horizontal axis corresponds to the respective model elements.

Figure 8 shows the results for the Places, indicating improved system responsiveness to faults as the sampling rate of simulation increases. When compared to traditional intervention times, a significant reduction in diagnostic time is observed, enhancing the system’s fault response efficiency.

Similarly, in the Transitions case, Figure 9 shows a faster system response. The elements showing the most significant improvements are those related to control and management, highlighting the model’s capability and efficiency. In both cases, a reduction in fault detection time is observed, resulting in improved intervention times and enhanced responsiveness to disturbances within the system.

The application of Petri net model results in shorter intervention times due to the accurate identification of the faulty element. This minimizes the time spent exploring and ruling out possible causes, thereby optimizing both time usage and human resources.

Figure 10 and Figure 11 compare traditional intervention time with estimated time using the Petri net model, focusing solely on the fault diagnosis and identification process. The results for Places are shown in Figure 10, and those for Transitions in Figure 11, presented separately to facilitate visual interpretation and subsequent result analysis.

The improvements in fault diagnosis times are significant for both Places and Transitions. The results confirm that implementation of the Petri net-based model is technically feasible and effective.

4.4. Improvement Estimation

Improvement estimation is analyzed based on the intervention times obtained, compared to the traditional model, in order to determine the actual impact of the proposed model on fault diagnosis and response.

The percentage improvement was calculated using the following expression:

$$\mathrm{Improvement}(\%)=\left({\displaystyle \frac{T_{\mathrm{traditional}}-T_{\mathrm{Petri}\mathrm{net}}}{T_{\mathrm{traditional}}}}\right)\times 100$$

(1)

where

• $T_{\mathrm{traditional}}$ is the average intervention time recorded under conventional diagnostic procedures (in minutes);
• $T_{\mathrm{Petri}\mathrm{net}}$ is the intervention time estimated using the proposed Petri net-based simulation model (in minutes).

This formula quantifies the relative reduction in intervention time and enables a direct performance comparison between both approaches.

The results shown in Table 9 and Table 10 allow for the evaluation of diagnostic and response time improvements by comparing simulation outputs with traditional intervention times. Both tables present the intervention times for each system component according to the model simulations.

Table 11. Improvement estimation with the implementation of Petri net model.

ID	Percentage	ID	Percentage
OA	72.73%	PACIEC	50.00%
ABE	45.45%	PACEIB	50.00%
BE	45.45%	PACEIAD	50.00%
PC	0.00%	CN	0.00%
CE	0.00%	CPID	0.00%
FR	69.23%	AMO	91.67%
DC	50.00%	MO1	91.67%
AC	50.00%	AEV1	91.67%
AE	66.67%	EV1	91.67%
AL	50.00%	AMP1	91.67%
CC	83.33%	MP1	91.67%
FH	91.67%	DMP1	91.67%
D	83.33%	SP1	91.67%
SI	66.67%	PI1	91.67%
ACEI	0.00%	SPI1A	91.67%
CFH	66.67%	SPI2A	91.67%
FA	66.67%	PFSA	91.67%
AEVFH	66.67%	FEEDBACK	50.00%
EVFH	66.67%	MO2	91.67%
DFH	66.67%	AEV2	91.67%
FL	66.67%	EV2	91.67%
PD	83.33%	AMP2	91.67%
DA	83.33%	MP2	91.67%
OCD	83.33%	DMP2	91.67%
SFD	83.33%	SP2	91.67%
SID	83.33%	PI2	91.67%
AMD	83.33%	SPI1B	91.67%
MD	83.33%	SPI2B	91.67%
PFD	83.33%	PFSB	91.67%
DD	83.33%	VI300	66.67%
ADV	83.33%	V300	83.33%
DV	83.33%	CI	0.00%
EVM	83.33%	OTC	75.00%
SVM	83.33%	INC	75.00%
PACIE	0.00%	DEC	75.00%
BACEI1	50.00%	TC	75.00%
BACEI2	50.00%	US	0.00%

reflects the percentage improvement for all elements of the model. Comparison is based on traditional fault identification times versus the best times obtained using the Petri net model. This allows for a quantitative measurement of the impact in terms of reduced intervention times. Fault diagnosis for electrical components shows a significant reduction in response time, due to the rapid detection of anomalies in system signals and states. The model’s precision reduces exploration time and optimizes corrective intervention.

For mechanical components—such as valves, pumps, and lubrication lines—the effectiveness of the model is limited or even negligible, due to physical factors such as material wear, degradation, and friction, which extend diagnostic time. Although the model improves initial diagnosis, final intervention still relies on manual processes, limiting the overall reduction in intervention time.

The reduction in intervention time directly translates into increased operational efficiency by minimizing downtime. This demonstrates that the system is capable of identifying and addressing faults more quickly, thereby improving system availability and optimizing resource utilization.

4.5. Implementation Proposal

Figure 12 presents a proposal for implementing the Petri net model within SCADA system. In this setup, Governor signals are integrated into a Petri net graphical representation for real-time visualization. The proposal is based on the integration of sensors, transducers, PLCs, and a SCADA server to enable agile monitoring, control, and fault identification management.

Given that electronic and control components represent the majority of Governor system, implementation should begin with these elements. Mechanical components, by contrast, do not offer significant benefits in terms of model optimization and can be deprioritized.

It is essential to treat implementation as a continuous validation phase, during which operational data are collected to fine-tune and improve the proposed model. This process will allow for the evaluation of model’s effectiveness under real operating conditions and support necessary adjustments.

5. Conclusions

The most significant contribution of this work lies in the reduction in fault diagnosis time, particularly for electronic and control components. Time comparisons demonstrate a clear improvement in fault identification, resulting in the increased efficiency of corrective maintenance. These results not only validate the applicability of the model in real-world environments, but also highlight its potential as a decision-support tool for the operation of hydroelectric power plants.

As a limitation, the model presents certain constraints regarding its effectiveness in detecting faults in mechanical components such as pumps, valves, or motors. In such cases, physical wear and friction reduce the model’s diagnostic accuracy. Here, fault detection capability relies heavily on the availability of advanced monitoring systems, such as additional sensors and access to real-time operational data.

As future work, model integration into the plant’s SCADA system is proposed. This would enable real-time system status visualization and automate the process of fault identification and response. Such implementation would provide a new level of control, allowing active monitoring of Governor and facilitating system diagnostics.

Furthermore, the implementation proposal includes validating the model using real historical data from the SCADA system to assess its effectiveness under real operating conditions. It is also recommended to explore hybrid approaches that combine Petri nets with artificial intelligence techniques to enable early fault pattern detection and optimize maintenance strategies.

Although this study focused on a horizontal-axis Pelton turbine with two injectors, the proposed Petri net model can be generalized to other types of hydroelectric power plants. This is because the Governor is an essential component present in all turbine systems, regardless of whether they use Pelton, Francis, Kaplan, or other turbine types. Since the model centers on the logic and sequence of fault detection within the Governor system, its structure remains applicable across different configurations, requiring only minor parameter adjustments to account for plant-specific operational dynamics.

Finally, the implementation of Petri nets for diagnosing and modeling the Governor system has proven to be an effective and adaptable tool. Its application enhances both corrective and preventive maintenance processes and lays the groundwork for intelligent monitoring and operational systems in hydroelectric plants—meeting the reliability and efficiency demands of modern power systems.