Saturday, June 27, 2009

Metro Train Crash Due To Obsolete Control Technology?

Washington DC. It appears that there may be superior technology available which could both improve reliability of train sensing (automatic train protection), potentially preventing catastrophic accidents such as the recent Metro train crash, AND save the transit system money on maintenance costs. See for example the Honeywell product widely used in Europe, at

Thursday, June 25, 2009

Metro Train Crash Update: Doubletalk From Metro?

Washington DC. As was previously reported, Metro (WMATA) continues to insist that the system and its trains are safe, despite its failure to act on a 2006 NTSB finding that the 1000 Series cars are not crashworthy and should be replaced or retrofitted, and its 2007 report calling Metro's failure to do so "unacceptable." Today, Metro Board of Directors Chairman Jim Graham, in an interview on WTOP Radio, clarified Metro's safety argument by saying that the train cars in question "absent this type of impact, are safe." In other words, the system is totally safe, unless something goes wrong and a crash occurs. It now becomes clear why Mr. Graham is Metro Board Chairman; as a local politician and lawyer with long experience in the art of doubletalk and deceit, he is the perfect apologist and advocate for Metro's practice of honoring safety in word but not in deed, lulling tourists as well as local patrons into a false sense of security by telling them it's safe, but omitting to mention that "safe," to Metro, really means "safe unless there's an accident and people get killed or maimed."
Mr. Graham also stated that the train in question stopped and then started up again, and that "this is extremely perplexing to us." Well, if so, maybe the wrong people are running Metro, as from where we sit, it doesn't appear perplexing at all, based on preliminary findings. It is known that there were two trains ahead of the striking train, and that the train immediately ahead of it stopped to await clearance of the Fort Totten station by the train still further ahead. Obviously, at 5:02 pm, likely nearing the peak of rush hour traffic, the trains were waiting in line to service the Fort Totten platform. As such, after each successive train cleared the station, each respective following train could move up one position, thus creating a stop and go pattern down the line. The following train involved in the accident thus stopped behind the train ahead of it each time the line moved forward, until the train ahead of it stopped in the section with the apparently defective detection circuit, whereupon the computer system, detecting no train immediately ahead, caused the following train to move ahead, resulting in the crash into the rear of the stationary undetected train immediately ahead of it. Why did no previous train crash or fail to be detected? WBAL-TV reports that the operator of the struck train was operating in manual mode (whereas it has been reported that trains generally were in automatic operation mode during rush hours, that is, when trains would likely have backed up in a waiting pattern). If previous waiting trains all stopped in the same precise location due to computer control, perhaps that location was one which permitted detection by one of the properly functioning detector circuits, causing the computer to detect the presence of the train and slow following trains accordingly. If the manually operated train happened to stop in a position where no portion of the train was outside the coverage area of the defective detection circuit, as appears to have been the case, that train would have been rendered invisible to the detection system (the track circuit in question is reportedly 740 feet long, and an eight-car train would be about 600 feet long).
According to NTSB Investigator Debbie Hersman, there were three controls (toggle switch, dial, and master controller) in the cab of the striking train which were all set for automatic (computer controlled) operation. Perhaps the emergency brake had no chance to stop the train in such circumstances, on short notice coming around a blind curve at high speed.

Wednesday, June 24, 2009

Metro Train Crash Update: Design Defects?

Washington DC. The Associated Press reports that the NTSB found anomalies in track sensors which in simulations prevented transmission of vital information relevant to controlling the speed and movement of the train; and that the transit workers union has demanded that operators be allowed to choose whether or not to operate in automatic mode. Investigators found the control in the operator's cab in the automatic operation position. Are the operators not authorized and trained to remove the train from automatic operation in the event of a braking emergency? Logically, the trains should be designed to automatically disengage the automatic operation control when the emergency brake is applied. It may be asking too much to expect an operator to remember, or to have time in an emergency, to disengage the automatic control which is continuously applying power to move the train forward, prior to applying the brake. Yet failure to do so would logically pit the manual brake against the computer-controlled propulsion system ("engine"), likely rendering the braking action ineffective, consistent with NTSB's initial findings that the brake rotors were fused from apparent emergency braking action over several hundred feet, while passengers reported that the train never slowed down prior to impact. Inadequacies in train design (no automatically disengaging throttle or "autopilot" when brakes applied?), training (operators not trained and frequently drilled on disengagement of computer control prior to braking, if no automatic disengagement?), or operator error (failure to follow such procedure, if so trained), are apparent. But if automatic disengagement of computer control in event of emergency braking is not part of the design, it would be hard to assign much blame to the operator in the face of such a blatant apparent design defect.
And with respect to the track sensors in question, is there no redundancy in the design? The recent Air France plane crash seems to have involved inconsistent readings from three different pitot tubes, there being three so that if one or two failed, hopefully at least one would be left still working. Similarly, if there were multiple independent track sensors, connected through independent wiring to independent computers, the failure of one need not lead to catastrophic consequences; and the system could presumably be programmed to abort computer control or automatic operation of the train in the event of conflicting data or instructions. One means of achieving effective redundancy near stations would be to make the track circuit blocks shorter than the length of the trains, so that every train would be in proximity to at least two track circuits. Then, if one detection circuit failed, as appears to have happened in this case, at least one properly functioning circuit would likely remain available to transmit the appropriate information to prevent collision by the following train. Any failure to incorporate both redundancy, and disengagement of automatic train control when the manual brake is applied, would appear to constitute critical design defects.

Tuesday, June 23, 2009

Metro Train Crash Update: Rotten At The Core?

Washington DC. The Associated Press quotes NTSB Investigator Debbie Hersman as saying that the federal regulatory agency had warned Metro in 2006 that old train cars like those involved in this latest crash should be replaced or retrofitted in order to improve crash survivability. Metro failed to do either, which Hersman calls "unacceptable." Metro's current position? Metro General Manager John Catoe reportedly insists that the old cars, which were not designed or built to meet current crash standards, are SAFE! Well, perhaps they are safe . . . a safe bet to kill you in case of an accident! It now appears that the deceased train operator attempted to apply the emergency brake, but apparently her efforts were no match for an errant computer intent on staying on schedule, and the lead car was peeled open like a can of sardines. It has been"> reported that Metro deliberately continued to use obsolete and unsafe train cars in order to profit from the sale and leaseback of the equipment in a deal which obligated it to keep running the old cars until 2014! So, bottom line, it looks like Metro's managers and Board Of Directors have blood on their hands, having sold out the safety of both their riders and their employees on the front lines in the illusory pursuit of short-term profit.

Monday, June 22, 2009

Metro Train Crash: Cracks in The Facade?

Washington DC. Metro train crash today, at least 6 dead. Sad, but no surprise. Safety seems to be the last thing on Metro's list of priorities. To venture into the Metro system is to take one's life in one's hands (as well as one's health and sanity, but that's another story). A few months ago, my fingers were caught between two closing Metro system elevator doors (at Gallery Place). I had to ride all the way up to the upper level screaming with my fingers squashed with immense force between the two doors, and wait what seemed an eternity for the elevator doors to open, before I could extract them. The station manager, after blaming me for allowing my hand to be so trapped, said she would file a report. Somehow, I doubt that she ever did. I would have filed one myself, were it not for the fact that my numerous safety (and other) complaints have been substantially and conspicuously ignored and unresponded-to for years by Metro management. I feel fortunate that my fingers were not broken. To me, the ultimate irony is that Metro's (that is, WMATA's) Board of Directors is chaired by a man whom I consider to be one of the top crooks in the region, that assessment being based on my personal experience with him, which is, again, another story. Some people go to law school in a quest to serve humanity, many in a quest for fame and/or fortune; and then there are those who go to law school to learn how to be crooks (or could it be that power corrupts, and that having gained power, corruption is simply the next logical step, and a convenient one, as their presumed legal know-how gives them an inside track on knowing what they can get away with, how to do so, how to cover their tracks, how to discredit and destroy their adversaries, and how to preserve their oh-so sterling reputations via smoke and mirrors?). Perhaps one day soon, the Internet explosion will change all that, and the Emperor and his nefarious dignitaries will be seen to truly wear no clothes. Meanwhile, maybe I'll lay off Metro for awhile; when I wanted to catch a bus last month, I checked their web site for the schedule, and found a blank page; not just for that route, but for ALL the routes. I checked it again a minute ago . . . same result. Uh, is anybody home? Is it any wonder that trains are crashing?! Maybe everyone, including the drivers, were on their lunch hour? These trains are supposed to be computer controlled, with the driver only there to take over in case the computers fail or need some help. Most crashes involve human error or inattention . . . we'll see.