Slashdot Mirror
Circuit Flaws Blamed For China Train Crash
hackingbear writes "The Xinhua news agency reports that a signaling equipment circuit design flaw and lack of safety alertness in railway management caused a high-speed train to ram into a stalled train near the city of Wenzhou in east China's Zhejiang Province on Saturday, leaving 40 people dead and 191 injured. A lightning strike triggered the malfunction, which resulted in a green alert light failing to turn red, leaving railway personnel unaware of the stalled train, the official said. The Beijing National Railway Research and Design Institute of Signal and Communication Co., which was responsible for designing and building the signaling system, has posted an apology letter on its website, offering condolences and promising to 'shoulder any due punishments that may result from the investigation.' Domestic media has raised more questions over the explanation. 'Why was such seriously flawed equipment in use for nearly two years without being detected? Why was it installed in as many as 76 rail stations across the country? Are there other problems with the railway apart from equipment flaws?'"
The problem in China is not the rush forward that leads to mistakes. It's the government's abject failure to take responsibility at any step along the path.
The schadenfreude I've seen in comments and the press, not necessarily on this site, has been disgusting.
Why was such seriously flawed equipment in use for nearly two years without being detected?
Because it hadn't been struck by lightning until now.
Why was it installed in as many as 76 rail stations across the country?
Because hardware designs are re-used.
Are there other problems with the railway apart from equipment flaws?
Probably.
Great minds think alike; fools seldom differ.
Is there a harakiri tradition in China?
I'm not a lawyer, but I play one on the Internet. Blog
Big Engineering doesn't isn't kind to poor engineering and management practices - it just leads to Big Disasters. It's a hard lesson to learn and if you watch shows like Engineering Disasters there are plenty in the West who still don't get this. It'll be interesting to see down the track how the mega dams on the Yellow River hold up.
Damn. Shouldn't have used cheap Chinese knockoffs.
Oh shit! They make our parts too!
Seriously though, things like this need redundancy, error reporting, heartbeat checkups, and automated validation every time it boots up. It's engineering, there is no excuse.
The article is written by Xinhua news staff and contains no technical information at all. The article is mostly your typical laymen fluff filled with public outrage, pundit soundbites, and general background information. The lack of details about the nature of the "circuit design flaw" really precludes this from being considered "news for nerds". As someone with experience working in an FDA regulated environment, oversight and accountability of projects and tasks is something I am quite familiar with. I wonder how much (if any) details will emerge that will answer some of the questions the circuit geeks among us would ask. I know it is a poor substitute (and maybe slightly off-topic), but this article from years ago has always stuck with me and constantly reminds me of the perils the electronics industry continues to face.
http://spectrum.ieee.org/computing/hardware/bogus
Stay sentient. Don't drink bad milk.
that the electronics was Made in China?
ROFL
I wonder how long it will take for them to implement Positive Train Control, either buying it from someone who already makes it or building their own?
I worked on US rail signaling equipment (Background = Physics PhD). I have never been so impressed with over-designed, fail-safe equipment. They plan for everything, including multiple lightning strikes. They do such things as positioning their relays upside down so that the armature falls to NC by gravity if the spring breaks. They have many years of experience, and all of our equipment is for sale. I think the NIH mentality bit China in the arse this time.
Why was such seriously flawed equipment in use for nearly two years without being detected?
Because it hadn't been struck by lightning until now.
If this analysis is true, the designers are not familiar with the term "fail safe".
I'm an engineer with over a decade of experience in the signalling business (although thankfully not the Chinese one). Fail Safe is what it's all about.
Note to Slashdot editors - your summaries really suck lately: TFA says "A lightning strike triggered the malfunction". That is NOT a "circuit flaw". It is an externally induced failure (which the system should dectect) and to compare the two terms is to compare rocks with pudding.
I worked on US rail signaling equipment (Background = Physics PhD). I have never been so impressed with over-designed, fail-safe equipment. They plan for everything, including multiple lightning strikes. They do such things as positioning their relays upside down so that the armature falls to NC by gravity if the spring breaks. They have many years of experience, and all of our equipment is for sale. I think the NIH mentality bit China in the arse this time.
And yet train accidents still occur here.
Eagles may soar, but weasels don't get sucked into jet engines.
What happens if there is a local gravity abnormality AND the spring breaks?
Trying to run a country without a working free press is like trying to write software without using any compiler output.
In the long run it will not work. Most members of the Chinese politburo are engineers, they know that a dynamic equilibrium cannot be achieved (stable society) without adequate feedback (free press). They know that they are playing a losing game.
I think the only reason they (members of the Chinese Politburo) are resisting meaningful change is to position themselves to take advantage of the social breakdown much like the Russian mafia took advantage of the end of the Cold War.
I think the Chinese try to make up for the lack of experience by trying to experience everything that can go wrong in as little time as possible.
If you pay attention to the accidents, you will see the train accidents are almost always due to human error, not signaling equipment failure. Drivers going thru flashing red signals, engineers under the influence or texting, and occasional sabotage. Signal equipment almost always fails safe. This causes very annoying (but safe) delays while the equipment is fixed.
Not a problem. The gravity abnormality causes the train to float away.
Duh. The wormhole will keep you safe until gravity returns to normal. Obviously.
to the USA.
giggity
I see no difference between the Chinese Media and any western country's Media. They just have no idea
In this case, yes there has been an admission of fault, a fault caused by lightning.. OK put the reporter on the equipment certification panel and decide what tests should be conducted before the equipment is 100% safe to be certified for use. I bet the reporter will think many of the current tests being conducted are stupid or unnecessary. you could check 1,000,000 scenarios but it will be the 1,000,001st that will cause a catastrophic failure... and that one would be blindingly obvious to any reporter (fool) in the street.
Still from statistics, US rail safety record is hardly stellar
http://ilookchina.net/2011/07/25/high-speed-rail-tragedy-in-china-reveals-small-minds-in-the-west/
"
In 2007, there were thirty-three rail accidents listed for the world, and the United States had nine (27% of the total) killing seven and injuring more than a hundred, while India had three accidents killing 80 and injuring twelve.
China (ruled by what Charles Lane calls the unelected elite) had two rail accidents killing four and injuring two.
Score: United States 9, India 3 and China 2
In 2008, there were thirty-four rail accidents listed for the world, and the United States had eight (24%) with twenty-nine deaths and almost 300 injured, while India had one rail accident with no deaths or injured listed.
China (ruled by what Charles Lane calls the unelected elite) had one rail accident killing seventy-two and injuring 416.
Score: United States 17, India 4 and China 3
In 2009, there were thirty-nine rail accidents listed for the world, and the united States had seven (18%) with seventeen killed and five injured, while India had four accidents with thirty-two killed and 280 injured.
China (ruled by what Charles Lane calls the unelected elite) had two rail accidents killing seven and injuring 280.
Score: United States 24, India 8 and China 5
In 2010, there were fifty rail accidents listed for the world, and the United States had three (6%) with 32 injured, while India had fourteen rail accidents with hundreds killed and injured.
China (ruled by what Charles Lane calls the unelected elite) had one rail accident killing nineteen and injuring 71.
Score: United States 27, India 22 and China 6
This year by July 23, 2011, twenty-one train accidents were listed for the world, and the United States had eight (35%) killing eleven and injuring eighteen, while India had five accidents killing seventy-one and injuring two.
China (ruled by what Charles Lane calls the unelected elite) had one rail accident with at least 35 dead and 200 injured.
Score: United States 35, India 27 and China 7
From 2007 to July 23, 2011, the world had 177 rail accidents. The United States had 20% of the total, India 15% and China 4%. Source: List of Rail Accidents (Wiki)"
Just to let people be aware, there has been significant controversy (as far as that is possible in China, and also in overseas communities such as the Chinese community in the USA) in terms of handling of the disaster.
For example, soon after the train crash, the crashed trains were moved off the elevated rail and (literally) buried "to let the other trains run on time"; this was criticized as being too early a move (10 h after the crash), without a thorough enough search for survivors. Reporters were barred from the scene, and pleas from the families of the train crash victims to search through the wreckage were ignored. Indeed, 20h after the crash, one of the uniforms (acting against his orders) was able to locate a 2-yr-old girl still alive; she has been transported to the hospital and is now in good condition, and people are trying to figure out how to tell her that her parents both died in the crash. In general, officials from the train lines have been stonewalling, but have been apparently quite forthcoming with compensation money for the families.
It seems suspicious to me: are they trying to cover up something?
404555974007725459910684486621289147856453481154 in hex is "You sank my Battleship?"
[GPG key in journal]
Protip: Hire American engineers and use Chinese manufacturers. Instant recipe for success, just look at Apple.
I like where you're coming from,
If we had only done this with Apollo and the Space Shuttle we could have saved the lives of about two dozen astronauts.
Safety equipment that cannot guard against human error is not "fail safe", as human error is bound to happen sooner or later
If you pay attention to the accidents, you will see the train accidents are almost always due to human error, not signaling equipment failure. Drivers going thru flashing red signals, engineers under the influence or texting, and occasional sabotage. Signal equipment almost always fails safe. This causes very annoying (but safe) delays while the equipment is fixed.
I'm aware of that, but I see it as a deficiency in the design scope of safety equipment.
Eagles may soar, but weasels don't get sucked into jet engines.
If you look at the death and injury totals, though, the US has lower numbers. The number of accidents may be greater, but it appears as though the severity of each accident is considerably lower, especially given how high of a volume the US tends to have.
Then again, we probably also have slower rails, meaning the collisions aren't at as high of speeds, reducing the severity of collisions. Who knows what those numbers mean aside from the fact that we have a ton of collisions and the overall severity of the collisions (and also average severity of each collision) appears to be much lower than India or China.
The Captcha for this post was "crises"
As I pointed out when this first happened, Hollysys claims to have designed and built the signalling system. They issued a denial that the system failed. Now we have a unit of "China Railway Signal & Communication Co" taking responsibility. They're affiliated with what used to be General Railway Signal in the US, which is now part of Alstom. It's not clear who built what here. "China Railway Signal & Communication Co" may be the installation contractor.
A little of what happened is clear. There are two separate systems involved. One is classic railroad signaling, with track circuits, wayside equipment, and cab signals. The classical designs are simple and robust. That's the safety-related system. The other is the train control system which uses a unit at the head and tail of each train, communicating to a central headquarters. Those systems are elaborate and computerized, but not considered life-safety systems. Either system is normally sufficient to prevent collisions.
In normal operation, the train control system does most of the work. It knows about train identity, schedules, and speeds. If the train control system is working right, the safety-related system never intervenes.
In a power failure, though, the train control system can lose contact with a train, since it uses active equipment on each train. That probably happened here. With a total power loss, the dead train isn't reporting to central control.
The safety system, on the other hand, detects trains because the wheels connect the rails together, normally has battery backup, is supposed to be very robust, and is intended to fail to STOP. Even after lightning strikes and a total power failure, it should still work. (Such systems have been taking lightning hits for a century without problems. Lightning hits railroad tracks and pole lines frequently; in flat country, they're the lowest resistance path to ground.)
But the safety system is high-maintenance. There are bits of it all along the lines; track circuits, wayside equipment, signal enclosures, and various other little and big boxes, all of which need attention. Keeping railroad signalling working right requires a large staff of dedicated, well-supervised signal maintainers. Since the systems are designed to fail to STOP, maintenance failures tend to result in red signals.
If the train control system shows the line as clear, and the safety system shows STOP, this normally triggers an emergency brake application. For a high speed train, that takes several kilometers and can cause wheel flattening. (Train wheels have steel "tires", which have to be replaced periodically. An emergency stop takes a lot of life off a tire.)
The question here is what happened to the safety system. Was there over-reliance on the train control system? Was the safety system bypassed to avoid unwanted emergency stops. That's speculation at this point.
China uses many companies. Does anyone know who made the equipment that broke?
This article talks about their CTCS which is the Chinese Train Control Software based on the European Train Control Software and something called the LKJ automatic control system: Wiki only says Lieche Yunxing Jiankong Jilu Zhuangzhi – device used for train control and monitor in China Railways.
http://www.eeo.com.cn/ens/2011/0727/207313.shtml
Valid point. some sections of usrr can override the operator,but it is very expensive.
Only in the same sense that an autopilot that doesn't prevent someone intentionally flying into a building isn't automatic.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
See more on these English sites:
http://shanghaiist.com/2011/07/25/wenzhou_high-speed_rail_col.php
http://www.chinasmack.com/
1. Rescue efforts were called off twice, first time 5 HOURS after accident, and again 3 hours later, with officials claiming both times there were no more signs of life. Survivors were pulled out after each time. When questioned about why this could happen, railway ministry spokesman calls finding survivors "a miracle" Press and public extremely disgusted at irresponsible rescue effort and crassness in public relations. Railway spokesman says they relied on on-site rescue officials in making the determination, with quote "it doesn't matter whether you believe them or not, I believe them" -- which has now become a meme used to mock gov officials.
2. Removal and dismantling of wreckage began HOURS after accident. Wreckage was broken up and BURIED on site for some reason, leaving experts and lay public shocked and dumbfounded. Public suspicion is that the railway ministry was trying to hide evidence, pointing to the way other nations handle accident scenes (not touching it until investigators have combed through everything). The dismantling and burial was caught on amateur film, which shows 2 bodies falling out of the wreckage as a team of excavator machines break the train carriages apart for on-site burial. MUCH anger over this issue.
3. Victim families were immediately offered 172000 RMB government compensation plus 50000RMB "early signing bonus" to those who agree quickly. Chinese internet explodes again in disgust at the thought of using the phrase "award money" for death compensation, and of trying to rush grieving families into legal settlements. It looked like they were selling condos rather than giving financial aid. Most families refuse, saying they want answers rather than money. Internet is filled with posts comparing the disparity between compensation amounts for foreign nationals who die in China vs Chinese citizens -- tens of millions of RMB vs hundreds of thousands. Also comparisons to Chinese nationals who die in other countries (mainland tourists who died in Taiwan: 1.8 million RMB each) Yesterday, after Premier Wen visited the site, the compensation package was raised to a minimum of 915000RMB. People still calling this insultingly low.
4. Second day of the accident, media was informed of official narrative and government directive. Press is ordered to use only the official name for the accident, devote most of their air time to stories of rescue heroism, and forbidden from investigating on their own initiative. Some journalists are rebelling, with public offering support but also voicing apprehension about safety of these journalists.
5. Official death toll is currently at 40 with the passing of a critically injured passenger yesterday. The passenger manifest is still not public. List of dead, missing, and injured is still not released, even though the railway moved to an id card based ticketing system earlier this year, which would make this information computerized and easily accessible. Public is comparing this to the release of names of deceased in the Norway shooting incident. Public suspicion is that the real death toll is far above 40. Much frustration directed at railway ministry and government over lack of information.
There's a lot more controversies here but those are the main ones. This has blown up to a HUGE national discussion about transparency and government accountability. Much disgust on the Chinese internet over the handling of this accident.
your thin skin doesn't make me a troll
If the report is true, this really is a serious error. Systems are supposed to fail safe, not fail "go".
In the US the rail roads are all union and the workers have the power to say NO to doing unsafe work or repairs. Also in the rail equipment gets tested a lot.
China likes waits for stuff to fail before doing repair work.
Why was such seriously flawed equipment in use for nearly two years without being detected?
They don't seem to be aware of the whole "made in China" stigma... They should have outsourced if they wanted quality.
how is babby formed?
and over ride the real engineers
...is commonplace...too much is accepted and too few questions are asked by anyone at any level...this is but one more example..not to mention the misunderstanding of the concept of preventative maintenance procedures...go there for a while and see...
There's a video on Youtube, showing a horde of backhoes digging a hole, and burying the train. The government claims that it was a security measure, ie, dispose of the modern technology so that outsiders couldn't recover and examine the government secret hardware onboard the train. In the video, two bodies fall from the cars as they are being moved from the bridge and buried. While most people are shocked at the idea of bodies falling out of the cars - I point them out only to emphasize the fact that the train was disposed of in haste.
That haste makes obvious that the government didn't investigate, and that they don't WANT people to know why they crashed.
Faulty electronics may or may not be the cause of the accident. If so, then it's probably safe to assume that the government already knew that their trains have faulty electronics.
Hell, they can't even make quality steel in China, how can anyone believe that they can make quality electronics?
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
It is an evil Communist dictatorship that is cutting corners, just like the Soviet Union.
You clearly don't understand the definition of "fail safe". A common mistake.
"Eve of Destruction", it's not just for old hippies anymore...
They can't be responsible for everything there. How about making railway management responsible for not taking care of due governance? What do you think they are there, communists?
I was promised a flying car. Where is my flying car?
And we all know you gets what you pays for !!
They are sometimes a little too convinced about themselves, especially when you raise questions about unexpected problems, even if the fundamental capability to do sth is there.
If you ask me if i understand the safety systems in a train and on the track, i can say "yes, sure". They are much simpler than most systems i work with.
If i ask if i would feel fit to make the decision to remove a single protective diode without understanding why it is placed there in such a critical system i can only say that i would rather not, unless speaking with the guy who placed it there.
I discussed estimations of possible consequences several times when designing software with Chinese and i have to say that their estimations on what is good to touch differed from mine.
When the train passes by it goes toward the moon for free. EverBody WINS!!!!!
I am a bit surprised how this could happen.
A normal automatic signaling system on high-speed/high-traffic rails works by dividing the track into segments. As a train enters a segment the signaling lights controlling that segment turn to red (and often the system even counts the number of axles/wagons entering the segment). Only if this trains enters the next segment (then 'protected' by the signal light in front of that) the first signal light turns back to green.
This is not something a lightning strike should be able to break unless there is a serious design flaw, e.g. the first signaling light being reset by the lightning or a power failure and reinitializing in 'green' mode instead of 'red'. Or the 'protecting' signal not being installed far enough ahead of the segment to allow breaking in time at high speed.
So it's a good thing the US doesn't have high speed rail?
As for volume I'd be surprised if the US has higher passenger train volume than China, given the car culture in the US.
The problems cited seem to have escaped notice from a lack of "many eyes". Might not an Open Source development model for public projects help avoid such pitfalls?
The French TGV is also pretty impressive. Despite holding the world record for the highest speed derailment, there hasn't been a single fatality when operating on high speed lines.
Source: http://en.wikipedia.org/wiki/TGV#Accidents
Most human behaviour can be explained in terms of identity.