Slashdot Mirror

← Back to Stories (view on slashdot.org)

Circuit Flaws Blamed For China Train Crash

Posted by Soulskill on from the rest-in-peace dept.

hackingbear writes "The Xinhua news agency reports that a signaling equipment circuit design flaw and lack of safety alertness in railway management caused a high-speed train to ram into a stalled train near the city of Wenzhou in east China's Zhejiang Province on Saturday, leaving 40 people dead and 191 injured. A lightning strike triggered the malfunction, which resulted in a green alert light failing to turn red, leaving railway personnel unaware of the stalled train, the official said. The Beijing National Railway Research and Design Institute of Signal and Communication Co., which was responsible for designing and building the signaling system, has posted an apology letter on its website, offering condolences and promising to 'shoulder any due punishments that may result from the investigation.' Domestic media has raised more questions over the explanation. 'Why was such seriously flawed equipment in use for nearly two years without being detected? Why was it installed in as many as 76 rail stations across the country? Are there other problems with the railway apart from equipment flaws?'"

27 of 103 comments (clear)

  1. Who to blame? by TheMiddleRoad · · Score: 3, Insightful

    The problem in China is not the rush forward that leads to mistakes. It's the government's abject failure to take responsibility at any step along the path.

    1. Re:Who to blame? by JordanL · · Score: 3, Insightful

      It is worth pointing out that the Chinese public seem largely skeptical of the "lightning strike" explanation. It seems reasonable to me, but I think this is being grasped by some in China as a way to vent their general distrust of government information.

      As long as the engineers are allowed to approach it from the "let's fix the problem" angle, it should probably turn out alright (in the future). It really depends on how the government responds to public outcry.

      --
      FanFictionRecs.net
    2. Re:Who to blame? by MightyMartian · · Score: 3, Insightful

      It does appear that there is a tipping point being reached here. The media, even state-run media, is becoming bolder, and the Chinese leadership seemingly less willing to just smash skulls to get rid of bad news. Fifty years ago, most Chinese people would not have even heard of the rail accident, and those that did would have kept their mouths shut. Now, suddenly, you have journalists openly demanding heads roll and demanding to know why the government what they believe to be a faulty system be installed.

      Of course, it doesn't help that the propaganda wing of the Chinese government was caught red handed sending dictates to news outlets to only report positive news surrounding the accident. That's another amazing thing, that people who leaked such dictates are still walking and talking.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
  2. Because by Mikkeles · · Score: 4, Insightful

    Why was such seriously flawed equipment in use for nearly two years without being detected?

    Because it hadn't been struck by lightning until now.

    Why was it installed in as many as 76 rail stations across the country?

    Because hardware designs are re-used.

    Are there other problems with the railway apart from equipment flaws?

    Probably.

    --
    Great minds think alike; fools seldom differ.
    1. Re:Because by derGoldstein · · Score: 4, Insightful

      Because it hadn't been struck by lightning until now.

      Life-critical systems should have a dead-man switch, and/or a watchdog timer. The moment it was struck by lightning, the fact that part of the system didn't "report back" should have prevented the train from moving. If the lightning strike happened while the train was moving, then it should have triggered a mechanism that slows down the train to a halt.This is similar to how, if an elevator's power is cut, it expands "claws" into safety rails.

      --
      Entomologically speaking, the spider is not a bug, it's a feature.
    2. Re:Because by artor3 · · Score: 3, Interesting

      EOS failures can do funny things. Single IOs can fail while the rest of the chip works fine. It's hard to catch such problems. Ideally during startup, you'd run a test on every pin to make sure they're all still working. Even if the lightning strike occurred immediately before the crash, I would hope that after being hit by lightning they'd stop and test their systems.

      This sounds like it's more a problem with their safety protocols, and less a problem with the particular circuit that failed.

    3. Re:Because by derGoldstein · · Score: 3, Insightful

      EOS failures can do funny things. Single IOs can fail while the rest of the chip works fine.

      That's possible, which is why you should install independent, redundant systems. Some problems are very difficult to catch, even with redundant systems, which is all the more reason to have multiple redundancy.

      This sounds like it's more a problem with their safety protocols, and less a problem with the particular circuit that failed.

      That's always possible, but I still think that diagnostic/sensor circuits should have been able to catch this without human intervention (IMHO).

      --
      Entomologically speaking, the spider is not a bug, it's a feature.
    4. Re:Because by HotNeedleOfInquiry · · Score: 2

      I totally agree. I'd also point out that there is a time-proven backup that we've used in the US and probably Europe for 100 years. If a train stops off-schedule, a trainman grabs a handful of flares and torpedoes (small pouches filled with dynamite that are strapped to the rail. They bang real loud when run over and are a signal to the engineer to stop) walks or runs a mile down-track and uses the flares and torpedoes to stop any approaching train well before it can hit the stopped train. Why wasn't this simple, low-tech solution used that every trainman in the US knows and is required to use?

      --
      "Eve of Destruction", it's not just for old hippies anymore...
  3. China is learning the hard way... by Jimbookis · · Score: 2

    Big Engineering doesn't isn't kind to poor engineering and management practices - it just leads to Big Disasters. It's a hard lesson to learn and if you watch shows like Engineering Disasters there are plenty in the West who still don't get this. It'll be interesting to see down the track how the mega dams on the Yellow River hold up.

  4. Re:Schadenfreude by LunaticTippy · · Score: 2, Insightful

    There are often disparaging articles and comments about trains, mass transit, and Amtrak whenever there is a crash in the US. For some reason, some people seem to hate trains and enjoy disasters involving them. The racist/xenophobic dimension of the current commentary is different, but the attitude is similar.

    --
    Man, you really need that seminar!
  5. Well, this is hardly satisfying.... by tloh · · Score: 2

    The article is written by Xinhua news staff and contains no technical information at all. The article is mostly your typical laymen fluff filled with public outrage, pundit soundbites, and general background information. The lack of details about the nature of the "circuit design flaw" really precludes this from being considered "news for nerds". As someone with experience working in an FDA regulated environment, oversight and accountability of projects and tasks is something I am quite familiar with. I wonder how much (if any) details will emerge that will answer some of the questions the circuit geeks among us would ask. I know it is a poor substitute (and maybe slightly off-topic), but this article from years ago has always stuck with me and constantly reminds me of the perils the electronics industry continues to face.

    http://spectrum.ieee.org/computing/hardware/bogus

    --
    Stay sentient. Don't drink bad milk.
  6. Positive Train Control by grimmjeeper · · Score: 2

    I wonder how long it will take for them to implement Positive Train Control, either buying it from someone who already makes it or building their own?

    1. Re:Positive Train Control by Anonymous+Psychopath · · Score: 2

      Probably about the same time we do. LA Metro sure could have used it.

      --

      Eagles may soar, but weasels don't get sucked into jet engines.

  7. You should see USA railroad signaling equipment! by k2backhoe · · Score: 5, Informative

    I worked on US rail signaling equipment (Background = Physics PhD). I have never been so impressed with over-designed, fail-safe equipment. They plan for everything, including multiple lightning strikes. They do such things as positioning their relays upside down so that the armature falls to NC by gravity if the spring breaks. They have many years of experience, and all of our equipment is for sale. I think the NIH mentality bit China in the arse this time.

  8. If true, they are clueless by Anonymous Coward · · Score: 4, Interesting

    Why was such seriously flawed equipment in use for nearly two years without being detected?

    Because it hadn't been struck by lightning until now.

    If this analysis is true, the designers are not familiar with the term "fail safe".

    I'm an engineer with over a decade of experience in the signalling business (although thankfully not the Chinese one). Fail Safe is what it's all about.

    Note to Slashdot editors - your summaries really suck lately: TFA says "A lightning strike triggered the malfunction". That is NOT a "circuit flaw". It is an externally induced failure (which the system should dectect) and to compare the two terms is to compare rocks with pudding.

  9. Re:You should see USA railroad signaling equipment by NevarMore · · Score: 3, Funny

    What happens if there is a local gravity abnormality AND the spring breaks?

  10. Re:You should see USA railroad signaling equipment by k2backhoe · · Score: 5, Informative

    If you pay attention to the accidents, you will see the train accidents are almost always due to human error, not signaling equipment failure. Drivers going thru flashing red signals, engineers under the influence or texting, and occasional sabotage. Signal equipment almost always fails safe. This causes very annoying (but safe) delays while the equipment is fixed.

  11. Train Company is burying evidence by KWTm · · Score: 4, Informative

    Just to let people be aware, there has been significant controversy (as far as that is possible in China, and also in overseas communities such as the Chinese community in the USA) in terms of handling of the disaster.

    For example, soon after the train crash, the crashed trains were moved off the elevated rail and (literally) buried "to let the other trains run on time"; this was criticized as being too early a move (10 h after the crash), without a thorough enough search for survivors. Reporters were barred from the scene, and pleas from the families of the train crash victims to search through the wreckage were ignored. Indeed, 20h after the crash, one of the uniforms (acting against his orders) was able to locate a 2-yr-old girl still alive; she has been transported to the hospital and is now in good condition, and people are trying to figure out how to tell her that her parents both died in the crash. In general, officials from the train lines have been stonewalling, but have been apparently quite forthcoming with compensation money for the families.

    It seems suspicious to me: are they trying to cover up something?

    --
    404555974007725459910684486621289147856453481154 in hex is "You sank my Battleship?"
    [GPG key in journal]
  12. Signaling system by Hollysys? by Animats · · Score: 4, Interesting

    As I pointed out when this first happened, Hollysys claims to have designed and built the signalling system. They issued a denial that the system failed. Now we have a unit of "China Railway Signal & Communication Co" taking responsibility. They're affiliated with what used to be General Railway Signal in the US, which is now part of Alstom. It's not clear who built what here. "China Railway Signal & Communication Co" may be the installation contractor.

    A little of what happened is clear. There are two separate systems involved. One is classic railroad signaling, with track circuits, wayside equipment, and cab signals. The classical designs are simple and robust. That's the safety-related system. The other is the train control system which uses a unit at the head and tail of each train, communicating to a central headquarters. Those systems are elaborate and computerized, but not considered life-safety systems. Either system is normally sufficient to prevent collisions.

    In normal operation, the train control system does most of the work. It knows about train identity, schedules, and speeds. If the train control system is working right, the safety-related system never intervenes.

    In a power failure, though, the train control system can lose contact with a train, since it uses active equipment on each train. That probably happened here. With a total power loss, the dead train isn't reporting to central control.

    The safety system, on the other hand, detects trains because the wheels connect the rails together, normally has battery backup, is supposed to be very robust, and is intended to fail to STOP. Even after lightning strikes and a total power failure, it should still work. (Such systems have been taking lightning hits for a century without problems. Lightning hits railroad tracks and pole lines frequently; in flat country, they're the lowest resistance path to ground.)

    But the safety system is high-maintenance. There are bits of it all along the lines; track circuits, wayside equipment, signal enclosures, and various other little and big boxes, all of which need attention. Keeping railroad signalling working right requires a large staff of dedicated, well-supervised signal maintainers. Since the systems are designed to fail to STOP, maintenance failures tend to result in red signals.

    If the train control system shows the line as clear, and the safety system shows STOP, this normally triggers an emergency brake application. For a high speed train, that takes several kilometers and can cause wheel flattening. (Train wheels have steel "tires", which have to be replaced periodically. An emergency stop takes a lot of life off a tire.)

    The question here is what happened to the safety system. Was there over-reliance on the train control system? Was the safety system bypassed to avoid unwanted emergency stops. That's speculation at this point.

  13. Who made the stuff that broke? by CuteSteveJobs · · Score: 2

    China uses many companies. Does anyone know who made the equipment that broke?

    This article talks about their CTCS which is the Chinese Train Control Software based on the European Train Control Software and something called the LKJ automatic control system: Wiki only says Lieche Yunxing Jiankong Jilu Zhuangzhi – device used for train control and monitor in China Railways.

    http://www.eeo.com.cn/ens/2011/0727/207313.shtml

  14. Re:So the problem was ... by siddesu · · Score: 2

    Probably not, on the surface it looks like bad design. But given how they buried the evidence of the crash (alongside with some bodies, and some apparently still moving) off the tracks before any investigation of the causes, they may never learn what was the problem. But the value of life is not so high in places with a lot of people, so if you're in China, and value your life, you'd better arrange your transportation according to your ideas of safety.

    As I've said before, building a rival of the Shinkansen in Japan (or the speed trains in Europe) will take a lot more than copying the designs. Honestly assessing your mistakes and shortcomings is especially important.

  15. Re:Schadenfreude by siddesu · · Score: 3

    The callousness of the government and the companies that have been executing the scam called "China speed train" is disgusting. People have been pointing out the problems and predicting that accidents due to faulty designs will happen. The people who built the train are responsible, disgusting and what not, not the people who call them out.

  16. MUCH more to the story than you see on Slashdot by poity · · Score: 5, Informative

    See more on these English sites:
    http://shanghaiist.com/2011/07/25/wenzhou_high-speed_rail_col.php
    http://www.chinasmack.com/

    1. Rescue efforts were called off twice, first time 5 HOURS after accident, and again 3 hours later, with officials claiming both times there were no more signs of life. Survivors were pulled out after each time. When questioned about why this could happen, railway ministry spokesman calls finding survivors "a miracle" Press and public extremely disgusted at irresponsible rescue effort and crassness in public relations. Railway spokesman says they relied on on-site rescue officials in making the determination, with quote "it doesn't matter whether you believe them or not, I believe them" -- which has now become a meme used to mock gov officials.

    2. Removal and dismantling of wreckage began HOURS after accident. Wreckage was broken up and BURIED on site for some reason, leaving experts and lay public shocked and dumbfounded. Public suspicion is that the railway ministry was trying to hide evidence, pointing to the way other nations handle accident scenes (not touching it until investigators have combed through everything). The dismantling and burial was caught on amateur film, which shows 2 bodies falling out of the wreckage as a team of excavator machines break the train carriages apart for on-site burial. MUCH anger over this issue.

    3. Victim families were immediately offered 172000 RMB government compensation plus 50000RMB "early signing bonus" to those who agree quickly. Chinese internet explodes again in disgust at the thought of using the phrase "award money" for death compensation, and of trying to rush grieving families into legal settlements. It looked like they were selling condos rather than giving financial aid. Most families refuse, saying they want answers rather than money. Internet is filled with posts comparing the disparity between compensation amounts for foreign nationals who die in China vs Chinese citizens -- tens of millions of RMB vs hundreds of thousands. Also comparisons to Chinese nationals who die in other countries (mainland tourists who died in Taiwan: 1.8 million RMB each) Yesterday, after Premier Wen visited the site, the compensation package was raised to a minimum of 915000RMB. People still calling this insultingly low.

    4. Second day of the accident, media was informed of official narrative and government directive. Press is ordered to use only the official name for the accident, devote most of their air time to stories of rescue heroism, and forbidden from investigating on their own initiative. Some journalists are rebelling, with public offering support but also voicing apprehension about safety of these journalists.

    5. Official death toll is currently at 40 with the passing of a critically injured passenger yesterday. The passenger manifest is still not public. List of dead, missing, and injured is still not released, even though the railway moved to an id card based ticketing system earlier this year, which would make this information computerized and easily accessible. Public is comparing this to the release of names of deceased in the Norway shooting incident. Public suspicion is that the real death toll is far above 40. Much frustration directed at railway ministry and government over lack of information.

    There's a lot more controversies here but those are the main ones. This has blown up to a HUGE national discussion about transparency and government accountability. Much disgust on the Chinese internet over the handling of this accident.

    --
    your thin skin doesn't make me a troll
    1. Re:MUCH more to the story than you see on Slashdot by Stan+Pirx · · Score: 2

      See more on these English sites:
      http://shanghaiist.com/2011/07/25/wenzhou_high-speed_rail_col.php
      http://www.chinasmack.com/

      Shanghaiist and especially Chinasmack tend to republish a lot of rumors without bothering to verify them.If you want to get some facts, better check Robert Soong's EastSouthWestNorth blog.

      Such as this post: Rumors About The Wenzhou Train Crash: How Many Have Your Forwarded? (Permalink does not work, scroll down about half the page)

      By the way, both Shanghaiist and Chinasmack can be reached from within China, while EastSouthWestNorth is blocked, guess what?

      ~ Stan

    2. Re:MUCH more to the story than you see on Slashdot by Stan+Pirx · · Score: 2
      Let me get another thing straight here (I live in Shanghai):

      5. ... The passenger manifest is still not public. List of dead, missing, and injured is still not released,

      The Shanghai metro distributes a daily free magazine called Metro Express, which is read by every commuter on their daily ride to work (a couple of millions?). They have been extensively covering the accident and some days ago published the complete list of victims, including names and parts of their ID card number. This is how I found out one of the victims was an Italian woman, by the way.

      From another post:

      Now, suddenly, you have journalists openly demanding heads roll and demanding to know why the government what they believe to be a faulty system be installed.

      If you think this is "sudden", you have no idea about how China works. People have been able to complain about this kind of things for at least 20 years. The central government is supporting this as a way to keep the local government officials under pressure and let people vent. Unless you critizise the rule of the party or have separatist aims, you are pretty safe to complain about everything here.

      ~ Stan

  17. Re:Uhh.... by dutchwhizzman · · Score: 2

    With all due respect, but I wonder where to? Most high quality goods also are manufactured in countries like Japan, Korea and China. Maybe you haven't noticed, but the Chinese themselves know all too well that most of the stuff they export is crap. They generally won't use it themselves, but use something better. The fact is, people from the west ordered this crap. They did that, because they don't want the quality, just the low price. You pay for what you get and you get what you ordered. If you don't like it, call this toll free number and complain to the person speaking Hinglish on the other side of the phone line.

    --
    I was promised a flying car. Where is my flying car?
  18. Re:You should see USA railroad signaling equipment by rdnetto · · Score: 2

    The French TGV is also pretty impressive. Despite holding the world record for the highest speed derailment, there hasn't been a single fatality when operating on high speed lines.

    Source: http://en.wikipedia.org/wiki/TGV#Accidents

    --
    Most human behaviour can be explained in terms of identity.