Replying to Chinese Release Report On Rail Crash

I don't have specific knowledge of the Chinese design, but I was listening to a few railroad professionals speculate on the cause. They suggested it had to do with a design philosophy that was based more on the aviation philosophy of redundancy rather than the railroad philosophy of being fail-safe.

The difference being that if the primary and backup systems fail, you're in a dangerous situation if you rely on redundancy, but everything defaults to a stop/restrictive aspect in a fail-safe system.

I don't know of any airliner reliability software that fails catastrophically to a random state by design after it runs through its redundant systems, leading to loss of the aircraft. They are designed to degrade progressively and hand over control to a human, the moral equivalent of a railroad control system degrading permission to "Restricted Speed". Afterall airplanes cannot stop dead in their tracks without falling out of the sky, since usually that is a bad thing. At certain points of degradation procedures call for a divert to the closest airport etc.

So frankly, it appears to me that the speculators have a strange notion of what the design philosophy is for aircraft systems. Aviation philosophy is exactly as much "fail-safe" - which means fail to a safe, predictable, well known and survivable state - as any other. The only difference is that the fail safe state is not a dead stop in case of aviation, since that in itself constitutes a serious failure.

Now that is not to say that serious design mistakes are not made in airline designs like the famous one on the DC 10 of routing all three redundant control circuits through the same conduit.

I don't have specific knowledge of the Chinese design, but I was listening to a few railroad professionals speculate on the cause. They suggested it had to do with a design philosophy that was based more on the aviation philosophy of redundancy rather than the railroad philosophy of being fail-safe.

The difference being that if the primary and backup systems fail, you're in a dangerous situation if you rely on redundancy, but everything defaults to a stop/restrictive aspect in a fail-safe system.

I know that such designs do exist in Europe, where HSR trains run part of their route on mixed-traffic lines; how do they avoid the problems that the Chinese seem to have encountered?

The problem that the Chinese encountered has little to do with whether it was HSR or not. It, in some ways, is similar to the problem that Washington WMATA had, causing their last collision. It was a failure in the signaling and train control system to detect a train that was occupying a block thus leading to false clear signal. In case of WMATA it happened because the train detection system failed to latch onto the right frequency detection loop current when present. It is not clear exactly what failed as a result of a severe thunderstorm in the Chinese case. However, the system design really should be failsafe even in face of such failures, and apparently it was not.

In the Chinese case the result would most likely have been similar if the second train (or even both trains) was a run of the mill loco hauled train running at 160kph.

There is the well known Eschede derailment which would take paragraphs to describe.

Here is the Wikipedia article detailing the Eschede disaster.

The Eschede train disaster was the world's deadliest high-speed train accident. It occurred on 3 June 1998, near the village of Eschede in the Celle district of Lower Saxony, Germany. The toll of 101 people dead and 88 (estimated) injured surpassed the 1971 Dahlerau train disaster as the deadliest accident in the history of the Federal Republic of Germany. It was caused by a single fatigue crack in one wheel which, when it finally failed, caused the train to derail at a switch.

Click on the link above if you want more paragraphs (or at least more information).

So it's 0 deaths for the Japanese HSR, 0 deaths for the Korean HSR, and 0 deaths for the Taiwanese HSR. Even allowing that the Chinese system is not a "pure" HSR, the problem of a design allowing mixed traffic for otherwise HSR trains seems like a questionable choice.

I know that such designs do exist in Europe, where HSR trains run part of their route on mixed-traffic lines; how do they avoid the problems that the Chinese seem to have encountered?

The European mixed high speed with normal traffic lines have had their own sets of problems. There have been several collisions at grade crossings, some with fatalities on the HS train set.

There is the well known Eschede derailment which would take paragraphs to describe.

There have even been a couple of cases of pieces of sheet metal coming off European high speed trainsets.

So it's 0 deaths for the Japanese HSR, 0 deaths for the Korean HSR, and 0 deaths for the Taiwanese HSR. Even allowing that the Chinese system is not a "pure" HSR, the problem of a design allowing mixed traffic for otherwise HSR trains seems like a questionable choice.

I know that such designs do exist in Europe, where HSR trains run part of their route on mixed-traffic lines; how do they avoid the problems that the Chinese seem to have encountered?

They follow the Safety procedures, and their staffers aren't "on the take" like so many are in China during these "Boom Times" in the Peoples Republic!!

So it's 0 deaths for the Japanese HSR, 0 deaths for the Korean HSR, and 0 deaths for the Taiwanese HSR. Even allowing that the Chinese system is not a "pure" HSR, the problem of a design allowing mixed traffic for otherwise HSR trains seems like a questionable choice.

I know that such designs do exist in Europe, where HSR trains run part of their route on mixed-traffic lines; how do they avoid the problems that the Chinese seem to have encountered?

Taiwan HSR has had zero fatalities, and only one derailment, and that was one wheel set and due to an earthquake. A few minor injuries, for the most part, bumps and bruises.

Not sure whether or when more detailed information wil be available.

Do not for get, this line in China was not a dedicated high speed line, but a new line built to handle mixed traffic.

I read the entire report such as it is. It sounds like it is a design problem wherein they forgot to ensure that the "failsafe principle" was uniformly incorporated in the design. I find it hard to believe that Siemens supplied them a system which would have this mode of failure, so I suspect that it has something to do with Chinese attempts to improve the Siemens system and make it more efficient. Just speculation on my part on that last bit. Unfortunately the report is more into nailing the fault on a bunch of people instead of giving any real details about eh core technical issues AFAICT. Hopefully there is a more detailed report somewhere that goes into the technical aspects. Maybe George can dig it up somewhere.

To take a guess, they took what Siemens delivered and, in making it "more efficient", they either disabled some important failsafes or allowed them to be overridden.

Where can I find the report itself? Does the NYT story link to it?

I read the entire report such as it is. It sounds like it is a design problem wherein they forgot to ensure that the "failsafe principle" was uniformly incorporated in the design. I find it hard to believe that Siemens supplied them a system which would have this mode of failure, so I suspect that it has something to do with Chinese attempts to improve the Siemens system and make it more efficient. Just speculation on my part on that last bit. Unfortunately the report is more into nailing the fault on a bunch of people instead of giving any real details about eh core technical issues AFAICT. Hopefully there is a more detailed report somewhere that goes into the technical aspects. Maybe George can dig it up somewhere.