US Safety Board Determines DC Metro Crash Was Failure of Both Track Circuits and Safety Culture

A year ago June, a Washington Metropolitan Area Transit Authority (WMATA aka DC Metro) Red Line subway train traveling at a high rate of speed rear-ended a stationary subway train near Ft. Totten station. Nine people, including the train operator, were killed. Some 52 people were sent to local hospitals. Damage to train equipment was estimated to be $12 million.

After a year of investigation, the National Transportation Safety Board (NTSB) on Tuesday released a synopsis of its findings. The NTSB concluded that the probable cause of the collision, which the Metro safety system was supposed to prevent from ever happening, was due to:

"... a failure of the track circuit modules that caused the automatic train control (ATC) system to lose detection of one train, allowing a second train to strike it from the rear. The NTSB also cited WMATA for its failure to ensure that a verification test developed after a 2005 incident near Rosslyn station was used system wide. This test would have identified the faulty track circuit before the accident."

In addition, the NTSB writes that:

"Contributing to the accident was the lack of a safety culture within WMATA; ineffective safety oversight by the WMATA Board of Directors and the Tri-State Oversight Committee (TOC); and the Federal Transit Administration's (FTA) lack of statutory authority to provide federal safety oversight. Additionally, WMATA's failure to replace or retrofit the 1000-series rail cars, after these cars were shown in previous accidents to exhibit poor crashworthiness, contributed to the severity of passenger injuries and the number of fatalities."

In essence, the NTSB all but says that the accident was just waiting to happen.

The final NTSB report is in its final edits, and is expected to be released shortly. However, the synopsis and other material released on Tuesday does not paint a pretty picture, and spreads the blame for the accident all around.

Just as one example, the synopsis reports that:

"On the day of the accident, parasitic oscillation in the track circuit modules for track circuit B2-304 was creating a spurious signal that mimicked a valid track circuit signal, thus causing the track circuit to fail to detect the presence of train 214 [i.e., the train that got hit - you may want to look at the NTSB animated description of the crash for clarity]."

"Spurious signals had been causing the track circuit modules for track circuit B2-304 to erroneously indicate that the track circuit was vacant from the time the track circuit transmitter power was increased after the impedance bond was replaced on June 17, 2009, until the accident 5 days later."

"Train operators did not report problems with track circuit B2-304 before the accident because reductions in speed commands to maintain train separation, or even momentary losses of all speed commands, were common during train operations."

In fact, the NTSB reported that there were about 5,000 false track-occupied and 3,000 false vacant-track alarms per week. WMATA Metrorail managers placed a low priority on addressing malfunctions in the train control system before the accident. As a result, track circuit alarms were seen as minor safety issues which required no action, instead of an "unaddressed hazard in the fail-safe design." 

Shades of what happened on the Deepwater Horizon.

The NTSB also pointed out that the lessons Metro learned after a 2005 near-collision incident at Rosslyn were not institutionalized and used systemwide. If they had been, the NTSB believes that the faulty track circuit would have been identified (and hopefully fixed) before the accident.

The NTSB says that the WMATA safety culture has been slowly improving since the crash. As a frequent rider, I sincerely hope so, since the NTSB report also states that, "Some of the General Railway Signal Company (GRS) track circuit modules in use on the WMATA Metrorail system continue to exhibit parasitic oscillation, and the presence of this oscillation presents an unacceptable risk to Metrorail users."

You can review my half-dozen plus blog posts on the DC Metro crash and its investigation by the NTSB using the term "DC Metro" and search in "blogs" using the Spectrum web site search feature above.

Related Stories

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 

Newsletter Sign Up

Sign up for the ComputerWise newsletter and get biweekly news and analysis on software, systems, and IT delivered directly to your inbox.

Advertisement
Advertisement