In news that was first announced last night by the National Transportation Safety Board (NTSB) and then reported in more detail in today's Washington Post concerning the Washington DC Metro crash which killed nine and injured 80 people, a faulty track impedance bond (called a Wee-Z bond) in the rail track circuit used to detect a train was replaced five days before the accident.
The Post story said that:
"Within each track circuit are two devices, the Wee-Z bonds, which are about 18 inches square and six inches high and are often mounted on the wooden cross ties that secure the rails. The Wee-Z bonds note the presence of a train and automatically transmit signals to the next train down the line. If the following train gets too close, the Wee-Z bond sends a "zero" speed signal that forces that train to stop. "
Without that signal, the train just proceeds as "normal."
What's more, it appears that the repaired track circuit continued to malfunction after the Wee-Z bond was replaced but this was not detected by the central controllers monitoring the entire Metro system. The Post says that the malfunction was not only intermittent but happened very quickly. Metro central controllers would have had to have been basically looking for the malfunction to see it on the displays used to monitor the state of the Metro system. The central monitoring system was not designed to automatically flag this type of intermittent problem to Metro controllers either.
Another instance of the Automation Paradox issue it seems.
The Post story says that it is unclear if there is a problem with the Wee-Z bond or with its installation by Metro maintenance engineers. The story also doesn't indicate why the Wee-Z bond was replaced originally (was it just routine maintenance or whether it was because of problem with it?). Problems with track circuits are not uncommon. According to the Post:
"Of 668 incidents that caused delays last year, track circuits accounted for 337, or more than half."
While the Washington Post and NTSB information disclosed so far imply that there was one track circuit involved, another news report indicated that there were two track circuits that shared the Wee-Z bond in the area of the crash.
The NTSB is now going to trying to determine how soon the train operator could first see the struck train. It looks like the operator started braking about 425 feet before the collision, with heavy braking occurring about 125 feet before impact.
DC Metro trains are now being driven in manual mode instead of under computer control and will stay that way until, Metro officials say, the system is independently assessed by train signal experts.
Metro official insist that the subway system is safe, and blame the accident on a "freak occurrence."
However, that is how most major accidents come to occur.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.