• Our booking engine at tickets.railforums.co.uk (powered by TrainSplit) helps support the running of the forum with every ticket purchase! Find out more and ask any questions/give us feedback in this thread!

Is too much safety stuff dangerous?

Status
Not open for further replies.

SHD

Member
Joined
18 Jul 2012
Messages
456
There's an old basic adage that needs restating here as no-one else seems to have remembered it:
The more safety devices you add to a system, the less reliable that system becomes due to the need to "fail safe".
The corollary is that the more frequently you get incorrect safety warnings or checks, the less safe the system becomes due to complacency.

How do you define “reliability”? This adage sounds very much like Old Arms talk and to be honest.
 
Sponsor Post - registered members do not see these adverts; click here to register, or click here to log in
R

RailUK Forums

big all

On Moderation
Joined
23 Sep 2018
Messages
876
Location
redhill
There's an old basic adage that needs restating here as no-one else seems to have remembered it:
The more safety devices you add to a system, the less reliable that system becomes due to the need to "fail safe".
The corollary is that the more frequently you get incorrect safety warnings or checks, the less safe the system becomes due to complacency.
to me its getting the balance right but on several levels
the first is pride and skill allowing you to perform at your best but enough back up to allow you to do it to the safest level
the next will reduce danger to the minimum but remove flexibility to adapt to changes
the next is to remove too much interest and requirement from the driver that his mind spend ages else where to try and fulfill the void that his skills used to occupy :frown:
 

randyrippley

Established Member
Joined
21 Feb 2016
Messages
5,079
How do you define “reliability”? This adage sounds very much like Old Arms talk and to be honest.
OK, I'll rephrase it.
The more complex a system, the more likely it is to fail or break. The more safety checks and devices you add, the more complex the system becomes and so the higher the risk of failure. You hope that the failure is always safe-side, but in reality any failure increases risk
 

matacaster

On Moderation
Joined
19 Jan 2013
Messages
1,595
I would look at this time a different perspective.

Making the railways,which are already commendably safe by any measure, even safer costs a great deal of money and the law of diminishing returns can be seen to apply. Excessive safety costs, which are not similarly borne by road, mean that many people choose to travel by road on economic grounds, which is a much less safe way to travel.

Eg the railways are expected to securely fence off track anywhere near local residences despite the fact that the trains cannot diverge from their planned route. Rail firms are even fined when locals break through the fencing and children get hurt 'playing'. Contrast that with local roads which largely have no roadside barriers yet cars and lorries can wander wan over the road,exceedspeed limits etc, yet no action taken for safety as it's too difficult.
 

ComUtoR

Established Member
Joined
13 Dec 2013
Messages
9,398
Location
UK
Three Letter Abbreviatons.

They are initialisms.

https://www.collinsdictionary.com/dictionary/english/initialism
an acronym in which each letter is pronounced separately, rather than the acronym being pronounced as a word
Collins English Dictionary. Copyright © HarperCollins Publishers

https://www.merriam-webster.com/dictionary/initialism
Some people feel strongly that acronym should only be used for terms like NATO, which is pronounced as a single word, and that initialism should be used if the individual letters are all pronounced distinctly, as with FBI. Our research shows that acronym is commonly used to refer to both types of abbreviations

We could argue about 'initialism and acronym' both being a type of abbreviation.

https://en.oxforddictionaries.com/spelling/initialisms
Initialisms are abbreviations which consist of the initial (i.e. first) letters of words and which are pronounced as separate letters when they are spoken.

https://en.oxforddictionaries.com/definition/acronym
An abbreviation formed from the initial letters of other words and pronounced as a word (e.g. ASCII, NASA).
Compare with initialism

We could argue; but that would be pointless pedantism
 

al78

Established Member
Joined
7 Jan 2013
Messages
2,400
Eg the railways are expected to securely fence off track anywhere near local residences despite the fact that the trains cannot diverge from their planned route. Rail firms are even fined when locals break through the fencing and children get hurt 'playing'. Contrast that with local roads which largely have no roadside barriers yet cars and lorries can wander wan over the road,exceedspeed limits etc, yet no action taken for safety as it's too difficult.

Local roads don't have roadside barriers because roads (except special roads like motorways) are public rights of way, railway lines are not. Everyone has the right to pass and repass on a road on foot, horse or bicycle, it is only motor vehicle drivers that need permission (a license) and have to demonstrate competancy due to the risk they externalise onto others.
 

SHD

Member
Joined
18 Jul 2012
Messages
456
Attention posters, the pedantry signal is showing the “caution” aspect!
 

ComUtoR

Established Member
Joined
13 Dec 2013
Messages
9,398
Location
UK
Abbreviation is a superset of the two. An acronym and an initialism are both types of abbreviation (which is simply a means of shortening a word or set of words).

Which is what I said, and posted as direct quotes from the dictionary. Thanks for playing; +10 internet points.

Keeping this on topic.............tenuously.

The little red squiggle is a form of 'safety device' Have we become so used to auto-correct and grammar check that we rely on the computer to sort it out ? There are a few words that I never spell right but I am so used to it being auto corrected that I simply ignore learning how to spell it. I also get a little OCD about the little red squiggle that I correct the spelling rather than recognize the language setting I have it on. Although sometimes I realize too late and ignore it.

Look at people who fall asleep whilst 'driving' their Tesla or crash whilst on 'auto-pilot' The system isn't dangerous but how we use it is.
 

DerekC

Established Member
Joined
26 Oct 2015
Messages
2,107
Location
Hampshire (nearly a Hog)
Keeping this on topic.............tenuously
Look at people who fall asleep whilst 'driving' their Tesla or crash whilst on 'auto-pilot' The system isn't dangerous but how we use it is.

I think that misses the point - in the Tesla case it's the combination of technology and human which is dangerous - the car controls itself in all the circumstances its designers allowed for, but the operator's manual calls on the driver always to stay alert and ready to take over instantaneously if the car can't cope. That's unrealistic because real human beings get bored and distracted even if they try to comply with the manual - so accidents are bound to happen. Whether this is acceptable depends on whether they are more or less frequent and serious than if a human was driving. That underlines several points which are relevant to rail, I think:
  1. It's no good having a safety system that is unpredictable. It should always do exactly what it says it will, until it fails - and then it should detect its own failure and react safely - either by handing over to a backup system, handing over to the driver or stopping the train.
  2. It's no good expecting human beings routinely to do a safety critical task which requires them to do nothing except monitor the performance of an automated system and intervene if it is starting to misbehave.
  3. Railways are much safer than roads and are starting from much higher up the safety curve - so an automated system which delivers an adequate level of safety for a road vehicle may be unacceptable for rail because it is less safe than what railways achieve now. (This should be borne in mind when listening to politicians and others who don't see why automotive technology can't be applied to rail)
 

ComUtoR

Established Member
Joined
13 Dec 2013
Messages
9,398
Location
UK
I think that misses the point - in the Tesla case it's the combination of technology and human which is dangerous - the car controls itself in all the circumstances its designers allowed for, but the operator's manual calls on the driver always to stay alert and ready to take over instantaneously if the car can't cope. That's unrealistic because real human beings get bored and distracted even if they try to comply with the manual - so accidents are bound to happen.

100% in all cases I would agree and reiterate that the interaction with the system that presents the flaws. However, what about the situation with Teslas (the more idiotic drivers) who deliberately ignore the requirement to keep their hands on, ignore that its 'beta', ignore that its there as a compliment to the human system and film themselves letting the car drive. :/ They are overconfident in the 'safety system' granted they are not using it as required.

  • It's no good expecting human beings routinely to do a safety critical task which requires them to do nothing except monitor the performance of an automated system and intervene if it is starting to misbehave.

Which is what ATO will bring. The human up the front is there to monitor the train and their only task is to close the doors. Boredom is very real and it is easy to 'switch off' I do worry that when ATO is implemented that we will start to become complacent, bored, and drop into unconscious competency ,much quicker.

I suppose an extension of your point is the PTI (platform train interface issues) We open the doors, monitor, and then close them. When you do this 100 times in a day you 'switch off'
 

Bletchleyite

Veteran Member
Joined
20 Oct 2014
Messages
97,533
Location
"Marston Vale mafia"
Which is what ATO will bring. The human up the front is there to monitor the train and their only task is to close the doors. Boredom is very real and it is easy to 'switch off' I do worry that when ATO is implemented that we will start to become complacent, bored, and drop into unconscious competency ,much quicker.

And that's why I don't think "ATO with a driver at the front" is of that much benefit overall compared with a manual driver (provided a manual driver is "supervised" by systems that prevent SPADs etc) - it's a stepping-stone to DLR style operation, really, whereby the member of staff on the train in the vast majority of cases carries out the role of guard, and only positions themselves at the front and takes a power/brake controller in their hand when ATO has failed completely and full manual driving is required.
 

Ken H

On Moderation
Joined
11 Nov 2018
Messages
6,271
Location
N Yorks
They had a similar argument against putting safety guards around spinning machines in Victorian mills.

during WW2 they started fitting safety gear to planes. But it didnt reduce casualties because of the extra weight

Also, if safety gear makes the railway safer, but less reliable and more expensive and slower, then people will revert to less safe road transport.

In 2017 there were 1793 deaths and 24831 serious injuries on UK roads. Now I know we should compare deaths/injuries per mile but thats a lot of people affected.
historical data here - https://en.wikipedia.org/wiki/Reported_Road_Casualties_Great_Britain#Annual_summary
 

Ken H

On Moderation
Joined
11 Nov 2018
Messages
6,271
Location
N Yorks
100% in all cases I would agree and reiterate that the interaction with the system that presents the flaws. However, what about the situation with Teslas (the more idiotic drivers) who deliberately ignore the requirement to keep their hands on, ignore that its 'beta', ignore that its there as a compliment to the human system and film themselves letting the car drive. :/ They are overconfident in the 'safety system' granted they are not using it as required.



Which is what ATO will bring. The human up the front is there to monitor the train and their only task is to close the doors. Boredom is very real and it is easy to 'switch off' I do worry that when ATO is implemented that we will start to become complacent, bored, and drop into unconscious competency ,much quicker.

I suppose an extension of your point is the PTI (platform train interface issues) We open the doors, monitor, and then close them. When you do this 100 times in a day you 'switch off'
or worse, instead of monitoring the train, the operator will doze, or read, or text or whatever.
 

Panupreset

Member
Joined
8 May 2015
Messages
173
during WW2 they started fitting safety gear to planes. But it didnt reduce casualties because of the extra weight

Also, if safety gear makes the railway safer, but less reliable and more expensive and slower, then people will revert to less safe road transport.

In 2017 there were 1793 deaths and 24831 serious injuries on UK roads. Now I know we should compare deaths/injuries per mile but thats a lot of people affected.
historical data here - https://en.wikipedia.org/wiki/Reported_Road_Casualties_Great_Britain#Annual_summary

If we killed 1793 people this year on the UK rail network what would happen?
 

DanDaDriver

Member
Joined
5 May 2018
Messages
338
during WW2 they started fitting safety gear to planes. But it didnt reduce casualties because of the extra weight

Also, if safety gear makes the railway safer, but less reliable and more expensive and slower, then people will revert to less safe road transport.

In 2017 there were 1793 deaths and 24831 serious injuries on UK roads. Now I know we should compare deaths/injuries per mile but thats a lot of people affected.
historical data here - https://en.wikipedia.org/wiki/Reported_Road_Casualties_Great_Britain#Annual_summary

What?
 

AndrewE

Established Member
Joined
9 Nov 2015
Messages
5,065
during WW2 they started fitting safety gear to planes. But it didn't reduce casualties because of the extra weight
Seeing as you mentioned the war, there's another aspect that has a bearing on this (and I wondered whether something similar may be behind some of the failures of Scottish HSTs).
Apparently the fighter pilots used to have their own planes, but when they were in short supply someone suggested making the planes "common-user" to get them more intensively used. In fact availability dropped because whereas a pilot would live with minor faults on a plane that that he knew well, he could not know how serious something was on one he was not familiar with. They reinstated the single-user policy and availability increased again.
 

Signal Head

Member
Joined
26 May 2013
Messages
398
This is a related question, but when did it start that if the braking was initiated you couldn't stop it. My physical experience was long ago, but then braking stopped once you cancelled it. On WR steam locos a brake valve actually opened together with the horn starting (it was the air going into the brake pipe that went through the horn and made the sound), but if you were quick on the canceller there was not time for any meaningful amount of air to flow. I actually thought it only came with TPWS, but am maybe mistaken.

That's my understanding too, the original AWS kit had no connection with the speedometer systems so I don't see how it would 'know' when the train had come to a stand.
I thought the original (BR) AWS horn was also driven by air admission to the (vac) train pipe, via the horn.
 

philthetube

Established Member
Joined
5 Jan 2016
Messages
3,749
And that's why I don't think "ATO with a driver at the front" is of that much benefit overall compared with a manual driver (provided a manual driver is "supervised" by systems that prevent SPADs etc) - it's a stepping-stone to DLR style operation, really, whereby the member of staff on the train in the vast majority of cases carries out the role of guard, and only positions themselves at the front and takes a power/brake controller in their hand when ATO has failed completely and full manual driving is required.

The biggest benefit of ATO is in allowing greater train frequency, I suspect the likes of London Underground would not have bothered if that was not so. It is, however far less safe for track workers and others in the vicinity of trains.
 

edwin_m

Veteran Member
Joined
21 Apr 2013
Messages
24,793
Location
Nottingham
That's my understanding too, the original AWS kit had no connection with the speedometer systems so I don't see how it would 'know' when the train had come to a stand.
I thought the original (BR) AWS horn was also driven by air admission to the (vac) train pipe, via the horn.
I don't think even modern AWS or TPWS (they are now integrated into one unit) has any connection to the speedometer - it's probably done on a time delay. The TPWS overspeed sensor function is done by measuring the time taken to pass from one grid to the next.

Seem to remember the GWR ATC (AWS predecessor) horn operated by venting the vac pipe, for this equipment via a mechanical shoe raised by a trackside ramp, and if this happened the driver worked the cancelling lever which closed the valve and shut off the horn. For a clear signal the ramp was electrically energised, the current flowed through the shoe into a circuit that closed the brake valve and rang a bell instead. This system therefore didn't need a power supply on board the locomotive.

I suspect the early versions of BR AWS would also have used the brake vacuum (or air) to operate the horn, but I don't know for sure. With no physical contact to the trackside AWS needed an electrical supply on board the train, which even in the 1950s most steam locos didn't have.
 

big all

On Moderation
Joined
23 Sep 2018
Messages
876
Location
redhill
aws at least 30 years ago
was a reciever on the train with a rocker 'dead magnet rocks one way live magnet rocks back and cancels operation as does the cancel button in cab
there are no connections to any electrical systems what so ever [appart from the cab cancel button]so a dead system fully operated by the track magnet air pressure and venting the brakes to atmosphere by direct valve action
later ones where more "electrical " when retro fitted to emus for example but no more than for powering there action and not for intelligent interaction with systems
 
Last edited:

al78

Established Member
Joined
7 Jan 2013
Messages
2,400
If we killed 1793 people this year on the UK rail network what would happen?

I'm not sure comparing road with rail KSI is very meaningful. Railways are designed to be a largely segregated system controlled by highly trained operators. Roads are public rights of way consisting of a high number of heavy fast machines all being driven individually and mixing it with vulnerable users like pedestrians and cyclists. The death toll on the roads is what society at large has accepted for the incredible freedom of mobility that private car use brings. With railways, like other systems which are not controlled by the users, but instead trust is required to put our safety in the hands of higher authorities, we expect more in terms of risk. It is a bit like when I cycle on the roads, I have to trust drivers to do what they can to avoid hitting and seriously injuring or killing me (I can't directly control motorists, and there is a limited amount I can do myself to minimise the risk).

If you want roads to be as safe as railways, you'd probably have to do something like ban private car use, and only highly trained people would be allowed to operate motor vehicles (e.g. trained to a gold advanced driving level at the minimum), and anyone who wanted to get somewhere quickly would have to hire a trained driver for a price. I suspect society at large would find that too high a price for the safety benefit, since despite the KSI statistics, driving is still acceptably safe for most individuals.
 

Signal Head

Member
Joined
26 May 2013
Messages
398
I don't think even modern AWS or TPWS (they are now integrated into one unit) has any connection to the speedometer - it's probably done on a time delay. The TPWS overspeed sensor function is done by measuring the time taken to pass from one grid to the next.

Seem to remember the GWR ATC (AWS predecessor) horn operated by venting the vac pipe, for this equipment via a mechanical shoe raised by a trackside ramp, and if this happened the driver worked the cancelling lever which closed the valve and shut off the horn. For a clear signal the ramp was electrically energised, the current flowed through the shoe into a circuit that closed the brake valve and rang a bell instead. This system therefore didn't need a power supply on board the locomotive.

I suspect the early versions of BR AWS would also have used the brake vacuum (or air) to operate the horn, but I don't know for sure. With no physical contact to the trackside AWS needed an electrical supply on board the train, which even in the 1950s most steam locos didn't have.

I suspect you are correct about GWR ATC not needing a power supply on the loco.

I have a set of drawings somewhere for BR AWS fitment to a steam loco, from memory power was supplied by a NiFe battery (I think 4 or 6 cells) which had to be recharged as part of the loco's servicing. There was no mention in the drawings of anything on-board to do this, such as an axle-driven dynamo.
 
Last edited:

Signal Head

Member
Joined
26 May 2013
Messages
398
aws at least 30 years ago
was a reciever on the train with a rocker 'dead magnet rocks one way live magnet rocks back and cancels operation as does the cancel button in cab
there are no connections to any electrical systems what so ever [appart from the cab cancel button]so a dead system fully operated by the track magnet air pressure and venting the brakes to atmosphere by direct valve action
later ones where more "electrical " when retro fitted to emus for example but no more than for powering there action and not for intelligent interaction with systems

Track equipment consists of a permanent magnet with South pole uppermost to act as a marker and initiate AWS action (a dead magnet on its own can't do anything as there is no field to influence the receiver).
The following electro-magnet presents a North pole when energised.
South resets the 'sunflower' to 'all black'. If followed by North within a certain time the bell sounds, if the time delay expires without getting a North then the horn sounds, until the acknowledge plunger is pressed. This (not the actual warning condition) causes the sunflower to change to black/yellow, the change is proved (by a contact in the indicator mechanism), and then a coil in the receiver is energised to provide a pulse of North pole to reset the receiver ready to respond to a South Pole at the next set of track equipment.

The original receiver was, as you say, a magnetically biased two position contact which would 'tip' over centre under the influence of the field. This type wasn't fast acting enough for HSTs, which had an alternative design using reed switches.
 
Status
Not open for further replies.

Top