Was reading an article in Oct Modern Railways about how the railway coped with the power supply problems earlier this year. one of the problems was the power supply frequency dropped, and the on train protection tripped on some trains The power supply frequency quickly recovered as National grid bought generating capacity online and switched out consumers. But the railway kept their supplies. The procedure after such a trip is to do a battery reset of the train, and the train should be good to go again It seems that the software on some trains was changed by a new release, so 2 versions were in service. The older version had a wider tolerance of frequency so did not trip The newer version had a narrower tolerance, so did trip. But the software had also been changed to disallow a battery reset after a supply frequency trip They could not reload the old version on the new trains because of a reliability fix to the CCTV system So some questions 1. Was the software not subject to User Acceptance Testing by the ROSCO or the TOC? Did no-one read the release documentation and think 'Hmm, thats quite a big change, I will escalate that'. Was there release documentation? 2. Surely the software should be divided into applications. Upgrading one application should not affect the others. So the CCTV app should be up-gradeable without affecting the power protection stuff. 3. Are features like the tolerance levels of the power supply frequency not 'soft coded', i.e. kept in a parameter file and not 'hard coded' in the programs.