Trains Magazine News Wire wrote:WASHINGTON — Congress today passed a three-year extension of the positive train control deadline, preventing an unprecedented shutdown of the nation’s rail network that had railroads, transit agencies, and shippers nervous as the end of the year approaches.
The Senate today approved a stopgap surface transportation bill that funds highway and transit programs through Nov. 20. The bill, approved in the House yesterday, also includes the three-year PTC deadline extension that railroads, transit agencies, and shippers had sought.
WASHINGTON – Railroads and shippers breathed a sigh of relief today after President Obama signed legislation that gives the industry three more years to implement positive train control, averting an unprecedented national rail network shutdown that would have begun on New Year’s Day.
Railroads across the USA are spending B-B-Billions of dollars to install Positive Train Control (PTC) systems per federal mandate. But, there is a growing debate that PTC will not save lives but, instead, may lead to bigger and worse accidents than before. Apparently, the FRA has raised some concerns about "deficiencies" and "anomalies" in the I-TMS and I-ETMS PTC protocols.
FRA Issues Two Additional Letters Regarding PTC Matters
In a letter dated May 3, 2017, the FRA notified a PTC vendor of concerns over a growing number of software and hardware deficiencies found in the vendor's Interoperable Electronic Train Management System (I-TMS).
In a second letter dated May 3, 2017, sent to the AAR, ASLRRA, and APTA, the FRA informed Associations that railroads had notified the government of a critical safety anomaly with I-ETMS using onboard software version 6.3.23.2.
One of PTC's biggest problems is that unlike the existing signal systems, it is not and cannot be designed to be electro-mechanically fail-safe.
Existing signals have long been designed to "fail" in ways which produce restrictive conditions. Signals will not show green instead of stop. Semaphore arms will move to the stop position. Broken rails will trip signals to stop. Searchlights will default to red when de-energized. Crossing arms will lower if power is lost. The list goes on.
But those are HARDWARE feats. PTC will rely on SOFTWARE to run, and so is vulnerable not only to hacking but bugs in the code. We're now expecting computers to be safe from hacking, constant updates to be free of bugs, and crews knowing how to spot those issues before it is too late.
Again, time will tell, but PTC is no silver bullet.
Smart money also says the current PTC deadline will be extended again. The freight railroads won't be ready in many places, and many passenger systems won't, either. Turns out that a Congressional Decree doesn't make the world turn.
Saturnalia wrote:One of PTC's biggest problems is that unlike the existing signal systems, it is not and cannot be designed to be electro-mechanically fail-safe.
Existing signals have long been designed to "fail" in ways which produce restrictive conditions. Signals will not show green instead of stop. Semaphore arms will move to the stop position. Broken rails will trip signals to stop. Searchlights will default to red when de-energized. Crossing arms will lower if power is lost. The list goes on.
But those are HARDWARE feats. PTC will rely on SOFTWARE to run, and so is vulnerable not only to hacking but bugs in the code. We're now expecting computers to be safe from hacking, constant updates to be free of bugs, and crews knowing how to spot those issues before it is too late.
Again, time will tell, but PTC is no silver bullet.
Smart money also says the current PTC deadline will be extended again. The freight railroads won't be ready in many places, and many passenger systems won't, either. Turns out that a Congressional Decree doesn't make the world turn.
Fail-safe designs are incorporated into digital logic systems every day in industry. Programmable logic proved its worth in industry decades ago with performance and reliability superior to electro-mechanical control system. We have systems that run years without update unless changes in equipment function are needed or hardware replacement requires firmware upgrades. Secure networks are possible as well.
Fail-safe designs are incorporated into digital logic systems every day in industry. Programmable logic proved its worth in industry decades ago with performance and reliability superior to electro-mechanical control system. We have systems that run years without update unless changes in equipment function are needed or hardware replacement requires firmware upgrades. Secure networks are possible as well.
The company I work for designs and builds almost all of it's own production machinery. For the last few years we have been putting safety rated PLC's in machinery that have higher safety ratings then the switches and relays they replaced. No system is infallible and all machines go through extensive testing during development. That said no matter how much testing you do real life is always different and you don't find those glitches until the machinery is out there running day in and day out sometimes for years.
PTC will have it's growing pains as all complex systems do, one can only hope that the glitch does not take a life before it is fixed.
BTW any system can be made hack proof, just cut the cord to the internet use dedicated wired connections and proprietary communication protocols. We have been doing it for decades across multiple countries.
What smells like lube oil and diesel.... Oh wait it's just my "Locomotive Breath"