Metro’s fail-safe was anything but

During the 23 years that my wife and I lived in the National Capital Region, we often used Metro, the subway system considered to be the nation’s most modern and safest.

Accidents, Metro officials assured us, could not happen because designers put too many redundant fail-safe safety features into the system.

That’s what they said. As I recall, owners of the White Star Line said the Titanic could not sink.

Metro suffered a number of accidents over the years that eroded public confidence in the system’s safety and promises. The first occurred in 1982, less than a year after we arrived in the Washington area. The latest came Monday, killing at least six and injuring 70 more.

Like other accidents, Metro said it couldn’t happen.

Reports The Washington Post:

Metro was designed with a fail-safe computerized signal system that is supposed to prevent trains from colliding. The agency’s trains are run by onboard computers that control speed and braking. Another electronic system detects the position of trains to maintain a safe distance between them. If they get too close, the computers automatically apply the brakes, stopping the trains.

These systems were supposed to make yesterday’s crash impossible.

But four years ago, in an episode eerily similar to yesterday’s, the signal system briefly failed in the tunnel between Foggy Bottom and Rosslyn, forcing two quick-thinking operators to stop their trains manually to avoid a crash.

In the June 2005 incident, the operator of one train noticed that he was getting too close to the train ahead. The signal system was telling him the track was clear, but he hit the brakes. The operator of a third train on the line hit the emergency brakes on time, too.

Metro officials were stunned by the events, which they said at the time had not happened before, and launched an investigation. It was unclear last night whether they ever found a cause.

In yesterday’s crash, it appeared that the operator of the train that crashed did not apply the emergency brakes, also known as the "mushroom." Experts said the train appeared to be traveling fast before impact because the force pushed the first car of the train on top of the train ahead. Witnesses on the train that crashed also reported that the train did not brake before impact.

There was no reason to think that the operator did not spot the train ahead of her yesterday. The weather was clear, and the trains were not in a tunnel.

"It doesn’t look like she hit the brakes," said a train safety expert, who asked not to be identified because the crash is under investigation. "That’s why you have an operator in the cab. She should have been able to take action. That’s what they’re there for."

Other possible factors in the crash include a medical emergency that incapacitated the operator or a catastrophic failure of the braking system.

The trains in yesterday’s crash were supposed to be in automatic operation, which means the operators would have been relying on the computerized system to run the trains. The only function required of a train operator during automatic operation is to close the doors after a station stop. Some safety experts said operators can "zone out" during computerized operation because they don’t have to pay as close attention as when they manually run trains.

Comments are closed.