An IOT Based Super Watch Dog for Train Safety L.N.Rajaram, 10th June 2023

At the outset, a disclaimer. I am not an expert in the matters of Rail safety and interlocking systems, etc that is discussed in the article. However, I am a competent technologist working in the area of IT and IOT and have proven IOT products deployed to establish my credentials.

?

Background

Many opinions and speculations have been published about the Bahanaga Train accident. Unverified facts , conflicting many times have also been highlighted. There is an ongoing CBI enquiry also underway. One fact that seems to be consistent and verified is that the Coromandel Express to Chennai got diverted to the loop line when it was programmed to go on the main line on which it was already on. This caused it to crash headlong into the goods train that was standing on the loop line. It is not clear whether the goods train was supposed to be on the loop line and if so was it permissible to stand there. The crash or the sudden switch, not yet ascertained, caused several bogies to derail and fall on the adjoining track where another train - the Yeshwantpur Howrah Super fast Express - crashed into the bogies that were?littered on its track. The result 288 persons in all lost their lives and several hundreds and more injured , many critically so.

?

If we list the ‘possibilities’ that may have caused such a turn of events, we could include signal failure, which misguided the driver, the failure of ‘points’ that switched the train to loop line even though the settings were otherwise, an inadvertent or malicious human intervention where the interlocking system was overridden manually. This could have been?by a ‘maintainer’ who had legal access or a ‘saboteur’ who found a way to get into the Central relay room in the main station building. The chances of this are slim as it requires the connivance of the station master who has one key and the maintainer the other key and both have to use them to gain access. ( The Hindu June 9th?editorial page) . This same article by a retired GM, however says that free access is provided to the maintainer to huts and location boxes having remote equipment which could have been tampered with. Another possibility not mentioned is that even wired systems such as the interlocking system can be hacked into with wireless technologies interfering with circuit signals.The Hindu article suggests more sophisticated digital access methods to restrict?access to any equipment that when used inadvertently or maliciously can interfere with the interlocking system. It goes on to recommend ‘more measures to get rail safety back on track’ citing that funds are not an issue.

?

In all mission critical systems where human or technology failures or a combination of those?can lead to such a great impact resulting in tragic loss of life, the safety factor has to be given the highest consideration during design, production and operation. If we take the high impact?failure of tragedies like Chernobyl, Fukushima Nuclear disaster, Bhopal Gas tragedies, any number of air, train, road accidents, even political assassinations, the causes are investigated and lessons are learned and new designs and safety measures ensure these are avoided in future and the world moves on. When it involves human lives, it cannot be determined how much of safety measures is good?enough for zero?risk. In spite of the best of intentions, no guarantee of zero risk can be given due to inherent risk in technology and technology design itself.

?

Limits of Automation Technology and Operations Management

?

Complex systems and processes?like these are planned, designed, developed, tested , Standard operating procedures and exceptional procedures?enunciated , blue books published, trial runs under taken and extensive testing done. This is as it should be. There are complicated mechanical, electronic and Software and firmware that interact with one another to deliver the functionality. Each of these are tested rigorously , separately and then integrated and tested. The operations team is then trained in operating it and again the system is put on trial. An operations team operates?the system under controlled conditions , checks out all the likely scenarios of failure, whether due to?human or technology failure, to ensure?the system is resilient and fail safe.

?

But is it possible to give a 100% safety?guarantee by exhaustive testing of all possibilities??No. While no one can doubt the integrity and professionalism of engineers, designers, managers who put together a critical system creating a technological marvel,?there is no way every failure route can be enumerated, tested?and taken care of . Even if we identify?ten?possible failure scenarios, for which the system can be reviewed and tested thoroughly, a theoretical combination of these ten failures is close to around a billion test cases. Neither can we subject the system to so many tests, whats more some of the test beds?cannot even be created. There?is a ?mind boggling, combinatorial explosion of possibilities due to the number of different possible ways that the system can fail. Most of these?may have very minuscule probability of failure and may be considered not worth addressing but when the magnitude and impact of the occurrence of that possibility is huge and tragic, can we ignore it? What option do we have?

?

The complexity is in trying to predict at the time of design or commissioning of a mission critical

?system and taking care of all possibilities. However, instead of trying to address all failure scenarios with low probability but high impact, if we concentrate on that one scenario which is normal where trains run smoothly day in and day out and nip in the bud any deviations that is an aberration, in real time, before that could lead to catastrophes we would have achieved that order of magnitude higher level of safety.?This can be done by the IOT Based Super Watch Dog that can analyze and processes trillions of operational data in real time to check if things are normal and any abnormality can be checked for its effects on safety.

?

An independent IOT Watch Dog

?

The?independent IOT??Watchdog can be made aware of how the different components of the system?work at every moment, and their integrated working?in the normal operational sequence of the System as visualized by the designers and Managers. This moment to moment situational awareness is created by data provided by sensors from the ground. As it crunches more and more data of normal transit of trains and their smooth transit, it learns thoroughly that one combination of operational events that ensures Safety and?success. With its computational power it can detect and predict deviations occurring in real time. These deviations are also a learning exercise for it to assess their?likely impact and make out a case of why and how they can be prevented from happening.

?

With more understanding of what is normal and what is not normal, the system?can possibly predict the demons lurking in the system that could cause disasters under certain rare and low probability scenarios.

?

How it works

?

?Of the different possibilities of failure of different components?listed above in the recent accident ,the Super watch dog would keep track?of the?states(s) of?the Signal(s)??and whether their current states correspond to what they should be,?the the current location of the train(s), the line on which it is currently and to which line?should the train be normally switched, is the ‘Points’ that switch lines in current position, is the central relay room?currently open, who authorized it, has the maintainer done some thing he should not do and so on. The Super Watch Dog can do all that as sensors that sense data from each of these components feed data to it. The Watch dog can keep track of the movement of the railway personnel like the maintainers and signalers by tracking their moments and securing the rooms in which sensitive equipment are located. The access to these can be controlled by the watch dog.

?

Conclusion

Safety enhancement is a dire need, particularly when more and more and faster and faster trains are deployed. But adding more technology on the ground is no guarantee , however sophisticated the system maybe. No system can track its own behaviour and detect anomalies in its own working. As in other human systems, an independent continuous and comprehensive?audit of the situation in its entirety needs to be established outside the system. This can be done through an IOT based Watch Dog on the Cloud. The watch dog has the advantage of seeing the holistic picture from a distance compared to Systems that have localized controls.

?

?