[SystemSafety] Lac-Megantic disaster

Matthew Squair mattsquair at gmail.com
Fri Jul 12 00:51:00 CEST 2013


Hi Ignacio,

Like all systems there's an operational context that goes hand in hand with
safe operations. In this case the system is designed so that if you lose
pressure, due to a burst hose say, the system will 'fail safe' and stop the
train. Once stopped you can apply the park brakes to hold you on the grade.

The pneumatic train brakes are not (emphasise not) designed to be used as a
means of holding the train while it's parked. Just like your car, there's a
mechanical park brake. And just like your car you shouldn't hop out and
walk off without applying the park brakes.

I'd note that some eye witnesses reported seeing flames coming from the
train before it crashed this may indicate a dragging brake condition,
that's where a brake pad is down on a wheel while the train is moving, and
as Peter noted it's also likely the locomotives park brakes were engaged at
least. Unfortunately when a trains going full tilt, a dragging brake can
get very, very hot and in fact end up causing an under-frame fire. Which
is, even more unfortunately in these circumstances, also a good ignition
source in any subsequent spill.




On Fri, Jul 12, 2013 at 2:48 AM, Ignacio González (Eliop) <
igtorque.eliop at googlemail.com> wrote:

> In other words, the braking control circuit is fail-safe, but the braking
> power circuit is not...
>
> Curious.
>
> 2013/7/11 <peter.sheppard at uk.transport.bombardier.com>
>
>>
>> Railway wagons normally have two brake lines, main line and train line.
>>  Each wagon has a local reservoir and brakes are applied through a triple
>> valve and work through a difference in pressure between the main line and
>> the train line.  (Pressure from the local reservoir is fed through the
>> triple valve to the brake cylinders). So the essential issue is that the
>> reservoir needs pressure in it for the brakes to be applied.
>>
>> All brake systems leak, so you need an engine attached to maintain the
>> air pressure (or vacuum) - it makes no difference on the system in use.
>>
>> If that engine stops (which apparently it did) the air leaks off and
>> whilst the brakes will initially be applied, they will eventually leak off
>> as all the pressure dissipates.
>>
>> That is why all wagons either have handbrakes or spring applied parking
>> brakes.
>>
>> It appears  (from what I have read) that one locomotive was left running,
>> but that was shut down when the fire brigade attended. Locomotive hand
>> brakes were applied, but they are designed to hold a locomotive, not a 70
>> wagon train on a 1.2% gradient and it rolled!
>>
>> Regards
>>
>> Peter
>>
>> Peter Sheppard
>> Senior Safety Engineer and Validator
>>
>> Mobile: +44 7920 247931
>>
>>
>> Please consider the environment before you print / Merci de penser à
>> l'environnement avant d'imprimer / Bitte denken Sie an die Umwelt bevor Sie
>> drucken
>>
>> Bombardier Transportation UK Ltd
>> Registered Office: Litchurch Lane, Derby, DE24 8AD, England
>> TEL +44 1332 344666, FAX +44 1332 266271
>> Registered in England
>> Registration No. 2235994
>>
>>
>>
>>
>>
>> *Rolf Spiker <rolf.spiker at exida.com>*
>> Sent by: systemsafety-bounces at techfak.uni-bielefeld.de
>> 11/07/2013 17:11
>> To
>> Matt Squair <mattsquair at gmail.com>, Bielefield Safety List <
>> systemsafety at techfak.uni-bielefeld.de>
>> cc
>>   Subject
>> Re: [SystemSafety] Lac-Megantic disaster
>>
>>
>>
>>
>>
>> Hi Matt,
>>
>> Your answer is a little puzzling to me
>>
>> Your first two paragraphs:
>> Train brakes rely on pressure in what's called the brake pipe to keep
>> them 'off'. When brake pipe pressure falls below a set value the brakes
>> engage. This is the Westinghouse system of air brakes basically.
>>
>> That gives you a fail safe train brake that will actuate in the event
>> that the train inadvertently parts, in freight operations a not
>> insignificant risk due to excessive inter-train dynamic forces.
>>
>> Are clearly my mentioned : With no any power (in this case vacuum), all
>> brakes are fully engaged.
>>
>> The following paragraphs are discussing the opposite I think
>> You need power to get the brakes engaged.
>> Is that right?
>>
>> *Regards*
>> *                **Rolf Spiker**
>> Rolf Spiker of Exida.com*
>> Senior Safety Consultant & Partner
>> Phone : +31 (0)318 414 505
>> Mobile: +31 (0)6 116 225 52
>> E Mail: *rolf.spiker at exida.com* <rolf.spiker at exida.com>
>> Mail address:
>> Exida.com
>> Att: R.Th.E. Spiker
>> Nassaulaan 41
>> 6721DX  Bennekom
>> The Netherlands
>>
>> Established Company address:
>> 64 N. Main Street
>> Sellersville, PA 18960
>> USA
>> [image: Description: Description: cid:image002.gif at 01CBD352.9EAE6780]
>> To view our Equipment database with certified elements go to:  *
>> www.sael-online.com* <http://www.sael-online.com/>
>>
>>
>>
>> The information in this e-mail is confidential and intended solely for
>> the person to whom it is addressed. If this message is not addressed to
>> you, please be aware that you have no authorization to read the rest of
>> this e-mail, to copy it or to furnish it to any person other than the
>> addressee. Should you have received this e-mail by mistake, please bring
>> this to the attention of the sender, after which you are kindly requested
>> to destroy the original message. Exida.com cannot be held responsible or
>> liable in any way whatsoever for and/or in connection with any consequences
>> and/or damage resulting from the proper and complete dispatch and receipt
>> of the content of this e-mail.
>>
>>
>> *From:* Matt Squair [mailto:mattsquair at gmail.com] *
>> Sent:* Thursday, July 11, 2013 11:48 AM*
>> To:* Rolf Spiker; Bielefield Safety List*
>> Subject:* Re: [SystemSafety] Lac-Megantic disaster
>>
>> Train brakes rely on pressure in what's called the brake pipe to keep
>> them 'off'. When brake pipe pressure falls below a set value the brakes
>> engage. This is the Westinghouse system of air brakes basically.
>>
>> That gives you a fail safe train brake that will actuate in the event
>> that the train inadvertently parts, in freight operations a not
>> insignificant risk due to excessive inter-train dynamic forces.
>>
>> However the brake actuation force is also normally provided by a
>> pneumatic reservoir on each car, these are kept topped up by what's called
>> the main reservoir pipe. Which is pressurized from air reservoirs located
>> on the locomotives in the train, which are in turn pressurized by
>> locomotive air compressors.
>>
>> Like all pneumatic systems there's a certain amount of leakage, so, if
>> the locomotive doesn't keep the main reservoir topped up with its air
>> compressor the pressure will slowly bleed off and the train brake will
>> disengage.
>>
>> Which is kind of why mechanical spring style park brakes are always used
>> to park, and why the comments in the media that the loco was running to
>> keep the brakes on is misleading.
>>
>> The actual reason has to do with operational efficiency as it takes time
>> to pump up a trains reservoirs from ambient. Leave one loco on to run its
>> air compressor and you can get away quickly in the morning.
>>
>> Of course if all the needed park brakes aren't applied and then for some
>> reason the online loco is shutdown...
>>
>> As a side note, an increasing number of locomotives have what's called an
>> Auto Engine Start Stop function to save fuel. With AESS the locomotives
>> control system will monitor air reservoir pressure and only start the main
>> engine if needed to run the air compressor. Modern freight trains are quite
>> sophisticated and complicated systems.
>>
>> So one should be careful of believing what's being said about the 'cause'
>> of the shutdown, just yet.
>>
>> Hope that helps. :)
>> --
>> Matt Squair
>> Sent with *Sparrow* <http://www.sparrowmailapp.com/?sig>
>>
>>
>> On Thursday, 11 July 2013 at 7:09 PM, Rolf Spiker wrote:
>> I always thought that the brakes of a train (also for trucks) have to be
>> energized to makes them free.
>> (Vacuum driven energizing)
>> c
>>
>> *Regards*
>> *                **Rolf Spiker**
>> Rolf Spiker of Exida.com*
>> Senior Safety Consultant & Partner
>> Phone : +31 (0)318 414 505
>> Mobile: +31 (0)6 116 225 52
>> E Mail: *rolf.spiker at exida.com* <rolf.spiker at exida.com>
>> Mail address:
>> Exida.com
>> Att: R.Th.E. Spiker
>> Nassaulaan 41
>> 6721DX  Bennekom
>> The Netherlands
>>
>> Established Company address:
>> 64 N. Main Street
>> Sellersville, PA 18960
>> USA
>> <image005.jpg>
>> To view our Equipment database with certified elements go to:  *
>> www.sael-online.com* <http://www.sael-online.com/>
>> <image006.png>
>>
>>
>> The information in this e-mail is confidential and intended solely for
>> the person to whom it is addressed. If this message is not addressed to
>> you, please be aware that you have no authorization to read the rest of
>> this e-mail, to copy it or to furnish it to any person other than the
>> addressee. Should you have received this e-mail by mistake, please bring
>> this to the attention of the sender, after which you are kindly requested
>> to destroy the original message. Exida.com cannot be held responsible or
>> liable in any way whatsoever for and/or in connection with any consequences
>> and/or damage resulting from the proper and complete dispatch and receipt
>> of the content of this e-mail.
>>
>>
>> *From:* *systemsafety-bounces at techfak.uni-bielefeld.de*<systemsafety-bounces at techfak.uni-bielefeld.de>[
>> *mailto:systemsafety-bounces at techfak.uni-bielefeld.de*<systemsafety-bounces at techfak.uni-bielefeld.de>]
>> *On Behalf Of *Peter Bernard Ladkin*
>> Sent:* Thursday, July 11, 2013 7:17 AM*
>> To:* Matthew Squair*
>> Cc:* Bielefield Safety List*
>> Subject:* Re: [SystemSafety] Lac-Megantic disaster
>>
>> There are a lot of questions. The BBC is saying that the locomotive was
>> left running as the train was parked 7 miles up the line, to power braking
>> systems; that fire services powered down the locomotive in the course of
>> extinguishing a small fire; that the train started moving downhill shortly
>> after that:
>>
>> [begin BBC quote]
>>
>>
>>
>> The train, carrying 72 cars of crude oil, was parked shortly before
>> midnight on Friday in the town of Nantes about seven miles (11km) away.
>>
>> Local firefighters were later called to put out a fire on the train.
>>
>> While tackling that blaze, they shut down a locomotive that had
>> apparently been left running to keep the brakes engaged.
>>
>> Shortly afterwards the train began moving downhill in an 18-minute
>> journey, gathering speed until it derailed in Lac-Megantic and exploded.
>> [end BBC quote]
>>
>>
>> Questions.
>> 1 (HaroldThimbleby) Powered braking systems on freight are often
>> air-powered. But they are fail-safe - losing power means they engage. So
>> what system here requires power to remain engaged?
>> 2. Fire services called to a plant usually have an operator's emergency
>> number to contact about plant details, and the operation of unattended
>> running equipment. Is there no such system for freight trains? Why not?
>>
>> 3. That an engine attached to a train with HazMat on board could be left
>> running and unattended. 4. How the railroad company could tell at this
>> stage whether and how many handbrakes were or were not applied.
>>
>> BTW, this is another accident situation predicted explicitly by
>> sociologists Perrow and Clarke ( The Next Catastrophe, Princeton U.P.,
>> 2007, resp. Worst Cases, U. Chicago Press 2005), as with flooding Mark 1
>> BWRs. But they were more concerned with Hazmats such as chlorine and
>> hydrogen fluoride than oil.
>>
>> It should give engineers pause that sociologists are better at
>> identifying hazards than they are. (Except for computer networks, of
>> course, where I think Bellovin's 1992 paper on possible TCP/IP exploits
>> takes some beating for prediction.)
>>
>> PBL
>>
>> Prof. Peter Bernard Ladkin, University of Bielefeld and Causalis Limited
>>
>> On 11 Jul 2013, at 00:26, Harold Thimbleby ....... wrote:
>>
>> <a comment about air brakes>
>>
>> .... BBC News iPad App .......
>>
>> Engineer blamed for Canada blast
>>
>> A rail operator's chief executive blames a local engineer for a runaway
>> train that derailed and exploded in a Quebec town, killing at least 15.
>>
>> *http://www.bbc.co.uk/news/world-us-canada-23264397*<http://www.bbc.co.uk/news/world-us-canada-23264397>
>>
>> Prof. Peter Bernard Ladkin, University of Bielefeld and Causalis Limited
>>
>> On 11 Jul 2013, at 04:03, Matthew Squair <*mattsquair at gmail.com*<mattsquair at gmail.com>>
>> wrote:
>> Bigger picture is that there's been a modal shift of oil transport to
>> rail due to restrictions on pipeline construction, which drives a greater
>> operational tempo in rail movements in turn.
>>
>> On Thu, Jul 11, 2013 at 6:44 AM, Gergely Buday <*gbuday at gmail.com*<gbuday at gmail.com>>
>> wrote:
>> *http://www.bbc.co.uk/news/world-us-canada-23264397*<http://www.bbc.co.uk/news/world-us-canada-23264397>
>>
>> Rail World boss Ed Burkhardt: "It is very questionable whether the hand
>> brakes were properly applied. In fact I'll say they weren't". [...]
>>
>> "He said he applied 11 hand brakes. We think that's not true. Initially
>> we believed him but now we don't." [...]
>>
>> The fire department and the train's owners have appeared in recent days
>> to point the finger at one another over the disaster.
>> - Gergely
>>
>> _______________________________________________
>> The System Safety Mailing List*
>> **systemsafety at TechFak.Uni-Bielefeld.DE*<systemsafety at TechFak.Uni-Bielefeld.DE>
>>
>>
>>
>> -- *
>> Matthew Squair*
>>
>> Mob: +61 488770655
>> Email: *MattSquair at gmail.com* <MattSquair at gmail.com>
>> _______________________________________________
>> The System Safety Mailing List*
>> **systemsafety at TechFak.Uni-Bielefeld.DE*<systemsafety at TechFak.Uni-Bielefeld.DE>
>>  _______________________________________________
>> The System Safety Mailing List
>> systemsafety at TechFak.Uni-Bielefeld.DE
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________________________________________________________________________
>>
>> This e-mail communication (and any attachment/s) may contain confidential
>> or privileged information and is intended only for the individual(s) or
>> entity named above and to others who have been specifically authorized to
>> receive it. If you are not the intended recipient, please do not read,
>> copy, use or disclose the contents of this communication to others. Please
>> notify the sender that you have received this e-mail in error by reply
>> e-mail, and delete the e-mail subsequently. Please note that in order to
>> protect the security of our information systems an AntiSPAM solution is in
>> use and will browse through incoming emails.
>> Thank you.
>> _________________________________________________________________________________________________________________
>>
>>
>> Ce message (ainsi que le(s) fichier(s)), transmis par courriel, peut
>> contenir des renseignements confidentiels ou protégés et est destiné à
>> l’usage exclusif du destinataire ci-dessus. Toute autre personne est, par
>> les présentes, avisée qu’il est strictement interdit de le diffuser, le
>> distribuer ou le reproduire. Si vous l’avez reçu par inadvertance, veuillez
>> nous en aviser et détruire ce message. Veuillez prendre note qu'une
>> solution antipollupostage (AntiSPAM) est utilisée afin d'assurer la
>> sécurité de nos systèmes d'information et qu'elle furètera les courriels
>> entrants.
>> Merci.
>> _________________________________________________________________________________________________________________
>>
>>
>>
>> _______________________________________________
>> The System Safety Mailing List
>> systemsafety at TechFak.Uni-Bielefeld.DE
>>
>>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
>
>


-- 
*Matthew Squair*
*
*
Mob: +61 488770655
Email: MattSquair at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20130712/7950e599/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 4560 bytes
Desc: not available
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20130712/7950e599/attachment-0001.jpe>


More information about the systemsafety mailing list