IRSEInstitution of Railway Signal Engineers

Presentation to theVictorian Parliament Road Safety Committee

Inquiry into Improving Safety at Level CrossingsOn behalf of the

Institution of Railway Signal Engineers

IRSEInstitution of Railway Signal Engineers

IRSEInstitution of Railway Signal Engineers

The IRSE

The Institution of Railway Signal EngineersA global professional organisation for those involved in rail systems, communications and signallingUK HQ with sections in Europe, North America and AustralasiaOver 4,000 members worldwide, nearly 500 in Australia

Our PurposeProvide a forum for the dissemination of best practices and the professional body of knowledgePromote and assist continuing professional development and educationProvide a framework for recognising professional competencyPromulgate relevant standards and guide-lines

IRSEInstitution of Railway Signal Engineers

An Active Level Crossing

IRSEInstitution of Railway Signal Engineers

Level Crossing Equipment Pictures

IRSEInstitution of Railway Signal Engineers

Failsafe – what is it?

A system or component is deemed to be “Failsafe” (or Vital) when its operation under all failure conditions can be predicted and if it will enter a safe state during any failure

This generally means that there is a defined safe operating state and that the system will only fail into that known stateE.g. The failure of a train detection component will always result in the system acting as if a train were present

If a system’s operation under failure cannot be predicted and hence managed, it is considered to be non-failsafe (or Non-Vital)

IRSEInstitution of Railway Signal Engineers

What is the World currently doing?

Where active Level Crossing protection is provided, it is to Failsafe standards

Throughout North America, Europe and Australia at leastPrecise standards vary but are effectively equivalent

Set by the Federal Railroad Administration in North America, to an equivalent standard to that required for InterlockingsCENELEC Safety Integrity Level 4 (same as Interlockings), mainly in Europe, but also in other developed countries

IRSEInstitution of Railway Signal Engineers

Where is the World going?

Various Non-Failsafe systems have been tried but not adopted in developed countries

Reliability sometimes less than the proven Failsafe alternatives?Concern over liability issues?Cost savings less than expected?

Focus is on improving existing Failsafe solutionsReduced cabling requirementsImproved performance and alternative approaches for rusty rail conditionsFast installation, automated setup, testing and remote monitoring

IRSEInstitution of Railway Signal Engineers

Key Issues

Reliability (as distinct from just safety)Failsafe systems do tend to be ‘sensitive’, avoiding risks by immediately failing to a safe state, however robust design provides for high reliability Non-Failsafe systems could theoretically be less sensitive, no necessity to avoid risks, however less robust design may lead toreduced reliability

There is a direct correlation between reliability (and availability)and safety

Litigation (topic best left to the Lawyers but…)Current Standard of Care – based on existing Failsafe standardsSFAIRP vs No Less Safe than Existing?

IRSEInstitution of Railway Signal Engineers

Failsafe v Non-failsafe

4

3

2

1

Reliability unprovenGuaranteed reliability & availability

Quicker to market however long term support for specific solutions uncertain – no standards, individual markets too small to support an orphan technology

Slower innovation + Long term support – standards based, global market ensures long term support is provided. Increased development costs

Capital costs likely to be lowerCapital costs are higher (due to items 2 & 3)

Unpredictable performanceKnown performance characteristics

NON-FAILSAFEFAILSAFE

IRSEInstitution of Railway Signal Engineers

Where does the money really go?

Failsafe technology only drives a small fraction of the total cost of a typical LX project ~15%Where does the rest of the money go??

Track, road and footpath upgrades (including costs for DDA compliance), provision of power, signage, barriers, lights, location specific design, access restrictions, safeworking, stakeholder liaison, project management etc

IRSEInstitution of Railway Signal Engineers

Conclusions

Failsafe systems have predictable and safe failure modesInternationally, Failsafe standards are currently expected for Level CrossingsFailsafe technology only drives a small fraction of the costs of a Level Crossing installation