Skip to main content

The swiss cheese of system safety (41)

Disclaimer!

The normal posting sequence will have to be disrupted due to the barrage of high profile safety incidents. Perhaps what comes to mind is the Potomac river crash, but unfortunately I have examples that strike closer to (my) home: the Tempi disaster (February 2023) and the Novi Sad station collapse (November 2024). While these disasters are not exactly fresh news, they have both resulted in strong anti-corruption movements in their countries. The deaths of the (mostly young) people should not have happened and everybody feels like they could have been the victims or their parents. This post is dedicated to the memory of the victims and outlining how systems are made safe.

(from the next post, the normal posting sequence will be followed)

What even is the meaning of "safety"?

Let's take it easy at first: by safety we mean the property of a system to not risk the integrity of human life when used in its intended setting and environment. Sounds simple - But how do we achieve this?

A simplistic answer is that we make sure that we do it right: hire the best people, give them the best materials and ample time and the designed system will be safe for sure. While these are helpful guidelines they do not suffice to guarantee safety - especially in systems where the notorious human factor will be involved.

Modern societies have extremely high safety expectations. A system failing 0.1% of the time, might sound good enough but in practice it is quite catastrophic: The Dutch train service for example is responsible for 4800 train journeys per day and a 0.1% crash rate would mean 4-5 crashes daily! This certainly wouldn't constitute a service one would rely on.

Safety in layers

Acknowledging that a single line of defense will always have its weaknesses, engineers and designers decided to opt instead for applying multiple, dissimilar lines of defense. Redundancy by design has been established as the most efficient method to ensure safety. The weakness of a layer can be mitigated by the other safety mechanisms. Disaster can only strike when a failure cascades exactly through the blind spots of all layers - same as being able to see through multiple slices of cheese. The catch is that government bodies, regulators and companies have to be diligent and not cut corners to ensure the smallest possible holes at our cheese slices.

The lack of those measures, due to corruption or otherwise, is thus criminal negligence. The Tempi disaster, where two trains that were using the same tracks ultimately crashed, is a perfect counter-example. Let's see what went wrong:

  • To avoid trains using the same tracks, EU directives mandate electronic control systems to be installed at all stations. Despite the protest of the conductor and operator unions, the government didn't take any action and kept relying on a manual controls system. As discussed before, human operators are much more failure-prone.
  • Ensuring capable operators and controllers should be a priority. Instead, state corruption wanted to reward its base and a 60 year old conductor with no training or experience was given a promotion as a controller. Just for the sake of being a party member. So much for meritocracy...
  • Mitigating the impact of crashes, strict regulations are placed on the cargo that can be transported via rail. However, the business friendly government wanted to cut the red tape for transport companies and decreased customs control and content inspections. The consequence was that one of the trains was carrying a huge amount of an unidentified fuel that ignited upon the crash and ultimately cost the life of innocent passengers.

It is hard trying to accommodate competing interests. However, the duty of the state is to make sure that all services offered to its citizens are as safe as possible, no discounts. It is everybody's duty to demand first class safety standards and preserve the safety reputation of public transport - we cannot afford to lose our brightest in vain.

Hundreds of thousands of people gathered in Greece for the second anniversary of the Tempi disaster to honor the 57 victims and demand justice.

Comments

Post a Comment

Popular posts from this blog

Easter feast and task pipelines (48)

A Greek Easter feast As this post goes live, your host and author is most likely indulging in the joys of Easter Sunday. In Greece, where I come from, Easter is the biggest holiday of the year. And, as you might expect from a culture famous for its love of food, the Sunday feast is a central part of the celebration. The meal varies by region and family tradition, but one thing remains constant: roasted lamb. It symbolizes the sacrifice of Jesus, and it's always the star of the table. If you're reading this on Easter Sunday, there’s a good chance I’m savoring some leftover lamb while you scroll through these lines. Now, let me tell you—preparing this feast is no small feat. Roasting the lamb and getting the rest of the meal ready is a coordinated effort, usually involving many helping hands. To make sure everything is done in time for the classic Greek lunch hour (around 14:00), the tasks must be broken down and distributed efficiently. This is where the real planning begins....
Post a Comment
Read more

I think, therefore I am (35)

I think, therefore I am Consciousness—or self-awareness—feels like one of the most distinctly human traits. Sure, some animals are clever, but only a handful, like certain primates, seem to pass the “mirror test” and recognize themselves in their reflection. So, what exactly is consciousness? The truth is, it’s hard to pin down. Interestingly, an accessible definition of consciousness doesn’t come from philosophy or biology, but from medicine—specifically anesthesiology. In this field, consciousness is defined as the awareness of pain and our surroundings during surgery. It's a practical, measurable approach: you’re either aware or you’re not. This definition not only makes consciousness easier to grasp but also highlights its connection to our sensory perception. This view brings us to the classic "dual theory" of consciousness. In this framework, the body and mind are seen as separate entities, with the brain acting as the “control room.” The mind issues commands, the b...
2 comments
Read more

A chess game played at a two hundred kilometers per hour (66)

A chess game played at a two hundred kilometers per hour That is how the sport of modern fencing is often portrayed by its practitioners, or, frankly, anyone with an inclination to dramatize. Often, in student fencing circles this phrase is used ironically to juxtapose how simple, pragmatic and brutal this sport can sometimes be. However, I am inclined to approach this phrase by visualizing its contents; fencing is indeed an ancient game, requiring wit and is supplemented with technology unimagined by previous generations. It really is a marriage cold calculation and passion. A passion which is shared by the previous blog exploring modern fencing technology, and which drives one to explore developments of fencing technology even deeper. How Horses Became Formula 1 A common passerby would not think of modern slender, antenna-like blades as swords. And they would be completely right, none of the three fencing weapons (saber, foil and epee) are swords. Assuming the sole purpose of a sword...
Post a Comment
Read more