Fail-safes failed – Train mysteriously travel on its own

A real unsolved mystery. So far. But investigator are getting technical.

The Great Chicago Ghost Train Mystery | Motherboard.

During Monday rush hour this week, a Blue Line train that was scheduled for repairs did a very mysterious thing: it took off without a conductor on board. After quietly and slowly maneuvering its way around the curves of the Forest Park train yard after being parked there for a week, the rogue machine passed through the Forest Park station, headed eastbound on a westbound track and climbed a hill before ramming into another train at Harlem station and injuring 30 people. The media is calling it “the ghost train” and investigators are completely baffled.

The incident is unlike any “veteran city rail workers say they have seen” reports The Chicago Tribune, as multiple failsafes that should have stopped the train didn’t. Robert Kelly, the president of the local rail union, told CBS Chicago he’s never heard of anything like this in 27 years and called it a “great concern” considering “we have people working in these yards 24 hour a day, seven days a week.” To add more to the intrigue, the cameras facing the ghost train when it was parked in the yard the morning of were not working. No one saw anyone leave the train after the collision, not the conductor in the train that was rammed or the Forest Park station supervisor that ran after the rogue train while radioing ahead.

Runaway ‘ghost train’ puzzles investigators – Chicago Tribune.

A source close to the investigation said it will be important to learn what the trackside signals showed at the time of the accident. At the track switches, called interlocks, trip devices are supposed to be engaged to put the train into emergency braking mode if it doesn’t have the proper lineup.

Mechanical failure and a crime have also not been ruled out. One theory was that someone hacked into the system. But they had not ruled out human error. This piece has more about the investigation:

CTA, Feds Ready To Rule Out Sabotage In ‘Ghost Train’ Crash « CBS Chicago.

The National Transportation Safety Board and CTA investigators have virtually ruled out sabotage. And now they believe the runaway train actually stopped and started several times before the crash because of some kind of control problem.

train wrck

  8 comments for “Fail-safes failed – Train mysteriously travel on its own

  1. neko
    October 4, 2013 at 7:34 PM

    Why would ‘hacking’ ( it’s cracking… ) even be an option here? Of course, they lump insiders with grudges into hacking, journalists do.

    How is an outside attack possible? Someone tapped the wires?

    Or… it’s not a VPN intranet != adequate security for public utilities moment?

    I hope not. It always gives me a sinking feeling, the laziness and overconfidence.

  2. One Eyed Jack
    October 4, 2013 at 9:16 PM

    Someone call Denzel.

  3. October 4, 2013 at 9:33 PM

    I’ve been fascinated by such failures of/accidents involving complex systems (Space Shuttle Challenger and Columbia, Arianne 5, Toyota accelerator problem, jetliner crashes) and have done a bit of reading up on them. It’s often a series of things going wrong at the same time that causes the failure. There may be (one would hope) several safety systems that would keep a rail car from rolling or moving by itself, and they would all have to be disabled, not be engaged, or fail for something like this to happen. Such redundancy prevents lots of accidents, but not quite all of them.

  4. Walter Turner
    October 5, 2013 at 1:45 PM

    An article in the “Chicago Tribune” Friday afternoon quoted the National Transportation Safety Board to the effect that it was routine to leave the trains in the storage yard powered up and “with the brake setting that would allow movement.” The storage yard is uphill from the crash site. Why the trains don’t all take off on their own isn’t addressed.
    The stopping and restarting is discussed, though. If we can believe what must be preliminary findings, the mechanical stopping mechanisms worked, but “the master lever on the operator console had been left in a setting that allowed the train car brakes to recover and reset from the emergency brake application.”
    I haven’t seen any comment about whether the train was coasting or running under power, but, in view of the other revelations, I expect to learn that there was a mechanism to start the motors if the wheels began turning.

  5. Blargh
    October 5, 2013 at 1:50 PM

    neko: it’s basically never an option. Whenever someone claims that $PHYSICAL_EVENT might have been caused by “hackers”, they’re either trying to sell you something or they’re armchair sleuths who base their conclusions on what they’ve seen on CSI and NCIS.

  6. neko
    October 5, 2013 at 3:24 PM

    @Blargh —

    I agree, as a rule of thumb that works in general, I think. I’ve certainly investigated 100% Peter crying wolf hacker accusations, never found a single one myself. It’s always a bug, usually the person doing it to themselves. Sure, the intrusion detection logs at firewalls are full of tries, but I’ve never actually met a real hacker in my career, just lots of people thinking they were hacked. So, I agree.

    And, of course, computer programers don’t have magical powers either… if it’s not robotized and networked, it can’t be penetrated.

    But “basically never” is not never. I remain surprised at the homeland security reports on infrastructure vulnerabilities, and real world events like this:

    Networked robotics application bridges the gap between hackers and $physical_world. I’m assuming the switches are automated and networked somehow, probably the train’s brake system too, hence vulnerable, because of the way the story was worded.

    Could just be an ignorant journalist… but I could see the meeting where this was put on the intranet for the city government, for ease of use.

    The same one that has dubious security protocols in the many factions of city hall. The same one that connects to the internet through “secure” firewalls with mixed levels of administrator competence.

    In short, aside from a secured, closely monitored, not available to the public network, where the risk of criminal penetration by remote outside parties was impossible, I can’t see a case for a system like that being automated and networked at all.

    Not trying to sell anything. If you don’t give an outlet to the internet, the wires don’t become more expensive.

    Most security is already built into automation and networking equipment, it’s a question of configuration choices and convenience for certain parties, not money paid to equipment corporations. Usually.

  7. Warren
    October 6, 2013 at 11:36 AM

    I used to design and build these systems and the investigators are right to be amazed. If it really happened as described, at least three safety systems failed. I’d feel much more confident in sabotage and/or multiple human error, but even that wouldn’t be enough.
    The engine control system is entirely internal, you can’t start those systems remotely. I’ve heard of some railways starting to introduce that, but US public rail still forbids it last I checked. No way this could be “hacking” in any sense.

  8. cplamb
    October 8, 2013 at 1:25 PM

    A train which is awaiting repair malfunctions. The only mystery is why is wasn’t fully secured by external means.

Comments are closed.