Systems failures of Metro/Subway systems in Santiago de Chile and Toronto

Systems failures of Metro/Subway systems

Over a period of less than one year, multiple system failures have put down Metro/ Subway networks of Santiago de Chile and Toronto, stranding up to 100,000 commuters.

Santiago de Chile

In both cases the problems stemmed from power failures (investigations still underway, as far as we know). In both case there was no or very limited alternative, or as the media and some politicians have feasted-on, “no plan B”. The failures were so significant because both the main system and the backup system failed at the same time, meanwhile telecommunication were having serious difficulties.

The public learned at their expenses that even in normal times, there’s no efficient way to communicate between above-ground bus and streetcar drivers so they know what’s going on. Passengers in both cities complained of being dumped at subway stations by buses and streetcars without being told the subways were shut down.

Both administrations said the problem started with a power failure at some location and initially, at least in Toronto, the Uninterrupted Power Supply (UPS) system kicked in. But that malfunctioned as well, draining the batteries that were supplying emergency power, causing the communications system to fail.

These were full-scale subway system shutdowns, with no warning and no backup plan.

Now, do you really think this is a situation that applies only to Metro/Subway systems of these two cities?

Heck, no… this is a situation we potentially face in many civil/logistic systems around the world.

For example, do you remember what the 1998 Great Ice Storm did to the electric grid in Ontario? No back-up system there either! It caused massive damage to trees and electrical infrastructure all over the area, leading to widespread long-term power outages. Millions were left in the dark for periods varying from days to weeks, and in some instances, months. It led to 35 fatalities, a shutdown of activities in large cities like Montreal and Ottawa, and an unprecedented effort in reconstruction of the power grid.

And then there are all the cases of False redundancy. Redundancy is generally sought by doubling components to increase a system’s reliability, for example installing two pumps, leaving one in stand-by. If both fail to work when needed, then it’s a case of false redundancy. Many missiles and satellites have failed because of False Redundancy.

Why are we discussing all of this? Well simply because:

• large systems shut-down are very significant events for which Holistic Risk Assessments should be prepared,
• building redundancy is costly and should be object of careful risk based decision making,
• not enough effort is allotted in systemic approaches to risks and malfunctions of infrastructural/transportation/logistic systems.

Tagged with: No back-up system, no plan B, Santiago de Chile, Subway, Toronto

Category: Consequences, Crisis management, Hazard, Mitigations, Risk analysis, Risk management