Double switching

From HandWiki

frame|right|A single-switched relay can close inadvertently in response to a single false feed current. frame|right|A double-switched relay cannot close inadvertently with the application of the same current. At least two separate faults would be required to allow this relay to close inadvertently.

Double switching, double cutting, or double breaking is the practice of using a multipole switch to close or open both the positive and negative sides of a DC electrical circuit, or both the hot and neutral sides of an AC circuit. This technique is used to prevent shock hazard in electric devices connected with unpolarised AC power plugs and sockets. Double switching is a crucial safety engineering practice in railway signalling, wherein it is used to ensure that a single false feed of current to a relay is unlikely to cause a wrong-side failure. It is an example of using redundancy to increase safety and reduce the likelihood of failure, analogous to double insulation. Double switching increases the cost and complexity of systems in which it is employed, for example by extra relay contacts and extra relays, so the technique is applied selectively where it can provide a cost-effective safety improvement.

Examples

Landslip and Washaway Detectors

A landslip or washaway detector is buried in the earth embankment, and opens a circuit should a landslide occur. It is not possible to guarantee that the wet earth of the embankment will not complete the circuit which is supposed to break. If the circuit is double cut with positive and negative wires, any wet conductive earth is likely to blow a fuse on the one hand, and short the detecting relay on the other hand, either of which is almost certain to apply the correct warning signal.

Accidents

Clapham

The Clapham Junction rail crash of 1988 was caused in part by the lack of double switching (known as "double cutting" in the British railway industry).[1] The signal relay in question was switched only on the hot side, while the return current came back on an unswitched wire. A loose wire bypassed the contacts by which the train detection relays switched the signal, allowing the signal to show green when in fact there was a stationary train ahead. 35 people were killed in the resultant collision.

United Flight 811

A similar accident on the United Airlines Flight 811 was caused in part by a single-switched safety circuit for the baggage door mechanism. Failure of the wiring insulation in that circuit allowed the baggage door to be unlocked by a false feed, leading to a catastrophic de-pressurisation, and the deaths of nine passengers.

Signalling in NSW

A study of railway electrical signalling in New South Wales from the 1900s, shows an ever increasing proportion of double switching compared to single switching.

Double switching does of course cost more wires, more relay contacts, and testing.

On the other hand double switching is inherently less prone to wrong side failures; it helps overcome short-circuit faults that are hard to test for.

Partial double switching might double switch the lever controls, and the track circuits between one signal and the next, while single switching the track circuits in the less critical overlap beyond the next signal.

Double switching is facilitated by more modern relays that have more contacts in less space:

  • Pre-1950 Shelf Type Relay - 12 contacts (front (make) and back (break)) - full size
  • Post-1950 Q-type plug in relay - 16 contacts (front (make) and back (break)) - about half size

See also

References

  1. Hidden, Anthony (1989). Investigation of the Clapham Junction Railway Accident. Department of Transport. p. 51. ISBN 0-10-108202-9. http://www.railwaysarchive.co.uk/documents/DoT_Hidden001.pdf. Retrieved 7 September 2012.