Hasty attempts to deal with a specific safety issue without considering the question of overall system dependability may lead to the introduction of new problems. We use the example of an in-cab train controller for an Automated Train Operations (ATO) system to examine the effect on dependability of adding software error detection to a 2-out-of-2 system, consider the benefits and adverse consequences of this approach, and suggest other approaches to improving dependability.

Read Part 1
Read Part 2