Signaling security
The term signaling safety describes a defined state in the safety technology of the railway . Equipment or functions of the signaling systems are considered to be "signaling technically safe" if they meet the particularly high safety requirements of rail operations in accordance with the regulations governing the licensing authority.
For example, signaling devices in an interlocking that display the security status of an outdoor system - such as a switch or a signal - on the control table , control panel , monitor or other operating device must correspond to the actual status of this system on site. In relation to a turnout, this means that the position displayed in the interlocking must match reality and may indicate transitional states such as flashing as "circulating" as long as there is no end position message. Under no circumstances may it happen that the position of the turnout is displayed to the left in the signal box, but the turnout is actually set to the right and it is still possible to travel over this turnout without special safety measures. If such a conflict occurs, the turnout is registered as "disturbed" in the signal box - with the result that the signal that is dependent on it cannot be released. According to the driving service regulation , an auxiliary operation for setting the covering signal is only permitted after the switch setting has been checked by specially trained personnel.
In an electronic interlocking , signaling security is guaranteed by the fact that a main signal or another signal for the movement of a train or a shunting movement is only released when at least two computers have checked the correctly set and secured route and have come to the same positive result. Only when this correspondence is established, the driving position of the signal is enabled by the safety technology.
In order to make a safety device "signal-technically safe", electrical and electronic transmission paths and monitoring devices that work independently of each other are used, which complement and control each other. If one of these facilities fails in whole or in part or if any conflicts arise, the condition of the outdoor facility is always assumed which represents the greatest possible danger; therefore greater safety is guaranteed (see also closed- circuit principle ).
In the case of mechanically operated signals, traction cables operated by the interlocking work against a weight attached to the signal mast (or against the weight of the signal arm). By selecting the stop position in the lower position, it is ensured that the signal goes to "Stop" if the pull rope breaks. At the same time, by measuring the rope tension in the signal box, it can be determined that the activation of the signal is no longer possible. In order to be able to transmit the signal setting from the interlocking to the signal over long distances, even over long distances, there are mechanisms that combine the pull of one rope with the relaxation of a second rope (differential principle), so that the thermal expansion of the haul rope between summer and winter does not affect the system inoperative.
According to the definition of the European Railway Agency , safety systems are considered to be signal-technically safe if they show less than one failure per billion operating hours. A higher failure rate is only permissible if further technical systems prevent catastrophic effects in the event of a failure of the system under consideration.