At IBM Rational, my team creates solutions for our customers who develop complex and safety critical systems. Many of us (me included) have worked in their shoes before coming to IBM so it gives us valuable insight and experience with the kinds of challenges they face.
Many of us "have a life" outside of work that include some fun hobbies so we can escape from the pressure of our jobs. But on the other hand, some may actually be related to our work! For example, I belong to a model train club called Maricopa Live Steamers. We are one of the largest private train clubs in the world. Before you think "oh, yeah, I had those little trains when I was a kid", take a look at the website. These are 'big kid' trains, ones so large you ride on them. Commonly called "inch-and-a-half scale", the distance between the rails is 7-1/2 inches and the engines and cars are between 5 and 7 feet long, making it about 1:8 scale. Some of the steam engines alone can cost their owners well into the six-figure price range!! We even host birthday parties at various locations around our park and provide free public rides on Sundays. Here's a live video feed, most activity of course is on the weekends. 
We have over 16 miles of track across 160 acres of land, hundreds of switches, bridges, trestles, signals, crossings, miles of wire and pretty much anything a "real" commercial railroad has. In fact, some of our members are employed by or retired from various railroad companies across the US and bring valuable experience to the club.
One thing we pride ourselves on is the automated signaling system. Just like a real railroad, we need to operate safely, keep the trains separated, control traffic on single-track areas and allow the members to automatically select which of 5 major routes they wish to take. While we may not have trains running at 300 kph, we face similar risks - collisions, injuries and property damage - albeit on a lesser scale. We do carry public riders, so our insurance company insists on a proper safety program and signaling system (in effect, they are our regulatory agency!). Even at the relatively sedate "real speed" of 5 MPH (or about 40 MPH "scale speed"), the energy contained in the train (many thousands of pounds when we have our full load of 21 people aboard combined with the speed) can cause severe injuries if we have an accident. Our members certainly don't want to damage their equipment either, considering the expense of repairs and the fact that many of them spent thousands of hours painstakingly machining their engines out of raw materials.
We have developed a custom signal system with layers of safety built in. Out on the main part of the layout, we need to keep trains separated from each other and provide ways of sharing one-track areas where incoming (Eastbound) and outgoing (Westbound) trains must wait on sidings as traffic passes. We custom-make circuit boards, FPGA logic, and even the signal heads (LED's, with full aspect red/yellow/green signals). The signals work pretty much as you would guess, if you have a red light you must stop and wait. Yellow means the next signal ahead is red. Green is proceed. We detect trains by measuring voltage drop across the tracks, and it trips logic in the FPGA to control the signals appropriately. Each FPGA controls an area, usually called a "block". Some blocks are more complicated than others -- for example if they have switches, crossings or other complicated track configurations the logic can get quite tricky. Block controllers (we call them "CP's") communicate with each other as necessary to coordinate complex interactions.
We have developed a custom signal system with layers of safety built in. Out on the main part of the layout, we need to keep trains separated from each other and provide ways of sharing one-track areas where incoming (Eastbound) and outgoing (Westbound) trains must wait on sidings as traffic passes. We custom-make circuit boards, FPGA logic, and even the signal heads (LED's, with full aspect red/yellow/green signals). The signals work pretty much as you would guess, if you have a red light you must stop and wait. Yellow means the next signal ahead is red. Green is proceed. We detect trains by measuring voltage drop across the tracks, and it trips logic in the FPGA to control the signals appropriately. Each FPGA controls an area, usually called a "block". Some blocks are more complicated than others -- for example if they have switches, crossings or other complicated track configurations the logic can get quite tricky. Block controllers (we call them "CP's") communicate with each other as necessary to coordinate complex interactions.
In the main train yard, we use a computer to control the local area using USB through a
complex set of relays, driver boards and digital communications chips of our own design. There are dozens of signals, automated switches, selection buttons and train sensors that are used to allow club members safe, easy access to the layout. When in the station, they can press a button to notify the computer they want to take a particular route. The computer then automatically configure the switches and ensures that there isn't any safety conflicts before giving them the green signal to go. Switch operation is quite unique: we bought a crate of low-cost cordless screwdrivers, removed the handle and battery, attached them to the switch hardware and send 300 mS digital pulses to them to align the switch to the desired setting. The system works the same way when trains are returning - the computer senses their arrival from a particular route (called a "subdivision" in railroad lingo), checks for safety interactions, aligns the switches and gives them proper signals for safe passage back to the station. Additional pushbuttons throughout the area allow train operators to command the computer to select different routes through the yard, select which track to arrive at the station (we have 5) or allow other movements as required to place their trains where they need to, all while maintaining safe operation and proper signalling.
The computer also lets us control the yard and station area manually (called "dispatching") during busy times, especially when we have our international meets. There are times when there can be over 50 trains operating on the layout at once! Safety is a priority during those times and we love the challenge of ensuring we get the trains out and back quickly and safely. We even have a certification program for dispatchers (I'm one!) and are learning proper radio communications techniques from one of our members who works as an Air Traffic Controller at Phoenix Sky Har
bor International Airport! We have established radio procedures, operate a long range VHF communications system for us as well as a simpler and cheaper FRS-based system for our guests. This is another case where we essentially try to model ourselves after the 'real world' train systems as much as possible.
complex set of relays, driver boards and digital communications chips of our own design. There are dozens of signals, automated switches, selection buttons and train sensors that are used to allow club members safe, easy access to the layout. When in the station, they can press a button to notify the computer they want to take a particular route. The computer then automatically configure the switches and ensures that there isn't any safety conflicts before giving them the green signal to go. Switch operation is quite unique: we bought a crate of low-cost cordless screwdrivers, removed the handle and battery, attached them to the switch hardware and send 300 mS digital pulses to them to align the switch to the desired setting. The system works the same way when trains are returning - the computer senses their arrival from a particular route (called a "subdivision" in railroad lingo), checks for safety interactions, aligns the switches and gives them proper signals for safe passage back to the station. Additional pushbuttons throughout the area allow train operators to command the computer to select different routes through the yard, select which track to arrive at the station (we have 5) or allow other movements as required to place their trains where they need to, all while maintaining safe operation and proper signalling. The computer also lets us control the yard and station area manually (called "dispatching") during busy times, especially when we have our international meets. There are times when there can be over 50 trains operating on the layout at once! Safety is a priority during those times and we love the challenge of ensuring we get the trains out and back quickly and safely. We even have a certification program for dispatchers (I'm one!) and are learning proper radio communications techniques from one of our members who works as an Air Traffic Controller at Phoenix Sky Har
bor International Airport! We have established radio procedures, operate a long range VHF communications system for us as well as a simpler and cheaper FRS-based system for our guests. This is another case where we essentially try to model ourselves after the 'real world' train systems as much as possible. All of this complexity requires a layered, Systems Engineering approach. We have to ensure that each block is safe, then each collection of blocks, and then the entire system. We constantly must remain vigilant with the system, since our construction crew is constantly adding and modifying the track. Any change in the track configuration requires the signal crew to verify safe operation and make modifications to support their changes.
We on the signals team have a vision for the future (all it takes is time and money...) to be able to track train movements across our entire 160-acre layout. Of course running wires and sensors everywhere would be cost and technically challenging, so we are researching way of using advanced technology like RFID, GPS and ZigBee networks to see if we can come up with low-cost ways of sending location data back to the dispatch center. We would then use multiple, large displays of the entire layout (in this picture we only are tracking the local area near the station--which is complex enough!) Another goal is to be able to have these large displays visible over the Internet too, so anyone, anywhere can see the activity on the layout! Yet another System that needs good SE to be able to stay within our budget, be very reliable in the Arizona heat, and simple to operate by our members and guests. Once we have that established, then we could consider adding digital controls for switches out on the farthest reaches of the layout if we wanted! How much fun would that be?
Keeping all of this running safely is a fun way to spend a Saturday! Just don't tell my boss I'm "working"!!
