I have been fortunate during my corporate management and consulting careers to take on and succeed with a wide assortment of assignments for which there was little to no precedence including the following:
• Architect of the first overlay Positive Train Control (PTC) system;
• Development of mathematical, financial, & liquidation analyses for the resolution of the bankruptcy of the Penn Central Railroad; the largest bankruptcy until that time;
• Development of a mathematical model for the blending of ferrous scrap to minimize the cost of electric furnace steel production;
• Development of an econometric model for the U.S. ferrous scrap market;
• Development of a computerized train crew management system;
• Design of a virtual Centralized Traffic Control (VCTC) system design for Kazakhstan’s and Egypt’s railroads; a system applicable to a wide variety of global passenger / freight rail operations including token-based, dark (non-signaled), and CTC railroads;
• Development of a wireless strategy for the U.S. rail industry based upon supply and demand;
• Development of a strategic Enterprise IT Architecture (EITA) for the U.S. intermodal industry;
• Development of an EITA for a generic railroad.
While the above list of engagements is diverse, the same primary, fundamental development concept contributed to their successful completion. That is, the more complex the challenge was, the easier it was for me to complete the assignment. That is, I have consistently taken a pragmatic, 80/20 approach to avoid the unnecessary, overly complex design issues that contribute very little value (20%), but that prevent others with their 100% perspective of being successful. The success of the 80/20 approach is directly dependent upon the ability to make the proper assumptions to avoid over-thought garbage – and then to revisit those assumptions once the air has cleared. There are two complimentary points that permitted me to be successful. First, I was in charge and could drive the solution to completion with little interference. Second, I was fortunate to identify and include excellent associates that were willing to support my efforts; it was usually a team effort. But, what happens when there is not an objective team and/or no rational (80/20) individual who is in charge? For example, consider the Federal Railroad Administration (FRA) and the Interoperable Train Control (ITC) committee relative to PTC and the concept of vitality.
To start with, it is necessary to define vitality in that there is a significant amount of misunderstanding across the industry, including management, regulators, and suppliers. So! Vitality is the process that is used to ensure the integrity of train movement authorities, i.e., only one train within a specified track segment at any time. In CTC operations, the vitality is within the wayside infrastructure of track circuits and control points. In Dark territory, vitality is the train sheet whether physical or computerized (conflict checker software). For some ex-colonies of the British empire, e.g., Egypt, vitality is the approach that provides for a physical token to be delivered to the driver, it can be that simple. However, to be clear vitality does not include the delivery of movement authorities, e.g., signals, cab signals, voice/digital transmission, or tokens.
Starting with the FRA’s Rail Safety Advisory Committee (RSAC) that took on PTC over a decade ago, there was the ongoing challenge on my part to obtain a common understanding that PTC is NOT “Vital” since it is not involved in the generation of authorities. The reason to make the distinction was driven primarily by my concern that undue risk analysis and system design would be sought by the FRA, if not suppliers and railroads, for PTC’s safety enhancement functionality that had no effect on the “vitality” of the railroad’s operations. My approach was to describe “functional vitality” in addition to “equipment vitality” that is associated with CTC wayside infrastructure. The functional definition was required to address how movement authorities are generated in non-signaled, “Dark”, operations since conventional suppliers have little to no experience with Dark. Hence, they will state that there is nothing “vital” there in that they only deal with equipment vitality. This “equipment” perspective made it too convenient for the FRA to fatuously associate the concept of vitality with PTC equipment while ignoring the concept of functional vitality for Dark operations.
FRA was not alone in abusing the vitality perspective. Specifically, the Interoperable Train Control (ITC) committee was also guilty of pursuing a non-pragmatic perspective of PTC presumably based upon what they thought was necessary for a seemingly vital system. This group of conventional Class I engineering and operational individuals, that were charged with designing an interoperable PTC perspective for the U.S. rail industry, far exceeded the necessary requirements for a non-vital PTC. I offer the following: 1) development a positioning accuracy for PTC that was totally ridiculous, i.e., 18 cm with 10-9 confidence level, 2) integrated the need to enforce to Intermittent Signals (ISs); and 3) forced the implementation of a parallel wireless data infrastructure without developing a data model for PTC and thereby not identifying alternatives that should have been considered. These were serious engineering design errors that resulted in a tremendous increase in the capital investment, on-going maintenance costs, and implementation time to install PTC across the industry. Additionally, ITC failed to take on the requirements for transits and commuter operations. An example of this ITC’s purposeful exclusion (ignorance, arrogance?) is the inability of the current PTC design to prevent the recent accidents due to trains over-speeding in passenger terminals. To be clear, such prevention requires no additional investment to that of PTC along the mainline. The solution requires only the addition of GEO-fencing for trains entering terminals. But, ITC’s lack of integration of the transits and commuter railroads in their activities means that such situations will not be included, at least in the initial rollout of PTC.
Now, FRA has made a declaration of “Vital PTC”. Some of the material I read on the FRA Website that discussed vital systems also had PTC enforcement functionality and were branded as Vital PTC systems – which they clearly are not. Rather, they are Vital Systems (traffic control) with integrated PTC-type functionality. How desperate is the FRA to make such inappropriate associations?
Along this same line of thinking, perhaps FRA is presenting the Vital PTC perspective in that the on-board PTC platform can also display digital authorities via the wireless data platform that PTC requires for its functionality. Hence, FRA considers this to be Vital PTC. However, there is a primary fallacy here. That is, the transmission of authorities, whether verbally, visual (signals), or electronically is NOT a vital function. Such transmission and display is safety critical at best, i.e., one wants such transmission and display to be highly reliable, but if it fails then the engineer resorts to the underlying vitality of any railroad. i.e. the Book of Rules.
I am encouraged by recent conversations with colleagues that the railroads are now pushing back on FRA’s declaration of “Vital PTC”. Welcome to FRA’s La La Land.