Washington District of Columbia USA - Jeff Young is a railroad industry veteran and a leading expert on Positive Train Control, or PTC, technology.
 
Young worked for Union Pacific Railroad for almost four decades and now serves as a consultant for the Association of American Railroads.
 
Young spoke recently about the biggest challenges the freight rail industry has faced in implementing PTC and some of the lessons learned from the testing process.
 
Q: What is the biggest overall challenge for railroads in implementing PTC?
 
A: The main challenge has been creating a system that is completely interoperable. This means PTC must work for any train on any track even though different railroads may have different PTC systems. That has required making substantial upgrades to the four main segments of freight rail operations, the back office server, locomotives, wayside signals, and communications components. The complexity and scope of this has revealed numerous issues in each of the areas that need to be identified and corrected through extensive testing. Essentially, we're developing a new safety system from scratch that needs to seamlessly serve a massive transportation system. It's like creating an entirely new air traffic control system, and it needs to be meticulously choreographed to ensure that it's going to work safely. It's not going to work perfectly right out of the box, so careful testing of the entire system is essential for making it safe.
 
Q: What are some examples of issues in those four segments that have been discovered and corrected as railroads work through testing PTC?
 
A: Maybe the most significant problem that has been discovered from a safety perspective is what's called a "false clear," which relates to the locomotive segment of the network. A false clear is when a software defect permits an unsafe operation by allowing a locomotive to pass a stop signal. Basically, the wayside signal is telling the train to stop, but the train's onboard system is saying things are clear. Field testing has also found instances in which trains have been forced to stop because the wayside signal equipment failed due to improper configuration or software defects. At the end of the day, these types of issues are why railroads need to spend so much time thoroughly testing PTC. There are more than 400,000 components in the entire PTC system, and missing a problem with just one of them can create an unsafe situation in the real world.
 
Q: What have been some of the most time-consuming elements of implementing PTC?
 
A: Ensuring all 400,000-plus PTC components are interoperable across various railroads has been a huge task, and it's where the "back office" comes into play. Interoperability sits upon the foundation of a huge, shared, database with information the different railroads need to update and access regularly. This includes information like the precise locations of thousands of railroad switches and wayside signals. This has been an enormous challenge, because rail operators need to keep this information updated even as switch and signal location changes are constantly changing. For example, one railroad could have as many as 60 location changes every week, which must be visually checked by engineers each time there is a change before they can be entered into the database. That takes a lot of time, and it's why railroads have over 2,400 engineers working on these signals. Just to give you some context for how big of a task this is, a typical 100-mile district could have more than 2,000 track features. If you expand that out across the country, we're talking about collecting millions of pieces of data. The database basically replicates all of these data points, which is the equivalent of mapping all of the interstates and state highways across the country and validating the data in the field for every speed sign, milepost sign, traffic signal, exit ramp, and other roadway features.
 
Q: Ultimately, the goal of PTC is to bring a train to a stop when the system identifies an unsafe situation. What goes into bringing trains to a safe stop like that?
 
A: This has been almost like developing a self-driving car, and it's been one of the more time-consuming elements of fine-tuning the system. Railroads have had to develop highly complex braking algorithms for both freight and passenger trains that account for numerous factors, and not just the obvious ones like velocity, track gradient, or weight. We need to account for outside elements like weather, the brake systems installed on different rail cars, and the fact that railroads rely on customers for cargo weight data. This algorithm is constantly being tweaked and adjusted to ensure it will safely stop trains when necessary.
 
Q: It seems that with so many different rail companies operating on a single, nationwide PTC system, there is the potential for communications to falter.
 
A: For PTC to work, railroads are creating their own, entirely new wireless communications network across the country to ensure PTC signals can be accessed regardless of the location of a locomotive. To do this, railroads need to place PTC communication towers in the correct places to allow for optimal communication with moving locomotives. The process used to determine where to locate these towers is not always perfect, and railroads sometimes find "dark spots" in the system. In that case, new equipment must be installed. Again, this demonstrates the importance of thorough testing in creating the safest network possible.
 
Q: How are railroads keeping all of these communications secure?
 
A: Cyber security is an important factor in implementing any complex technology requiring potentially sensitive information, and it's something that every railroad is taking seriously. To make sure the system is secure, railroads are working on sophisticated encryption keys that will ensure that the communications between railroads, as well as sensitive data, are secure. This is quite a meticulous process, because these encryption keys must be updated from time to time, and a situation may arise where they need to be updated at a moment's notice. That would require changing the keys on all locomotives, towers, and wayside devices.
 
Q: What about from a software perspective? What are the main challenges there?
 
A: Because the PTC system is still in its infant stage, the software is updated every couple of months to address software defects. However, when these updates occur, railroads must then conduct "regression testing," which means they need to make sure the new software will not have any adverse affects on existing pieces of software or equipment. That takes about two weeks in the lab before it can go out for field testing. Once the lab testing of the new software is finished, it's pushed out for field testing to the locomotives in the field testing areas. Once that process is complete, the software is then pushed to the remaining PTC-equipped locomotives. Needless to say, this takes a lot of time.
 
Jeff Young.