System Safety, Part 2: A Value-Added Business Driver

Written by Sonia Bot and Tony Zenga
(Union Pacific)

(Union Pacific)

Editor’s Note: September is Safety Month in the North American railway industry. This month, Railway Age “recalls to active duty” the three-part series on System Safety by Sonia Bot and Tony Zenga, with accompanying podcasts. Part 3 will appear on Sept. 19. – William C. Vantuono

RAILWAY AGE, NOVEMBER 2020 ISSUE: Industry 4.0 (also known as the Fourth Industrial Revolution) is a reality. Railroads, including their partners in the transportation supply chain, are at the beginning of their journey to establishing true end-to-end digital continuity. For example: Industrial Internet of Things (IIoT); Positive Train Control (PTC) and Enhanced Train Control (ETC); and AI (artificial intelligence)-based automation such as expanding autonomous inspection to include predictive analytics for track data.

How do we know that these solutions and systems are safe and that there are no lurking issues? How do we know that the integration of multiple components from vendors, partners, and even from within meet safety objectives? How do we know if safety integrity is preserved after a change is made? How do we shift the paradigm where safety moves from a cost center to a value-added business driver? 

In Part 1 (RA, October 2020), we made the case for system safety as the necessary discipline for railroads to embed as they move forward in innovating and advancing in the 21st century. 

In Part 2, we step through proven guiding principles, how they can be applied to embedding system safety, and resulting paradigm shifts; all with the goal of improving safety performance and opening up new opportunities for revenue streams.


Implementing a comprehensive safety program that meets the new demands of autonomous systems can be perceived as a daunting and risky proposition, especially when breaking new ground. However, by systematically embedding system safety using some tried-and-true guiding principles, the implementation risk is reduced, time to value realization is accelerated, safety performance is improved, and capability maturity grows at a healthy and sustainable pace.

These guiding principles focus on rewarding an entrepreneurial culture, exercising business rigor and relevancy, forging productive partnerships, safeguarding end-to-end flow, and fostering a learning organization. If these sound familiar, they were also applied to “PSR 2.0” (Bot & Orr, see Railway Age June/July/August 2020 series on PSR, The Next Generation). Long before this, we’ve been using and maturing them in our work in high-technology and related industries (products, services, transportation, manufacturing and operations). 

Innovation and sound business practices are at the core of these guiding principles. They support the 21st century focus of differentiating and innovating, and not just improving, which was true for the 20th century. 

Globally, movement toward a design-based economy is well under way across all major and emerging industries. Companies must become more like “design shops” to be competitive, not just the design of widgets but design of the overall business.


Let’s apply each of these guiding principles to the system safety practice.

Rewarding an entrepreneurial culture: Confronted with the urgency and speed of change driven by the latest wave of the digital age, and more specifically on the rising stake and paradigm shift for safety, an entrepreneurial approach to system safety is an effective way to accomplish this shift. 

Promoting traits like creativity and controlled risk-taking require effective talent management, especially when the traits of effective safety personnel or safety investigators are not the same as entrepreneurial safety program managers. Managers become less administrative and more like orchestrators who encourage cross-collaboration across functional teams. They evaluate their employees against their contribution to the organization’s mission and focus on matching qualified people with the right work. They create cross-fertilization that sparks ingenuity for mitigating safety-related risks to determine optimum mitigation strategies among project stakeholders. 

“Companies must become more like ‘design shops’ to be competitive, not just the design of widgets but design of the overall business.”

It may be necessary to develop novel safety approaches and establish responsive feedback loops for staff to contribute to strategic-level initiatives. Safety organizations should consider reassessing their operating concepts to ensure they allow for adaptability in an ever-progressing environment of system complexity. Constantly re-examining decisions (for example, policy, financial, strategic) and pivoting accordingly, because of changing circumstances, keeps a tight focus on reducing delivery and performance risk and in doing the right thing. All of this is done systematically and with discipline.

Exercise business rigor and relevancy: Safety is a table stakes requirement for a railroad to meet its business objectives, obligations and product/service offerings. 

When precisely fitting services to markets, or automating processes and solutions, the system safety planning and approach must be tailored for the application with measurable results upfront, and not as an afterthought. The safety business case must include a multi-dimensional business assessment with clear definitions of strengths, weaknesses, threats and opportunities. 

“Safety is a table stakes requirement for a railroad to meet its business objectives, obligations and product/service offerings. 

An unsafe work environment, product/service or system will have dire consequences on the business and ecosystem. It is not a matter of “if” an incident will happen, but more “when” and “how often” it would happen. As part of the evolution, safety can be leveraged as a value-added business driver and become less of a business cost center. Safety features, or their derivatives, can become monetizable product and service offerings for customers.

Forge productive partnerships: Because of the complexities and scalability introduced in the digital world of system of systems or system integration, no one person or group or company can attack system safety alone. Within a corporation, this is a multi-disciplinary effort across the corporation end-to-end, requiring productive partnerships to be established. Highly specialized talent, not necessarily part of the current talent pool, is required, for both the initial stages and the longer term. 

In the short term, the surest, fastest and most sustainable approach is to bring in a small tiger-team of elite professionals to assess, architect, setup and assist in implementing system safety best practices and solutions to problems. In the process, employees learn and mature their capabilities through expert example. 

Furthermore, more emphasis can be placed on developing more productive and collaborative partnerships with the players in the transportation ecosystem (for example, other railroads, air, ports, trucking, pipeline, subsystem suppliers, customers) to pursue creative approaches to system safety challenges and act as force multipliers for governmental agencies that do not have the resources to investigate every potential system safety issue.

Safeguard end-to-end flow: By its very nature, system safety requires an end-to-end system view, where the system can comprise technology components, processes and people, and scale within and across organizations, companies, ecosystems, and supply chains. 

Typical areas of safety vulnerabilities include integration points of technology components and interfaces, handoffs between parties, and balancing supply chain implications at first- and last-mile terminals. One needs to follow and address the (potential) hazard step-by-step from its point of origin and through the cascading web within which it impacts. 

“A continuous mastery and improvement mindset is required system-wide.”

Foster a learning organization: As the system safety discipline is being embedded into the organization, company and ecosystem, it is important to develop learning mechanisms that allow the adoption and execution of safety best practices. A continuous mastery and improvement mindset is required system-wide; along with supporting tools and structures. Learning elements come from all areas (for example, crisis, disruption, success) and are augmented with leadership rotations through and within the ecosystem (for example, inter-disciplinary people exchange, skills investment, enterprise-wide mobilization to engage and build the leadership cohort). This requires fully committed, aligned, disciplined, transformational and experienced leadership. 


Safety improvement efforts do not go far enough, and in some cases, failures are socially accepted within the walls of the industry. Industry 4.0 brings an opportunity to turn this around, which in turn is demanding a paradigm shift in the industry. Here are some examples as they relate to system safety.

From standalone systems to integrated system of systems: Through the intervention of the Department of Transportation (DOT), Positive Train Control (PTC) in the U.S. was mandated as a high-technology means to address unresolved historic safety issues, in particular for some types of train collisions and derailments. Similarly, Transport Canada (TC) is assessing solutions, known as Enhanced Train Control (ETC), while learning and evolving from the PTC experience in the U.S. These initiatives pave the path for more autonomous operations that address the historic safety issues and are enabled by technology and big data. This introduces the requirement to work within a system of systems context as supported by our methods. Standalone systems, which are the norm for traditional approaches, are no longer sufficient. 

From fragmented and incomplete to fully connected and traceable hazard mitigations end-to-end: Digitization and automation in railroading would demand that each project implementation would include a system safety/hazard assessment at all levels (that is, system of systems, system, sub-system, unit). It would also demand the same for interoperability and interworking across the ecosystem. The mechanisms, tools and platform in our system safety approach make a seemingly daunting task manageable
and productive. 

“Standalone systems, which are the norm for traditional approaches, are no longer sufficient.” — 

Meanwhile, with the traditional approaches, one would be hard-pressed to find a cohesive and traceable hazard log with end-to-end hazard mitigations and verifications within and across interworking railroads, let alone tied together through all the system levels. How does a railroad know that what they receive from suppliers is safe in their railroad, not to mention when they interoperate with other railroads? Goodwill committee efforts do not scale for this size of problem under the current approaches. 

In the end, a missing safety-related function, such as failing brakes at the unit level, negatively impacts all stakeholders. It does not solely affect the originator of the problem such as the supplier that may have delivered the functional capability, or the mechanical group that may not have been notified of actions required to mitigate the safety concern, or the transportation group that insisted on running trains at the risk of proactive testing and maintenance, or the train operator that stretched the environmental limits for operating the system; all stakeholders in the ecosystem are impacted to varying degrees.

From Big Bang delivery to rapid value-added delivery cycles: Technology, big data and automation have enormous potential in the rail industry. The industry can no longer afford (money and time to implement) high risk Big Bang delivery as typically done in traditional approaches, including the various introductions of PSR in the early-adopter Class I’s. 

“The industry can no longer afford (money and time to implement) high risk Big Bang delivery.”

Our approach supports an Entrepreneurial Time-to-Market delivery methodology that is low risk, nimble, delivers value in progressive increments and aligns with modern approaches used by new entrant competitors. The system safety value propositions and methodology are embedded into the delivery framework. It is structured to be more inclusive of all stakeholders within an organization and across the transportation ecosystem. It is scalable.

From isolated brute force to progressively interconnected system maturation focus: Railroads must still resolve longstanding human factors safety issues such as lack of adherence to policies and rules. Our system safety methodology is systematic and relentless with its approach to cultural and capability development across organizations and across the ecosystem. 

We make it a point to practically understand current maturity levels and progressively build up to its target levels. 

We utilize the Pareto principle as a starting point, recognizing that 80% of problems arise from 20% of their causes (unless there is solid data indicating otherwise), and it applies business precision methods for prioritization. With traditional approaches, focus is typically on individual departments or organizations within a railroad, and in several cases unnecessary large-scale “rip and replace” strategies are used; plus there is no consideration for the rest of the transportation ecosystem. 

From a cost center to a value-added business driver: The traditional approaches view safety as a business cost center. It costs money and reputation to clean up accidents or close calls. 

Meanwhile, our system safety approach enables the paradigm shift toward safety being a value-added business driver. Rather than investing heavily on processes and systems to clean up from mishaps and accidents, let’s proactively build systems, solutions, products and services with value-added safety and reliability features upfront, where they even can generate new revenue streams. 

“Rather than investing heavily on processes and systems to clean up from mishaps and accidents, let’s proactively build systems with value-added safety and reliability features upfront.

With safer operations, the need for investing in processes and systems for cleaning up decreases, with time and resources freed up for innovative and entrepreneurial endeavors. Innovative safety-based solutions can be patented, where the patents can be monetized (for example, revenue streams from licensing, sale or litigation)—a potentially lucrative business model as proven over the past decade in many industries embracing technology-based innovation. 

Furthermore, in our experience, which includes statistically correlated data of our results, process waste is reduced by 20% to 80%. The level of improvement depends on cultural and capability maturity at the beginning of the transformation or change effort. 

Industry 4.0 demands a shift in traditional paradigms for safety in railroading. System safety engineering is at the core. When driven by the proven guiding principles, a railroad, including its partners, can effectively launch and progressively mature its system safety practice. As an added bonus, system safety becomes a mechanism for creating new revenue streams.  

Stay tuned: In Part 3 (December issue), we will discuss three often neglected or poorly understood aspects of system safety practices. Mastering these is key for a system safety program to achieve its potential and influence the maturation of the organization’s safety culture.

This article is based on the novella-sized white paper, “System Safety as a Value-Added Business Driver: The Evolution of Railroading in the Eras of Technology and Innovation.” (Bot & Zenga, July 2020). 

Listen to the Part 2 Rail Group On Air Podcast.

Sonia Bot, chief executive of The BOT Consulting Group Inc., has played key roles in the inception and delivery of several strategic businesses and transformations in technology, media and telecommunications companies worldwide. By utilizing methodologies in entrepreneurship, business precision, Lean Six Sigma, system and process engineering, and organizational behavior, she’s enabled organizations to deliver breakthrough results along with providing them a foundation to continue to excel. Sonia’s contributions to the rail industry are as a leader and a visionary who is passionate in taking railroading into the next generation. Within the Digital Business Transformation context, she leads high-stakes mandates where new business models are created and enabled by digital technologies. She was instrumental in PTC implementation on CN’s U.S. lines. Her approaches on the evolution of railroading and transportation are game-changers that drive innovation and competitive advantage for adopters in a changing industry. Sonia can be reached at [email protected].

Tony Zenga, owner of CMTIGroup Inc., is an accomplished specialty engineering consultant with international experience in operational reliability and safety for mission critical systems. He has played key roles in the implementation of system safety engineering programs for aerospace, defense, high-tech, mass transit and rail infrastructure projects worldwide. By leveraging on his design and development experience of large-scale safety-critical systems, combined with his systems engineering knowledge, he enables organizations to deploy their systems safely into field operation. As advisor to CN, he was instrumental in the development of the PTC system safety engineering safety case and the creation of the system safety engineering discipline. Tony can be reached at [email protected].

Tags: , ,