Terry L. Hardy - Comments

System Safety Program (Document ID FRA-2011-0060-0001) I am a private citizen unaffiliated with the Federal Railroad Administration (FRA) or the railroad industry. However, I am both a practitioner of system safety and author of multiple books on the subject, including The System Safety Skeptic: Accidents, Incidents, and Lessons Learned and Software and System Safety: Accidents, Incidents, and Lessons Learned. Therefore, I have a keen interest in how system safety is regulated and implemented. I would like to commend the FRA for this proposed rule. System safety is implemented through a process that typically includes the following elements: • Safety planning • Hazard identification • Hazard risk assessment and associated risk decision making • Risk reduction and hazard controls • Risk reduction verification • Hazard tracking and anomaly reporting The FRA has covered the intent of each of these elements in the proposed rule, and has included clear descriptions of the importance of each of these items. The FRA clearly recognizes the importance of the railroad industry implementing a system safety process and has communicated that importance through this rule. I am especially encouraged by the requirements for safety culture measurements. Most accidents are the result of a confluence of factors, not just the result of failures of components or systems, and the culture of the organization is one of those key factors. While this is a good rule, I believe the FRA should strengthen several areas. The recommendations are based on my own personal experience in system safety and on real-world lessons learned from accidents and incidents in multiple industries. The following are specific recommendations. 1. The rule should explicitly include verification of risk reduction measures in § 270.103 (q) Risk-based hazard management. Once hazard control and elimination measures have been identified, these measures must be verified to assure that risks have act