Jeremie Averous's Blog, page 66

In a previous post ‘How Artificial Intelligence Challenges Our Regulatory Approach to System Risk‘ we already discussed how regulators are challenged by new software and particularly AI, which is at the root of reaction unpredictability.

Before that stage, the predictability of conventional codes is already in question. In highly regulated industries such as the nuclear or aerospace industries, regulators have historically been very strict about the usage of commercial codes and requirements to remove all ‘non-functional code’ for that particular application. However that makes software very expensive because it needs to be redeveloped on an ad-hoc basis.

As underlined in the Atlantic paper ‘The Coming Software Apocalypse‘, other industries such as the automotive industry have never invested in that space, although the complexity of codes has increased dramatically. As mentioned in a previous post, the only solution is to transfer to code auto-generation using system modeling. The regulatory issue then becomes to certify and audit the software that generates the code, and the system model that drives it. It changes quite significantly the focus of regulation: instead of certifying the end-product, the production chain needs to be reviewed and certified.

Regulators should drive this transition in the way code is being generated from systems models and how they will be certified and approved. They seem to be a bit slow in jumping into that space, but it will hopefully come very soon.

Following up from the previous post ‘How Most Traditionally-Developed Software is Failure-Prone‘, the same Atlantic paper ‘The Coming Software Apocalypse‘ provides with a possible solution: automated software production from a basis of system modeling.

System engineering and system modeling is a modern, powerful manner to describe complicated systems and embed in a systematic manner all applicable requirements. It also includes powerful verification and validation techniques and approaches that allow to check in an exhaustive manner the behavior of the system.

Software code can be automatically generated from the system model. This unique code, specific to the application, might not be easy to read, but it can be proven to be consistent with the intent. In particular it will not contain the traditional 90% of supposedly unused code that plagues most modern software platforms. And it can be fully verified and validated thanks to dedicated tools.

This might spell the doom of manual coding, but seems to be the right way to progress to eradicate random errors from software that has become over the years too complex.

Modern software is often built by layering upon layers of code development. This makes those software intrinsically unsafe and impossible to test in all possible situations. This excellent post in The Atlantic ‘The Coming Software Apocalypse‘ describes both the extent of the problem and the possible solution.

In this first post we will concentrate on the intrinsic failure-prone characteristic of traditionally-developed software. One example is developed in this post which is striking: after a few accidents involving car speed regulation systems, an expert examined the code and they “described what they found as “spaghetti code,” programmer lingo for software that has become a tangled mess. Code turns to spaghetti when it accretes over many years, with feature after feature piling on top of, and being woven around, what’s already there; eventually the code becomes impossible to follow, let alone to test exhaustively for flaws. Using the same model as the Camry involved in the accident, Barr’s team demonstrated that there were actually more than 10 million ways for the onboard computer to cause unintended acceleration. They showed that as little as a single bit flip—a one in the computer’s memory becoming a zero or vice versa—could make a car run out of control.”

Particularly scary when we note that cars are nowadays the most sophisticated machines on the planet! And a huge challenge for regulators too!

The solution is to implement a new way to produce software: automatic generation from a systems model basis. We’ll examine this in the next post.

Have you realized that each social group, be it a local community, a sports club a particular industry or a specific company, has its own vernacular tongue. In particular, it tends to use words and acronyms whose sense is only understandable by the initiated. We often underestimate the community power created by this shared understanding – and the exclusion power for those that don’t understand it.

Which means that an outsider’s first focus should be to learn that specific tongue, so as to be integrated. The power of integration brought by the capability to speak the community tongue is incredible and underestimated.

As a consultant I do enter many different client organizations and learning the specific words, expressions and acronyms is the first priority. Once they are known and used properly, I feel integrated in the community, and they feel I am part of them, which is quite useful.

Hat tip to Alain Carcassès for the discussion and the original idea

In this excellent post ‘Don’t forget the second step‘ Seth Godin makes the point that it is essential not to forget the second step after having performed the first step, which is learning how to do something new.

“Step two is turning it into a habit. Committing to the practice. Showing up and doing it again and again until you’re good at it, and until it’s part of who you are and what you do.Most education, most hardware stores, most technology purchases, most doctor visits, most textbooks are about the first step. What a shame that we don’t invest just a little more to turn the work into a habit.”

I am also guilty from time to time to limit myself to the theoretical knowledge of a concept and not following up to put it in practice. It takes effort to put in practice, and practice until it becomes a habit. It is so much more worthwhile. The point is to remember why we wanted to learn in the first place. it was to resolve some problem we might have, and we need to face it after.

We all suffer from procrastination, some more than others. But a really pernicious form of procrastination is to be waiting for someone else’s permission.

Procrastination, of course, is a huge problem. A lot more on it in the excellent New Yorker’s article ‘Getting Over Procrastination‘.

But waiting for permission is even worse. It is a great excuse for doing nothing. And it kills every ounce of initiative we might have had. It is pushing the deadline supposedly waiting for an external input.

I guess that procrastinating a little bit, from time to time, is part and parcel of human nature (some would argue that it is actually a necessary space to reflect). But waiting for external permission is absolutely not required for most of what we want to do in life.

Never take waiting for permission as an excuse for doing nothing! As the quote says “Those who wait for permission never get it. Those who don’t wait for permission become the leaders other turn to for permission”. Be a leader, not a following procrastinator!

“Entrepreneurs know all too well how difficult it is to work in the business and work on the business at the same time. Creating the product, delivering a service, often also getting the word out and developing customers are a full job already. Yet we also need to take some time to step back and look at the big picture — where is the business going? What opportunities might we miss because we simply don’t see them?” says Valeria Maltoni in her post ‘The Seven Deadly Diseases of Management‘

This is of course a major difficulty I live with every day as an entrepreneur. When we get a great mission with a client that takes all our time and most of our intellectual capacity, it takes a lot of will to continue doing marketing and business development, not to mention R&D and exploration of new topics that could bring a lot of value to the business and to the clients.

Still it must be done unless, on the short term, we have long inter-missions with no revenue or, on the long term, the company becomes irrelevant.

I have not found better than a lot of self-discipline, reminders and a list of business development actions to be taken every week. Still I have not found a great magic solution to resolve the conundrum. Any suggestion?

The best situation I have experienced is of course to stop being in the business in the sense of being involved in operations (acting as director and involved in the strategy). This has the drawback of not solving the paycheck issue one has when in charge of his family. However increasingly I tend to try to diminish my time compensated by clients and spend more time outside of the business thinking about how to grow it, because that is really the most effective at the end.

In a follow-up of our post ‘How Risk Management Must Evolve into Resilience Management‘, let’s examine what are the approaches that would be required in a new discipline of Resilience Management.

First, Resilience Management should be an extension, a complement of Risk Management. Risk Management works and this foundation should not be dismissed.

Resilience Management should focus on the ‘unknown-unknowns’, developing scenarios generally believed to be highly unlikely or too extreme, to examine how the system would respond. Resilience Management is the appropriate response to unpredictable complex systems.

In addition, Resilience Management should measure the capability of the system to adapt by reconfiguring itself, reassigning resources or seeking additional resources, adapting its structure.

To be effective, Resilience Management should also address a higher level system than the one too often examined. For example, it should consider airspace safety management and not just individual aircraft safety; or the entire capability of a society to respond to major industrial accident instead of the sole safety of plant.

The main focus of Resilience Management should be the capability for the system to effectively respond (and not just react) at all times.

Resilience Management is a new discipline to be invented and developed for the Collaborative Age. Are you ready to take the challenge?

In the past decades the concept and discipline of Risk Management has emerged and developed into a major management discipline. But now it has shown its limits.

One of the issues of the current approach to Risk Management is that it tends to address risk mitigations in a static manner, without considering the fact that quick response and evolutive systems can be a better response to unexpected situations. In addition, traditional risk management approaches address well the ‘known-unknowns’ but absolutely not the ‘unknowns-unknowns’ even in a generic manner.

Resilience Management should be the appropriate future extension of Risk Management. It includes an additional dimension of being able to bear unexpected events or events beyond the bounds of system design. It includes mitigation actions that could include evolution and revolution of the system in a dynamic manner.

As recent storms and unexpected natural or man-made disasters have shown, Resilience Management is a discipline to develop to enhance our capability to respond to the unexpected.

The very interesting Bloomberg post ‘Brain-Computer Interfaces Are Already Here‘ describes graphically and in a compelling manner the progress of brain-computer interfaces today.

The most promising technology, it seems, involves an implant in the brain that can be plugged in the computer (instead of non-invasive technologies). The results that are mentioned in the post are quite amazing. “The past year has been particularly impressive. Researchers at the University of Pittsburgh Medical Center connected touch sensors from a robot’s fingertips to a paralyzed man’s sensory cortex so he could feel what it was touching. At Case Western, scientists linked a paralyzed man’s motor cortex to a computer that electrically stimulated muscles in his arm, enabling him to bring a forkful of food from a dish to his mouth. At Brown, Borton’s team implanted electrodes and a wireless transmitter in a monkey’s motor cortex and connected it to a receiver wired to the animal’s leg, restoring its walking motion.”

Although confined today to remediation of people with motorsensory problems, the technology might well soon become mainstream. The potential is quite difficult to envisage, in particular if that can enhance some of our physical and brain capabilities.