Re: Revisiting the Aviation Safety vs. Networking discussion

[Michael Sinatra <michael () rancid berkeley edu>]

On 12/25/09 7:57 AM, Anton Kapela wrote:

> What I'm getting at is that after following this thread for a while,
> I'm not convinced any amount of process-borrowing is going to solve
> problems better, faster, or even avoid them in the first place. At
> best, our craft is 1/3rd as "old" (if that's somehow I measure of
> maturity) as flight and nobody is being sued to settle 200+ accidental
> deaths because of our mistakes.

So, we're supposed to make the mistakes of aviation, nuclear power, the 
chemical industry (i.e. Bhopal), oil production & refining, etc., all 
over again?

Checklists and MOPs are but one of the things we ignore from other 
industries.  Some others:

o Increasing complexity and tight coupling lead to systemic failures. 
Simply grafting redundancy onto complex systems can make them less, not 
more, reliable.  Yet this is the trend in networking.  "Want bells and 
whistles, firewalls, load-balancers, rate-limiters in your network?  You 
can have 'em without sacrificing reliability if you just buy two of 'em!"

o The gradual acceptance of components or procedures that have adequate 
reliability for a certain task (say, research) that are not reliable 
enough for another task (e.g. being a critical part of a 1,000 megawatt 
nuclear power plant) without understanding the implications.  Do we know 
how our technology is being used and will be used?  Will the people 
adopting IP for everything (the "smart grid," VoIP, life-supporting 
functions) fail to see these implications just as the people who shoved 
a fissile core into a pressure vessel did?

This last point directly contradicts the theme of your message.  The 
notion that what we do is not (yet) a matter of life-or-death has bitten 
other industries in the past and it provides a nice illustration of why 
we should *not* be ignoring their lessons.

michael