Re: Is it time for an disruption analysis working group for the Internet?
In aviation and probably the power industry, there is sense (and a reality) that lives and property are at stake. While the same may soon be true of the internet, there is still a perception that no one dies if the 'internet is down', and no property is destroyed though income is certainly lost. So there is no compelling need to force people to cooperate. Even if you can't force people to cooperate with information, there is still a lot of information about network disasters that will either leak out, or can be deduced or measured remotely. If you have someone with the credible technical authority to make accurate judgements about what happened and how it can be avoided, pressure can still be applied through bad publicity. Even the FAA's enforcement is for the most part pretty lassiz faire. It is well known in aviation circles that FAA regulations are "written in blood", by analyzing accidents and developing a set of rules to avoid them. Failure to follow the rules may result in your own death, and possibly others. Death is a pretty severe penalty. Many FAA enforcement actions are 'post-crash'. The rules aren't there to satisfy the ego of a bureaucrat, and the penalties are enforced more harshly by nature than by the FAA.
How is this handled in other networked industries? I'm sure that the same issues of proprietary information and public humliation exist there; how do they deal with it? ... A point from aviation -- incidents such as near-misses can be reported without fear of liabiity, because the consensus is that it's more important to recognize potential safety problems than it is to set up opportunities for acting against individuals or setting up opportunities for lawsuits.
This sounds pretty utopian. A counter point is that while this is the official spin, the fact is that the FAA treats non-reporting as suspicious. When there is a near miss, it usually involves a fault by 2 to 5 people: the controller if in controlled airspace, the pilots in command of both aircraft, and the copilots of both aircraft if they have copilots. If a near miss is reported, the non-reporting persons are asked "Were you aware that a near miss occurred?" If no, why not, if yes, why didn't you report it? Failure to report a near miss is much like refusing to take the breath-a-lyzer after a dwi stop. Usually not as bad as guilty, but a strong message is usually sent anyway. Later, they get into the question of who should have anticipated a collision course or who failed to follow instructions/procedures, etc. But if you report a near miss, and you were at fault, you will still be punished by the FAA. One must worry that someone else will report it: other pilots, other controllers, passengers, people on the ground, etc. And there have been cases where passengers reported near misses (at JFK) which were not reported by either pilots or controllers, until questioned by the FAA. Note also that a pilot is required by FAA regulations to be of "High moral character" to hold an ATP (Airline Transport) rating. While the Democrats (admittedly with huge public support) have worked hard to remove the concept, "High moral character" actually requires that one be honest, and do the right thing despite one's embarrassment or disinclination to do so. For pilots and controllers, it means reporting near misses and telling the truth about what happened. Of course, the FAA doesn't cite this specifically when revoking a pilots or controllers license, but it still affects their decisions and the penalties they impose. My point with all this is to illustrate that these are vastly different systems with vastly different underpinning behavioral motivations. I think to get something like this to work for the internet, you need to have an agency with enough purpose (e.g. people have to be at risk of death, or property must be at risk of destruction) to force people to cooperate. --Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
On Fri, Nov 13, 1998 at 07:38:12PM -0500, Dean Anderson wrote:
In aviation and probably the power industry, there is sense (and a reality) that lives and property are at stake. While the same may soon be true of the internet, there is still a perception that no one dies if the 'internet is down', and no property is destroyed though income is certainly lost. So there is no compelling need to force people to cooperate.
So, if my company loses $5M because the net falls over, and I get fired, and end up on the street, having lost my house, family, dog, pickup truck, and beer, that's not important enough to prevent? Got it now.
Even the FAA's enforcement is for the most part pretty lassiz faire. It is well known in aviation circles that FAA regulations are "written in blood", by analyzing accidents and developing a set of rules to avoid them. Failure to follow the rules may result in your own death, and possibly others. Death is a pretty severe penalty. Many FAA enforcement actions are 'post-crash'. The rules aren't there to satisfy the ego of a bureaucrat, and the penalties are enforced more harshly by nature than by the FAA.
Tell it to Bob Hoover... Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Member of the Technical Staff Buy copies of The New Hackers Dictionary. The Suncoast Freenet Give them to all your friends. Tampa Bay, Florida http://www.ccil.org/jargon/ +1 813 790 7592
participants (2)
-
Dean Anderson
-
Jay R. Ashworth