Computing Lessons from the Atomic Age: Complexity, Safety, and Ethics

Transcript

1. Computing Lessons from the Atomic Age RJ Zaworski · Director

   of Growth, koan.co · github.com/rjz · @rjzaworski Complexity, Safety, and Ethics

2. Complexity

3. “ ? Everything starts simple 235U 236U + 92Kr 141B

   a + + + 1938 1945 1954 1979 2019 I am afraid neutrons will not be of any use to any one.” — JAMES CHADWICK

4. Everything starts simple TRINITY SITE WHERE THE WORLD’S FIRST NUCLEAR

   DEVICE WAS EXPLODED ON JULY 16, 1945 1938 1945 1954 1979 2019

5. Everything (useful) is connected Unit behavior depends on: ★ the

   environment ★ I/O ★ other units 1938 1945 1954 1979 2019

6. Everything (useful) is connected Unit behavior depends on: ★ the

   environment tsunamis ★ I/O operator errors ★ other units stuck safety valves 1938 1945 1954 1979 2019

7. Exceptions “Anomalous or exceptional conditions requiring special processing” — WIKIPEDIA

   1938 1945 1954 1979 2019 try { unsafePerformIO(); } catch (err) { // should’ve known better… console.log(err); }

8. Exceptions happen 1938 1945 1954 1979 2019 ★ Surprises beyond

   system boundary ★ Emergent complexity from simple parts ★ Analysis is expensive “There are two ways to write error-free programs; only the third one works.” — ALAN PERLIS

9. “ Let the sunshine in Remember, always, that everything you

   know, and everything everyone knows, is only a model. Get your model out there where it can be viewed. Invite others to challenge your assumptions and add their own.” — DONELLA MEADOWS 1938 1945 1954 1979 2019

10. Safety

11. There’s a limit Safety Cost

12. Minimization Goal: discover and fix known failure states ★ Define

    problem - static typing ★ Test system boundaries - integration tests ★ Seek external review - design/code review

13. Mitigation Goal: damage control ★ Operational visibility? ★ Address problems

    at right level ◦ Validate input ◦ assert assumptions ★ Fail loudly, fail fast

14. Learning Goal: ensure it doesn’t happen again ★ Conduct post-mortems

    ★ Document (broken) assumptions ★ Create regression tests

15. Safety “There was a lot of risk taken in the

    Mercury and Apollo eras, and we don't take those risks anymore. We've designed the systems to eliminate risk, which makes it take forever and cost too much money.” — GWYNNE SHOTWELL

16. Ethics

17. Ethics Establish individual & professional norms ★ Abstract ★ Guidelines

    ★ Not legally binding

18. A borrowed code 1. Hold paramount the safety, health, and

    welfare of the public 2. Perform services only in areas of their competence 3. Issue public statements only in an objective and truthful manner 4. Act for each employer or client as faithful agents or trustees 5. Avoid deceptive acts 6. Conduct themselves honorably, responsibly, ethically, and lawfully so as to enhance the honor, reputation, and usefulness of the profession (https://www.nspe.org/resources/ethics/code-ethics)

19. Suppose that... You won’t be able to hit Friday’s deadline

    without compromising features or quality.

20. Suppose that... You won’t be able to hit Friday’s deadline

    without compromising features or quality. ★ You can’t change the facts ★ You can disclose them ★ What comes next?

21. Regulation Laws aimed at maintaining social order ★ Written ★

    Explicit ★ Legally binding

22. Regulation The Nuclear industry has lots of it. The Software

    industry doesn’t.

23. Regulation The Nuclear industry has lots of it. The Software

    industry doesn’t. Yet. “When you see something that is technically sweet, you go ahead and do it and you argue about what to do about it only after you have had your technical success...” — J. ROBERT OPPENHEIMER

24. Summary

25. Complexity, Safety, and Ethics ★ Systems are complex ★ Safety

    is an illusion ★ We’re all in this together “Defects are not free. Somebody makes them, and gets paid for making them.” — W. EDWARDS DEMING

26. Thank you! RJ Zaworski · Director of Growth, koan.co ·

    github.com/rjz · @rjzaworski