[Essay draft 0.1]
The Disaster Stack
(c) 2012 by Vernor Vinge
cc-by-sa
This work is licensed under a
Creative Commons Attribution-ShareAlike 3.0 Unported License
It's a truism that technological progress increases the possibilities
for disaster and makes it easier for disasters to grow into
catastrophes. At the same time, there are aspects of technology that
could help us deal with threats. This essay is about using hobbyists,
charity, clever business practices, and government cooperation to
create a "Disaster Stack" of machines, knowledge, and people to
respond to disasters:
- Layer 1: The communication network.
The two most obvious disaster threats to communications are:
- Loss of electrical power. The power needed to run smartphones
is orders of magnitude less than the needs of civilization
as a whole. With a little bit of forethought and regulatory
sympathy, car batteries could power such devices for some
hours, and existing green sources could provide longer
support. Base stations and backhaul technology have more
concentrated power needs, but one interesting trend of the
last few years has been use of smaller and smaller
stations. Emergency backhaul may have its own power supply
surprises.
- Congestion arising from the disaster-related demand surge.
Falling back to lower bitrates and datagram-oriented
transport can help with surge problems. Again, there are
tech trends that may make this problem more easily solvable: In principle,
wireless comms can maintain high-quality peer-to-peer
contact at very great station densities.
- Layer 2: The knowledge and program base that runs
atop Layer 1.
A cliche of catastrophe science fiction is the notion of a cache
of reference books that explain technology from before the "fall of
civilization". The cache might be as simple as an engineering
manual or a survivalist's recipe list. Old-time science-fiction
fans debated which 20 pounds of reference books would have the
greatest payoff. Of course, nowadays we can do much better: our
smartphones have enough storage to hold entire libraries. Besides
storing knowledge, we can store plans and programs, customized
for each of the disaster scenarios we consider.
- Building Layer 2 would be a crowdsourced version of
scenario-based planning. It would be a vast project, though
in the beginning not a great deal more ambitious than
Wikipedia. Even more than Wikipedia, it would be an ongoing
effort: a growing hierarchy, its roots being grand
categories of disaster, its leaves being discussions of
particular possibilities and responses (and pointers to
common response libraries).
- One of the virtues of scenario-based disaster planning is
that it allows the independent study of completely
contradictory policies. (For instance, the recommended
response to aircraft hi-jacking before 9/11 was very
different than after 9/11.) In some cases, these
contradictory policies can't be resolved before the
event. Having both represented in Layer 2 would give
responders insights and options (and even diagnostics) that
could be applied immediately in the
presence of surprises.
- Building the Disaster Stack involves doing things long
before any particular disaster occurs. Unfortunately, the
number of possible disaster scenarios collides with the
bounded resources of the planners (be they individuals or
nation states). The structure of Layer 2 would provide
insight to those with access to money -- both to inspire
them to re-estimate risks and to survey the hierarchy for
feasible projects that would have leverage across a range
of possible disasters. So for instance, introducing a small
change in smartphone sensors and protocols might have a
large positive effect for many different scenarios.
- Certification and assessment is an essential part of
building the knowledge base and programs that make up
Layer 2. However, considering the size and contentious
nature of the possibilities, certification and assessment
should not be the monopoly of any single entity. (I would
prefer to have choices about whom to trust per scenario
and context.)
- Disasters will happen, but hopefully the smaller ones
will continue to be more common than the larger. In
principle, the Disaster Stack scheme scales from
"disasters" as small as losing one's car keys all the way
up to a giant meteor strike. Building Layer 2 is a
neverending hobby, partly because we'll always be imagining
new disasters -- but also because each disaster that really
happens will give us an opportunity revise and extend
Layer 2.
- Layer 3: People helping out during disasters, supported
by Layer 2.
David Brin has written much about the
importance of citizen involvement in disaster training and
response. He has said that while great courage and sacrifice was
shown by rescue workers in the 9/11 disaster, that the most
effective work was done on the spur of the moment by civilians;
furthermore, the only people to recognize and defend against the
attack in real time were the civilians aboard United Flight 93,
aided by phone communications. Such is the inspiration for Layer
3 of the Disaster Stack:
- At "run time" -- that is, when a disaster strikes -- the
people can turn to Layer 2 services. Layer 2 will be
running on top of the best available communication network
(Layer 1).
- The Layer 2 computation and data can be used to run
programs using smart phone sensors to determine the nature
of the disaster. The people (Layer 3) use that information
to progress down the Layer 2 hierarchy to the nodes that
best fit the information available. In those scenario nodes
they should find advice about possible actions to take (for
instance, in the case of a train wreck, the location of
fire fighting equipment, medical gear, current location of
medically knowledgeable persons, and so on).
- Especially in the early stages of the disaster, different
scenarios may fit the known facts. The people of Layer 3
may have to conduct further observations to distinguish the
possibilities or invent new explanations for the event.
(Is the train crash caused by an earthquake, or terrorist
action, or mis-scheduling, or a gas leak explosion, or
...?) These results are communicated and acted upon.
- For small disasters, the actions of Layer 3 merge
seamlessly back into the everyday activities of society,
including appropriate plan-time changes to all three
layers. For large disasters, the Disaster Stack eventually
hands off to conventional recovery institutions. For the
largest disasters, the Disaster Stack might best be
regarded in the spirit of the
Long Now Foundation.
Comments
The Disaster Stack is itself a contingent plan. An EMP attack would
force drastic changes in the nature of Layer 1. At a different
extreme, if the network clouds remain available during a disaster,
they would be enormously useful. Disaster Stack planners should aim
for heterogeneity. For example, distributing logic and data in
hobbyists' smart phones should be a concurrent project alongside
schemes for using clouds. Such variety and flexibility is only
possible if the individual preparation measures are very inexpensive
and there are lots of hobbyists at plan time.
The dual use nature of technology is one of the most dread facts
of our time. Civilization seems to be in a race between tech that
could empower and protect us, and tech that would give anybody having
a "bad hair day" the ability to blow up civilization. The Breakers of
the world have a great advantage, since it is so much easier to break
things than it is to make things. The Breakers may yet win -- we don't
know just what can be invented. But I think the rest of the world, the
Makers, have a chance. The Makers include the great and famous, but
they also include people who simply have their own families, their own
interests -- including millions of different kinds of specialized
expertise. Over the last ten years, the rise of cellphones and
smartphones and social media and services such as Wikipedia have
convinced me that the Makers of the world have their own
advantage. There are billions of Makers, and information technology
has transformed those billions into an intellectual institution that
trumps all human institutions of the past. That intelligence and
vigilence and good will has the potential to outmatch the destructive
power of technology arising from accidents and small numbers of
Breakers.
It's not surprising that many of the plan time activities for the
Disaster Stack look like the research behavior of Bad Guys. This fact
creates an awful temptation for otherwise reasonable governments to
smother disaster planning/recovery hobbyists. Considering the fact
that the Makers are our best hope against the Breakers, I hope that
the temptation to suppress can be resisted and that governments come
to value and collaborate with the Makers.
This Disaster Stack essay is an expansion of notes I used for a presentation
at Sci Foo 12. Sci Foo turned out to be an ideal
place to loft this sort of notion:
- A good many Sci Foo presentations were about projects that were
within tweaking distance of being relevant to disaster planning
and recovery -- and most of the presentations were about real
projects and prototypes, not the handwaving of this Disaster
Stack proposal.
- Between presentations, I had the opportunity to chat with other
attenders about disaster issues. Stewart Brand had personal
experience with the 1989 Loma Prieta Earthquake and later wrote
a report about the rescuers and rescued.
As with David Brin's comments on 9/11, ad hoc civilian
response was very important and positive. Not surprisingly,
on-duty police and professional rescuers arrived after the
civilians. The police permitted the civilians to continue to
participate. Volunteers plus institutional resources (fire boats
and hoses) may have prevented far greater distruction. Civilians
with prior experience (military, firefighting, even teaching)
tended to do well, but almost all were maneuvering in perilous
ignorance. Some civilians were totally clueless, more an obstacle
than anything else. (I suspect I would have been in this
category! And yet, the beauty of crowdsourcing is that it permits
our different talents and weaknesses to be used where they can be
the most constructive; I imagine that there are many people who
are terrible at run time, but who could still help with the
building of the Disaster Stack.)
- One participant at my Sci Foo session made the point that [however
much we talk about these things] most people don't know what to
do in a disaster, not even how to protect themselves. The hobbies
and effort associated with building the Disaster Stack might go
partway to helping with this problem, but effective behavior in
most disasters comes down to certain standard field skills --
skills that are taught by the Red Cross and other organizations.
Learning these skills remains as important as ever, and should be
complementary to Disaster Stack planning.
- The folks attending my session raised a more ominous concern.
The Disaster Stack depends on the good-heartedness and
cooperation of the people involved. And yet, from The Lord
of the Flies to Mad Max, our popular culture
preaches that large disasters bring out the worst in us, with
groups playing zero-sum and even negative-sum games. Is this so?
Is it possible to rate this risk per disaster scenario?
Civilization's most precious infrastructure is the framework of
trust and understanding that invisibly makes all the rest
possible. In losing that infrastructure, we might face a long
detour back into negative sum games. On the scale of the Long
Now, I think we'd come back fairly fast. Just knowing that
something can be done is a powerful enabler. And
positive sum games are our stairway to greatness.
(Thanks to Mike Gannis for his post-Sci Foo critique of this essay.)
