TCS Daily

Working With the System

By Glenn Harlan Reynolds - August 27, 2003 12:00 AM

We worry about terrorists, and rightly. But even without terrorists, things go wrong. SARS brought a major chunk of the global economy, and global transport network to a halt. The Great Blackout left 50 million without power for reasons still not entirely clear. The heat wave in France produced over 10,000 deaths. And the former Soviet Republic of Georgia suffered its own blackout, affecting millions -- though that one, like the great blackout in Memphis earlier this summer that left over a million people without power, some for weeks, got less attention because media people weren't affected directly.


Likewise, a broken gas pipeline that left Phoenix and its environs desperately short of fuel got relatively little attention -- though local bloggers certainly covered it.


But, coverage or not, these sorts of things happen all the time. The complex systems that we depend on for all sorts of goods and services, from electricity to food to natural gas, are vulnerable to breakdowns. You can exaggerate this vulnerability -- as people did in the run up to Y2K hysteria -- but that doesn't mean it isn't real. And moves to just-in-time delivery and sophisticated communications and control systems make that sort of vulnerability worse. Inventories are smaller, and day-to-day operations rely on communications and transportation in a way that puts a premium on things going right.


There's nothing wrong with that, within limits. And one of the lessons of the problems mentioned above is that the sky didn't fall: people dealt pretty well with the problems, and rioting, looting, and general panic were far less widespread than people might have expected. (In fact, the media seemed a bit disappointed that people behaved so well in New York.)


Still, being a pessimistic sort, I think that it's important for people who design systems -- whether it's a power company's distribution net, or a grocery chain's -- to plan for things going wrong. It's all very well for individuals to buy generators, and stockpile emergency supplies (here's the Red Cross recommendations page and here's a column I wrote on this earlier). But, in fact, individuals can't go it alone very well for periods of more than a few days, and important infrastructure needs to be resilient enough to start working again pretty quickly. Some companies are starting to pay real attention to these kinds of issues, but there's a long way to go. And -- since most managers feel very taxed just keeping businesses running properly in normal times -- it's easy to ignore these issues.


But it's clear that this stuff matters. In particular, the cell-phone industry has dropped the ball. The cellphone network isn't just a luxury for rich guys and soccer moms anymore: it's a vital part of emergency infrastructure.


Unfortunately, according to an article in Newsday, it isn't up to the job:


Less than two years after the cellular network faltered following the Sept. 11, 2001 terrorist attacks, the cellular system -- which the wireless industry promotes as a safety net during emergencies -- choked again.


The system broke down as a flood of nervous callers overloaded the network for some carriers; there wasn't enough capacity to handle the excess calls. Complicating matters, many cellular sites, which depend on electricity, had inadequate backup power.


Cell-phone carriers say the electrical outage was an event they couldn't possibly foresee.


I don't think that's much of an excuse, and I think that cell-phone technology is mature enough that it's fair to start expecting the kind of robust reliability that we've seen from landline services. This is too important to ignore.


No backup power? Why not? The University of Tennessee College of Law, where I teach, has a backup generator -- and, much as it pains me to admit it, we aren't as important in an emergency. Businesses and institutions that are important in emergencies need to be at least as well prepared. (This is also probably a reason to make sure that payphones, currently an endangered species, don't die out.)

Between natural disasters and terrorism, the systems that keep our society running face real threats. It's especially important that the people who organize and operate them keep these threats in mind, and pay sufficient attention to contingencies. Lives depend on it.


1 Comment

System Won't Be Fixed
Well, duh. Contemporary infrastructure systems (e.g., the commercial Internet and the cellular phone net) are like just-in-time "inventory" systems; lean, muscular, and efficient, they work at the lowest possible cost and the greatest possible efficiency...until they are stressed a little beyond the norm, when they fail. Spectacularly.

A good analogy may be made to body fat: it's unsightly, causes health problem, and is more expensive to maintain than the alternative. Until the famine hits, and supermarket shelves are empty. Then the lean, ripped people die of starvation.

TCS Daily Archives