unsafe at any speed
play

Unsafe at Any Speed? Self-Driving Networks without Self-Crashing - PowerPoint PPT Presentation

Dec 04, 2023 •198 likes •731 views

Unsafe at Any Speed? Self-Driving Networks without Self-Crashing Networks Jeff Mogul Google Network Infrastructure 24 August 2018 1 "Self-driving cars": a poor template for Self-Driving Networks How to build a self-driving car:

  1. Unsafe at Any Speed? Self-Driving Networks without Self-Crashing Networks Jeff Mogul Google Network Infrastructure 24 August 2018 1

  2. "Self-driving cars": a poor template for Self-Driving Networks How to build a self-driving car: ● start with a late-model car add lots of sensors, computers, and AI software ● train and test it until it works safely ● That worked out much sooner than most people expected 2

  3. "Self-driving cars": a poor template for Self-Driving Networks How to build a self-driving car: ● start with a late-model car add lots of sensors, computers, and AI software ● train and test it until it works safely ● That worked out much sooner than most people expected So why not build a self-driving network the same way? ● start with a modern network ● add lots of sensors, computers, and AI software train and test it until it works safely ● 3

  4. "Self-driving cars": a poor template for Self-Driving Networks How to build a self-driving car: ● start with a late-model car that any adult can drive safely, even with accidents add lots of sensors, computers, and AI software ● train and test it until it works safely ● That worked out much sooner than most people expected So why not build a self-driving network the same way? ● start with a modern network that any operator can run without frequent outages ● add lots of sensors, computers, and AI software train and test it until it works safely ● 4

  5. "Self-driving cars": a poor template for Self-Driving Networks These exist How to build a self-driving car: ● start with a late-model car that any adult can drive safely, even with accidents add lots of sensors, computers, and AI software ● train and test it until it works safely ● That worked out much sooner than most people expected These do not exist! So why not build a self-driving network the same way? ● start with a modern network that any operator can run without frequent outages ● add lots of sensors, computers, and AI software train and test it until it works safely ● 5

  6. Safety: A key challenge for self-driving networks We need our networks to be "safe": i.e., they meet many kinds of SLOs (uptime, bandwidth, latency) ● Today's networks require a lot of human effort to maintain SLOs and replacing humans with AI doesn't work if the problem is unnecessarily hard ● This talk is about meeting that challenge, and what we can learn from the past 6

  7. Alternate title: Nobody would build a self-driving Corvair 7

  8. Alternate title: Nobody would build a self-driving Corvair "The Chevrolet Corvair is a compact car manufactured by Chevrolet for model years 1960–1969. It was the only American-designed, mass-produced passenger car to use a rear-mounted, air-cooled engine." [Wikipedia] Greg Gjerdingen licensed under the Creative Commons 8 Attribution 2.0 Generic license.

  9. Alternate title: Nobody would build a self-driving Corvair "The Chevrolet Corvair is a compact car manufactured by Chevrolet for model years 1960–1969. It was the only American-designed, mass-produced passenger car to use a rear-mounted, air-cooled engine." [Wikipedia] … and became notorious as the primary example of an inherently-unsafe car, as described by Ralph Nader in Unsafe at Any Speed Greg Gjerdingen licensed under the Creative Commons 9 Attribution 2.0 Generic license.

  10. Alternate title: Nobody would build a self-driving Corvair "The Chevrolet Corvair is a compact car manufactured by Chevrolet for model years 1960–1969. It was the only American-designed, mass-produced passenger car to use a rear-mounted, air-cooled engine." [Wikipedia] … and became notorious as the primary example of an inherently-unsafe car, as described by Ralph Nader in Unsafe at Any Speed … although subsequent studies suggested that the Corvair wasn't uniquely unsafe Greg Gjerdingen licensed under the Creative Commons 10 Attribution 2.0 Generic license.

  11. Unsafe at Any Speed (Ralph Nader, 1965) ● Explained how car designers failed to consider safety, and just how bad the results were. Picked on the Corvair, in particular. ● Instigated many current safety features. ● ● Launched Nader's public career. 11

  12. What can SelfDN-ers learn from auto design? ● Any control system (human or automated) has its limits ● Pushing a control system past its limits can cause crashes Sometimes, the problem is not in the control system! ● I'll illustrate with some analogies drawn from Unsafe at Any Speed ● ○ all quotations in these slides are from Ralph Nader, Unsafe at Any Speed , New York: Grossman Publishers, 1965, unless otherwise noted 12

  13. OK, why not build a self-driving Corvair? Nader's assertion: the Corvair was inherently unsafe ● Even expert drivers found it challenging ("fun") to drive in some conditions Average drivers often found themselves in trouble unexpectedly ● Past a certain point, it was impossible to recover ● ● People were killed or injured unnecessarily ● Various intentional design choices led to these safety problems (and Nader alleges bad intentions on the part of GM, but that's not relevant to my talk) ● 13

  14. OK, why not build a self-driving Corvair? Nader's assertion: the Corvair was inherently unsafe ● Even expert drivers found it challenging ("fun") to drive in some conditions Average drivers often found themselves in trouble unexpectedly ● Past a certain point, it was impossible to recover ● ● People were killed or injured unnecessarily ● Various intentional design choices led to these safety problems (and Nader alleges bad intentions on the part of GM, but that's not relevant to my talk) ● Given these properties, a Corvair would be a poor base for a self-driving car: The control system would have to be especially wonderful, or disaster ensues ● The self-driver would be blamed for accidents outside of its control ● 14

  15. OK, why not build a self-driving Corvair? Nader's assertion: the Corvair was inherently unsafe ● Even expert drivers found it challenging ("fun") to drive in some conditions Average drivers often found themselves in trouble unexpectedly ● Past a certain point, it was impossible to recover ● ● People were killed or injured unnecessarily ● Various intentional design choices led to these safety problems (and Nader alleges bad intentions on the part of GM, but that's not relevant to my talk) ● Given these properties, a Corvair would be a poor base for a self-driving car: The control system would have to be especially wonderful, or disaster ensues ● The self-driver would be blamed for accidents outside of its control ● ● Our networks today are more like 1965 Corvairs than 2018 Volvos. 15

  16. What was wrong with the Corvair? Nader alleged the car was far too unstable in cornering manoeuvers: it "abruptly decides to do the driving for the driver in a wholly untoward manner" because: ● "swing axle" suspension caused rear wheels to "tuck under" and lose contact the unusual rear-heavy weight distribution contributed to this problem ● GM's solution was an unusual/finicky tire-pressure distribution (F=15/R=26 psi) ● ○ instead of building a slightly more expensive fully independent rear suspension + anti-roll bar 16

  17. Tire pressure? Really? Nader writes: ● "Instead of all stability being inherent in the vehicle design, the operator is relied upon to maintain a require [front vs. rear] pressure differential …" "any policy which [burdens the driver with monitoring tire pressure differentials] ● closely and persistently … cannot be described as sound or safe engineering." ● "This responsibility … is passed along to service station attendants, who are notoriously unreliable in abiding by requested tire pressures." "There is also serious doubt whether the owner or service man (sic) is fully ● aware of the importance of maintaining the recommended pressures." ● + "little details" such as the location of the spare tire, and the number of passengers & their luggage, contributed additional complexity 17

  18. What does this have to do with networks? ● Just like cars, networks can be unstable ● We can't really expect automated control planes to cope with arbitrary instability Just as we shouldn't expect non-expert drivers to cope with unstable cars ○ ● It might be better to fix the instabilities rather than trying to create super AIs ○ Or at least, to clearly define and bound the unstable regimes Sometimes, this means moving the stability control "into the network" ● ○ e.g., today's cars come with traction control, anti-lock brakes, and electronic stability control Some examples on the next few slides 18

  19. Some causes of network instability Multiple control loops trying to optimize the same network: ● E.g., traffic engineering and congestion control working at cross purposes Too much latency in the control loop: ● E.g., link flaps faster than the routing system can re-converge ● (Maybe the routing plane can handle one flapping link, but not seven at once) Accidental large-scale synchronization: ● E.g., Sally Floyd and Van Jacobson. 1994. The synchronization of periodic routing messages . IEEE/ACM Trans. Netw. 2, 2 (April 1994) 19

Recommend

UNSAFE AT ANY SPEED: CYBERSECURITY FOR LAWYERS MICHAEL P. HANNIGAN KONICEK & DILLON, P.C.

UNSAFE AT ANY SPEED: CYBERSECURITY FOR LAWYERS MICHAEL P. HANNIGAN KONICEK & DILLON, P.C.

9/19/2018 UNSAFE AT ANY SPEED: CYBERSECURITY FOR LAWYERS MICHAEL P. HANNIGAN KONICEK & DILLON, P.C. UNDERSTANDING THE PROBLEM Insecure Communications vs. Insecure Credentials 1 9/19/2018 IMPORTANT TERMS Phishing Spear

293 views • 6 slides
Cedar Rapids RLR & Speed Des Moines RLR & Speed

Cedar Rapids RLR & Speed Des Moines RLR & Speed

Davenport.RLR & Speed Cedar Rapids RLR & Speed Des Moines RLR & Speed Sioux City.. RLR & Speed Muscatine...RLR & Speed Council

248 views • 11 slides
Speed kills 2 but people like speed! 3 Speed Higher speeds are associated with higher

Speed kills 2 but people like speed! 3 Speed Higher speeds are associated with higher

Effects of automated highway speed enforcement: average versus instantaneous speed control 27 th annual ICTCT workshop 16-17 Oct 2014, Karlsruhe - Germany dr. Stijn Daniels, PhD Transportation Research Institute Hasselt University, Belgium

413 views • 9 slides
UNSAFE PORTS: abnormal occurrences and the insurance solution. David Pitlarge Partner Marine,

UNSAFE PORTS: abnormal occurrences and the insurance solution. David Pitlarge Partner Marine,

UNSAFE PORTS: abnormal occurrences and the insurance solution. David Pitlarge Partner Marine, Trade & Energy Hill Dickinson LLP Unsafe Ports: abnormal occurrences Basic warranty Practical terms types of dispute

466 views • 19 slides
Speed, speed, speed D. J. Bernstein University of Illinois at Chicago; Ruhr University Bochum

Speed, speed, speed D. J. Bernstein University of Illinois at Chicago; Ruhr University Bochum

1 Speed, speed, speed D. J. Bernstein University of Illinois at Chicago; Ruhr University Bochum Reporting some recent symmetric-speed discussions, especially from RWC 2020. Not included in this talk: NISTLWC. Short inputs.

411 views • 29 slides
SPEED OF THOUGHT SPEED OF THOUGHT 120m/s SPEED OF THOUGHT COMMUNICATIVE The Artist is Absent:

SPEED OF THOUGHT SPEED OF THOUGHT 120m/s SPEED OF THOUGHT COMMUNICATIVE The Artist is Absent:

amon ge, UDLS 2017 SPEED OF THOUGHT SPEED OF THOUGHT 120m/s SPEED OF THOUGHT COMMUNICATIVE The Artist is Absent: Davey Wreden and The Beginners Guide (https://youtu.be/4N6y6LEwsKc) SPEED OF THOUGHT COMMUNICATIVE words per minute (WPM)

804 views • 54 slides
POWERED STARTUPS Speed@BDD Presentation July 2017 SPEED@BDD IN A NUTSHELL Speed@BDD is a

POWERED STARTUPS Speed@BDD Presentation July 2017 SPEED@BDD IN A NUTSHELL Speed@BDD is a

ROCKET POWERED STARTUPS Speed@BDD Presentation July 2017 SPEED@BDD IN A NUTSHELL Speed@BDD is a Lebanese-grown startup accelerator software 2 acceleration 10 startups 3-month 10% equity idea & early cycles per year per cycle

417 views • 4 slides
Speed Management in NZ

Speed Management in NZ

Speed Management in NZ The agenda 1. Benefits of reduced traffic speed (10 min) 2. Speed Quiz (15 min) 3.

948 views • 46 slides
10 years of Speed Tables Peter da Silva FlightAware What are Speed Tables? What are Speed

10 years of Speed Tables Peter da Silva FlightAware What are Speed Tables? What are Speed

10 years of Speed Tables Peter da Silva FlightAware What are Speed Tables? What are Speed Tables? An array of structures A Key-Value store A NoSQL database A portable API Example CExtension particles 1.0 { CTable quark

476 views • 32 slides
The Aim Take a Haskell program Analyse it Prove statically that there are no unsafe

The Aim Take a Haskell program Analyse it Prove statically that there are no unsafe

CATCH: Case and Termination Checker for Haskell Neil Mitchell (Supervised by Colin Runciman) http://www.cs.york.ac.uk/~ ndm/ The Aim Take a Haskell program Analyse it Prove statically that there are no unsafe pattern matches

420 views • 19 slides
Speed, speed, speed $1000 TCR hashing competition D. J. Bernstein Crowley: I have a problem

Speed, speed, speed $1000 TCR hashing competition D. J. Bernstein Crowley: I have a problem

1 2 Speed, speed, speed $1000 TCR hashing competition D. J. Bernstein Crowley: I have a problem where I need to make some University of Illinois at Chicago; cryptography faster, and Im Ruhr University Bochum setting up a $1000

573 views • 55 slides
WATERFISH | neermeen More people die from unsafe water than from all other forms of violence.

WATERFISH | neermeen More people die from unsafe water than from all other forms of violence.

WATERFISH | neermeen More people die from unsafe water than from all other forms of violence. Including war. United Nations Secretary General Ban Ki-moon 80% of illnesses in developing countries are linked to poor water conditions. but

674 views • 43 slides
Safe Pedestrians, Equines the Environment & Drivers Who are SPEED? The SPEED action group

Safe Pedestrians, Equines the Environment & Drivers Who are SPEED? The SPEED action group

SPEED Safe Pedestrians, Equines the Environment & Drivers Who are SPEED? The SPEED action group was formed after a public meeting to discuss road safety issues and the tragic accident on the A626, involving a horse fatality.

368 views • 13 slides
Unsafe & safe road way design Unsafe & safe road way design for urban roads for

Unsafe & safe road way design Unsafe & safe road way design for urban roads for

PIARC International Road Safety Safety Seminar Seminar PIARC International Road Beijing 18 20 20 October October 2005 2005 Beijing 18 Unsafe & safe road way design Unsafe & safe road way design for urban roads for

1.02k views • 34 slides
Madhya Pradesh. 1. Unsafe Sterilization in violation of SOP. 2. Non compliance of Ramakant Rai

Madhya Pradesh. 1. Unsafe Sterilization in violation of SOP. 2. Non compliance of Ramakant Rai

Doma T. Bhutia. HRLN, Jabalpur Unit. Madhya Pradesh. 1. Unsafe Sterilization in violation of SOP. 2. Non compliance of Ramakant Rai directives of S.C & Jan Adhikar Manch directives of M. P . H.C. in respect to compensation. 3.

475 views • 10 slides
Saf afety ety Obs bservations ervations Turning unsafe behavior into dependable, safe

Saf afety ety Obs bservations ervations Turning unsafe behavior into dependable, safe

5 TIPS FOR IMPACTFUL Saf afety ety Obs bservations ervations Turning unsafe behavior into dependable, safe routines Our presentation begins soon 5 TIPS FOR IMPACTFUL Saf afety ety Obs bservations ervations Turning unsafe behavior into

452 views • 43 slides
Speed perception by drivers as dependent on target travel speeds, on every road type urban street

Speed perception by drivers as dependent on target travel speeds, on every road type urban street

32 nd ICTCT Conference in Warsaw, Poland - October 24 & 25, 2019 Background: Speed in Sustainable road safety Speed one of the main issues in Sustainable road safety and in Safe System Speed management matching road

317 views • 3 slides
The Tagging Task Part-of-Speech Tagging Input: the lead paint is unsafe Output: the/Det lead/N

The Tagging Task Part-of-Speech Tagging Input: the lead paint is unsafe Output: the/Det lead/N

The Tagging Task Part-of-Speech Tagging Input: the lead paint is unsafe Output: the/Det lead/N paint/N is/V unsafe/Adj Uses: text-to-speech (how do we pronounce lead?) can write regexps like (Det) Adj* N+ over the output A

400 views • 8 slides
Strategies to Prevent Unsafe Opioid Prescribing in Primary Care among Patients with Acute or

Strategies to Prevent Unsafe Opioid Prescribing in Primary Care among Patients with Acute or

Strategies to Prevent Unsafe Opioid Prescribing in Primary Care among Patients with Acute or Chronic Non-cancer Pain LOI Applicant Town Hall Session September 6, 2017 12:00 - 1:00 p.m. ET Agenda 1. Welcome 2. Background on PCORI 3. Overview

442 views • 42 slides
Strategies to Prevent Unsafe Opioid Prescribing in Primary Care among Patients with Acute or

Strategies to Prevent Unsafe Opioid Prescribing in Primary Care among Patients with Acute or

Strategies to Prevent Unsafe Opioid Prescribing in Primary Care among Patients with Acute or Chronic Non-cancer Pain Applicant Town Hall Session July 15, 2016 11:00 a.m. -12:00 p.m. ET Agenda 1. Welcome 2. Background on PCORI and the Funding

548 views • 25 slides
USB History January 1996 Low Speed USB 1.0 (1.5 Mbit/s) Full Speed USB 1.1 August

USB History January 1996 Low Speed USB 1.0 (1.5 Mbit/s) Full Speed USB 1.1 August

USB History January 1996 Low Speed USB 1.0 (1.5 Mbit/s) Full Speed USB 1.1 August 1998 (12 Mbit/s) High Speed USB 2.0 April 2000 (480 Mbit/s) USB 3.0 November SuperSpeed (3.1 Gen1) 2008 (5 Gbit/s) USB 3.1

782 views • 19 slides
Erins Law Presentation Kindergarten-2nd grades Safe and Unsafe Touches

Erins Law Presentation Kindergarten-2nd grades Safe and Unsafe Touches

Erins Law Presentation Kindergarten-2nd grades Safe and Unsafe Touches https://www.youtube.com/watch?v=zNTUMNKSNwk What are some Safe Touches? Handshakes Hugs High Five Safe Touches Make Us Feel... Happy Loved Glad

234 views • 21 slides
Kivori Villages PNG Kivori Poe Village Unsafe road conditions contribute to vulnerability

Kivori Villages PNG Kivori Poe Village Unsafe road conditions contribute to vulnerability

Pacific Adaptation to Climate Change (PACC) Project for Kivori Villages PNG Kivori Poe Village Unsafe road conditions contribute to vulnerability Education is a challenge in the Kivori community as children have to walk for hours to reach

980 views • 32 slides
Toward Detection of Unsafe Driving with Wearables Luyang Liu Cagdas Karatas, Hongyu Li, Marco

Toward Detection of Unsafe Driving with Wearables Luyang Liu Cagdas Karatas, Hongyu Li, Marco

Toward Detection of Unsafe Driving with Wearables Luyang Liu Cagdas Karatas, Hongyu Li, Marco Gruteser, Richard Martin WINLAB, Rutgers University Sheng Tan, Jie Yang Florida State University Yingying Chen Stevens Institute of Technology

654 views • 20 slides

More recommend