Saturday, June 04, 2016

As How You Drive

I have been discussing Pay As You Drive (PAYD) insurance schemes on this blog for nearly ten years.

The simplest version of the concept varies your insurance premium according to the quantity of driving - Pay As How Much You Drive. But for obvious reasons, insurance companies are also interested in the quality of driving - Pay As How Well You Drive - and several companies now offer a discount for "safe" driving, based on avoiding events such as hard braking, sudden swerves, and speed violations.

Researchers at the University of Washington argue that each driver has a unique style of driving, including steering, acceleration and braking, which they call a "driver fingerprint". They claim that drivers can be quickly and reliably identified from the braking event stream alone.

Bruce Schneier posted a brief summary of this research on his blog without further comment, but a range of comments were posted by his readers. Some expressed scepticism about the reliability of the algorithm, while others pointed out that driver behaviour varies according to context - people drive differently when they have their children in the car, or when they are driving home from the pub.

"Drunk me drives really differently too. Sober me doesn't expect trees to get out of the way when I honk."

Although the algorithm produced by the researchers may not allow for this kind of complexity, there is no reason in principle why a more sophisticated algorithm couldn't allow for it. I have long argued that JOHN-SOBER and JOHN-DRUNK should be understood as two different identities, with recognizably different patterns of behaviour and risk. (See my post on Identity Differentiation.)

However, the researchers are primarily interested in the opportunities and threats created by the possibility of using the "driver fingerprint" as a reliable identification mechanism.

  • Insurance companies and car rental companies could use "driver fingerprint" data to detect unauthorized drivers.
  • When a driver denies being involved in an incident, "driver fingerprint" data could provide relevant evidence.
  • The police could remotely identify the driver of a vehicle during an incident.
  • "Driver fingerprint" data could be used to enforce safety regulations, such as the maximum number of hours driven by any driver in a given period.

While some of these use cases might be justifiable, the researchers outline various scenarios where this kind of "fingerprinting" would represent an unjustified invasion of privacy, observe how easy it is for a third party to obtain and abuse driver-related data, and call for a permission-based system for controlling data access between multiple devices and applications connected to the CAN bus within a vehicle. (CAN is a low-level protocol, and does not support any security features intrinsically.)


Miro Enev, Alex Takakuwa, Karl Koscher, and Tadayoshi Kohno, Automobile Driver Fingerprinting Proceedings on Privacy Enhancing Technologies; 2016 (1):34–51

Andy Greenberg, A Car’s Computer Can ‘Fingerprint’ You in Minutes Based on How You Drive (Wired, 25 May 2016)

Bruce Schneier, Identifying People from their Driving Patterns (30 May 2016)

See also John H.L. Hansen, Pinar Boyraz, Kazuya Takeda, Hüseyin Abut, Digital Signal Processing for In-Vehicle Systems and Safety. Springer Science and Business Media, 21 Dec 2011

Wikipedia: CAN bus, Vehicle bus

Related Posts

Identity Differentiation (May 2006)

Pay As You Drive (October 2006) (June 2008) (June 2009)

Monday, May 30, 2016

Globally Integrated Enterprise 2

In my post on the Globally Integrated Enterprise (June 2006), I reported a comment by James Martin about the growth of the Indian CEO. A few years later, Megha Bahree reported Eight Indian CEOs At Big U.S. Companies (Forbes, December 2009). Now both Microsoft and Google CEOs were born in India. See India-born CEOs are taking the U.S. by storm (CNN MoneyInvest, August 2015).

@juliapowles notes that the relationship between Google and Microsoft started to improve in September 2015, shortly after Sundar Pichai became Google’s chief executive. Julia Powles, Google and Microsoft have made a pact to protect surveillance capitalism (Guardian, 2 May 2016). Coincidence?

Meanwhile, the relationship between Google and Oracle remains tense. Google has just won the latest battle in the ongoing legal war over its use of Java code in the Android operating system. Nicky Woolf, Google wins six-year legal battle with Oracle over Android code copyright (Guardian, 26 May 2016).

In case you were wondering, Oracle does not have an Indian CEO. Unusually, it has two CEOs - an Israeli woman and an American man - as well as Larry Ellison remaining as CTO and executive chairman. (Not exactly normalized, eh Larry?)

Ms Catz has been leading the Oracle legal battle against Google. No doubt she has Mr Hurd's full support ...

Diane Brady, Oracle Hunger Games: Larry Ellison Creates Co-CEOs (Bloomberg, 19 September 2014)

Claire Zillman, With co-CEOs, companies flirt with disaster (Fortune, 20 September 2016)

Wednesday, May 04, 2016

Beyond Bimodal

Ten years ago (March 2006) I attended the SPARK workshop in Las Vegas, hosted by Microsoft. One of the issues we debated extensively was the apparent dichotomy between highly innovative, agile IT on the one hand, and robust industrial-strength IT on the other hand. This dichotomy is often referred to as bimodal IT.

In those days, much of the debate was focused on technologies that supposedly supported one or other mode. For example SOA and SOAP (associated with the industrial-strength end) versus Web 2.0 and REST (associated with the agile end).

But the interesting question was how to bring the two modes back together. Here's one of the diagrams I drew at the workshop.

Business Stack

As the diagram shows, the dichotomy involves a number of different dimensions which sometimes (but not always) coincide.
  • Scale
  • Innovation versus Core Process
  • Different rates of change (shearing layers or pace layering)
  • Top-down ontology versus bottom up ontology ("folksonomy")
  • Systems of engagement versus systems of record
  • Demand-side (customer-facing) versus supply side
  • Different levels of trust and security

Even in 2006, the idea that only industrial-strength IT can handle high volumes at high performance was already being seriously challenged. There were some guys from MySpace at the workshop, handling volumes which were pretty impressive at that time. As @Carnage4Life put it, My website is bigger than your enterprise.

Bimodal IT is now back in fashion, thanks to heavy promotion from Gartner. But as many people are pointing out, the flaws in bimodalism have been known for a long time.

One possible solution to the dichotomy of bimodalism is an intermediate mode, resulting in trimodal IT. Simon Wardley has characterized the three modes using the metaphor of Pioneers, Settlers, and Town Planners. A similar metaphor (Commandos, Infantry and Police) surfaced in the work of Robert X Cringely sometime in the 1990s. Simon reckons it was 1993.

Trimodal doesn't necessarily mean three-speed. Some people might interpret the town planners as representing ‘slow,’ traditional IT. But as Jason Bloomberg argues, Simon's model should be interpreted in a different way, with town planners associated with commodity, utility services. In other words, the town planners create a robust and agile platform on which the pioneers and settlers can build even more quickly. This is consistent with my 2013 piece on hacking and platforms. Simon argues that all three (Pioneers, Settlers, and Town Planners) must be brilliant.

Characterizing a mode as "slow" or "fast" may be misleading, because (despite Rob England's contrarian arguments) people usually assume that "fast" is good and "slow" is bad. However, it is worth recognizing that each mode has a different characteristic tempo, and differences in tempo raise some important structural and economic issues. See my post on Enterprise Tempo (Oct 2010).

Updated - corrected and expanded the description of Simon's model.  Apologies for Simon for any misunderstanding on my part in the original version of this post.

Jason Bloomberg, Bimodal IT: Gartner's Recipe For Disaster (Forbes, 26 Sept 2015)

Jason Bloomberg, Trimodal IT Doesn’t Fix Bimodal IT – Instead, Let’s Fix Slow (Cortex Newsletter, 19 Jan 2016)

Jason Bloomberg, Bimodal Backlash Brewing (Forbes, 26 June 2016)

Rob England, Slow IT (28 February 2013)

Bernard Golden, What Gartner’s Bimodal IT Model Means to Enterprise CIOs (CIO Magazine, 27 January 2015)

John Hagel, SOA Versus Web 2.0? (Edge Perspectives, 25 April 2006)

Dion Hinchcliffe, How IT leaders are grappling with tech change: Bi-modal and beyond (ZDNet, 14 January 2015)

Dion Hinchcliffe, IT leaders inundated with bimodal IT meme (ZDNet, 1 May 2016)

Dare Obasanjo, My website is bigger than your enterprise (March 2006)

Richard Veryard, Notes from the SPARK workshop (March 2006), Enterprise Tempo (October 2010), A Twin-Track Approach to Government IT (March 2011),

Richard Veryard, Why hacking and platforms are the future of NHS IT (The Register, 16 April 2013)

Richard Veryard and Philip Boxer, Metropolis and SOA Governance (Microsoft Architecture Journal, July 2005)

Simon Wardley, Bimodal IT - the new old hotness (13 November 2014)

Simon Wardley, On Pioneers, Settlers, Town Planners and Theft (13 March 2015)

Lawrence Wilkes and Richard Veryard, Extending SOA with Web 2.0 (CBDI Forum for IBM, 2007)

updated 27 June 2016

Wednesday, November 18, 2015

Update on Deconfliction

The obscure word #deconfliction has started to appear in the news, referring to the coordination or lack of coordination between American and Russian operations in the Middle East, especially Syria.

The Christian Science Monitor suggests that the word "deconfliction" sounds too cooperative, and quotes the New York Times.

“Defense Secretary Ashton B. Carter sharply took issue with suggestions, particularly in the Arab world, that the United States was cooperating with Russia, and he insisted that the only exchanges that the Pentagon and the Russian military could have on Syria at the moment were technical talks on how to steer clear of each other in the skies above the country.”

But that's exactly what deconfliction is - "how to steer clear of each other" - especially in the absence of tight synchronization and strong coordination.

The Guardian quotes Gary Rawnsley, professor of public diplomacy at Aberystwyth University, who says such jargon is meaningless and is designed to confuse the public. But I think this is unfair. The word has been used within military and other technical circles for many decades, with a fairly precise technical meaning. Obviously there is always a problem (as well as a risk of misunderstanding) when technical jargon leaks into the public sphere, especially when used by such notorious obfuscators as Donald Rumsfeld.

In the current situation, the key point is that cooperation and collaboration require something more like a dimmer switch rather than a simple on-off switch. The Americans certainly don't want total cooperation with the Russians - either in reality or in public perception - but they don't want zero cooperation either. Meanwhile Robbin Laird of SLD reports that the French and the Russians have established "not only deconfliction but also coordinated targeting ... despite differences with regard to the future of Syria". In other words, Franco-Russian coordination going beyond mere deconfliction, but stopping short of full alignment.

Thus the word "deconfliction" actually captures the idea of minimum viable cooperation. And this isn't just a military concept. There are many business situations where minimum viable cooperation makes a lot more sense than total synchronization. We could always call it loose coupling.

Helene Cooper, A Semantic Downgrade for U.S.-Russian Talks About Operations in Syria (New York Times, 7 October 2015)

Jonathan Marcus, Deconflicting conflict: High-stakes gamble over Syria (BBC News, 6 October 2015)

Robbin Laird, The RAF Unleashed: The UK and the Coalition Step up the Fight Against ISIS (SLD, 6 December 2015)

Ruth Walker, Feeling conflicted about deconfliction (Christian Science Monitor, 22 October 2015)

Matthew Weaver, 'Deconflict': buzzword to prevent risk of a US-Russian clash over Syria (Guardian 1 October 2015)

Ben Zimmer, In Conflict Over Russian Role in Syria, ‘Deconfliction’ Draws Critics (Wall Street Journal, 9 October 2015)

More posts on Deconfliction

Updated 7 December 2015 

Saturday, November 07, 2015

The New Economics of Manufacturing

Popped over to Turin this week to give a presentation at a seminar on the Future of Manufacturing.

A lot of the other presentations focused on the technology (3D Printers, Cyber-Physical Systems, Internet of Things), so I wanted to look at the broader economic picture. I drew some inspiration from a recent interview with the French writer Jacques Attali, who predicted the crisis in the music industry.  

"For Attali, music is not simply a reflection of culture, but a harbinger of change, an anticipatory abstraction of the shape of things to come." (from a review of Attali's 1985 book Noise)

Attali now says manufacturing will be hit by an identical crisis - this time caused by 3D printing. Apparently some spare parts have already started to appear on pirate websites. Thus instead of paying the manufacturer for a spare part, you might be able to download and print it yourself. Given that many manufacturers sell their products at low margin, in order to make money from spare parts and maintenance, this could seriously disrupt the economics of manufacturing.

By the way, making money from the consumable part of the product is a very old idea - business schools usually attribute the idea to Gillette's strategy of giving away the razors in order to sell the blades, although Randy Picker argues that the history of Gillette's innovation was a bit more complicated than the usual story.

There are two possible responses to this challenge. Firstly a shift from the cost of the fabrication to the cost of the materials. The materials used by 3D printers are very expensive compared with normal material. And secondly, designing the whole product to frustrate the use of generic spare parts.

We can see both of these tactics in the world of 2D printers. Printers for home use are really cheap, but the replacement ink cartridges cost almost as much as the printer. Printer ink is the most expensive liquid most people ever buy - much more expensive than good champagne. Or for that matter, human blood. (Not that I've ever needed to buy any, thank goodness.)

Which brings us to the second tactic. Yes you can refill ink cartridges or use generic replacements. But the printer can be equipped with software to detect and frustrate this, degrading its performance and efficiency when it detects a third party or refilled cartridge. As we discovered in the Volkswagen "defeat device" scandal, the embedded software in any product may be designed to serve the commercial interests of the manufacturer rather than the consumer.

Manufacturing is shifting away from products (including spare parts) and towards services. Instead of trying to sell you overpriced tyres, the car manufacturer must make sure that only its accredited partners have the software to balance the wheels properly. In other words, not just architecting the product or even the process, but architecting the whole ecosystem.

And of course, music the harbinger. Famous popstars used to do free concerts in order to sell more albums. Now they might as well give away the albums in order to sell more concert tickets.

But we've been here before. Attali makes the point that when musicians in the 18th Century - like the composer Handel - started selling tickets for concerts, rather than seeking royal patronage, they were breaking new economic ground. They were signalling the end of feudalism and the beginning of a new order of capitalism.

Related Posts

Defeating the Device Paradigm (October 2015)

Other Sources

Alex Hudson, Is digital piracy possible on any object? (BBC Click, 9 December 2013)

Randy Picker, Gillette’s Strange History with the Razor and Blade Strategy (HBR Sept 2010)

Sam York, The pop star and the prophet (BBC News Magazine, 17 September 2015)

Friday, September 04, 2015

Autumn Events 2015

Open Group Conference - Architecting the Boundaryless Organization

This conference ran from 19th to 22nd of October in Edinburgh.  My talk was on Boundaryless Customer Engagement, and took place on the Monday afternoon. The material was developed in collaboration with my colleague Andrew Forsyth.

The business value of customer analytics and big data is not just about what you can discover or infer about the customer, but how you can use this insight promptly and effectively across multiple touchpoints (including e-Commerce systems and CRM) to create a powerful and truly personalized customer experience.

For most organizations, mobilizing this kind of intelligence raises organizational challenges as well as technical ones. I talked about how some leading companies are starting to address these challenges, and described the vital role of enterprise architecture in supporting such initiatives.

Key takeaways:
  • A reference model for omnichannel consumer analytics and engagement.
  • An architectural approach for closed-loop integration across multiple customer touchpoints and diverse data platforms.
  • A template business case for building and extending your business and technical capabilities for customer engagement. 

Unicom Data Analytics Forum - Exploring the Business Value of Predictive and Real-Time Analytics

Was held at the Kensington Hilton in West London on 2nd December.

My talk was on Real-Time Personalization - Exploring the Customer Genome. Retail and consumer organizations have started to develop more personalized interaction with customers, based on rapid analysis of a broad range of customer attributes and propensities, known metaphorically as “genes”. These may be used to target campaigns more accurately, or to generate the next best action in real-time for a specific customer.

For more details and registration, please visit the Unicom website.

Here are the two presentations. There are significant overlaps between the two.

Friday, May 15, 2015


#WorldBank #DataModel I recently went through a data modelling exercise, underlining and classifying the nouns in a set of functional design documents for a large client project. So I was interested to read an article based on an analysis of World Bank reports over the last fifty years, based on a similar technique. Some of the authors' key findings resonated with me, because I have seen similar trends in the domain of enterprise architecture.

The article looks at the changes in language and style during the history of the World Bank. For the first couple of decades, its reports were factual and concrete, and the nouns were specific - investments created assets and produced measurable outcomes, grounded in space and time. The dominant note is of factual precision - demarcating past accomplishments, current actions, necessary policies and future projects - with a clear sense of cause and effect.

"A clear link is established between empirical knowledge, money flows and industrial constructions: knowledge is associated with physical presence in situ, and with calculations conducted in the Bank's headquarters; money flows involve the negotiation of loans and investments with individual states; and the construction of ports, energy plants, etc., is the result of the whole process. In this eminently temporal sequence, a strong sense of causality links expertise, loans, investments, and material realizations."

In recent decades, the Bank's language has changed, becoming more abstract, more distant from concrete social life. The focus has shifted from physical assets (hydroelectric dams) to financial ones (loans guarantees), and from projects to 'strategies'. Both objectives (such as 'poverty reduction') and solutions (such as 'education', 'structural adjustment') are disengaged from any specificity: they are the same for everybody, everywhere. The authors refer to this as a 'bureaucratization' of the Bank’s discourse.

"This recurrent transmutation of social forces into abstractions turns the World Bank Reports into strangely metaphysical documents, whose protagonists are often not economic agents, but principles—and principles of so universal a nature, it's impossible to oppose them. Levelling the playing field on global issues: no one will ever object to these words (although, of course, no one will ever be able to say what they really mean, either). They are so general, these ideas, they're usually in the singular: development, governance, management, cooperation. ... There is only one way to do things: one development path; one type of management; one form of cooperation."

I have seen architectural documents that could be described in similar terms - full of high-level generalizations and supposedly universal principles, which provide little real sense of the underlying business and its requirements. Of course, there is sometimes a need for models that abstract away from the specifics of space and time: for example, a global organization may wish to establish a global set of capabilities and common services, which will support local variations in market conditions and business practices. But architects are not always immune to the lure of abstract bureaucracy.

In Bankspeak, causality and factuality is replaced by an accumulation of what the authors (citing Boltanski and Chiapello) call management discourse. For example, the term 'poverty' is linked to terms you might expect: 'population', 'employment', 'agriculture' and 'resources'. However the term 'poverty reduction' is linked with a flood of management terms: 'strategies', 'programmes', 'policies', 'focus', 'key', 'management', 'report', 'goals', 'approach', 'projects', 'frameworks', 'priorities', 'papers'.

We could doubtless find a similar flood of management terms in certain enterprise architecture writings. However, while these management terms do have a proper role in architectural discourse, we must be careful not to let them take precedence over the things that really matter. We need to pay attention to business goals, and not just to the concept of "business goal".

Franco Moretti and Dominique Pestre, BankSpeak - The Language of World Bank Reports (New Left Review 92, March-April 2015)

Related post: Deconstructing the Grammar of Business (June 2009)

Wednesday, April 22, 2015

Agile and Wilful Blindness

@ruthmalan challenges @swardley on #Agile

Some things are easier to change than others. The architect Frank Duffy proposed a theory of Shearing Layers, which was further developed and popularized by Stuart Brand. In this theory, the site and structure of a building are the most difficult to change, while skin and services are easier.

Let's suppose Agile developers know how to optimize some of the aspects of a system, perhaps including skin and services. So it doesn't matter if they get the skin and services wrong, because these can be changed later. This is the basic for @swardley's point that you don't need to know beforehand exactly what you are building.

But if they get the fundamentals wrong, such as site and structure, these are more difficult to change later. This is the basis for John Seddon's point that Agile may simply build the wrong things faster.

And this is where @ruthmalan takes the argument to the next level. Because Agile developers are paying attention to the things they know how to change (skin, services), they may fail to pay attention to the things they don't know how to change (site, structure). So they can throw themselves into refining and improving a system until it looks satisfactory (in their eyes), without ever seeing that it's the wrong system in the wrong place.

One important function of architecture is to pay attention to the things that other people (such as developers) may miss - perhaps as a result of different scope or perspective or time horizon. In particular, architecture needs to pay attention to the things that are going to be most difficult or expensive to change, or that may affect the lifetime cost of some system. In other words, strategic risk. See my earlier post A Cautionary Tale (October 2012).

Wikipedia: Shearing Layers

Saturday, April 18, 2015

Arguing with Drucker

@sheldrake via @cybersal challenges Peter Drucker on the purpose of business.

"Peter Drucker asserted that the purpose of business is to create and keep a customer. He was right at the time in offering previously inward-looking firms a more appropriate beacon. His dictum is, however, wrong for our time."

Philip Sheldrake's challenge is based on two points.

1. A concern with the health and resilience of living systems such as organizations, society and the environment.

2. The need to recognize and understand complexity.

I completely agree with these points, but I do not think they contradict Drucker's original statement of purpose. As the webpage cited by Philip indicates, Drucker always called for a healthy balance - between short-term needs and long-term sustainability - and I think he would argue that a concern for resilience and the need to understand complexity were entailed by a customer-centric purpose.

Philip proposes an alternative purpose: Business exists to establish and drive mutual value creation. My problem with this alternative formulation is that it fails to answer Lenin's fundamental question: Who, Whom? There are businesses and business networks today whose purpose appears to be to mutually enrich a small number of mutually back-scratching executives at the expense of everyone else, including customers and retail shareholders. Drucker would not approve.

A statement of purpose is essentially an ethical statement (what is the value of the business) not an instrumental statement (what is needed to deliver this value). So let me propose an alternative ethic, a compromise between Drucker and Sheldrake, based on the wise saying of Hillel the Elder.

1. If a business is only for itself, what is it?
 (Expresses a concern for customers and society)

2. If a business is not for itself, who is for it?  
(Which may entail a concern for resilience and complexity)

3. If not now, when?  
(Expresses a concern for a balance between the present and the future)

Philip Sheldrake, What, exactly, is the purpose of business? An answer post-Drucker (April 2015)

Peter Drucker's Life and Legacy (Drucker Institute, retrieved 18 April 2015)

Wikipedia: Hillel the Elder, POSIWID, Who, Whom?

Sunday, January 11, 2015

From Coincidensity to Consilience

In my post From Convenience to Consilience - “Technology Alone Is Not Enough"  (October 2011), I praised Steve Jobs for his role in the design of the Pixar campus, whose physical layout was intended to bring different specialists together in serendipitous interactions.

Thanks to @jhagel and @CoCreatr, I have just read a blogpost by @StoweBoyd commenting on a related project at Google to build a new Googleplex. Because this is Google, this is a bottom-up data-driven project: it is based on a predicted metric of coincidensity, which is sometimes defined as the likelihood of serendipity.

With the right technology (for example, electronic monitoring of the corridors and/or tagging of employees), a corporation like Google can easily monitor and control “casual collisions of the work force”.

But as Ilkka Kakko (@Serendipitor) points out, such measures of coincidensity cannot be equated with true serendipity. I wonder whether Google will be able to correlate casual meetings with enhanced knowledge and understanding, and measure the consequent quantity and quality of innovation? And then reconfigure the campus to improve the results? Hm.

However, the principle of designing physical spaces for human activity rather than for visual elegance is a good one, as is the notion of evidence-based design. Form following function.

Stowe Boyd, Building From The Inside Out (February 2013)

Paul Goldberger, Exclusive Preview: Google’s New Built-from-Scratch Googleplex (Vanity Fair, February 2013)

Ilkka Kakko, Are we reducing the magic of serendipity to the logic of coincidence? (April 2013)