Tuesday, December 24, 2013

Technical Communications

My last post talked about invention and innovation http://vzimmer.blogspot.com/2013/12/invention-and-innovation.html, and in that post I mentioned an article from the Harvard Business Review. Touching on such business aspects in a blog with the theme of 'musing on technology' may appear to be a category error, but for me, business underlies many of our technical endeavors.

Specially, I believe that technology is really about people, and people interact via the macro-economy via business, so they are all related in my eyes. A strict logician could argue via parody of my assertion with the following: 'technology is made of atoms, and atoms interact via the laws of quantum mechanics, so where are your QM postings?' My reply to such a syllogism would be 'the post is upcoming.'

So enough preamble, let me explore what I mean by technical communications in this post. A few recent events inspired this posting. The first was a discussion at Seatac airport http://www.portseattle.org/sea-tac/Pages/default.aspx with a former Intel manager. We were both waiting to fly to San Francisco, and our flight was delayed by a couple of hours. Fog in San Francisco, who would have thought it possible? This manager now works for the hardware division of Amazon, namely Lab 126 http://www.lab126.com, or "A to Z." I asked him about the admonition by Amazon's CEO Jeff Bezos against misusing Power Point that I had read about on the web http://conorneill.com/2012/11/30/amazon-staff-meetings-no-powerpoint. He told me that the practice of writing white papers ahead of the meeting and using Power Point as 'speaker notes' finds practice throughout all of Amazon's groups. The manta of "think complex, speak simple" summarizes the intent of the behavior.

The ex-Intel manager brought the Amazon culture close to home for me when he said "Don't you realize how many presentations get stuck on discussing a bullet for the whole meeting? At Amazon, we can deflect such delays by referencing the white paper, for example." In my professional career where white papers are not fully embraced, I try to avoid the single bullet rat hole with 'lap rules.' The term 'rate hole' and 'rat holing' is common in the tech industry and described well in Johnson's book Absolute Honesty http://www.amazon.com/Absolute-Honesty-Building-Corporate-Integrity/dp/0814407811. To avoid a rate hole via lap rules I advocate the following, 'Lap #1' allows the speaker to present all of his material without interruption. 'Lap #2' is a re-review of the same slide deck, which allows for questions. Regrettably, many senior people cannot restrain themselves and will camp on a bullet, or even the title, during 'Lap #1.'

When it comes to rat holes, the "Highest Paid Person's Opinion" (HIPPO) http://www.forbes.com/sites/derosetichy/2013/04/15/what-happens-when-a-hippo-runs-your-company/ is especially prone to this behavior of jumping to early conclusions prior to hearing a full review. I once asked a HIPPO after a meeting if he/she really thought that being the most senior person justified the enforcement of an opinion without having all of the data, and the reply was "of course or else the company wouldn't pay me this much." Interesting observation and maybe sour grapes on my sub-HIPPO status, but I encourage such parties to temper that alacrity with the possibility of succumbing to the logical fallacy of confusing correlation ("I get paid a lot so I am right") and causality ("I reviewed the data and with my experience I assert that I am right"). To combat the attraction of correlation-based reasoning I advocate a bit more Socratic questioning in the venues where seniority provides access.

From my last posting I talked about the 'exit champion,' or the pejorative characterization of such parties as "Dr. No" or the "No-Bots", so a cocktail of a 'HIPPO plus No-Bot' may engage the most vigorously in the rat-holing. Or even worse, the trifecta of 'HIPPO + No-Bot + Architecture Astronaut http://www.joelonsoftware.com/articles/fog0000000018.html.'

Maybe some of this crazed behavior within companies can be explained by the theory of canine-stacking  that a colleague recently described to me.  As Mike Rothman noted:

"I suppose the theory is simple:
     Top Dog
     Middle Dog
     Lower Dog
     Lowest Dog
Lowest dog works like crazy, but Lower dog adds a little something and communicates up what he did (inclusive of lowest dog's work) - and each layer above adds a touch of something and fronts for all the work below....You just hope that each layer had added something useful other than passing the word around...."

On a personal note, I appreciate the Amazon-eque white paper sentiment and try to use the written word as a way to scale and convey complex thoughts, strategies, and technical designs. And on the topic of scaling my impact, I hearken back to a quote from a manager a decade ago who told me "you should produce the output of as many people as your grade level." Taken literally this can be the IT equivalent of John Henry http://en.wikipedia.org/wiki/John_Henry_(folklore), I fear. It’s tough to write specifications + code at the same level of ten people, but working through others, collaborations, training, writing things down, etc, are some of the tools by which I can scale my efforts.

The next event that started me down the path of thinking about communications was a presentation Yuriy Bulygin, the Chief Threat Researcher, myself, and John Loucaides gave at Cisco SecCon http://www.cisco.com/web/about/security/cspo/csdl/seccon-overview.html. The narrative proceeded from attacks (or offense), then into technology countermeasures (or defense), and finally answered the question of what to do in case of a vulnerability (or response).

One comment from an attendee included "Quite impressive. You told an epic tale in less than an hour." To me this was a reminder that the 10's of slides and the constrained time frame for explanation plus demonstration exceeded the medium of Power Point. This class of erudition needs a complementary discourse mechanism, such as the written word.

Another recent event, though, that reminds me that I may not be following my own advice was my presentation on "Platform Firmware Security" at Seattle BSides http://www.securitybsides.com/w/page/57847942/BsidesSeattle in Redmond, WA a couple Saturdays past. Specially, I cribbed a long Power Point deck https://docs.google.com/file/d/0BxgB4JDywk3MSncxUHlIN0tYdms/edit but I didn't produce an updated white paper for offline reading. I was told that as RSA becomes more professional, Black Hat is the new RSA, Defcon is becoming the new Black Hat, and the local BSides are becoming the new Defcon.




I posted these slides during one of the subsequent talks based upon the exhortations on Twitter
"we want the slides!" "we want the slides!" chants are heard in the twitterverse ;)

After my talk, I sat in on a talk by Jack Daniel https://twitter.com/jack_daniel on presentation techniques, including the use of more graphics than text and engaging the audience. Jack was in attendance during my talk in the morning, but luckily I preceded his presentation else I would have been especially shame-faced in having delivered my verbose deck that didn't follow his guidance.

I recently realized the impact of a white paper when I saw that my 2009 IBM and Intel white paper http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.161.7603 has been included into university curricula http://www-inst.eecs.berkeley.edu/~cs194-24/sp13/index_handouts.html. That shows scaling of the written word in one instance.

On a side note, I couldn't resist Tweeting a quote from Jack Daniel #bsidesseattle on Saturday.
"I am from Texas. It is an excuse for aberrant behavior for life."
Having grown up in Houston, TX, I have to agree w/ Jack on that point.

A final event that helped inform this posting was reading Joan Magretta's book What Management Is: How it works and why it's everyone's business http://www.amazon.com/dp/B00AQKIOFC/ref=r_ea_s_t during the round trip on Amtrack to Leavenworth last weekend. This was more of a meta-business book that provided an alternate way to think about modern management and leadership, versus today's books of recipes, sound-bites and aphorisms. I especially liked the sentiment where today's manager is possibly the last domain of the generalist since the modern worker is a super-specialist who necessarily 'knows more' than his manager. This leaves the role of the manager to inspire, lead, coordinate, and synthesis the efforts of this global workforce.

Pretty interesting read.

Well, I should summarize this post by reminding myself that the written word provides scale. Conference talks are great for networking and getting new insights, but for purposes of information dissemination they have understandable limits. In 2014 I need to convert more of my slides and talks into more deliberate writing activities. When I revisit this post in 12/14 we'll see how I have done in making progress against task on this sentiment.

With that I will close today and wish everyone a Merry Christmas.


Sunday, December 15, 2013

Invention and Innovation

I recently returned from Shanghai. I was greeted by the following when I boarded the plan from LAX to SH, though.
There was little hyperbole in that headline, I'm afraid. Since my first trip to the Shanghai to work with our team members at the Cao He Jing site in 2001, and then Shanghai Mart in the early 2000's, and finally the Zizhu campus, the pollution and traffic have increased.

But what has also increased is the team's experience and capabilities. The energy of the Intel team always recharges me, and this trip was no exception.

These trips include working sessions, open forums, talks, and other instances of collaboration. One talk I always offer to the site is patent training, for an engineer's perspective. I want to make sure that the audience doesn't believe that I can provide legal advice, but what I can do is to provide guidance on the process within the company.

Since the process by engineers capture and idea and propose it for inclusion in a potential patent filing varies per company, what I'll discuss below entails more of a higher level view of how I think about the process, and innovation in general.

For me I see a serial relationship between Invention and Innovation, as follows:

INVENTION
Company feeds $’s into Engineer + Engineer’s insight in response to a Problem Statement
Results == Patents
INNOVATION
Patents + Engineering + Marketing leads to product development
Company sells products
Results == earnings of $$$$’s (or RMB, YEN, Euro...)

-- Repeat this loop of INVENTION -> INNOVATION




So this frames the action of Invention versus the broader goals of the company, such as creating products which delight and fulfill end customer needs.  The process begins with invention, using a small 'i'. Therein an engineer is faced with a problem presently, or potentially in the future, faced by the market. The engineer devises a solution, and if it is 'novel' or distinct from other practice, it may be a candidate for formally pursuing a patent, or Invention with the capital 'I.' Of course most of our engineering problem solving is invention, but it is important to note the creation of patents because of the present nature of cross-licensing, company investment preservation in its Research and Development (R&D) spend, etc. These means the evolution of the small 'i' to the big 'I,' namely transforming invention into Invention and the associated patent applications for the latter.

With invention in hand, whether small 'i' or 'I', the long path of Innovation, or working with a team within, across, and possibly beyond the company, to deliver product. If the engineering concept was truly born of a problem statement enjoyed by the market and the team can execute on the associated reduction of the design to a shipping product, and the timing of the market is right, and....including many other factors such as the phase of the moon, resultant revenue should be borne of the activity. And as each company reinvests some revenue into R&D from whence invention is incubated, the virtuous cycle continues.

And note the emphasis on 'problem statement.' For me a good problem statement that is relevant to the business can be the source of unbounded invention, and hopefully, resultant innovation.

So invention is the idea pump that can inform product design, but Innovation is the mapping of invention into the creation of products that you ship to customers and for which you get paid.

This is how I think of invention in the context of business-driven-innovation ("BDI," oh not another acronym.....). It is perhaps a bit narrow minded and parochial, but just as I cannot see myself studying theoretical physics or maths, I feel most comfortable operating in a space where the business imperatives are manifest. Sort of like how after the Cultural Revolution in China I heard that all maths were "Maoist Mathematics", such as to support manufacturing and civil engineer, not pure maths. Maybe that explains why the Alma mater of many of my Shanghai colleagues, Shanhai Jiao Tong University, literally translates to "Traffic School" (or at least that's what they've told me)? To my mother's chagrin this is also the reason that my CV doesn't include the PhD moniker, too.

The cycle between Invention and Innovation at a large company is often tempered by the role of "Exit Champions," as well defined in the Harvard Business Review article http://hbr.org/2003/02/why-bad-projects-are-so-hard-to-kill/. It continually proves a delicate balancing act to ensure that Invention and Innovation are congruent with the business exigencies, especially given the finite resources for R&D budet allocation. But with our ever-changing market and internet-time pressure, I always feel the need to co-equally role model the 'entrance champion,' or party who delivers Invention+Innovation, as much as providing the guard rails of the 'exit champion.'

Given my love of business-driven-innovation, maybe I'll miss the next Kuhn-style paradigm shift and scientific revolution http://en.wikipedia.org/wiki/The_Structure_of_Scientific_Revolutions, but this is where I feel I fit into the flow on this dynamic.  Enough said for Sunday blogging. And thanks for reading if you made it this far.

Sunday, December 8, 2013

Better living through tools

In an earlier post http://vzimmer.blogspot.com/2013/09/end-of-summer-13.html I spoke about architecture versus implementation, and the process of successively refining an architecture to some implementation artifact. I didn't elaborate upon some of the techniques to demonstrate correspondence between the design goals and the implementation behavior. In the industry this can be naively thought of as just a simple matter of testing, but I believe it goes further than that, namely the broader concern of representing architectural intent in a product.

With respect to software development and testing, though, there are many different approaches. Recent efforts like Test Driven Development (TDD) have shown promise in practice, and I enjoyed Grenning's Test Driven Development in Embedded C on the same. Similarly, books like James Whittaker's How Google Tests Software and its associated blog http://googletesting.blogspot.com/2011/01/how-google-tests-software.html provides a very pragmatic approach to the problem, namely all developers write test and a centralized test organization is both responsible for a consultative and automation/infrastructure role. In our world of UEFI and EDK2 we have the Self-Certification Tests (SCTs) http://www.uefi.org/sites/default/files/resources/UPFS11_P3_UEFI_SCT_HP_Intel.pdf.

Now lets look at the problem from a broader level, namely expressing architectural intent. To me this is nowhere more important than in the world of building trustworthy systems, especially the "Defender's Dilemma" that Jeremiah reminds us of in slide 7 of http://www.uefi.org/sites/default/files/resources/UEFI_Summerfest_2013_-_Microsoft_Hardware_Security_Test_Interface.pdf. Namely, the attacker only has to discover one flaw, whereas the defender has to provide no gaps. And it is the 'gaps' that are important in this post since flaws can span from the architecture down into the implementation.

To that end of mapping architectural intent directly to code, I have continually been intrigued by the work of Gernot Heiser http://www.cse.unsw.edu.au/~gernot/ at NICTA on Trustworthy Systems http://www.ssrg.nicta.com.au/projects/TS/. The trophy piece of that effort is seL4, a formally validated microkernel with correspondence between C code, a machine model, Haskell, and a theorem prover. This is undoubtedly a BHAG http://en.wikipedia.org/wiki/Big_Hairy_Audacious_Goal to scale more generally, but it does serve as a beacon to show what can be done given sufficient focus and incentives.

Gernot's effort is not alone, of course. There is the verification of the CMU SecVisor http://www.cs.cmu.edu/~jfrankli/tr/franklin_secvisor_verification.pdf, UTexas Hypervisor verification http://arxiv.org/pdf/1110.4672.pdf, and application of formal methods to industrial problems like http://swtv.kaist.ac.kr/courses/cs350-08/ase08_submitted.pdf.

Beyond seL4, though, there are other efforts that NICTA incubates under the banner of Trustworthy Systems, as best described in http://www.nicta.com.au/pub?doc=4163. One of the authors of the latter paper in Leonid Ryzhyk, and in 4.2 the paper references work on the long goal of device driver synthesis, or correct-by-construction for this class of system software.

And it is the holy grail of 'correct-by-construction' for systems code that I want to mention next in a little more detail. Intel recently published a paper Device Driver Synthesis http://noggin.intel.com/content/device-driver-synthesis in the Intel Technology Journal, Volume 17, Issue 2, December 2013 titled Simics Unleashed - Applications of Virtual Platforms http://www.intel.com/content/www/us/en/research/intel-technology-journal/2013-volume-17-issue-02-intel-technology-journal.html that goes into some detail on a real instance of code synthesis.

Regarding driver synthesis, an overview of the effort may best be described in a picture, such as


above. The idea entails taking a model of the hardware to be managed by a driver plus a formal interface of how the driver interacts with the system software environment, and then synthesize the reactive code for the driver. The ideal would be automation that simply emits code, but given the human aspect of software development, such as maintenance, review, evolution, the process can act as an interactive session to have the user add code as part of synthesis, and ensure those additions are correct. The effort also focuses on making the resultant code something that has seemly names and meets other psychological constraints in working with code, such as cyclomatic complexity http://en.wikipedia.org/wiki/Cyclomatic_complexity.

Within Intel, I had the pleasure of engaging with Mona Vij who has led the team in Intel labs on evolving this technology since the summer of 2012. She, along with the Intel and external university researchers, have proven valuable, innovative parties with whom to engage. You can see the elements of our collaboration via the UEFI aspects of the effort in the paper. I believe realizing a vision of this type of work-flow would complement other efforts for the UEFI community, such as http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=UEFI_Driver_Wizard.

For additional details, the Termite page http://www.ertos.nicta.com.au/research/drivers/synthesis/home.pml calls out the collaboration. More details on the engagement with Intel and the university can be found at  

From the perspective of evolving my skills as a technologist, the engagement offered an interesting view into another approach for system software Better living through tools. It also opened my eyes to look beyond my old friend of C code to a world of functional languages like Haskell, into DSL creation, use of Binary Decision Diagrams (BDD's), SAT solvers, hardware modeling languages like DML and SystemC, too.

The industrial advantages of functional languages, albeit Lisp and not Haskell, finds an interesting discussion in the writings of Paul Graham http://www.paulgraham.com/avg.html. I recommend reading his essays, including the book version Hackers and Painters http://www.amazon.com/Hackers-Painters-Big-Ideas-Computer/dp/1449389554.

The above paper will give you a feel for the effort, but if you are hungry for more details on the underlying mechanics, I recommend visiting http://www.ssrg.nicta.com.au/projects/TS/drivers/synthesis/, too.

So again, these are my thoughts and not a plan-of-record of my employer, as my obligatory blog bio reminds people. But what I did want to do with this post is enjoin system software engineers in a conversation to think differently about how we write specifications and the process by which we refine these specifications to code, ensure that the code matches the specifications, and finally, evolve code + spec over the life of our technologies.


PS
September 2014 update.  Termite is now open source https://github.com/termite2