Thursday, July 31, 2014

Podcast: Patents and open document formats with the OSI's Simon Phipps

Simon talks recent US software patent case decisions and why they're so significant as well as the recent UK government decision about open document formats. Who are the winners and the losers?

Some links:

Listen to MP3 (0:21:47)
Listen to OGG (0:21:47)


Gordon Haff:  Hi, everyone. This is Gordon Haff with Red Hat Cloud Product Strategy, and I'm here with someone that many of you probably know, Simon Phipps, who, among other hats, is the president of OSI, the Open Source Initiative.
We're here at OSCON this week, and I grabbed Simon partly because there's been a variety of recent news which, for those of us that believe in open source and reasonable intellectual property regulation, I think is pretty good news.
Simon Phipps:  I think you're right. Nice to see you again, Gordon. There's been several things in the last month that have been really very exciting indeed. To go in reverse order, the UK announced that it's standardizing an open document format this week, which means that all future UK government work is going to be using an open standard.
That means that there's now a choice of tools that UK citizens can use to interact with their government. They can use Microsoft Office, but they can now also use LibreOffice. They can now use AbiWord. They can now use a variety of free and open source software, which I think is some great news.
That probably wasn't what you were thinking of, though. You were probably thinking more of the US court of appeals for the federal circuit made a decision about two weeks ago. It was around July 10th I think it was that it came out. This was a finding in the Digitech case.
Digitech are a patent troll who are associated with the IP hoarders Acacia, and they were suing pretty much everyone you've ever heard of that does digital imaging for infringement of a fairly fundamental patent on image profiles. They were suing Mamiya and Pentax. They were suing B&H Audio in New York. They were suing They were suing laptop companies.
The court of appeals had slightly delayed the case waiting for the result of a Supreme Court judgment on another software patent case, which was the Alice v. CLS Bank case.
Gordon:  We'll be talking a little bit more about the document formats, which I think is really interesting. I'd like to dig a little deeper into and maybe to explain to our listeners, how does the federal district court relate to other district courts and relate to the Supreme Court? Why do you think this is a particularly interesting ruling?
Simon:  If you are sued for patent infringement, it will probably be heard by a court of the attacker’s choosing. Commonly these cases end up in a court in the east district of Texas where the court has a fairly clear preference for finding in favor of patent holders.
But if you then appeal one of those suits, patent cases get heard by the federal circuit. The court of appeals for the federal circuit is the bottleneck or the choke point where all of the appeals over software patent cases end up.
Traditionally as a court, they too have had a tendency to find in favor of patent holders and to uphold pretty much every patent case that's brought before them where there isn't an obvious reason not to.
A change in behavior or a change of precedent that affects the federal circuit court of appeals is very significant. It affects the whole of the US. It means that patent actions that take place across the whole country have now got a new dynamic. A patent aggressor can no longer take it as read that a local victory is also going to mean a federal circuit victory. That's what I think the Digitech case is so significant.
It's also significant in that Digitech was suing a lot of people, and it's a significant fact that all those people are no longer burdened with expensive and unnecessary litigation.
Gordon:  That's certainly one of the things that happens with a number of these IP cases. They can even cascade down into the individual consumer, user level, which can have a real chilling effect.
Simon:  The worst thing about patent troll actions is that you typically don't know about them. Because there's been a fair amount of documentation now from researchers about how patent cases work. Typically, a patent troll will offer to settle with you without ever going to court. They will set the price of settling with you to somewhere that's just a little below the cost of your first court case.
As a consequence of that, many people will decide to pay the danegeld. That's an expression from an old Rudyard Kipling poem where he talked, he said that those that pay the danegeld, which relates to a historic tax that the invaders of Britain and other places would have on their new subjects. He who pays the danegeld never gets rid of the Dane, Rudyard Kipling says.
A lot of people settle out of court. They also sign an NDA to say that they won't disclose the fact they settled or the amount they settled for, and so we never find out that these cases have been doing on.
The difficulty is that patent law is shaped so that it depends on going to court to correct injustice. There's no way to correct injustice any earlier in the process. The US patent office, because they're overburdened with huge amounts of applications that they have to deal with, they tend to leave errors of judgment, errors of approval, for settling in the courts.
But patent trolls make sure that even if they have patents which are very questionable, they never reach the courts, because people are too afraid to engage in litigation, and they're also too afraid to act collectively because of the NDAs they've signed.
Again, these actions are very significant because if you know that you could get to the federal circuit and win, you may well decide that you're not going to allow yourself to be shaken down by the troll in the first stage.
That will mean, well no more of the cases are happening. That will mean there will be more opportunity for collective action against the trolls. This will all eat into the trolls' business model, which is to make enough money from the early cases to fund the litigation in the later cases. If you can snuff out those early cases with precedent, then you're on your way to minimizing the problem.
Gordon:  Good news in the patent front.
Simon:  I think it's good news. The other thing that was really significant about the Digitech case is it was the first use of the Alice precedent.
Gordon:  Which was the Supreme Court.
Simon:  The Supreme Court, and Alice v. CLS Bank, Alice Corporation is an Australian company that owns a patent that relates to the minimization of risk in financial trading. CLS bank decided to implement the algorithm without buying a patent license from Alice, and Alice sued.
CLS countersued. It went through the courts; it went to the federal circuit. The federal circuit found they couldn't easily resolve the case, so it went to the Supreme Court.
The Supreme Court in their judgment created a very clear test to work out whether a software patent was going to be valid or not. What they said was that, they said that there could still be software patents, but that simply taking something that is not patent‑eligible like an algorithm and then claiming that it's patentable because it runs on a computer is not sufficient to actually establish patentability.
They said that to get a software patent, the software that you have has got to improve the computer significantly. Because of that, the standard for getting software patents has been dramatically increased by the Alice decision.
The federal circuit court then referred to the Alice decision, and decided not even to proceed to find out if there had been infringement on the Digitech case because they declared that the image processing software was not a significant improvement to the computer. Rather, it was a computer implementing a non‑patent‑eligible technique.
Gordon:  Simon, I think you do have to give yourself a little credit here. Because as I recall, maybe the last time I did a podcast with you, which might have been OSCON last year, you suggested this might actually be one of the paths towards the rationalization of the patent process without just getting rid of software patents entirely.
Simon:  I deserve no credit whatsoever. The people who deserve the credit are the people actually coming up with the ideas. Mark Lemley is a distinguished academic, he's a law professor, and also a practicing lawyer. He was actually the case lead for the people in the federal circuit who were fighting Digitech. I think he deserves a great deal of credit, as do some folks from EFF.
Having said that, OSI was one of the parties filing an amicus brief in the Alice‑CLS case in the Supreme Court, so we've tried to do our bit on behalf of the open source community to step in there and change the law.
I think the dream of getting rid of software patents completely is still a ways off, but I believe the actions that are being taken now dramatically reduce the risk for innovators in the open source domain.
Gordon:  Let's switch gears to your homeland, the UK, and the ruling around document formats there. First of all, maybe you could explain in just a little more detail exactly what the determination was. Secondly, who does this affect?
Simon:  What's happened over there is in the UK we have a portion of government called the cabinet office. The cabinet office is the administrative hub of the government. They are the office of the cabinet. They facilitate cabinet meetings by the minister of state. They also act as the supervisory body for all of the departments of government. They set policy for all the departments of government about how they administer themselves.
They've been engaged in a review of how IT should be procured. In particular, they've been looking at requiring open standards. They've been looking at requiring open data formats, and they've been looking at reducing deal sizes so that open source companies are able to bid for government business, which are all very positive steps.
They made a determination a while back that they wanted a very critical part of government work in the UK to be conducted using open document formats, so that documents could be manipulated by citizens without the requirement to purchase software from a single supplier.
What happened yesterday was an announcement from the cabinet office. It was an official announcement made by the minister of the cabinet office, so a minister of state.
The announcement was that all future documents published by any government department for collaboration or viewing shall use open document formats. Specifically, documents that are only to be viewed must be in PDF/A or in HTML format. Documents where collaboration is going to take place must be in open document format.
Gordon:  There's often issues the fidelity of the document formats and how they convertible they are. As you talk about presentations and the like, is there anything around how convertible things like the particular ODF implementation needs to be?
Simon:  Honestly, you've got to give Microsoft their due here, and it's Microsoft you're referring to. In Office 2013 and in the current version of 365, they've got really good ODF 1.2 support that is, as long as you make intelligent decisions around your documents, is also interoperable.
When I say intelligent decisions about your documents, it's really important that you use free fonts when you're working with documents if you want them to be interoperable. Because no matter how good the document fidelity is, if you've used a font that is only available on a single platform, the way it's rendered on other platforms is not going to be correct. It's really important to use free fonts so that everybody can have them installed on their platforms.
Having said that, the big losers from this are actually Google. Because Google's recalcitrance over ODF means that Google Docs really don't have workable ODF support. That means this decision locks Google out of government procurement in the UK.
Gordon:  Even though a lot of people were jumping to, oh, this affects Microsoft, from your perspective it actually affects Google a lot more than Microsoft?
Simon:  I think it affects Google a lot more. I think Microsoft are actually going to do quite well out of it, because ODF support is in Office 2013. It's not there in Office 2011 by default. People who've got old versions of Office are going to have to upgrade to comply with this. Microsoft is going to see a little burst of upgrade activity as a result of this.
They made a quite negative statement about it. I asked them for comment, and they sent me quite a negative statement about it, but I think they stand to win from this. It's quite a good save, because I was involved in establishing Open Document Format back at the beginning of the last decade.
If Microsoft had engaged at OASIS in 2002, we would probably never have had any controversy. But it was their arrogance at OASIS in relation to ODF that created the whole crisis. I think they've pretty effectively recovered from that crisis now. I think Office 2013 has got pretty good ODF support.
The UK government now requires you use ODF. There is no interoperability. There's no inter‑document format conversion going on. Feature disparity is going to be much less of a problem.
Gordon:  How do you see this affecting elsewhere in the EU, elsewhere in Europe?
Simon:  The UK is a very important market for companies that are trading in Europe. The policies that the cabinet office has been working through are highly influential. There are a lot of European governments that are looking at these issues.
The European commission has rather dropped the ball on open standards. In particular, they have been unwilling to have a royalty‑free requirement on open standards. Because of that, vendors have been able to continue engaging in lock‑in even with standards.
Because standards don't protect you from lock‑in. Many standards come with requirements for you to buy licenses or to take some other action in order to use the standard.
For example, if you want to have a mobile phone, all the protocols your mobile phone uses, they may be standards, but they're standards that you have to buy a royalty license in order to implement. Take video formats. If you want to use MPEG, that's all very well, but you've got to actually buy a license from MPEG LA in order to write the software that manipulates those formats.
Now neither of those things are open standards. Both of those are standards that require you to seek permission in order to innovate. Open standards are standards where you don't have to have permission to innovate.
The UK government's determination that open standards are important, its definition that open standards mean truly open and not just public. Both are very influential in Europe, and I think we'll see other European governments deciding to pick up the UK's thinking and coursework, so to speak, and implement it themselves. This is quite a significant point for Europe, I think.
Gordon:  In other words, you're not ready to retire, but some good news.
Simon:  Yes, and I think is good news. It's taken, what, about 15 years for us to come from a point where nobody could possibly imagine anyone other than Microsoft being in the market to a market where Microsoft has to scrabble and behave well if they want to stay in the market.
That was all brought about by open source software. If Open Office and then LibreOffice had not been doing what they did, we would have seen Microsoft still having a monopoly on the desktop.
Gordon:  I think in some ways that's the greatest effect that those have had.
Simon:  Yes. It's actually very satisfying to look at. The other thing that causes quite a lot of people a visua cognitive dissonance here at OSCON is going out on the show floor and seeing an enormous Microsoft open source stand out on the show floor, which, again, none of us would ever have expected to see 15 years ago when we were getting started with ODF and Open Office.
Gordon:  I think at some level Microsoft has learned that even if they're not an open source company to their core, by any means, they do at least play in the game, and they need to play in the ecosystem.
Simon:  I was explaining to somebody from Microsoft yesterday that, however, this isn't the end of their journey. Because they're still making significant revenues by shaking down revenues that are using open source and claiming there are patent infringements on software that they've never been involved in, never contributed to, and can't prove that they have a patent on.
All the time they continue at what I call being big trolls, then our respect for them is going to be at best diluted.
They've still got to finish that journey. They've got to recognize that community members don't attack community members with patents. I think when they do that, they will then have been able to join the open source community as a full peer.
Gordon:  Maybe they need that as a sticker for the next OSCON.
Simon:  Maybe. There's still plenty to do in open source. That's why I'm still carrying on with OSI. I've got another two years before I'm term‑limited off OSI, but we're significantly transforming OSI. Because we did this, I wrote in InfoWorld this morning. This is the golden age of open source. Now more than ever, we need to educate people what that really means.
People assume that everything is going to be open. They don't necessarily take the steps that are required to actually make things open.
Gordon:  I still see out there talking to IT people at large companies, you still hear statements about open source that you're sort of like, did you just crawl out from under a rock for the last 10 years? I think it's still surprising those of us in the whole open source ecosystem and community how limited the understanding still is in some circles about security or safety and risk and so forth.
Simon:  There continues to be a market for education on, for example, why security through obscurity is bad and why open source, while not guaranteeing your security, makes it easier for you to ensure your security.
There still needs to be some work done on how open source is not about money. The early use of the word free to describe open source software means a lot of people are fixated with money. They want to use a money frame all the time about open source.
Open source is about flexibility. Open source is about being able to innovate without permission. It's about getting out of the way and letting people get on. That's why we have open source licenses. You hear people saying open source licensing is irrelevant, we don't need to worry about open source licensing.
That's complete rubbish. You need to make sure that your code is under an open source license, not to satisfy some lawyer somewhere, but in order to empower other people to collaborate with you without having to get your permission first. When you get these things right, that's good.
We still need to keep on doing this education. It's to a certain degree surprising that 15 years after the start of the open source movement, we're still having to explain that it's not about free stuff, that licenses matter, that a level playing field is key, and that contributing is in your own best interests. OSI is continuing to have those messages.
Gordon:  We all still have lots of work to do.
Simon:  Yes, still plenty to get on with.
Gordon:  Great. Thanks for your time. There's lots more things I'd like to talk about, but in the interests of our listeners' attention span, I think maybe we'll break now and look forward to next time. Hopefully, there will be some more good news.
Simon:  Absolutely. Thanks very much.

Gordon:  Thanks, Simon.

Sunday, July 27, 2014

Lowell Folk Festival: Grand Master Seiichi Tanaka's San Francisco Taiko Dojo

I made it up to the Lowell Folk Festival for a bit yesterday as I usually do if I'm in town. The highlight for me was Grand Master Seiichi Tanaka's San Francisco Taiko Dojo which is a form of Japanese drumming. Check it out if you ever get a chance. Some more pics are up on flickr as well.

Wednesday, July 23, 2014

Iris on Great Wass Island in Maine

Great Wass Island, Maine

I took some photos with my new 12-24mm Sigma lens on my Canon 5DIII before my post-Asian fever brought me down.

Links for 07-22-2014

Wednesday, June 18, 2014

Links for 06-19-2014

Friday, June 13, 2014

PaaS: Lessons from Manufacturing

I wrote this presentation for Cloud Expo 2014 in NYC on June 11. I plan to make a narrated version available one of these days but I'm taking off on some travel and I promised I'd make the slides themselves available after the conference.

Here's the abstract:

Software development, like engineering, is a craft that requires the application of creative approaches to solve problems given a wide range of constraints. However, while engineering design may be craftwork, the production of most designed objects relies on a standardized and automated manufacturing process. By contrast, much of what's typically involved when moving an application from prototype to production and, indeed, maintaining the application through its lifecycle remains craftwork. In this session, Red Hat Cloud Product Strategist Gordon Haff discusses how a Platform-as-a-Service (PaaS) like Red Hat OpenShift can bring industrialization to the development and deployment of applications. By abstracting irrelevant details and automating key activities, a PaaS can do for software development productivity and quality what assembly line innovations did for manufacturing.

Thursday, June 12, 2014

Podcast: Internet of Things with Red Hat's James Kirkland

James Kirkland, Chief Architect for Intelligent Systems at Red Hat, discusses the material economic impact that the "industrial Internet of Things" can bring to many businesses. In particular, James discusses a number of the specific scenarios in which transportation companies, such as railroads, are looking to IoT in order to dramatically improve the efficiency of their operations. James caps off this discussion with a look at IoT security.

Red Hat Embedded Program

Listen to MP3 (0:17:37)
Listen to OGG (0:17:37)


Gordon Haff:  Hi, everyone. This is Gordon Haff here at Cloud Expo 2014. I'm here with James Kirkland, who's the Chief Architect for Intelligent Systems and the Internet of Things [at Red Hat], which is even more buzzwords than I have in my title. Welcome, James.
James Kirkland:  Thank you very much. Thanks for having me on.
Gordon:  James, let's talk about the business angle of Internet of Things. There's probably been a lot of attention paid to consumer‑type stuff. That I could put up my window shades without having to get up from my sofa, but that's probably not where money is with Internet of Things. How are we going to make money off of this thing?
James:  We classify it as the industrial Internet of Things or the enterprise Internet of Things. The way they're going to be able to drive lower costs and higher asset utilization is by, I call it, "the data cycle."
They're going to gather data out from these sensors on the edge and in the Internet of Things. That data is going to be shuttled along into the back office and into the cloud. You're going to use data analytics applications to mine that for ways to optimize your system.
For example, the freight railroads in the United States, if they're able to increase their average fleet speed by one mile an hour, it's $256 million in profit a year.
They're always looking at ways to optimize the fleet speed, controlling with predictive analytics, track failures, equipment failures and things like that. They would rather pull equipment out of service earlier rather than having it fail on the line and stop traffic. It's things like that, the predictive analytics side.
The other side is looking for patterns where you can optimize flows and look for data where you see customer patterns or patterns within things. For example, with smart grid one of the issues is...I'll use an example of electric vehicles and charging those electric vehicles.
With electric cars, there are two challenges with that. One is they have to detect when customer are adding electric cars in particular neighborhoods and areas, so that they can provision additional capacity to handle that as far as transmission.
More importantly, they need to develop algorithms that are based on data so that, when they detect that they're in peak load in certain areas, they can then decide which charging stations they can shut off, which air conditioning units they can raise the temperature on, things like that.
It's the big data analytics on the backside, on the cloud, where they're going to be able to look at that aggregate data, where they did fail, be able to analyze it and find patterns so that next time that it happens, they can handle it in a more efficient manner, without having to provision additional generation capacity.
A lot of what they do is have emergency generation capabilities that are higher cost, like oil, that they turn on in these peak periods. If they can avoid that by shutting off things like the charging stations temporarily, it makes a big difference in their profitability.
Gordon:  Implicitly, it seems a common thread what you're talking about here is money is involved. Again, going back to my comment at the beginning, I think a lot of the popular press excitement is for other things that are very, very far off and very theoretical, or cool and neat and glitzy.
But, it's not clear that they necessarily relate to saving money or having a direct business impact. Not to put words in your mouth, but where the Internet of Things is really going to be exciting is when there's a direct, near‑term, achievable making more money.
James:  That's it exactly. You've got to find the use cases where there's going to be return on the investment. If there's not a return on the investment, having a refrigerator that glows green when you've got enough food or texts you when you're out of milk...Those are interesting applications, but I think that they're a flash in the pan.
The long‑term return on these things is improving profitability using the resources that you have, the best possible. Also, there's a societal thing which, especially when you look at transportation and smart grid, is environmental. Getting the most bang for your carbon buck, so to speak, and reducing emissions as much as possible.
There's a ton of different reasons why you would do it, but it comes back basically to profitability. That's completely it.
Gordon:  For one thing, when you talk about putting in new sensors, whether it's at the consumer level or whether it's at the business level, of essentially making investments, of getting rid of things that were there today, that are presumably working at some level.
Again, am I going to buy a new refrigerator because it glows red when I'm out of milk? Probably not, but if you're a railroad and investing in some new sensors pays for itself in a year, that makes a lot more sense.
James:  Right. From the railroad examples, it's really important for them to keep everything moving at speed and also to limit misdirections.
For example, it's really important for them to do that as a train comes into a switching yard. They have to determine through analytics what cars are part of that train, how to break the train apart, and then reassemble new trains from it.
There's some percentage of misdirection that happens. A car will get misdirected to the wrong city and has to be sent back, so there's customer dissatisfaction. There's the cost, there's the wear and tear.
We're doing things like working with the railroads to improve their car detection and routing programs based on the combination of new sensors being deployed in the field like you're talking about, replacing systems that have been there 20 or 30 years, and then using the analytics on the backside to develop new rules based on the analysis of where they went wrong and where the failures happened.
Gordon:  Let's talk a little bit more about those data analytics and about the learning algorithms and the like. Are these repurposing of the types of algorithms, the types of analytics software that we have today? Or is this a new area? Is this somewhere where research needs to be done, where product development needs to be done?
James:  I definitely think there are some algorithms that are out there today. A lot of the ones that exist today came out of research 10, 20 or 30 years ago in academia. There's growing interest today in finding new sets of rules that are relevant to these systems within the Internet of Things.
I think there's going to be a burgeoning, whether it's academic, whether it's in the private research labs or whatever. We need people researching how we find these optimizations, how we detect these patterns.
It gets back to ‑‑ you and I talked about this before ‑‑ machine learning is still in its infancy. We can find the easy patterns and we can program for them, but we really need something that is smart and diligent, is going to look for patterns in and of itself through this data, find them and then bring them to your attention.
That's an area that the academics need to mature over the next five years. Then it comes out of academia and gets productized like any of these things.
Gordon:  Do you see there being specific breakouts, or is this going to be the typical type of thing, whether there's a lot of blocking and tackling and incrementally knocking off particular use cases?
James:  I think it's going to be a lot of blocking and tackling. One of the companies that I work with does acoustic detection along fiber optic lines. There's essentially a dark fiber optic cable that runs along a railroad track or along a pipeline.
It has devices every few hundred yards that are listening on that for acoustic signatures of failures or of equipment breaking. The sound of a rail with microfractures in it is different than the sound of a rail that is sound.
They are going out into areas where there are rails. They're setting these up. They're recording them and then looking for failures, and seeing the signatures of that. But it's difficult because you have to take into account that with these things the humidity in the air, the type of geography, sound propagates differently.
In this case, it's a private company working in conjunction with a railroad industry body that's like an institute and going out to all these different geographies in places with different weather patterns and different humidities and learning what failure sounds like. Running railroad cars with a flat wheel or with a frozen bearing over these and finding the signature for them.
Gordon:  Internet of Things, I'm not sure that's something most people would really associate Red Hat with. Yet here we are at the Internet of Things Expo, Big Data Expo, Cloud Expo, all the buzzwords expo. What are some of the specific things that Red Hat is doing that touch on Internet of Things?
James:  We've got several areas that we bring something special to the Internet of Things. Obviously, we have Linux. Everybody knows that we have Red Hat Enterprise Linux. Red Hat Enterprise Linux fits within a subset of these devices that are out in the field.
It obviously fits within the cloud and the data center, but also controllers, gateways and more complicated sensors. A Red Hat Enterprise Linux makes a lot of sense.
We have a suite of middleware products that are lightweight and allow us to deploy into the field and into the cloud a consistent stack of products that allow you to do things like messaging‑oriented middleware to move data around. Our Fuse ESB, which allows you to transform and translate data and act on changing the data when you need to do that from legacy formats or to interfaces like REST.
We've got a business rules management platform. Our BRMS platform allows you to tag data that comes in and when it matches particular rules, go ahead and take action, whether that action's a notification or triggering a controller that turns on or off a switch.
We also have JBoss Data Grid. If you're having to do real‑time analysis, you can store that real‑time data in the in‑memory data grid, and then have the business rules monitoring that in‑memory data cache so that you get high‑performance, real‑time analysis of that data.
When you look, you have those same, consistent tools in the back office and in the cloud also paired with things like Data Virtualization to abstract the complexities of the data from your developers. Obviously, OpenShift and OpenStack for cloud management and PaaS. We have a broad range of products that lend themselves very well to tackling the types of problems that you run into.
Typically, these are the building blocks that either individual implementers or our partners are going to use to build their own products to do these sorts of things.
Gordon:  One of the things that strikes me as you were going through that is, again, I think people tend to think of the sensors, the thermostat or whatever, but, what you're really describing is very much a massive, distributed system.
James:  That's it exactly. We looked at the industrial Internet of Things and enterprise Internet of Things as having three tiers. You've got that sensor edge device that's was going to be a temperature sensor or is going to be a vibration sensor or whatever. You may have a gateway. That gateway, there's potential legacy sensors onto the Internet.
But, there's a central tier that resides in the field, in a yard, in an airport or in a substation that gathers that data, amalgamates it, does quick analysis for quick, tactical business rules management and complex event processing, and then sends summarized data back into the cloud for long‑term, deep, strategic analysis to find new rules.
That's the complex architecture. It takes complexity to each of those levels and broad system management, programming and capabilities to be able to meet these use cases. It happens not only at the sensor edge, but at that control tier and in the cloud. It takes all three to work.
Gordon:  Just one last topic area before we close. Security.
This is obviously a pretty hot topic in the Internet of Things. What are your views on architectures and approaches? There can be some pretty serious consequences if train signals are hacked, for example.
James:  There's several aspects that are important. One is that the heritage of embedded systems is that you build an embedded system and you buy enough for 15 years. You deploy them and you don't touch them again until they die.
That's going to be a thing of the past. All these are going to be network‑connected. In some form or fashion, the level of complexity is going to depend...
But, you're going to need to manage these systems for configuration management. You're going to need to have some form of AAA [authentication, authorization and accounting] on it. You're going to need to have patching. You're going to need to have all those sorts of things.
You're going to manage it sort of like you do a cloud. You're not going to do deep, heavy system management like you would on a database system, but you have to have some control over it. I expect to see tools for that sort of management evolve over the next couple of years.
The other side of it is that you need to look at encryption and certificate‑based authentication. Certificate‑based authentication works whether you're encrypting your data or not, because it allows you to authenticate that actor is who they say they are and that it's not somebody spoofing.
Then encryption. You've got to look at encryption at rest, whether you need to encrypt your data when it's sitting, whether that's in memory somewhere, or in a file system or wherever the data sits. Can you personally identify someone from that data or can that data be used to compromise your system?
If so, you need to, fundamentally, encrypt it and keep it encrypted until it needs to be used again versus "That's just aggregate data," or data that you can't trace back or use. In that case, you may want to just encrypt it in flight.
There is some data where you may not need to encrypt it at all, but you definitely need to use certificates to authenticate that the actors in that system are who they say they are.
Gordon:  Thank you for your time. Have any last words?
James:  Yeah, I would say please come and check out It's the beginnings of our embedded story there. We're going to be continuing over the next few weeks releasing additional white papers and information at that site.
Please catch me on Twitter. I'm @jkirklan and would love to have a conversation with anybody that's interested in the topic.
Gordon:  Great. Thanks very much, James.

James:  Thanks. Have a great day.

Wednesday, June 11, 2014

Podcast: Cloud management with Dell's James Urquhart

Management software changing! Users demanding! Containers coming!

I've known James for a number of years now and he always has a great deal of insight to share. This podcast from the Cloud Expo 2014 show floor (apologies for audio that isn't quite up to my usual standards) is no exception. James talks about how IT has to build for the users--not just themselves--and the stories of the moment. (It's probably no surprise that Docker gets a call out.)

Listen to MP3 (0:13:44)
Listen to OGG (0:13:44)

Friday, June 06, 2014

Links for 06-05-2014

Tuesday, June 03, 2014

Home automation meets the analog world

Apple homekit 310 236

I sort of hate to be the naysayer, which I seem to be being about a lot of futuristic things these days. But I’m having a lot of trouble with the whole SmartHome idea, Apple’s HomeKit entry notwithstanding.

I’m certainly not a gadgetphobe and I even still have some wireless X10 controlling some lights in rooms that were never completely rewired in my 1823 house. But it’s pretty hard for me to imagine what realistic relatively near-term benefits would lead me to any sort of wholesale upgrade of light switches and such. Heck, cool as the Nest looks, I can’t really justify replacing a perfectly functional programmable thermostat with one.

I suppose that really solid voice recognition and smart command processing for music, video, and communications systems could be interesting in a few years. (Though how long has it been since voice recognition has been on the cusp of good?) I wouldn’t mind telling my phone to turn on music to such-and-such playlist on the downstairs speakers only. But, as the hierarchy of my daily annoyances and chores goes, saving a minute to walk to the old iPhone that feeds my stereo and poke at it with my fingers a few times is pretty low on the list. 

And, indeed, anything that's primarily about getting home digital things to do stuff isn’t hugely interesting. Maybe that’s a failure of my imagination, but so it goes.

It’s not that I can’t imagine useful home automation if I give my imagination carte blanche to embrace the possibilities. Load the dishwasher, run it, and put away the dishes? Sign me up. Do my laundry and hang it up. Please. But Roombas notwithstanding (which I don’t think would work terribly well with my house layout), I don’t see any of this coming about anytime soon. And, arguably, even more modest advances will tend to run smack into life cycles for appliances and kitchens that tend to run into decades.

Automation can be extremely powerful in controlled environments with well-defined tasks and constraints. My messy analog home? A lot less so.