Safe AI

I’ve been writing about AGI (see part-0 [ish]part-1 [ish]part-2 [ish]part-3ish, part-4 and part 5) and the dangers that come with it (part-0 in the above list) for a number of years now. My last post on the subject I expected to be writing a post discussing the book Human compatible AI and the problem of control which is a great book on the subject. But since then I ran across another paper that perhaps is a better brief introduction into the topic and some of the current thought and research into developing safe AI.

The article I found is Concrete problems in AI, written by a number of researchers at Google, Stanford, Berkley, and OpenAI. It essentially lays out the AI safety problem in 5 dimensions and these are:

Avoiding negative side effects – these can be minor or major and is probably the one thing that scares humans the most, some toothpick generating AI that strips the world to maximize toothpick making.

Avoiding reward hacking – this is more subtle but essentially it’s having your AI fool you in that it’s doing what you want but doing something else. This could entail actually changing the reward logic itself to being able to convince/manipulate the human overseer into seeing things it’s way. Also a pretty bad thing from humanity’s perspective

Scalable oversight – this is the problem where human(s) overseers aren’t able to keep up and witness/validate what some AI is doing, 7×24, across the world, at the speed of electronics. So how can AI be monitored properly so that it doesn’t go and do something it’s not supposed to (see the prior two for ideas on how bad this could be).

Safe exploration – this is the idea that reinforcement learning in order to work properly has to occasionally explore a solution space, e.g. a Go board with moves selected at random, to see if they are better then what it currently believes are the best move to make. This isn’t much of a problem for game playing ML/AI but if we are talking about helicopter controlling AI, exploration at random could destroy the vehicle plus any nearby structures, flora or fauna, including humans of course.

Robustness to distributional shifts – this is the perrennial problem where AI or DNNs are trained on one dataset but over time the real world changes and the data it’s now seeing has shifted (distribution) to something else. This often leads to DNNs not operating properly over time or having many more errors in deployment than it did during training. This is probably the one problem in this list that is undergoing more research to try to rectify than any of the others because it impacts just about every ML/AI solution currently deployed in the world today. This robustness to distributional shifts problem is why many AI DNN systems require periodic retraining.

So now we know what to look for, now what

Each of these deserves probably a whole book or more to understand and try to address. The paper talks about all of these and points to some of the research or current directions trying to address them.

The researchers correctly point out that some of the above problems are more pressing when more complex ML/AI agents have more autonomous control over actions in the real world.

We don’t want our automotive automation driving us over a cliff just to see if it’s a better action than staying in the lane. But Go playing bots or article summarizers might be ok to be wrong occasionally if it could lead to better playing bots/more concise article summaries over time. And although exploration is mostly a problem during training, it’s not to say that such activities might not also occur during deployment to probe for distributional shifts or other issues.

However, as we start to see more complex ML AI solutions controlling more activities, the issue of AI safety are starting to become more pressing. Autonomous cars are just one pressing example. But recent introductions of sorting robots, agricultural bots, manufacturing bots, nursing bots, guard bots, soldier bots, etc. are all just steps down a -(short) path of increasing complexity that can only end in some AGI bots running more parts (or all) of the world.

So safety will become a major factor soon, if it’s not already

Scares me the most

The first two on the list above scare me the most. Avoiding negative or unintentional side effects and reward hacking.

I suppose if we could master scalable oversight we could maybe deal with all of them better as well. But that’s defense. I’m all about offense and tackling the problem up front rather than trying to deal with it after it’s broken.

Negative side effects

Negative side effects is a rather nice way of stating the problem of having your ML destroy the world (or parts of it) that we need to live.

One approach to dealing with this problem is to define or train another AI/ML agent to measure impacts the environment and have it somehow penalize the original AI/ML for doing this. The learning approach has some potential to be applied to numerous ML activities if it can be shown to be safe and fairly all encompassing.

Another approach discussed in the paper is to inhibit or penalize the original ML actions for any actions which have negative consequences. One approach to this is to come up with an “empowerment measure” for the original AI/ML solution. The idea would be to reduce, minimize or govern the original ML’s action set (or potential consequences) or possible empowerment measure so as to minimize its ability to create negative side effects.

The paper discusses other approaches to the problem of negative side effects, one of which is having multiple ML (or ML and human) agents working on the problem it’s trying to solve together and having the ability to influence (kill switch) each other when they discover something’s awry. And the other approach they mention is to reduce the certainty of the reward signal used to train the ML solution. This would work by having some function that would reduce the reward if there are random side effects, which would tend to have the ML solution learn to avoid these.

Neither of these later two seem as feasible as the others but they are all worthy of research.

Reward hacking

This seems less of a problem to our world than negative side effects until you consider that if an ML agent is able to manipulate its reward code, it’s probably able to manipulate any code intending to limit potential impacts, penalize it for being more empowered or manipulate a human (or other agent) with its hand over the kill switch (or just turn off the kill switch).

So this problem could easily lead to a break out of any of the other problems present on the list of safety problems above and below. An example of reward hacking is a game playing bot that detects a situation that leads to buffer overflow and results in win signal or higher rewards. Such a bot will no doubt learn how to cause more buffer overflows so it can maximize its reward rather than learn to play the game better.

But the real problem is that a reward signal used to train a ML solution is just an approximation of what’s intended. Chess programs in the past were trained by masters to use their opening to open up the center of the board and use their middle and end game to achieve strategic advantages. But later chess and go playing bots just learned to checkmate their opponent and let the rest of the game take care of itself.

Moreover, (board) game play is relatively simple domain to come up with proper reward signals (with the possible exception of buffer overflows or other bugs). But car driving bots, drone bots, guard bots, etc., reward signals are not nearly as easy to define or implement.

One approach to avoid reward hacking is to make the reward signaling process its own ML/AI agent that is (suitably) stronger than the ML/AI agent learning the task. Most reward generators are relatively simple code. For instance in monopoly, one that just counts the money that each player has at the end of the game could be used to determine the winner (in a timed monopoly game). But rather than having a simple piece of code create the reward signal use ML to learn what the reward should be. Such an agent might be trained to check to see if more or less money was being counted than was physically possible in the game. Or if property was illegally obtained during the game or if other reward hacks were done. And penalize the ML solution for these actions. These would all make the reward signal depend on proper training of that ML solution. And the two ML solutions would effectively compete against one another.

Another approach is to “sandbox” the reward code/solution so that it is outside of external and or ML/AI influence. Possible combining the prior approach with this one might suffice.

Yet another approach is to examine the ML solutions future states (actions) to determine if any of them impact the reward function itself and penalize it for doing this. This assumes that the future states are representative of what it plans to do and that some code or some person can recognize states that are inappropriate.

Another approach discussed in the paper is to have multiple reward signals. These could use multiple formulas for computing the multi-faceted reward signal and averaging them or using some other mathematical function to combine them into something that might be more accurate than one reward function alone. This way any ML solution reward hacking would need to hack multiple reward functions (or perhaps the function that combines them) in order to succeed.

The one IMHO that has the most potential but which seems the hardest to implement is to somehow create “variable indifference” in the ML/AI solution. This means having the ML/AI solution ignore any steps that impact the reward function itself or other steps that lead to reward hacking. The researchers rightfully state that if this were possible then many of the AI safety concerns could be dealt with.

There are many other approaches discussed and I would suggest reading the paper to learn more. None of the others, seem simple or a complete solution to all potential reward hacks.

~~~

The paper goes into the same or more level of detail with the other three “concrete safety” issues in AI.

In my last post (see part 5 link above) I thought I was going to write about Human Compatible (AI) by S. Russell book’s discussion AI safety. But then I found the “Concrete problems in AI safety paper (see link above) and thought it provided a better summary of AI safety issues and used it instead. I’ll try to circle back to the book at some later date.

Photo Credit(s):

Silq and QUA vie for Quantum computing language

Read a couple of articles this past week on new Quantum computing programing languages. Specifically, one in ScienceDaily on Silq, (The 1st intuitive programming language for quantum computers) and another in TechCrunch (Quantum Machines announces QUA, its universal lang. for quantum computing). The Silq discussion is based on an ACM SIGPLAN paper (Silq: A High-Level Quantum Language with Safe Uncomputation and Intuitive Semantics). programing

Up until this point there have been a couple of SDK’s for various quantum computers, most notably QASM for IBM’s, Q# for Microsoft’s and ? for Google’s Quantum Computers. We have discussed QASM in a prior post (see: Quantum Computer Programming post).

But both QUA and Silq are steps up the stack from QASM and Q#, both of which are more realistically likened to machine microcode thanassembly code. For example, with QASM you are talking directly to mechanisms to cohere qubits, electronics needed to connect qubits, electronics to excite qubit states, etc.


QUA and Silqs seem to take different tacks to providing their services.

Silq control flow
  • Silq is trying to abstract itself above the hardware layer and to provide some underlying logical constructs and services that any quantum programmer would want to use. Most notably, Silq mentions that they provide automatic erasure of intermediate calculations results which can impact future quantum calculations if they are not erased. They call this “specific uncomputation“. Silq also offers types, loops, conditionals, superposition (the adding together of two quantum states) and diffusion (spreading of quantum states out).
  • QUA on the other hand is Quantum Machines full stack implementation for quantum computer orchestration. QUA is only a one component of this stack (the highest level) but underneath this is a compiler and a Quantum Machine OPX box, a hardware appliance that interfaces with quantum computers of various types. There’s not much detail about QUA other than it offers conditionals and looping constructs and internal error detection.

From what I see, we are a long ways away from having a true programming language for quantum computers. Quantum Machines sees the problem with today’s quantum computers as the lack of a stack problem.

The Silq group see the problem with today’s quantum computers as a lack of any useful abstraction problem. Silq is trying to provide simpler semantics and control structures that maybe someday could become the foundation of a true quantum computing programming language.

Silq has compared itself to Q#, used in Microsoft’s Quantum Computing solution. So our guess is it works only with Microsoft’s quantum computer.

In contrast, QUA offers an orchestration solution for many different quantum computers but you have to buy into their orchestration hardware and stack.

Who will win out in the end is anyone’s guess. There’s a great need for something that can abstract the quantum hardware from the quantum algorithms being implemented. At the moment I like what I see in Silq just wish it was applied more generically.

At press time there were not many details available on Quantum Machines QUA language. Their stack approach may be better in the long run, but having to use their hardware appliance to run it seems counter productive.

~~~~

However, if the programming gods were to ask my opinion as to where a new programming language was really needed, I’d have to say neuromorphic computing (see Our neuromorphic chips a dead end? post). Neuromorphic computing really needs abstraction help. Without some form of suitable abstraction layer, neuromorphic computing seems dead as it stands.

Comments.

Picture Credit(s):

Thoughts on my first virtual conference

I attended a virtual event this week. It was scheduled to last 3 hours. But I only stayed for 2.5 Hours. Below I describe the event from my perspective and after that some notes on how it could be made better.

The virtual event experience

The event home page had a welcome video that you could start when you got there. I didn’t have any idea what to expect so this was nice. It could have spent time discussing the mechanics of the site and how to attend the event but it just was a welcome video, welcoming me to the event and letting me know they appreciated me being able to attend.

Navigation on the site wasn’t that easy to figure out at first. It was at the bottom of the page not at the top or the side. And the navigation home button brought up a list of videos that you could watch (or attend). And that page was in front of the conference page.

I launched the 1st (actually 2nd after the welcome video) which was the CEO keynote session. I thought this was good and the occasional interruption by executives ringing the CEO’s doorbell asking for toilet paper was entertaining. Again he welcomed us to the event and discussed how the pandemic has changed their world and ours. He thanked the customers in attendance and made brief mention of the video (tracks) that one could follow. I don’t recall but the CEO keynote didn’t seem to have any (or many) slides during his session it was just like an informal talk (but) scripted.

It took me a while to figure out how to get back to the main agenda page but once there I proceeded on my chosen track to watch the next video. When I was finished with that I watched the other 3 track videos. The video tracks were not as good as the CEO keynote session and some of them had many more slides than they needed.

They also had a customer interview with an exec which was great and well done. Especially given it seemed to have been recorded over the prior 48 hours.

Somewhere in all of this, I happened to reach the Expo floor. It had a series of technical break out sessions and then the exhibitor buttons which had their own videos, reports, webinars that one could watch/read.

I watched most of the technical breakouts (at least part way through). The tech breakouts were ok, but also had mixed quality as I remember it. That is some having more or less slides and more or less webinar like.

I also watched a few of the exhibitor videos. Some of these auto started when you clicked on their expo buttons, some did not. Some videos were very loud while others were fine.

I’d say the mixed quality of the exhibits were similar to what one might see at any conference with bigger vendors having more polished content while smaller vendors had less polished content.

The conference had a public chat channel but there was one channel for the whole conference and it didn’t appear until much later (maybe when I entered the first breakout sessions or expo “hall”)

How to make our next virtual conference better

Below are my thoughts on ways to improve the virtual conference experience.

• Have real scheduled times to watch the videos/webinars/tech sessions. Yes there all online and can truly be watched at any time you want. But I expected a scheduled agenda with breaks between sessions and to have to pick which one I wanted to go to, meaning that some would have to be unattended. I would suggest that the videos only be available during the event at scheduled time slots and that the event organizers build in breaks between each session. They could always be made available at a later date under a conference media page for further viewing but having them scheduled to run in a conference room would make it more conference like. The tracks could be scheduled in other side rooms of the conference.

• Also, would it be too much to ask that they have some sort of video roll call of participants with headshots and maybe a title. Something akin to a conference badge. Perhaps they could show this during the breaks between sessions. Even if you rolled through the virtual badge shots quickly, during breaks, it would act as sort of an analog of walking from one session to another.

• I don’t know whether there was any interest in social media, but having a twitter, facebook, other social media event hash tag prominently displayed on the bottom 1/3rd or on some early slide deck would have been useful. To generate some social buz

• Also, at conferences, one can typically see a screen which tracks the social media hash tag. I saw none of this at the event. Having some small panel running social media activity might have led to more social media interaction. It could be along the side of the main page, viewable during all videos, breaks and other sessions.

• As for the public chat. I think it would have been better to have a separate chat channels for each video, breakout, exhibit, etc. rather than having a single chat room for the whole conference. It would have been great if the separate chat window popped up when you started viewing a video, breakout or entered an exhibit.

• Have lots more technical breakouts. didn’t see a great quantity of these maybe 5-7 tech breakouts and the 4 original tech track videos. Again separate chat channels so one could ask questions pertaining to the session would have been great.

• The exhibits were all other vendors (sponsors) showing there stuff. I didn’t see any show and tell for the conference event organizers that one would see in any conference if you walked out on the show floor. Would it have been to much to ask to have a virtual walk through tour of each of the conference organizers products and a couple of demos of their products/services. Just like one could see at any conference.

• The expo floor exhibitor sessions could be left available to view anytime the event was “open” but the tech breakout sessions would be available multiple times a day but scheduled just like any other event sessions. And it would be nice to have a separate chat channel for each expo exhibitor and tech break out sessions., so we could ask questions of their staff.

• Another thing available at most conference events is a social media booth where bloggers, podcasters, and vloggers could sit around and talk about the event and their products and whatever else came to mind. I didn’t see anything like this and having a separate chat window for these booths would be useful.

• Also, it would be nice if one could obtain vendor certifications or a detailed tutorials on some product/service.

• On a personal note, I am an industry analyst it would be nice to have a separate analyst track. I come to these events to have face time with execs and get a download on what their upcoming strategy is and how they did over the last year or so. Yes these could all be done offline but they could also be accomplished during the event with its own secure chat channel

• I’m also an influencer. So having a separate press track would have been great as well. Often the analyst and press track overlap for a couple of sessions and then go there separate (NDA) ways.

• For both the analysts and the Press/influencers having a live Q&A session with the execs, technical team, and select customers would have been great. But alas there was nothing like this. But with a separate secure chat room this could have also been done.

• I can’t stress enough that the conference event navigation needs to be better and more intuitive.

I know that there’s a lot here and there’s probably a whole bunch more that could be done better. Other people will no doubt have their own opinions. But these are mine.

It was the first virtual conference (I attended) and the vendor sort of played iit by ear and designing it almost in real time. Given all that, they did a great job. Now it’s time to do better.

I’m a conference geek. I go to an average of 10 or more vendor conferences a year so this is a major part of what I do.

IMHO, nothing besides ubiquitous, true virtual reality will ever replace the effectiveness of in real life conferences. That being said, there are ways to make current virtual events come closer to real conferences.

~~~~

I thought about sending this to the conference organizers but their conference is over, and hopefully next year it will be back IRL. But there’s plenty more virtual conferences left on my schedule for this year.

I would prefer all of them to be done better, for me, analysts, press/influencers and ultimately customers.

Were all in this together.

Comments.

Artistic AI

Read a couple of articles in the past few weeks on OpenAI’s Jukebox and another one on computer generated art, in Art in America, (artistically) Creative AI poses problems to art criticism. Both of these discuss how AI is starting to have an impact on music and the arts.

I can recall almost back when I was in college (a very long time ago) where we were talking about computer generated art work. The creative AI article talks some about the history of computer art, which in those days used computers to generate random patterns, some of which would be considered art.

AI painting

More recent attempts at AI creating artworks uses AI deep learning neural networks together with generative adversarial network (GANs). These involve essentially two different neural networks.

  • The first is an Art deep neural networks (Art DNN) discriminator (classification neural network) that is trained using an art genre such as classical, medieval, modern art paintings, etc. This Art DNN is used to grade a new piece of art as to how well it conforms to the genre it has been trained on. For example, an Art DNN, could be trained on Monet’s body of work and then it would be able to grade any new art on how well it conforms to Monet’s style of art.
  • The second is a Art GAN which is used to generate random artworks that can then be fed to the Art DNN to determine if it’s any good. This is then used as reinforcement to modify the Art GAN to generate a better match over time.

The use of these two types of networks have proved to be very useful in current AI game playing as well as many other DNNs that don’t start with a classified data set.

However, in this case, a human artist does perform useful additional work during the process. An artist selects the paintings to be used to train the Art DNN. And the artist is active in tweaking/tuning the Art GAN to generate the (random) artwork that approximates the targeted artist.

And it’s in these two roles that that there is a place for an (human) artist in creative art generation activities.

AI music

Using AI to generate songs is a bit more complex and requires at least 3 different DNNs to generate the music and another couple for the lyrics:

  • First a song tokenizer DNN which is a trained DNN used to compress an artist songs into, for lack of a better word musical phrases or tokens. That way they could take raw audio of an artist’s song and split up into tokens, each of which had 0-2047 values. They actually compress (encode) the artist songs using 3 different resolutions which apparently lose some information for each level but retain musical attributes such as pitch, timbre and volume.
  • A second musical token generative DNN, which is trained to generate musical tokens in the same distribution of a selected artist. This is used to generate a sequence of musical tokens that matches an artist’s musical work. They use a technique based on sparse transformers that can generate (long) sequences of tokens based on a training dataset.
  • A third song de-tokenizer DNN which is trained to take the generated musical tokenst (in the three resolutions) convert them to musical compositions.

These three pretty constitute the bulk of the work for AI to generate song music. They use data augmented with information from LyricWiki, which has the lyrics 600K recorded songs in English. LyricWiki also has song metadata which includes the artist, the genre, keywords associated with the song, etc. When training the music generator a they add the artist’s name and genre information so that the musical token generator DNN can construct a song specific to an artist and a genre.

The lyrics take another couple of steps. They have data for the lyrics for every song recorded of an artist from LyricWiki. They use a number of techniques to generate the lyrics for each song and to time the lyrics to the music. lexical text generator trained on the artist lyrics to generate lyrics for a song. Suggest you check out the explanation in OpenAI Jukebox’s website to learn more.

As part of the music generation process, the models learn how to classify songs to a genre. They have taken the body of work for a number of artists and placed them in genre categories which you can see below.

The OpenAI Jukebox website has a number of examples on their home page as well as a complete catalog behind their home page. The catalog has over a 7000 songs under a number of genres, from Acoustic to Rock and everything in between. In the fashion of a number of artists in each genre, both with and without lyrics . For the (100%) blues category they have over 75 songs and songs similar to artists from B.B. King to Taj Mahal including songs similar to Fats Domino, Muddy Water, Johnny Winter and more.

OpenAI Jukebox calls the songs “re-renditions” of the artist. And the process of adding lyrics to the songs as lyric conditioning.

Source code for the song generator DNNs is available on GitHub. You can use the code to train on your own music and have it generate songs in your own musical style.

The songs sound ok but not great. The tokenizer/de-tokenizer process results in noise in the music generated. I suppose more time resolution tokenizing might reduce this somewhat but maybe not.

~~~~

The AI song generator is ok but they need more work on the lyrics and to reduce noise. The fact that they have generated so many re-renditions means to me the process at this point is completely automated.

I’m also impressed with the AI painter. Yes there’s human interaction involved (atm) but it does generate some interesting pictures that follow in the style of a targeted artist. I really wanted to see a Picasso generated painting or even a Jackson Pollack generated painting. Now that would be interesting

So now we have AI song generators and AI painting generators but there’s a lot more to artworks than paintings and songs, such as sculpture, photography, videography, etc. It seems that many of the above approaches to painting and music could be applied to some of these as well.

And then there’s plays, fiction and non-fiction works. The songs are ~3 minutes in length and the lyrics are not very long. So anything longer may represent a serious hurdle for any AI generator. So for now these are still safe.

Photo credits:

A tale of two countries and how they controlled the Coronavirus

Read an article in IEEE Spectrum last week about Taiwan’s response to COVID-19 (see: Big data helps Taiwan fight Coronavirus) which was reporting on an article in JAMA (see Response to COVID-19 in Taiwan) about Taiwan’s success in controlling the COVID-19 outbreak in their country.

I originally intended this post to be solely about Taiwan’s response to the virus but then thought that it more instructive to compare and contrast Taiwan and South Korea responses to the virus, who both seem to have it under control now (18 Mar 2020).

But first a little about the two countries (source wikipedia: South Korea and Taiwan articles):

Taiwan (TWN) and South Korea (ROK) both enjoy close proximity, trade and travel between their two countries and China

  • South Korea (ROK) has a population of ~50.8M, an area of 38.6K SqMi (100.0K SqKm) and extends about 680 Mi (1100 Km) away from the Asian mainland (China).
  • Taiwan (TWN ) has a population of ~23.4M, an area of 13.8K SqMi (35.8K Sq Km) and is about 110 Mi (180 Km) away from the Asian mainland (China).

COVID-19 disease progression & response in TWN and ROK

There’s lots of information about TWN’s response (see articles mentioned above) to the virus but less so on ROK’s response.

Nonetheless, here’s some highlights of the progression of the pandemic and how they each reacted (source for disease/case progression from : wikipedia Coronavirus timeline Nov’19 to Jan’20, and Coronavirus timeline Feb’20; source for TWN response to virus JAMA article supplement and ROK response to virus Timeline: What the world can learn from South Korea’s COVID-19 response ).

  • Dec. 31, 2019: China Wuhan municipal health announced “urgent notice on the treatment of pneumonia of unknown cause”. Taiwan immediately tightened inbound screening processes. ==> TWN: officials board and inspect passengers for fever or pneumonia symptoms on direct flights from Wuhan
  • Jan. 8, 2020: ROK identifies 1st possible case of the disease in a women who recently returned from China Wuhan province
  • Jan 20: ROK reports 1st laboratory confirmed case ==> TWN: Central Epidemic Command Center activated, activates Level 2 travel alert for Wuhan; ROK CDC starts daily press briefings on disease progress in the nation
  • Jan. 21: TWN identifies 1st laboratory confirmed case ==> TWN: activates Level 3 travel alert for Wuhan
  • Jan 22: ==> TWN: cancels entry permits for 459 tourists from Wuhan set to arrive later in Jan
  • Jan 23: ==> TWN: bans residents from Wuhan, travelers from China required to make online health declaration before entering
  • Jan. 24 ROK reports 2nd laboratory confirmed case ==> TWN bans export of facemasks; ROK, sometime around now the gov’t started tracking confirmed cases using credit card and CCTV data to understand where patients contacted the disease
  • Jan. 25: ==> TWN: tours to china are suspended until Jan 31, activates level 3 travel alert for Hubei Province and Level 2 for rest of China, enacts export ban on surgical masks until Feb 23
  • Jan 26: ==> TWN: all tour groups from Wuhan have to leave,
  • Jan. 27: TWN reports 1st domestic transmission of the disease ==>TWN NHIA and NIA (National health and immigration authorities) integrate (adds all hospital) patients past 14-day travel history to NHIA database, all tour groups from Hubei Province have to leave
  • Jan 28: ==> TWN: activates Level 3 travel alert for all of China except Hong Kong and Macau; ROK requests inspection of all people who have traveled from Wuhan in the past 14 days
  • Jan 29: ==> TWN: institutes electronic monitoring of all quarantined patients via gov’t issued cell phones; ROK about now requests production of massive numbers of WHO approved test kits for the Coronavirus
  • Jan. 30: ROK reports 2 more (4 total) confirmed cases of the disease ==> TWN: tours to or transiting China suspended until Feb 29;
  • Jan 31: ==> TWN: all remaining tour groups from China asked to leave
  • Feb 2 ==> TWN extended school break from Feb 15 to Feb 25,gov’t facilities available for quarantine, soldiers mobilized to man facemask production lines, 60 additional machines installed daily facemask output to reach 10M facemasks a day.
  • Feb 3: ==> TWN: enacts name based rationing system for facemasks, develops mobile phone app to allow public to see pharmacy mask stocks, Wenzhou city Level 2 travel alert; ROK CDC releases enhanced quarantine guidelines to manage the disease outbreak, as of today ROK CDC starts making 2-3 press releases a day on the progress of the disease
  • Feb 5: ==> TWN: Zheijanp province Level 2 travel alert, all cruise ships with suspected cases in past 28 days banned, any cruise ship with previous dockings in China, Hong Kong, or Macau in past 14 days are banned
  • Feb 6:==> TWN: Tours to Hong Kong & Macau suspended until Feb 29, all Chinese nationals banned, all international cruise ship are banned, all contacts from Diamond Princess cruise ship passengers who disembarked on Jan 31 are traced
  • Feb 7: ==> TWN: All foriegn nationals with travel to China, Hong Kong or Macau in the past 14 days are banned, all Foreigners must see an immigration officer,
  • Feb 14:==> TWN: Entry quarantine system launched fill out electronic health declaration for faster entry
  • Feb 16: ==> TWN: NHIA database expanded to cover 30 day travel history for travelers form or transited through China, Hong Kong, Macau, Singapore and Thailand.
  • Feb 18 ==> TWN: all hospitals, clinics and pharmacies have access to patients travel history; ROK most institutions postpone the re-start of school after spring break
  • Feb 19 ==> TWN establishes gov’t policies to disinfect schools and school areas, school buses, high speed rail, railways, tour busses and taxis
  • Feb 20 ==> ROK Daegu requests all individuals to stay home
  • Feb 21 ==> TWN establishes school suspension guidelines based on cases diagnosed in school; ROK Seoul closes all public gatherings and protests
  • Feb 24 ==> TWN, travelers with history of travel to china, from countries with level 1 or 2 travel alerts, and all foreign nationals subject to 14 day quarantine (By this time many countries are in level 1-2-3 travel alert status in TWN)
  • Feb 26 ==> ROK opens drive-thru testing clinics, patients are informed via text messages (3 days later) the results of their tests
  • Mar 3? ==> ROK starts selling facemasks at post offices
  • Mar 5 ==> ROK bans the export of face masks

As of Mar 16, (as reported in Wikipedia), TWN had 67 cases and 1 death; and ROK had 8,326 cases and 75 deaths. As of Mar 13 (as reported is Our world in data article), TWN had tested 16,089 and ROK had tested 248,647 people.

Summary of TWN and ROK responses to the virus

For starters, both TWN and ROK learned valuable lessons from the last infections from China SARS-H1N1 and used those lessons to deal better with COVID-19. Also neither country had any problem accessing credit information, mobile phone location data, CCTV camera or any other electronic information to trace infected people in their respective countries.

If I had to characterize the responses to the virus from the two countries:

  1. TWN was seemingly focused early on reducing infections from outside, controlling & providing face masks to all, and identifying gov’t policies (ceasing public gathering, quarantine and disinfectant procedure) to reduce transmission of the disease. They augmented and promoted the use of public NHIA databases to track recent travel activity and used any information available to monitor the infected and track down anyone they may have contacted. Although TWN has increased testing over time, they did not seem to have much of an emphasis on broad testing. At this point, TWN seems to have the virus under control.
  2. ROK was all about public communications, policies (quarantine and openness), aggressively testing their population and quarantining those that were infected. ROK also tracked the goings on and contacts of anyone that was infected. ROK started early on broadly testing anyone that wanted to be tested. Using test results, infected individuals were asked to quarantine. A reporter I saw talking about ROK mentions 3 T’s: Target, Test, & Trace At this point, ROK seems to have the virus under control.

In addition, Asian countries in general are more prone to use face masks when traveling, which may be somewhat restrict Coronavirus transmission. Although it seems to primarily reduce transmission, most of the public in these countries (now) routinely wear face masks when out and about. And previously they routinely wore face masks when traveling to reduce disease transmission.

Also both countries took the news out of Wuhan China about the extent of the infections, deaths and ease of disease transmission as truthful and acted on this before any significant infections were detected in their respective countries

What the rest of the world can learn from these two countries

What we need to take from TWN a& ROK is that

  1. Face masks and surgical masks are a critical resource during any pandemic. National production needs to be boosted immediately with pricing and distribution controls so that they are not hoarded, nor subject to price gouging. In the USA we have had nothing on this front other than requests to the public to stop hoarding them and the lack of availability to support healthcare workers).
  2. Test kits are also a critical resource during any pandemic. Selection of the test kit, validation and boosting production of test kits needs to be an early and high priority. The USA seems to have fallen down on this job.
  3. Travel restrictions, control and quarantines need to be instituted early on from infected countries. USA did take action to restrict travel and have instituted quarantines on cruise ship passengers and any repatriated nationals from China.
  4. Limited testing can help control the virus as long as it’s properly targeted. Mass, or rather less, targeted testing can also help control the virus as well. In the USA given the lack of test kits, we are limited to targeted testing.
  5. Open, rapid and constant communications can be an important adjunct to help control virus spread. The USA seems to be still working on this. Many states seem to have set up special communications channels to discuss the latest information. But there doesn’t seem to be any ongoing, every day communications effort on behalf of the USA CDC to communicate pandemic status.
  6. When one country reports infections, death and ease of transmission of a disease start to take serious precautions immediately. Disease transmission in our travel intensive world is much too easy and rapid to stop once it takes hold in a nation. Any nation today that starts to encounter and infectious agent with high death rates and seemingly easy transmission must be taken seriously as the start of something much bigger.

Stay safe, be well.

~~~~

Comments?

Photo Credit(s):

Earth globe within a locked cage

Breaking IoT security

Read an article the other day (Researchers exploit low entropy of IoT devices to break RSA certificates) about researchers cracking IoT device security and breaking their public key encryption keys. The report focused on PKI and RSA certificates and IoT devices. The article mentioned the research paper describing the attack in more detail.

safe 'n green by Robert S. Donovan (cc) (from flickr)
safe ‘n green by Robert S. Donovan (cc) (from flickr)

RSA certificates publish a public key and the digital signature of the certificate and identify the device that owns the certificate.

What the researchers were able to show was that ~250K keys in IoT device RSA certificates were insecure. They were able to compromise the 250K RSA certificates using a single Microsoft Azure VM and about $3K of computer time.

It turns out that if two RSA certificate public keys share the same factor, it’s much easier to determine the greatest common devisor GCD) of the two public keys than it is to factor any one of them. And once you have the GCD of the two keys, it’s relatively trivial to determine the other factor in a public key. And that’s just what they did.

Public key infrastructure (PKI) encryption depends on asymmetric cryptography using a “public” key to encrypt messages (or to encrypt a one time key to be used in later encryption of messages) and the use of a “private” key to decrypt the message (or keys) and sign digital certificates. There are certificate authorities and a number of other elements used in PKI but the asymmetric cryptography at its heart, rests on the foundation of the difficulty in factoring large numbers but those large numbers need to be random and prime.

True randomness is hard

Just some of the recently donated seeds that are being added to the Reading Food Growing Network seed swap boxes, including some Polish gherkin seeds.

The problem starts with generating truly random numbers in a digital computer. Digital algorithms typically depend on a computer to perform the some set of instructions, in the same way and sequence so as to get the same answer every time we run the algorithm.

But if you want random numbers this predictability of always coming up with the same answer each time results in non-random numbers (or rather random numbers that are the same each time you run the algorithm). So to get around this, most random number generators can make use of a (random) seed which is used as an input to the algorithm to generate random numbers.

However, this seed needs to be a random number. But to create a random number it needs to be generated not with instructions but using something outside the digital computer. One approach noted above is to use a human typing keys to generate a random number to be used as a seed.

The researchers exploited the fact that most IoT devices don’t use a random (enough) seed for their PKI key generation. And they were able to use the GCD trick to figure out the factors to the PKI.

But the lack of true randomness (or entropy) is the real problem. Somehow, these devices need to have a cheap and effective way to generate a random seed. Until this can be found, they will be subject to these sorts of attacks.

… but not impossible to obtain

I remember in times past when tasked to create a public key-private key pair I had to type some random characters. The Public key encryption algorithm used the inter-character time interval of my typing to generate a random seed that was then used to generate the key pair used in the public key. I believe the two keys also need to be prime numbers.

Earth globe within a locked cage

Perhaps a better approach would be to assign them keys from a centralized key distributor. That way the randomness could be controlled by the (key) distributor.

There are other approaches that depend on the sensors available to an IoT device. If the device has a camera or mic, taking raw data from the camera or sound sensor and doing a numerical transform on them may suffice. Strain gauges, liquid levels, temperature, humidity, wind speed, etc. all of these devices have something which senses the world around them and many of these are, at their base, analog sensors. Reading and converting some portion of these analog signals from raw analog to a digital random seed could be very effective way to generate true(r) randomness.

~~~~

The paper has much more information about the attack and their results if your interested. They said that ~50% of the compromised devices were from a large network supplier. Such suppliers probably also have a vast majority of devices deployed. Still it’s troubling, nonetheless.

Until changes are made to IoT devices, they will continue to be insecure. Not as much of a problem when they are read only sensors but when the information they sense is used by robots or other automation to make decisions about actions, then having insecure IoT becomes a safety issue.

This is not the first time such an attack was attempted and each time, it’s been very successful. That alone should be cause for alarm. But IoT and similar devices are hard to patch in the field and their continuing insecurity may be more of a result of the difficulty of updating a large install base than anything else.

Photo Credit(s):

Internet of Tires

Read an article a couple of weeks back (An internet of tires?… IEEE Spectrum) and can’t seem to get it out of my head. Pirelli, a European tire manufacturer was demonstrating a smart tire or as they call it, their new Cyber Tyre.

The Cyber Tyre includes accelerometer(s) in its rubber, that can be used to sense the pavement/road surface conditions. Cyber Tyre can communicate surface conditions to the car and using the car’s 5G, to other cars (of same make) to tell them of problems with surface adhesion (hydroplaning, ice, other traction issues).

Presumably the accelerometers in the Cyber Tyre measure acceleration changes of individual tires as they rotate. Any rapid acceleration change, could potentially be used to determine whether the car has lost traction due and why.

They tested the new tires out at a (1/3rd mile) test track on top of a Fiat factory, using Audi A8 automobiles and 5G. Unclear why this had to wait for 5G but it’s possible that using 5G, the Cyber Tyre and the car could possibly log and transmit such information back to the manufacturer of the car or tire.

Accelerometers have become dirt cheap over the last decade as smart phones have taken off. So, it was only a matter of time before they found use in new and interesting applications and the Cyber Tyre is just the latest.

Internet of Vehicles

Presumably the car, with Cyber Tyres on it, communicates road hazard information to other cars using 5G and vehicle to vehicle (V2V) communication protocols or perhaps to municipal or state authorities. This way highway signage could display hazardous conditions ahead.

Audi has a website devoted to Car to X communications which has embedded certain Audi vehicles (A4, A5 & Q7), with cellular communications, cameras and other sensors used to identify (recognize) signage, hazards, and other information and communicate this data to other Audi vehicles. This way owning an Audi, would plug you into this information flow.

Pirelli’s Cyber Car Concept

Prior to the Cyber Tyre, Pirelli introduced a Cyber Car concept that is supposedly rolling out this year. This version has tyres with real time pressure, temperature, (static) vertical load and a Tyre ID. Pirelli has been working with car manufacturers to roll out Cyber Car functionality.

The Tyre ID seems to be a file that can include anything that the tyre or automobile manufacturer wants. It sort of reminds me of a blockchain data blocks that could be used to validate tyre manufacturing provenance.

The vertical load sensor seems more important to car and tire manufacturers than consumers. But for electrical car owners, knowing car weight could help determine current battery load and thereby more precisely know how much charge is left in a battery.

Pirelli uses a proprietary algorithm to determine tread wear. This makes use of the other tyre sensors to predict wear and perhaps uses an AI DL algorithm to do this.

~~~

ABS has been around for decades now and tire pressure sensors for over 10 years or so. My latest car has enough sensors to pretty much drive itself on the highway but not quite park itself as of yet. So it was only a matter of time before something like smart tires would show up.

But given their integration with car electronics systems, it would seem that this would only make sense for new cars that included a full set of Cyber Tyres. That is until all tire AND car manufacturers agreed to come up with a standard protocol to communicate such information. When that happens, consumers could chose any tire manufacturer and obtain have similar if not the same functionality from them.

I suppose someone had to be first to identify just what could be done with the electronics available today. Pirelli just happens to be it for now in the tire industry.

I just don’t want to have to upgrade tires every 24 months. And, if I have to wait a long time for my car to boot up and establish communications with my tires, I may just take a (dumb) bike.

Photo Credit(s):

Two paths to better software

Read an article last week in the Atlantic, The coming software apocalypse, about some of the problems in how we develop software today.

Most software development today is editing text files. Some of these text files have 1,000s of lines and are connected to other text files with 1,000s of more lines which are connected to other text files with 1,000s of lines, etc. Pretty soon you have millions of lines of code all interacting with one another.

The problem

Been there done that and it’s not pretty. We even spent some time trying to reduce the code bloat by macro-izing some of it, and that just made it harder to understand, but reduced the lines of code.

The problem is much worse now where . we have software everywhere you look, from the escalator-elevator you take up and down between floors, to the cars you drive around town, to the trains and airplanes you travel between cities.

All of these literally have millions of lines of code controlling them and are many more each year. How can they all possibly be correct.

Well you can test the s&*t out of them. But you can’t cover every path in a lifetime or ten of testing a million line program. And even if you could, changing a single line would generate another 100K or more paths to test. So testing was never a true answer.

Two solutions

The article talks about two approaches that have some merit to solve the real problem.

  • Model based development, a new development and coding environment. In this approach your not so much coding as playing with a model of the behavior your looking for. Say you were coding robot control logic, rather than editing 1000s of lines of Java text, you work with a model of your robot and its environment on 1/2 a screen and on the other half, model parameters (dials, sliders, arrow keys, etc) and logic (sequences) that you  manipulate to do what the robot needs to do. Sort of like Scratch on steroids (see my post on 10 years of Scratch) with the sprite being whatever you need to code for be it a jet engine, automobile, elevator, whatever. The playground would be a realtime/real life simulation of the entity under control of the code and you would code by setting parameters  and defining sequences. But the feedback would be immediate!
  • TLA+ a formal design verification approach. Formal methods have been around since the early 70s. They are used to rigorously specify a design of  some code or a whole system. The idea is that if you can specify a  provably correct design, then the code (derived from that design) has the potential to be more correct. Yes there’s still the translation from code to design that’s error prone but the likelihood is that these errors will be smaller in scope than having a design that wrong.

Model based  development

One can find model based development already in the Apple new application development language, Swift, ANSYS SCADE suite based on Esterel Technologies, and Light Table software development environment.

I have never used any of them but they all look interesting. Esterel was developed for safety critical, real-time aerospace applications. Light Table was a kickstarter project started by a leading engineer of Microsoft’s Visual Studio, the leading IDE. Apple Swift was developed to make it much easier to develop IOS apps.

TLA+

TLA+ takes a bit getting used to. All formal methods depend on advanced mathematics and sophisticated logic and requires an adequate understanding of these in order to use properly. TLA+ was developed by Leslie Lamport and stands for temporal logic of actions.

TLA+ specifications identify the set of all correct system actions. I would call it a formal pseudo code.

There’s apparently a video course , a hyperbook and a book on the language It’s being used in AWS and Microsoft XBOX and Azure. (See the wikipedia TLA+ article for more information).

There’s PlusCal algorithm (specification) language which is translated into a TLA+ specification which can then be checked by the automated TLC model checker.  There’s also an automated TLAPS, a TLA+ proof system although it doesn’t support all of the TLA+ primitives.  There’s a whole TLA+ toolbox that has these and other tools that can make TLA+ easier to use.

~~~~

We dabbled in formal specifications methods for on our million+ line storage system at a former employer. It worked well and cleaned up a integrity critical area of the product. Alas, we didn’t expand it’s use to other areas of the product and it sort of fell out of favor. But it worked when and where we applied it.

Of course this was before automated formal methods of today, but even manual methods of specification precision can be helpful to think out what a design has to do to be correct.

I have no doubt that both TLA+ formal methods and model based development approaches and more are required to truly vanquish the coming software apocalypse.

At least until artificial intelligence starts developing all our code for us.

Comments?

Photo Credits: Six easy pieces of quantitatively analyzing open source, SAP Research;

Spaghetti code still existed, Toolbox.com;

How to write apps with Swift, MacWorld;

Modeling the dining philosophers problem in TLA+, Metadata blog