Graceful degradation and the fault tolerant society

Graceful degradation is an engineering concept by which complex systems are designed such that they can still perform their core functions even while sustaining significant damage, albeit at a reduced capacity. Although often treated as equivalent to fault tolerance, the fundamental difference is that fault tolerant systems are designed such that a backup component or system can quickly be brought back on line to maintain full system capability, while the goal of graceful degradation is to support reduced functionality so as to prevent catastrophic failure. A lot of times, they are used together to maintain maximum reliability: for example, the battery backup system of a computer server room that may temporarily shut down non-critical servers on a power outage so as to maximize battery life (graceful degradation) until a backup generator can be brought on line (fault tolerance).

When we expand this concept out to the macro level, concepts like graceful degradation and fault tolerance also have important implications for the survival of societies in the face of catastrophic events, such as a hurricane or rapid and sustained climate change. And within this domain, I believe there are two parallel and mutually reinforcing concepts: the ability of the complex systems supporting a modern society to reliably withstand stress, and the ability of a society’s citizenry to absorb temporary or permanent damage to these systems.

For example, when a hurricane looks like it is going to make landfall, a number of things happen to ensure that the local society can survive the storm. Critical services and systems, such as local hospitals and “search and rescue” teams, are placed in an enhanced status, while non-critical services and systems – such as busses and subways – may be temporarily shut down to reduce damage. This is graceful degradation at the “system” level.  In parallel with this, the local citizenry may flee the area to temporarily seek alternative shelter (hotels or emergency shelters) and/or stock up on short-term supplies to get them through the storm and immediate aftermath. This is graceful degradation at the “societal” level.

The above processes work because, in most cases, the degraded services are sufficient to maintain a somewhat orderly function to the local society until the aftermath can be addressed: rescue crews make repairs to damaged infrastructure, food and supplies may be shipped in to help sustain the population, the national guard may be brought in to help maintain order, and so on. Eventually, most everything gets fixed, and life returns to normal.

But what happens when temporary damage becomes permanent damage? From a systemic standpoint, there is much evidence to support the fact that we have exceeded sustainable complexity for many of our critical systems. The ability to feed our population is predicated on the ability to reliability sustain highly complex and interdependent supply chains that are thousands of miles long. The ability to provide a reliable source of potable water is becoming increasing complex and problematic; especially for regions that are becoming more drought prone. The sources of fuel to provide transportation, power, and heat are moving inexorably up the scarcity curve. Even modern trash removal is a relatively complex endeavor. And on top of this, a society that fundamentally believes the party will go on forever.

A society must be prepared to gracefully degrade as its underlying systems degrade. A society that is not prepared is one that will fail catastrophically and will eat itself – sometimes literally. This is not conjecture. History has demonstrated this over and over: Easter Island, the Greenland Norse, the Maya; most recently Rwanda and Haiti. On the other hand, a society that is prepared has a good chance of making it to a sustainable level somewhat intact. When the Soviet Union collapsed, for example, most of the urban population were already using small gardens to help minimize the effects of an increasingly unstable food supply. Thus, when the collapse happened, food was still available to help sustain the population and provide a framework for a somewhat orderly transition.

In the U.S., the situation is completely different. Because much of the population has placed all its faith in the one basket of “technology” to sustain the trend of increasing complexity, most urban dwellers do not have long-term access to alternate food sources, alternate power sources, alternate heat sources, alternate modes of transportation, or any other means of fault tolerance. Nor do they have the means – and mental preparedness – for gracefully degrading to a long-term reduced capacity of any of the above. If the machinery stops, the fall will be swift, sure, and tragic. Hence, the desperation for sucking every last drop of oil, gas, and water from the ground; and spending dwindling resources on increasingly far-out technological solutions just to keep things going a little longer.

Those who are short-sighted will continue partying in denial until the lights go out. Those with a longer view will figure out how to increase their fault tolerance and prepare themselves to gracefully degrade. I’ll leave you to decide who the survivors will be.

2 Comments

Filed under Climate Change, Riding the Curve, Technology

2 responses to “Graceful degradation and the fault tolerant society

  1. I think I have seen degradation at both the system level and societal level after the Christchurch 2011 earthquake and it was awful. Supermarkets were shut, petrol stations were shut (so if you wanted to leave but didn’t have any fuel this was a problem), toilets were out of action, many people lost running water. Eventually the shops opened again but there were lots of people forced to use portaloos for many months afterwards. Things are still broken there and it has been more than two years. We left and I think we were one of the lucky ones.

    • I was in Charleston, South Carolina when hurricane Hugo laid it to waste back in 1989, so I’ve experienced it first hand, too. Indeed, one of my most vivid memories was all six lanes of the interstate (both sides) leading out of Charleston choked with outbound traffic, as far as the eye could see, as people were trying to mass exodus the city all at once. And this was after at least two days of advance notice that Charleston was the most likely landing zone for the hurricane!

      What makes earthquakes particularly bad, as you unfortunately know, is that there is little to no warning beforehand, so there is no time to prepare. Both the system and the citizenry are forced directly into survival mode, and all one can do is hope that the emergency services and post event early responders can restore order as quickly as possible.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s