[cap-talk] Capability past and future. CORBA (YURLs?), embedded OS
jed at nersc.gov
Tue Jun 12 14:37:12 EDT 2007
Jonathan S. Shapiro wrote:
> On Tue, 2007-06-12 at 00:47 -0700, Jed Donnelley wrote:
>> At 11:21 PM 6/11/2007, Jonathan S. Shapiro wrote:
>>> By focusing on building the ideal POLA system, we have spent 15 years
>>> not delivering anything (for end users) at all. In the process, we have
>>> given competitors an opportunity to build very strong positions. Worse,
>>> we have given them time to think about how to confuse the issue.
>>> In hindsight, we would have done much better to deliver something
>>> quickly and then iterate on its design and architecture.
>> What sort of delivery do you believe would have been effective?
> Absolutely anything that worked now and could be improved over time. It
> certainly worked for Microsoft.
> But that was the right thing to do 15 years ago. Today, Linux has the
> benefit of overwhelming engineering investment performed over those 15
> years. It is no longer possible to deliver something "good enough" and
I believe the dominance of Unix started during the 1970s when AT&T
it away to educational institutions. We were already using it at LLNL
in 1975. We still
had our own systems to be sure, but once the universities (e.g. UC)
on Unix I'd say the roadmap was set.
We had systems over 20 years ago that I feel were "good enough" that we
iterated from. Even KeyKOS was available well over 15 years ago. What
feel would have made them become relevant in the market? The only
I believe would be to have given them away (as AT&T did) during a very early
period. That didn't happen due to the climate surrounding software of
AT&T (sadly in retrospect) was uniquely in the position (culture,
etc.) to give away software like Unix (even they tried to turn it into a
of course) and help build it.
>> I don't believe there is much of anything that could have been
>> done to make capability computing at the OS level sell after
>> Unix and Windows climbed to ascendency. In those early days
>> the concern with viruses and such wasn't even an issue, so it
>> seems there wasn't even any potential practical benefit.
> I was right in the middle of the UNIX wars. Their positioning was so
> screwed up that there was *lots* of opportunity. But the sale wasn't a
> security sale. It was a robustness sale. The right pitch at the time was
> to generate "nine nines" reliability on commodity hardware. KeyKOS could
> have done that. UNIX needed 15 years of overwhelming investment.
> Unfortunately, UNIX actually *received* that investment.
I really think you are missing out on the huge (!) historical develop of
in the universities. That meant that Unix was "out there". When Cray
decided that maybe time sharing wasn't such a bad idea in the early 1980s,
it wasn't a coincidence that they chose Unix. By the time of what you refer
to as the "Unix wars", the die was cast. If Unix hadn't been out there at
that time they probably would have chosen NLTSS. They certainly considered
both LTSS and NLTSS. Certainly there were later struggles for Unix
supremacy, but by that time it was just a matter of which Unix, not if Unix.
Any such alternative would have had to have started in the 1970s and been
widely available at universities.
It's the API that is the dominant factor. Once that's established it takes
moving heaven and earth to unseat it - sadly.
> We were all so focused on security that we completely failed to
> recognize the value proposition that customers would have understood
> immediately. I didn't see it either, but I didn't understand much about
> business then. Not clear how much I understand *now*, of course, but
> more than I did then for sure.
Our group wasn't focused on security. Perhaps that seems a bit odd at a
like LLNL, but there it is. The added value we were selling was a
What turned out to be our real significant value was compatibility with past
systems at LLNL. People really didn't care about networking to any
extent (NFS was good enough - no need to have process structures span the
network) and security was a non-issue. We had MLS with our system. The
Unix offerings paid lip service to MLS, but never really delivered.
At that point (~1984) Unix was already an unstoppable juggernaut. It was
more important to be compatible with the APIs of others even that to be
compatible with the historical API at LLNL.
Don't feel bad about missing what seemed like opportunities in the late
early 1990s. The die was cast. Not significantly different from Today
Look how much trouble even Microsoft is having selling in the server market.
You think a little extra reliability would have made a difference 15
Dream on. Don't beat yourself up over that missed opportunity. That was
an apparent opportunity that really wasn't there.
>> One thing about these sorts of issues, there is always time
>> to use hindsight for moving forward. With my "hindsight" as
>> I note, my best hope for progress is in the network area - which
>> I hope will eventually trickle down to the OS level.
> I actually think the network area is a lost cause, because it is a
> solved problem. There is this thing called CORBA...
> Now CORBA isn't capabilities. It has no security story and so forth. But
> it is close enough to the capability story that customers generally do
> not understand the difference. They do not perceive any operational
> *pain* from CORBA. When they do, they will evaluate compatibility costs
> and conclude that they can continue to use CORBA and handle security as
> a problem of increased engineering effort.
CORBA has been around for quite a while now and seems to have made
little progress - from my perspective anyway. I'd be interested to hear
feel about this. Being in a scientific computer center (were "gird"
software such as
Globus is on the radar and CORBA is invisible), perhaps I've missed a
movement in the object area r.e. CORBA?
No chance CORBA could be an opportunity? I see the general object
picture with CORBA, e.g.:
(from http://www.omg.org/gettingstarted/corbafaq.htm )
Don't they have a need to communicate object references through their
Why can't CORBA be made "capability"? Is anybody pursuing that angle? Any
mapping between YURLs and CORBA object references?
>> Where do you see the most hope for progress?
> Right where my company is pointed: critical embedded systems. For a
> variety of reasons, it is harder to delude yourself about the importance
> of strong engineering in these applications.
> I think we have a shot at taking a position there. The question is: can
> we parlay it into a broader revenue stream? I guess we'll find out.
Whew! That seems to me like a tough road and with a rather limited
market even if
you succeed beyond your wildest dreams. Still, I wish you luck.
I'll look a bit more into the CORBA area. Any comments from the list
would of course be quite welcome.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cap-talk