Cloud vs. Security. And the Internet of Things

The Travel Industry and the Cloud

GDShosteddistributionBack in 2000, in my presentation at ITB Travel Technology Congress, I addressed the changes e-Commerce brought to our distribution. Aviation and travel have a very strong history in what we today experience as “new”, call “cloud computing”.

Aviation has been a pacemaker in pre-Internet e-Commerce. Since the invention of the first “computerized reservation systems” (CRS), based on American’s ground-breaking development of the “Semi-Automated Business Research Environement” (Sabre). Read the Sabre-History for more. Thanks to the global SITA communications network (yes, those guys I temporarily worked for last year after they acquired my employer), aviation appreciated near instantaneous communication ever since I started working in aviation back in the late 80s. What we call e-Mail today, we called “Queue Messages” back then. To date, bookings, called “Passenger Name Records” (PNR) are created and maintained “in the cloud”. Whereas the “cloud based server” is either one of the Global Distribution Systems (GDS) and/or the airline’s own CRS.

Airline IT-managers celebrating this as the next big thing simply sell you old wine in new barrels. In the mid 90s, just about 20 years ago, the last “dummy terminals” were taken out of service, replaced by PCs with more sophisticated interfaces. Which were meanwhile very much replaced by web-clients working in standard browsers. The only difference being that those browsers often still use closed networks (such as SITA) for data transport instead of the Internet. Aside the obviously more reliable and stable data speed, this directly leads to the next question:

Cloud Security

amadeus 4 tiersWhere the GDS and CRS frequently work in a closed environment reducing the danger of hacking and other insecurities, recent developments make those services available through Internet links. Being a commodity, this is much cheaper. But it also opens the communication to a number of security issues. It needs complex security layers to avoid hacking or other unintended communication disrupting those large host systems. And this is also important to understand. “working in the cloud” is “clouding” (disguising) reality with fuzzy, hip wording. All it is is communicating through the cloud (word used to disguise “the Internet”) with servers that are not local but “elsewhere”.

Amadeus Datacenter Munich
Amadeus Datacenter Munich

The cloud servers of Apple, Amazon, Microsoft, Amadeus, Worldspan or Sabre. Where the “Sabre” computers have been sold to HP and Sabre uses “commercial services”, Amadeus still has it’s own and also publishes quite some diagrams and images I frequently refer to.

But a fact in all such cases: If you believe it’s your data, this is a self-deception. You got to trust the company where you store your data to be trustworthy. Whereas recently there are quite some concerns about governmental insight into data. As I mentioned back in 2008, it’s questionable if a national government demands access to data without guarantee that this confidential commercial information does not reach the company’s competitor in that country. The example was not Russian, but American. Who watches the watcher?

owncloudAs I mentioned in my ITB presentation 2004, there’s possibilities to use alternate services from the Open Source developments. With cloud computing, you’re no longer required to use commercial services: I recently shifted all my personal data, especially calendar and contacts from Google into my OwnCloud. I trust my friend maintaining my own server. It’s in a huge computer center but my friend secures it against “unfriendly” or unauthorized access. And I hope what I have is not interesting to the server center operator to have someone physically accessing my server to steal data. A theoretical possibility. It’s a (semi-constant) assessment, on who to trust.

I also mentioned in my 2013 blog about Big Data, “The first, Big-Data-experts came up with, have been personal profiles, coming from a variety of different sources. That Google and Facebook still offer me young Russian ladies for marriage is a good sign that they are way off even that goal.” It’s a simple question on big data. From the same post: “And as the amount of data grows faster than the processing power, the real problem is predictable.”

Open Data

As much as you want to keep your personal and commercial data in some areas private, there was a mantra in the 90s “My data is my capital”. It was the time the Internet started to make data available to everyone and who “owned” the data could sell it expensively. To date the value of the GDS, the OAGs, Albatross, CH Aviation and other such data collecting companies. Whereas it is relatively easy to process aviation data as most of it is very clearly standardized. But as much as the data processing adds some value, it’s life cycle is ending. More and more “common data” becomes available openly. Where that i.e. started with OpenStreetMap, meanwhile the basic cadaster (land registry) data like street data, administrative boundaries, etc. are made openly available. Others still try to charge horrendous amounts, but they become a minority and will become extinct soon. The value is no longer in “owning” the data, but in meaningful analysis and use of it.

NextVue2Having been pacemakers in e-Commerce, aviation today is light years behind other industries. U.S. tools showing aircraft in-flight on maps like Harris Corp. (Exelis) NextVue does not have access to Canadian data as NAV Canada wants to sell it. Expensively. Not exchange (to also have access to U.S. data). It’s mine. Such, planes not traveling to/from the U.S. airspace simply don’t show. And the NAV Canada data is very often “a problem” for webservices providing such information in other markets. Dear NAV Canada, this is your wake-up call. The same for many other government owned “businesses”. Open Data is here. If you don’t come along, you will find yourself bypassed before long.

The same experience I had in my past years working on Airport Collaborative Decision Making (A-CDM). As long as our industry does not learn that it is in the benefit to the entire business and industry to share work data at reasonable cost. Base data is freely available today. But it’s fascinating how much of the base data we get from the “official sources” (like IATA, ICAO and the likes) is of lousy quality requiring manual review and updates.

That’s aviation. Believe me, working with data from 33 countries in Europe so far, basic data like population on municipality level, associating that to commercial or openly available map data from the same country’s cadastre … It’s a challenge. Many countries where the name of a city is not unique, but a municipality may have three four different names in the country. Not to mention that there are duplicate municipality names even within the same state. Open data is needed, but I think it might be something if a country could decide on unique naming for a given municipality and if EuroStat and the national statistics offices could agree on a unique identifier. And make sure their data matches. Else, a lot of people in the world will have a full time job to repeat the stunt we did. And other such data correcting others did. Again. And again. And again again.

The Internet of Things

Big Data is like teenage sex. Everyone talks about it, nobody really knows how to do it, everyone thinks everyone else is doing it, so everyone claims they are doing it...The last weeks the messages on LinkedIn, hyping the “Internet of Things” (IoT) are “exploding”. At this point, it’s very much like “Big Data”. Because just like big data, the concerns mentioned above apply. As long as everyone does something different and there is no common understanding about how to connect the IoT, it’s a lot of smoke and distracting noise, but not too much on real results. No matter if it’s global players announcing their understanding of IoT. As long as they don’t agree and establish open standards, IoT is a buzz word with not much substance.

As an example from another industry, more common to us all: For many years I have a look at “house IoT”. It would be so nice to be able to have the thermostats and blinds being programmable. Unfortunately, all makers of “intelligent” thermostats have their own “standard”, making it impossible to mix them. So if you want to buy, you got to select the system. And you’re stuck with it… That’s like the times of VHS vs. Betamax or DVD±R, where you usually selected the wrong technology…

Babelfish
Babelfish

Just as “video tape” or “DVD” came, evolved a standard and then became household normality, the IoT will need to develop common standards to allow common tools to exchange information with them in a default way. And not have 150 different “interpreters” trying to talk to all those devices in their language…

Food for Thought
Comments welcome!

Redundancy

DLsystemcrash
Image: 103.7 (CBS.com)

New York Times Headline: Delta Malfunction on Land Keeps a Fleet of Planes From the Sky

Voicing that opinion in combination with the related incidents for many years, this is just another example that we rely solely on cloud technologies without proper (working) backup or fallback systems.

Talking about “system failure”, it might not be related to technology here…

Raid1No matter if it was a power failure as initially stated or a malfunction of a power control module, it shows that Delta IT did not do basic precautionary homework. No backup power, no working (tested) system redundancy at a different server location. So one server location (Atlanta) fails and down goes Delta…? I can understand if a home location fails on backup and redundancy, but no serious company should rely on a single location. Redundant Array of Independent Disks (RAID) is a common precaution and on distributed systems can also operate at geographically different locations in order to assure that during an outage at one location, the other location seamlessly takes over.

The secondary system may be slower, less responsive, but it provides the backup.

And Delta cannot claim that to be the first time. The first time I had a similar case was with Northwest (now Delta) back in early 1990, where Northwest was one of the only flights leaving Frankfurt on time during a system outage, as we issued boarding passes by hand, based on the passenger list printed the evening before… I think that was the last time no individually traveling passenger had to sit on the middle seat alone…

Another example I keep referring to was the time in the later 90s, early 2000s during the infancy of online travel booking, when Lufthansa hat to shut down Expedia. As Expedia inquiries for flight availability paralyzed Lufthansa operations. Because from the old logic of the airline CRS (computer logic), the booking process prioritized operational processes. Expedia’s uncached availability requests to the Lufthansa hosts flooded the Lufthansa system to the point where no operational requests could be processed. Good night check-in, good night passenger manifests, good night operations.

In 2004, a system crash paralyzed Lufthansa, which I addressed in my blog about the St. Florian’s Principle: Oh Holy Dear St. Florian, don’t burn my house, take the neighbor’s one.

Those are just major ones, which became noticeable to me. Business Insider reports more cases with JetBlue, American and United. So now it’s Delta. But taken the speed of IT development and the increasing complexity of the systems used, I doubt it takes a long time to hear  about more such crashes. Time for the airline IT to do it’s homework and make sure the host system (CRS) is redundant…

Food For Thought
Comments welcome

A-CDM – why doesn’t it pick-up speed?

This is the question I got confronted with this week, triggering me to think in more detail about it.

As you may remember, I have written a few introductions posts about A-CDM. I still believe in A-CDM and think it is something airports should implement, but much more important, airlines should demand – and jointly invest into it with their main airport partners to steer developments in the right direction.

de-icing bak3

I don’t have any access any more to the base file, but as a result on the presentation of the Zurich case study I’ve put together for WinterOps.ca, I focused on the “cash” savings, I hadn’t addressed then. We did calculate based on the performance improved expressed on slides 3 and 5 and the underlying data. We used conservative figures from IATA, Eurocontrol and FAA about the cost incurred by delay per minute. Our conservative results for Swiss (airline), the hub carrier at ZRH with a 48% market share in the given winter  saved more than 20 million Euros. Even if we consider the delay cost only applicable beyond 15 minutes, the savings were above € 10 million (approx $ 13 million then). If you consider the cost to set up the system from scratch and the necessary interfaces, one single harsh winter covers up for the cost.

Similar are the savings on normal operations on the bigger airports and on all the hub airports of reasonable size.

winterops3+5

Eurocontrol A-CDM Impact Assessment ReportNow my friends in the LinkedIn group CDM@airports celebrate airport Number 20 being A-CDM compliant. And they praise the A-CDM Impact Assessment Study by Eurocontrol. Sorry if I don’t fall into the appraisal and worshiping… The new study again looks very “scientific” at the issue, just “generic” cost savings, no individual example, but such being the argument for the CFO (Chief Financial Officer). In my comments, I got the response that it’s “obvious” and the decision makers are expected to understand the cost savings intuitively. Sorry there, in my experience even when you push their nose on the $ or € amounts they tend to come up with the hen/egg principle. Why should they invest into it, what’s their benefit? And guess what: They’re right!

We got to answer that question to promote the issue.

There’s also a nice animated video about the European ATM master plan linked to the issue. Though looking at the key deliverables, I don’t find the cost savings they promote in the video. It’s again “scientific view point” where executives are to understand the cost savings from the operational improvements. But that’s exactly the point. In my experience, these chief something officers do not spend the time to think that step on their own. As such. Without some company investing into a presentation to convert those operational improvements into cash savings, why would someone want to invest into it?

But the main two questions are: What’s the cost saving for me and who should invest and why? Those questions are not properly addressed I believe.

To rephrase the first question:

Who benefits and what’s the numbers?

Source: Eurocontrol A-CDM Impact Assessment
Source: Eurocontrol A-CDM Impact Assessment

So Swiss at Zurich benefited from an investment by Zurich Airport in the range of what? 20 Million? In one winter alone. But Swiss did not invest. Zurich Airport is. And most airline managers I talk to go “it’s an airport thing”. Sorry. If you’re an airline operations manager and you don’t get the point, you might be over your head on operations and have no vision for your own business’s development. Understandable if you’re a small airline. Not very professional if you work for one of the big shots.

At the right, there’s the “cost savings” slide from the A-CDM Impact Assessment. Back in 2004, the DOT averaged a delay minute with $ 100, more recent figures from Eurostat, IATA or other sources are sometimes substantially higher. The study even addresses the total savings on the fuel side. though 26.8 million on 2.2 million departures don’t sound much. What misses is the amount of delays those 2.2 million departures accumulated. Then you can break it down. Or where and when those delays arose (i.e. during winter operations? ATC delays?

There’s also something we call the A-CDM delay. When flights do not leave “on time”, due to A-CDM constraints. Such your flight could have left “punctual” but sitting duck on the taxi way due to traffic jam. Instead, A-CDM keeps the flight at the gate until the A-CDM system needs it for the now jam-free departure. That’s a change in paradigms! But it’s better for everyone, so you better find a way to solve the resulting repercussions (and yes, there are ideas).

The main benefit is to the airline! Secondary benefit is to the more punctual airport, also thanks to a usual increase in “capacity”. Though it might be noteworthy that even London Heathrow found good reason to invest into A-CDM solutions.

Who should invest – and why?

Priorities
Priorities

There’s two opinions I was confronted over the course of the past two years. Airlines believe, that this is a “single airport issue” and should be the concern of the airport. Whereas most airport managers question, why they should invest, if the airline benefits in dollars & cents from the development. O holy dear St. Florian

There were some good approaches as to implement the technology and charge the airline for the savings. That simply does not work, as usually there’s not a single effort to improve punctuality and airlines after tend to question the cost savings to result from that investment. Or airline managers sit back and expect the airport to be interested to provide improved punctuality. Whereas some airports openly questioned that they make more money from delayed passengers than from punctual ones. And as long as it’s not the airport to blame, why should they care too much?

Don’t get me wrong, I don’t approve either. That is an issue, I believe must be addressed by the players on a global scale! That A-CDM Impact Assessment Study was a good idea, just from a practical point of view a lousy execution. It is my honest believe that airline operations managers must understand that they got to demand A-CDM at their hub airports in order to improve on-time performance for the better of their own network. And airline and airport must find a way to benefit both on an investment. The current trend to have the airport pay and the airline to pick the raisins and savings is neither fair, nor does it help to promote comprehensive A-CDM deployment.

That also means that the airline has to invest into their OCCs (Operations Control Centers) to exchange data with the other players as explained in my post APOC, OCC, NMOC and A-CDM.

Food for Thought
Comments welcome

Some LinkedIn campaign example

After my bad experience with the accesses to “articles” on LinkedIn (versus own blog), where LinkedIn reaches around 80 unique visitors in a week and then dead silence, compared to 300-400 unique visitors on the blogs also on the older articles… We’ve just run a campaign on LinkedIn focused to special interest groups to promote the package with TIAS. It’s quite a proof how much more worth it is to attend conferences and meet and speak to people. I expected to be “out of budget” within max a week… Six weeks later, it still runs.

LIcampaign201607

Goodbye ASUS

Goodbye ASUS
For many years we used Asus products, being very often the best products in tests and doing their job.

Starting with the first Netbook (eeePC 1002H, 2008), a home WiFi-router (RT-N56U, 2010) or more recently a “Zenbook” UK31A (2012), winner of many awards by the computer press. Now we got that one just back in winter 2012/13 when we moved to Braunschweig. Just two years later, ASUS decided not to support the upgrade to Windows 10. Drivers are missing and you are warned to not upgrade! That meets the experience in winter 2013/14, when within four weeks after the end of the one-year warranty the jack for the power connector broke… Sent in to ASUS, they offered a replacement of the motherboard “and other connectors” to repair it at a cost of 850 € (new price was 1.100 €). We had a friend take it to Moscow and take it there to a large, well-reputed repair shop. It was less than 50 € to ship it to our friends and back and the repair. And we received the notice, this now should hold, it would be a known “weak point” of the Zenbooks…

Compared to my Dell XPS-12, that got replaced half a year ago after being stolen with the same device and extremely satisfying on-site-support that ASUS didn’t even offer as a paid upgrade…

The WiFi Router also needed replacement by a new one, not because it was slow (the new ones are faster), but mostly because of disruptions. The newer model went back to Amazon having the same problems, now a Linksys OpenWRT-router runs the show.

But especially with this bargain offer for the repair of the Zenbook I must say:

Goodbye ASUS

What’s Your USP??

KeyholeI keep telling people that you have to understand your business model, you got to understand your “Unique Selling Proposition” (USP). But then I fall in the same trap. Implying “initial” understanding…

We recently had a discussion on this with […] on CheckIn.com and found them to have a typical misunderstanding, considering us “competitive”… Say what?

So yes, it brings up the question: What’s our USP… And why are we not competitive to anyone? What makes our dashboard “different” (unique)? And why is it so difficult to make professionals understand…?

It seems simple enough.

It’s not the “MIDT”

Current “solutions” focus on flight data (MIDT, etc.). We focus on passenger potentials. And thinking further down the road; our “route level” will focus on commercial relations between the regions, ethnic traffic (VFR, visiting friends & relatives) as well as Tourism (taking into account the hotelrooms per population). We believe (from own airport and route development experience) that flight data is for established routes, but nevertheless require – other – experts to analyze. As they also relate to frequencies, flight times, air fares, reputation, and other “soft factors”.

But we look on the ground.

Own experience: A low cost carrier “cannibalized” a regional aviation route, the regional carrier was forced out. A year later, the route was dead. For the flight profile was on a double daily, small airplane, business travel. The low cost tried triple weekly, big aircraft, low fares, tourists. Sorry, no tourists that route…

So don’t put us in the box “passenger review”. This is new. Our tools are especially useful on routes without any previous flight operations, without comparable flights from neighboring airports. When “MIDT & Co.” leave you in the blind.

The Isochrones People

It’s not really about Isochrones either (though we call ourselves The Isochrones People). Where common Isochrones usually are results of more or less creative guesswork and simply look at how far you get in 30, 60, 90 minutes driving from the airport, their source data is usually on county level or worse, often the figures do not compute with our own findings – not even close. So what’s the source and do you trust it?

Just some examples from public sources, what we had to deal with:

samples

It took us four years (out of five) to compile our data sources, test, throw away, dig into them, correct them (usually very much) and compile the sources in a way we can reuse them without too much work. Because every year there are changes, communities merging, splitting, renaming, …
Find solutions to calculate mass drive times. Where the commercial services limit to 1 million requests a year (at a fortune), we have that number in a few weeks. So we use commercial “standalone” solutions like the logistics industry uses, but still – running a country takes some days of pure computing time.

The Stuntmen

Still having some bugs, using commercial software for the mapping caused the maps to be close to unusable in Eastern Europe. Not professional for sure. So we had to relaunch. Now we use Open Street Map with a mix of their data and mapping data we receive from the countries. Which differ from what the commercial map providers sold us, but “suddenly” and to our expressed delight fit the statistical sources we use. And the bugs we solve one by one.

Wonder why no-one did our stunt before? Wonder why we think no-one (in his/her right mind) will? Above is your answer. But was that really necessary?

Eyesight for the Blind…

From our experience and that of the experts out there supporting us (airlines, airports, and their consultants), we know there is need for understanding the local customer base. And highly expensive, often outdated analyses of questionable quality at exorbitant prices. So yes, we think our services are needed. And if you don’t use them, you remain blind on one eye.

So what’s our USP again?

We’re not just polishing your Crystal Ball as I keep saying. We expand your vision and understanding to what’s truly important. But wasn’t yet available for no-one dared to address the complexity behind it. So trust the airport they know their market? The best you could do. Now we do better. We qualify their impressions with hard data.

And we make it comparable.

And that’s why we don’t compete with the flight data providers. We do something new. We do the other side of business. The hard one ツ

Seen our demo yet? Three airports. Full analysis. Free to use. But we have almost 600 more: https://www.CheckIn.com/

We’ll debut at Routes and hope to speak to many of you. It’s still “brand new” with cuts and edges. We will smooth them out and improve, we promise. But what we have was simply beyond imagination.

Until now. We launched.
Come. Have a look!