Some notes on cloud computing and standards

Print Friendly

Last Tuesday I attended the pre-Cloud Connect meeting to talk about the state of standards and cloud computing. I wasn’t planning to do so, but I was tapped to give some overall remarks on standards and my past experiences. While we went around the room introducing ourselves, I furiously wrote some notes, none of them in a logical order by the time I was done. Here is my attempt at listing some of the items I mentioned when I spoke:

  • When we look across the broad range of everything that people consider is cloud computing, potentially hundreds of standards will be involved.
  • The good news is that many of these standards probably already exist. Re-use of good standards should be a primary strategy.
  • Until we create a big picture view of the cloud computing landscape, it will be difficult to understand the “what, when, and where” of standards. We need both a “marketecture” as well as a taxonomy. As a follow up to the meeting, we should create a wiki to do this work.
  • Once we understand the overall view, we can do a gap analysis on the standards we have and the standards we need.
  • Various groups have announced the intention of working on cloud computing standards, with different levels of specificity and intent. We should immediately start collaborating and stop any duplication of effort.
  • Because of the large number of standards involved, there will not be a single organization that does all cloud computing standards. While new work may be started, a large amount of coordination will be necessary across the different areas of technology and the different standards efforts.
  • Speed to market of standards-based cloud computing is very important.
  • We need to understand when parts of the technology need to be interchangeable (“substitutable”) versus simply interoperable.
  • We should not waste time having an official cloud computing definition of “interoperable.” We’re more than close enough to get working.
  • Some areas may not yet be ready for standardization because change, innovation, and experimentation is happening very quickly.
  • It is not acceptable to delay standardization until a particular provider establishes lock-in or a monopoly. Everyone knows when someone is trying to do this and we have several historical models. That said, strong competition and business success is good.
  • Openness and transparency will be paramount for cloud computing standards.
  • Leaders will need to step up and be recognizable as driving the different areas of cloud computing standards.
  • Cloud computing is here today, but we are very, very early. Don’t underestimate the progress already made by the market leaders, but beware some of the marketing claims and vaporware of others.


  1. There are some publically-available ‘clouds’; for example Argonne Leadership Computing Facility.

    If you have in mind doing some science and publishing your result openly … maybe some modelling related to nuclear fusion power station design, which will surely be needed before they actually build ITER and hopefully make some electricity to sell … then you are welcome to apply to Argonne for permission to get started today.

    If you want to do something secret, or commercially confidential, you might want to buy your own, of course.

    ‘Cloud’ is coming. Some of it is here now.

  2. I think some aspects of this are a crock, but I’ve said that before. Anyone building an indemnifiable system out of a cloud of open source systems and servers probably deserves the legal fees they are opening themselves up to. It’s a great model for a company making more money off of services than product, but it is a rotten idea for anyone who signs the indemnity clauses most of us in the industry take for granted.

    That said, content distribution, particularly in the form of mashups means licensing. Properly done, this is working well for YouTube and others. On the other hand, it will hiccup. A current case is YouTube and Warner Bros who are in negotiation for renewal. It is fairly common in the music industry for these to be hard negotiations with a lot chicken-race-to-the-cliff to be played over terms and conditions. During such periods, third parties deriving income from mashups have to live under the terms and can find their cash cows suddenly drying up.

    And if they don’t plan for that, whining won’t help.

  3. Len,

    I think you’re making an argument about the price of such a cloud system. In the days of photographic film, I always got it processed cheaply on the basis that the supplier’s maximum liability was replacement with unexposed film. Warranties accepting higher liabilities were available at higher prices. I expect it will be the same with Cloud Computers.

    As far as I can tell, all the various commercial laws we have are not supposed to suppress the bringing of products to market; to the contrary, they are supposed to encourage and accelerate the bringing of products to market. It’s just a question of wrangling about who gets the revenue and/or the profit, and maybe setting up some kind of ‘specialisation’ as between inventors, developers, manufacturers, distributors, and servicers.

    Intel are also in the game; Teraflops Research Chip is their 80-processor-per-chip entry. You only have to put a dozen of them in a ‘blade’ and you’re up to a thousand processors before you know what you have bought.

    That said, these things are not so easy to exploit. Mankind is fairly skilled at writing intricate software for single-processor computers; but the way you go about it on a thousand-processor computer is different. It’s a new field, there is little experience, and so far there is actually little commercial-scale software development investment. Just because you have a Microsoft Office System or an IBM Lotus Domino server which runs pretty well on a single processor, doesn’t really say anything at all about what happens when someone buys you a thousand to exploit. Or ten thousand.

    Some of the corporations, and some of the universities, can see the problem. I’m not sure that anyone can see the way past the problem yet, though.

  4. In the near space, the problems are keeping up development based on support code that is itself either weakly managed or unindemified without going to IBM, RedHat, etc., then using third party services with weak support contracts. To put it into a perspective some might understand, take that System Security template that one has to write every year for hosting a government system and consider how to fill it in using the cloud.

    As I said, it sounds good but I don’t think the legal framework is in place to make cloud computing more attractive. I think it is a much higher risk. Just one opinion.

  5. Fair enough, Len; but I’m an engineer, not a lawyer (or a doctor). I only offer engineering advice.

    It may well be that some considerable contribution is needed from a different field entirely, before ‘cloud computing’ comes to commercial fruition.

    For the ‘First-Class Businessman’, Cloud Computing should be like (in the days when Concorde flew the route) buying your ticket and getting from London to New York in time for breakfast.

    You do need rather more than just the airplane. We have the airplane. Now for the rest of it.

  6. OK. Here is one problem. Let’s say you decide to get your satellite imagery from a third party. Today, we get that from Google. As long as we are in front of the firewall, no license required. Behind the firewall, 10k a year for a basic service. As long as that keeps working and you can sort your way through the morass of almost but not quite working Open Layers, you can build a rudimentary mapping service, add GPS, and so on.

    What do you do if the Google servers fail? How do you indemnify that to the customers to whom you sell those systems? Google is reliable but this whole idea of a so-called cloud of services without a rock-solid notion of contractual and indemnifiable reliability is business-dumb. They may be technically substitutable and I have my doubts about that, but legally or contractually, not without a very comprehensive set of agreements for terms and conditions and quality of service.

    Caveat emptor.

  7. Len,

    Buy the IBM one. It comes with a warranty. We can’t promise it will never fail, but we can promise to fix it before it impacts your business.

  8. And there’s the rub, Chris. Technology aside, a full court press from Palimpsano, Schmidt, etc., on the Obama administration to push the US government to buy these by policy is to force them into the IBM customer camp, not an attempt to open the government up to transparency as claimed.

    It’s a shuck.

  9. I’m not convinced.

    Take the ‘domestic commercial entertainment’ market (Xboxes, Playstations, Wiis, and related items).

    IBM’s selling the processor chips. Having just left the Personal Computer business, I can’t see IBM wanting to get into the ‘computing box in the home’ right now; try Lenovo. And an IBM video game would have a number of problems; it would either be free like INNOV8 or cost rather more than domestic budgets usually stretch to.

    So, one link of the ‘commercial value chain’ seems a sensible choice. Other businesses are needed to attend to the other links.

    I can’t wait to hear the outcome of Palmisano’s chat with Obama. I assume Sam is going to ask all the IBMers to do something they haven’t been doing so far, but I don’t know what. Actually, I’m based in the UK, but the challenges are similar to those in the USA.

    And there are a lot of IBMers in China now. Should they do their best for China, or for the USA, or for the world ?

    And remember, it was OS/2 that was obsoleted by Linux.

  10. I get all of that, Chris. What I am looking at is a set of relationships that introduce weaknesses in support and possibly reliability that make it hard for me to buy into open cloud/open source thinking where Palimpsano has to sell it to a fresh and frankly inexperienced executive. I don’t doubt Obama’s sincerity other than his self-obsession; I doubt his chops in the face of a hard sale.

    The push into government seems like a Hail Mary pass. If all of this worked as well as claimed, it would sell itself. Instead, I see blogs such as this:

    For some applications where speed, reliability and the assets involved are not critical (sorry, I don’t consider Facebook critical), go for it. For others such as public safety, homeland security, health, and so forth, I think the risks outweigh the advantages and I’m not even sure that the advantages accrue to the customers. So call me sceptical.

  11. Who should IBM sell it to ?

    The IBM business model is (roughly) to invest 1% of gross revenues in ‘basic science’. Nowadays maybe less than half of that is ‘pure science’ with a view to achieving Nobel Prizes, and the rest of that 1% is ‘applied science’ with a view to pushing things into Development and Manufacturing. Improved chips for XBox360’s, and the like.

    Unless you figure out who you’re going to sell to, you’ll stay at that fraction of a percent. If you can convince the right people that there is market traction, there’s (traditionally) 9% of revenue to do the development engineering, and 30% to do the manufacturing.

    But these things are being sold. KAUST Shaheen is one going to a non-US customer; ALCF and RENCI are a couple more in the US.

    I think that it’s the next generation of scientists, engineers, and businessmen, who learn how to use these machines, develop them to the point of commercial usefulness, and then use them to design better products, model systems, come up with marketable solutions, who are going to win; by comparison with the ‘rest of us’ who don’t have access, or who are slower at exploiting.

    So, they are coming down the pipe at us, like it or not. What shall we use them for ?

  12. The market is the market. Whoever can afford it and needs it is who you sell it to? What I am interested in are first the kinds of legal models required to sell cloud-based critical infrastructure, and then the technology where the performance numbers (MTBF, MTTR) make it clear that the contracts can be honoroed.

    The so-called mega-center bothers me because I don’t like to see a distributed system devolve into that much power in so few hands. The hypocrisy is unreal, but that aside, I don’t believe it is technically the best approach. In fact, perhaps it is a good idea to have a discussion about the kinds and types of commodity services that ARE best done by cloud computing rather than selling the cloud abstraction which one should admit has on its surface a feeling of smoke and mirrors.

    Another piece that catches my attention is the statement that some parts of the system are changing so fast that we don’t need standards yet or if we do, we need new ones. That is the claim from the virtual worlds industry but it is never backed up with facts. For example, even Raph Koster admits X3D is viable technology for virtual worlds. Instead, by ignoring IP and chasing services, the virtual worlds market has opened itself up to precisely the same kinds of patent lawsuits that bedeviled the chip industry. The response is, reform the patent laws but maybe it is more reasonable to use them more smartly because by the time they can be reformed, one finds oneself paying the trolls because they win. I know IBM wants to be seen as the ‘kindly old company that protects people with its patent portfolio’, but this is a market where it has been clumsy, wrong and may have unwittingly held the door open for the trolls.

  13. Well, it comes down to selling the ticket to the First Class Businessman for Concorde.

    If there’s some problem with the engines, or one of the crew gets sick, then you have to cover that internally. The client has paid their money, and the business has to deliver the service. Asking for extra money, or failing to deliver the service, isn’t going to be very good for repeat business.

    I guess ‘understanding and controlling the commercial risks’ is a normal part of the development process; the thing that goes on between the scientist getting it to work once in the lab, and the marketing side of the business releasing the “Announce Letter” and going on quota to sell. Smaller businesses might be able to buy insurance against getting it wrong, but I don’t think IBM can. It has to carry the risk itself.

    “Cloud” is in-between at the moment. Huge opportunities for leadership customers; but they will have to invest in their own scientists and engineers, rather than relying wholly on the vendor’s ones. No vendor has enough with the right skills.

Comments are closed