This book introduces a novel approach to the design and operation of large ICT systems. It views the technical solutions and their stakeholders as complex adaptive systems and argues that traditional risk analyses cannot predict all future incidents with major impacts. To avoid unacceptable events, it is necessary to establish and operate anti-fragile ICT systems that limit the impact of all incidents, and which learn from small-impact incidents how to function increasingly well in changing environments.
The book applies four design principles and one operational principle to achieve anti-fragility for different classes of incidents. It discusses how systems can achieve high availability, prevent malware epidemics, and detect anomalies. Analyses of Netflix’s media streaming solution, Norwegian telecom infrastructures, e-government platforms, and Numenta’s anomaly detection software show that cloud computing is essential to achieving anti-fragility for classes of events with negative impacts.
About the Author
Kjell Jørgen Hole holds a full-time position as a professor at the Department of Informatics, University of Bergen (UiB) and a part-time position as the head of the security department at the Simula Research Laboratory in Oslo. At the time of this writing, he is part of a joint effort between UiB and Simula to form a new cyber security research group.
While Kjell completed his PhD in coding theory at UiB, he did most of his thesis work at the University of California, San Diego, where he worked at the Center for Magnetic Recording Research (CMRR).
Kjell was also a postdoctoral researcher at IBM Almaden Research Center in Silicon Valley, where he conducted research on convolutional codes and artificial neural networks. Later, he worked on trellis coded modulation at the Norwegian University of Science and Technology. During this period, Kjell mainly published his research in IEEE Transactions on Information Theory and IEEE Transactions on Communications.
Kjell eventually switched fields from coding theory to cyber security because he wanted to pursue more applied research. His first research group in the field of security became “infamous” in Norway for a few years because it shattered local myths about information technology systems’ high degree of security and privacy. The group published articles in the IEEE magazines Security & Privacy and Computer.
Kjell enjoys teaching and working with students. Through the years he has supervised many master’s and PhD students. At UiB, he developed and taught courses and seminars in introductory programming, coding theory, information security, anti-fragile systems, and communication standards such as Wi-Fi and Bluetooth. He has also given many talks to Norwegian industry and written feature articles about security in Norwegian newspapers.
Together with two of his PhD students, Kjell founded a security consultancy. Today, he is a board member of mCASH, a company operating a mobile payment solution in Norway.