Andrew Myers

Security, programming languages, and computer systems

The Wooden Firehouse

1 Comment

An allegory for computer security.

You have lived all your life in a quickly growing town, whose growth has been sped up by constructing all the buildings out of wood. Some buildings in town are huge structures that have been repeatedly expanded with new wings and towers; others are simple shacks that are put up hastily and torn down just as quickly. Unfortunately, all of these buildings have the weakness that they can and do catch on fire. And lately more and more of them have been catching on fire. It even seems that arsonists from another town are sneaking in and deliberately setting buildings on fire.

You and your friends have warning for some time that better construction methods are needed. Building with concrete and steel would make buildings fundamentally less vulnerable to fires. Unfortunately, your warnings have not been heeded, for a variety of reasons:

  • Fires were once much less common, and buildings were smaller and farther apart, so fires caused much less damage and were taken less seriously.
  • Much of the construction effort goes into adding to existing buildings. While it might have once been easier to change to better materials, the objection is raised that it’s not practical to tear down all the existing buildings and replace them with concrete ones.
  • A quirk in your town’s legal system makes builders, no matter how careless in their design and construction work, not legally responsible when buildings catch on fire.
  • The technologies for building with concrete and steel are still in their infancy. Small demonstration buildings have been constructed, but there is skepticism that the new technologies will be cost-effective.

Thus, the builders have mostly ignored your warnings and have continued both to build new buildings and to add huge new extensions to existing ones, always using wood.

The town elders have decided that something must be done to address the increasing damage done by fires and the threat that fires might start spreading from building to building. By far the most town resources have been directed to firefighting, and firefighters are celebrated as heroes. Fortunately, the elders have had the foresight to realize that something must be done beyond simply fighting fires as they arise.

Several local companies therefore offer popular flame-retardant paint and inspection services to check for natural gas leaks, and citizens are encouraged to use them. While these measures do not protect against determined arsonists, they do seem to prevent some accidental fires.

The town is also supporting a small amount of basic research into the fire prevention problem. Most of this work has focused on improved smoke detectors, better fire hoses for firefighters, and better fire-retardant paint. Another focus has been demonstrations that existing fire prevention methods are inadequate—researchers have developed many clever new ways to set buildings on fire, and these are eagerly reported on by the media. Only a small fraction of the effort has gone into studying how to make it cheaper and easier to build buildings out of non-flammable substances.

And even the firehouse is still made out of wood.

Advertisements

Author: Andrew Myers

I am a professor of computer science at Cornell University. It is too hard to build trustworthy software systems using conventional systems APIs. I work on higher-level, language-based abstractions for programming that better address important cross-cutting concerns: security, extensibility, persistence, distribution.

One thought on “The Wooden Firehouse

  1. Thanks to Kathleen Fisher for suggesting the title idea.