how cloud survived the earthquake and served people - lessons learned, realized value of cloud and...

How Cloud Survived the Earthquake and Served People

- lessons learned, realized value of cloud

and the perspective towards the future -Incident Management Session

Wed, 9 May, 2012

Ben T. KatsumiChief Researcher, Security Economics LaboratoryIT Security Center, IPA, Japan

The earthquake some facts, real problems and needs

Cloud services rendered free to people, governments and corporations

Change in evaluation of thought risks of cloud Cloud computing as social information

infrastructure Requirement to cloud: Social IT infrastructure

that is resilient, dependable and disaster-tolerant

Agenda

Copyright © 2012 IPA Information-Technology Promotion Agency·9 May 2012 ·2






Agenda


Damaged Area

Tokyo

SendaiFukushima

Sapporo

epicenter

More than Munich - Hamburg span


Seismic Density By Japan

MeteorologicalAgency

Figures

Human Dead: 15,782 Missing: 4,086 Injured: 5,932

Physical (in B$) Buildings: 130 Life Line: 16 Infrastructure: 28 Agri. Fish. 24 Cult. Edu. HC 14 Total 211

Tohoku Quake Mar. 11, 2011 Magnitude M9.0 Max Intensity 7.0

Damaged Area 320x125 mi2

Lost Buildings: 270k Max evacuated: 400k Power outage 8M

Water outage 1.8M

The Tsunami Wave height: 33ft Ran up to: 135ft Max invaded: 3.75mi Flooded area 561km2/140kA


Damages


Tsunami


Rescue


People

refugees in community houses & gymnasiums

Supply: enough here nothing there







Agenda


1. IT infrastructure for city staffs and volunteer stations for rescues and refugees support

2. Communications between individuals and families

3. Backups/mirroring of gov.s’ and local gov.s’ information dissemination: radiation info, citizen services info, etc.

4. IT infrastructure and services to businesses for emergency info delivery, employee communications, business communications and emergency data backups

Cloud services rendered free

to people, governments and corporations


1. IT infrastructure for city staffs and volunteer stations for rescues and refugees support

HQ/command center for rescue supply distribution and volunteer workforce delivery

Info hub needs IT infrastructure Cloud services for groupware, office apps, comms

tools IBM Microsoft Fujitsu Biglobe IIJ NEC Unisys Hitachi NTT-

Com

Medical needs matching also worked on cloudCopyright © 2012 IPA Information-Technology Promotion Agency

·9 May 2012 ·13

Refugees anywhere, supplies elsewhere Not just public facilities, i.e. schools, community

houses but in civil houses, temples, even in cars Municipal staffs do not know where people have

evacuated, how many are where, what are their needs

Life needs vary camp by camp: food, water, fuels, sanitary, blankets, clothes, batteries, etc.

---and they change day by day retrieval of field needs is most important obtaining stuffs from where by when is the next

issue


Issue in health care / patient support Patients don’t know where to get service ER medical teams don’t know where the needs are Patients lost medicines but don’t know what they

used to have Hospitals lost medical records - doctors don’t know

patients Medicines, medical supplies, tools and machines

are lost or in short: orders/requirements cannot be communicated logistics not available


Missing link: information flow & sharing

ＸWhat are

there?

How many?

Who are

where?

How many?

What in need?


??

?

???

Volunteers Hub as the needs-supply matching

Goods and stuffs to refugees Voluntary workforce for refugee camps, relief

supplies, mental support, housekeeping and cleaning

Collection and delivery of medical staffs, supply, drugs:who, what, how many to where for what by when?

Key: information How to collect, how to sort, how to match, how to

tell --- all with IT!!


Volunteers: info routerCloud: NW+CPU

Deliver 2xA, 10xB &

5xC to YXZ by ddmm.

We need

2xA, 10xB

& 5xC by

ddmm.

Emergent need

for surgery

stuffs!!

Where to

get them.


2. Cloud services for people communications

Google people finder “Sinsai.info” web site

collect tweets and SMs and put into database

matched with location info and shown on maps collab. Ushahidi, Amazon and

OSS community “Tohreta”(could go thru) map

Honda car location retrieval daily renewed DB on map


3. Backups/mirroring of gov.s’ and local

gov.s’ information dissemination: radiation info, citizen services info, etc.

Web servers of local governments either damaged or with minimal capacities

A LG site got sudden surge access when introduced as radiation measurement info site by twitter

Cloud hosting service providers offered free mirroring

Central and local governments could survive access storm

IIJ, Sakura, Fujitsu, IBM, Amazon, etc. offered MEXT, Tohoku prefectures &Cities, TEPCO used


4. IT infrastructure and services to businesses

Web service used to show photo of damaged shop TV conference used to have emergency remote

meeting CRM for information sharing Google Apps for office works e-mail services to compensate damaged in-house

server IaaS hosts for use as servers and backups Sharing of university lectures and e-learning

contents IIJ, IBM, Hitachi Joho, Microsoft, Nifty, Fujitsu,

Nihon Systemware, NECCopyright © 2012 IPA Information-Technology Promotion Agency

·9 May 2012 ·21

List of cloud services for free use

· 76 Cases

IBM Amazon Google

MS Hitachi Fujitsu NEC

IIJ Unisys NTT Nifty


Examples of free cloud services by CSPs

Google thru NTT Data & Hitachi Sol: Geo photos of damaged area with coordinates

MS ： e-mail, BBS, message board, chats by letters/voice/video, management platform for emergency aid stuffs, emergency control DB, etc.

IIJ ： hosting and mirroring sites for local governments to disseminate radiation info, public services info. MS offered the same

IBM ： Info sharing for blood transfusion, matching of medical supply needs + stocks

NSW ： DR tool “PlateSpin Protect”+”NSW Biz-VPN” enabled remote backup

Fujitsu: web conference system developed by an ISV for a chamber of commerce, VPN access from home and temporary offices to detour lockout of office building,Cloud mail to substitute a server washed away by tsunami, all within a day

Biglobe ： Social BBS for safety info, traffic conditions, train operation, biz comm, etc.Nihon Unisys ： Minicaipal office work systems incl. Residents DB, Taxation DB, Social Insurance, Welfare Services, Citizen Services, total 40 systems







Agenda


Data centers might go down On premise systems heavily damaged; no DC

went down Data in cloud might be lost

Local storage went down; restoring from cloud worked

Data stored somewhere else, maybe overseas Damage of super large area let them think of

safety in other countries Backups should be kept in house

Everything in-house washed away

Change in evaluation of thought risks

of cloud


Raised concern on BCP: big interest in Cloud

From on-premise to cloud: storage, servers, desktops

Move DCs from east area to west area within Japan

Hostings escape from Japan to Singapore, Autralia Online backup in cloud Main system on-premise with a cold standby in

cloud

Copyright © 2012 IPA Information-Technology Promotion Agency· 9 May 2012 · 26

Cloud is more and more adopted

Lessons & changes from/after the Quake Social media worked for emergency safety

communication Public cloud worked as social infrastructure to

support municipals, voluntary help team and medical rescues

No data centers die: survived outage with fuel supply for emergency engines

Data centers also survived planned blackout and peak demand suppression of electricity

Mobile and home working introduced rapidly and widely

Smart devices collect much interest as terminal devices to access cloudCopyright © 2012 IPA Information-Technology Promotion Agency

·9 May 2012 ·27




infrastructure Emergency response Operation at normal

Requirement to cloud: Social IT infrastructure that is resilient, dependable and disaster-tolerant

Agenda


Value of cloud in emergency response

Data centers are more robust than on-premise systems

Ready and effective for emergency response agility for any kind of use available for immediate release no or few barrier to offer free service

Conditions Power supply / fuel refill for data centers

secured Communication lines / media to keep alive Client devices can work --- power, battery,

generation Copyright © 2012 IPA Information-Technology Promotion Agency· 9 May 2012 · 29

Cloud in operations at normal B2C: used more for daily supply purchase, for

those with difficulty in going out for shopping: aged, rural residents, handicapped

B2B: almost every industry tend to outsource more. Higher dependency on more tightly linked supply chain.

Critical infrastructure: municipals, finance, medical, etc.

30% of local banks, 90% of credit unions depend on one data center provider

5000+ points of 200+ water supplier monitored by one system

Local government cloud is spreading rapidlyCopyright © 2012 IPA Information-Technology Promotion Agency· 9 May 2012 · 30

SafetyRetrieval

VictimsSupport

Info Disti.Sharing

EmergencyServices

IT infrastructure to sustain emergency response

Cloud Computing and Services Platform

SocialMedia

B2CGovernment

CriticalInfra

Industry

　　 Life Society 　　Economy

Lifeline

Peace

Em

ergency

Supports all the human, economic & social activities

Cloud supports economy & society

Copyright © 2012 IPA Information-Technology Promotion Agency· 9 May 2012 31




infrastructure Emergency response Operation at normal

Requirement to cloud: Social IT infrastructure that is resilient, dependable and disaster-tolerant

Agenda


Anatomy of cloud from social perspectiveReliability of cloud in view of ER, DR and BC

Security & Privacy of

Aggregated Personal Data

Cloud as the System

Platform with Resiliency & Dependability

Cloud for Emergency Response &

Disaster Rescue

Cloud as the Modelfor IT Utilization

Cloud as the Service or Business Model

Cloud as the Service Platform

Cloud as the Public Asset

Service at Peace

Services in Emergency

SocialInfra

Cloud to be resilient,

dependable and

disaster-tolerant

Service at Peace

Services in Emergency

CloudComputing

Potential Risks

Potential Risks

Emergency View View at Peace (Positioning in Economy & Society) Potential Risk View

BusinessEngine

Social Infra-structure inter-dependency &

Threats in Common

ER

BC


CommunicationServices Failure

SystemFailure HW

TrafficCongestion

Physical Disaster

PowerOutage

CyberAttacks

CyberAttacks

SystemFailure SW Data Center

Failure

Interdependency of critical infrastructure


Power Systems Failure

Cable CutoffRadio Station

Collapse

Refinery & Tank Failure

IT Infrasturcture/ services lost

OperatorUnavailable

Cloud services to survive DC down

Cloud services to survive DC down


Issuesto be

allocated

Technical

Security

Economy/Biz

Legal

International

Inter-cloud Operation forBackup, Failover,

Restoration, Recoveryand Migration

· Survey current state of penetration· Assess what if cloud/DC go down· Conditions for resilience, dependability· Allocate issues for inter-cloud migration

Virtual Machine or Service Function to be

automatically transferred from a DC

to another

Study on the way

Cloud proved its capability for emergency response

Cloud is now reputed for its capability for BC and DR

Cloud proved its value as a social information infrastructure

Cloud also works as business engine and life support

Need to prepare for unexpected failure of cloud services, by internal, external and incidental causes

Possibility of more significant disaster or mixed, cascaded failure has become topic after the quake, i.e. new quake

Assessment of the effect of failure, seek for ways to avoid failure and conditions to sustain/survive disaster are required

Summary


Cloud services can support society in emergency response

Ben T. KatsumiChief Researcher, Security Economics Laboratory

IT Security Center, IPA, Japan

[email protected]

Thank you!!

how cloud survived the earthquake and served people - lessons learned, realized value of cloud and...

Documents

n buildings

n missing

n hospitals

important n

n cult

n total211 tohoku quake

corporations n change

n lost buildings