One problem here is that a solution that operates continuously and provides “value way before an extinction level event plays out” is likely to be much more complex—and have considerably more points of potential failure—than a simpler solution.
Imagine I have a requirement that I be able to receive radio transmissions during an emergency. I could build a fairly simple emergency radio and pressure-test it. It doesn’t provide me any value in ordinary times, so it just sits there on the shelf between pressure tests. It’s cheap, so I could build several for redundancy. I could also build a smartphone with radio capacity—this would be operated continuously and provide value in normal times. It is also much more complex and has many more failure modes than a simple radio. Many of those failure modes are common to both the ordinary-times use and the emergency-times use. But some are less so—I might not be using the radio feature on my cellphone much at all in normal times because that particular function doesn’t provide much if any pre-emergency value.
I think you’re likely accepting a significantly higher level of failure modes for a better opportunity to detect and fix them. It’s not clear to me if this is a good tradeoff or not. If you go back to the cellphone analogy, most things have to evolve and grow to continue providing enough value to justify their maintenance and operation. Maybe we could have a super-high-reliability smartphone if we locked in 2010 capabilities and worked on iterating the flaws out of it. But a 2010-level smartphone isn’t going to get much use. And adding new features and capabilities adds new points of failure, so manufacturers are stuck playing a never-ending game of whack-a-mole.
I’m reminded of the troubles that the US government has had with getting cell phones up to the point that they can handle classified information. The poor user experience of cell phones approved for even secret information famously contributed to getting a former Secretary of State into some trouble. As of 2016, phones appeared to have only been approved to the secret level (not top secret, or ~”above top secret” like certain SCIs). In contrast, we’ve had landline devices cleared for all security levels since at least 1987 (I didn’t check older devices). The security reliability risks are apparently a lot easier to manage with the simpler devices.
For similar reasons, the solution with pre-emergency value will likely be much more expensive to develop and operate. All critical components need to be hardened / highly reliable. The more you expect those components to do, the bigger / more complex they are going to be. If the power facility needs to power a small town, it will be much more expensive to harden than a solution for a bunker. If you rely on a different power solution for emergency situations and only harden that solution, then a critical system isn’t going to be regularly operated. It’s probably going to be considerably more expensive to run and maintain a hardened system than a standard one even in normal times—so normal-time operation is likely to also require some significant subsidies. As a result, you’re going to have to put a lot of eggs in a single basket for cost reasons alone.
If I take the power plant for example, let’s imagine you want to build a hardened geothermal power plant in some kind of significantly sheltered (maybe underground) environment as part of the citadelle concept. So you want a 40mwh power plant to support @30k people in the refuge. Well in normal times—that power goes straight into the grid and earns back revenue. Yes, it’s probably cheaper to build a field of solar, but not that much cheaper, Dinorwig Power Station was built in the 70′s in a mountain and that’s still cost effective today even though it’s slightly harder to build. This is where the paradox of scale economics comes into play, the more you do something at scale, actually the lower it costs and the more simple it becomes. It’s like using rare minerals—the more you use, the greater the demand, the more get’s found in new reserves.
I do agree that you have a valid point regarding the mobile phone vs. simple radio analogy. I wonder if there’s principle that could be adopted to beat this complexity problem though—what your essentially saying is the goods produced by the modern world value chain are ill suited to a disaster scenario due to their dependency on components that could be impossible to source in a different context. Maybe a principle along the lines that any goods used in the refuge must be able to be 100% fabricated in the refuge by materials available to the refuge. The Mormons have been doing something fairly similar for decades and it seems to work quite well for them.
One problem here is that a solution that operates continuously and provides “value way before an extinction level event plays out” is likely to be much more complex—and have considerably more points of potential failure—than a simpler solution.
Imagine I have a requirement that I be able to receive radio transmissions during an emergency. I could build a fairly simple emergency radio and pressure-test it. It doesn’t provide me any value in ordinary times, so it just sits there on the shelf between pressure tests. It’s cheap, so I could build several for redundancy. I could also build a smartphone with radio capacity—this would be operated continuously and provide value in normal times. It is also much more complex and has many more failure modes than a simple radio. Many of those failure modes are common to both the ordinary-times use and the emergency-times use. But some are less so—I might not be using the radio feature on my cellphone much at all in normal times because that particular function doesn’t provide much if any pre-emergency value.
I think you’re likely accepting a significantly higher level of failure modes for a better opportunity to detect and fix them. It’s not clear to me if this is a good tradeoff or not. If you go back to the cellphone analogy, most things have to evolve and grow to continue providing enough value to justify their maintenance and operation. Maybe we could have a super-high-reliability smartphone if we locked in 2010 capabilities and worked on iterating the flaws out of it. But a 2010-level smartphone isn’t going to get much use. And adding new features and capabilities adds new points of failure, so manufacturers are stuck playing a never-ending game of whack-a-mole.
I’m reminded of the troubles that the US government has had with getting cell phones up to the point that they can handle classified information. The poor user experience of cell phones approved for even secret information famously contributed to getting a former Secretary of State into some trouble. As of 2016, phones appeared to have only been approved to the secret level (not top secret, or ~”above top secret” like certain SCIs). In contrast, we’ve had landline devices cleared for all security levels since at least 1987 (I didn’t check older devices). The security reliability risks are apparently a lot easier to manage with the simpler devices.
For similar reasons, the solution with pre-emergency value will likely be much more expensive to develop and operate. All critical components need to be hardened / highly reliable. The more you expect those components to do, the bigger / more complex they are going to be. If the power facility needs to power a small town, it will be much more expensive to harden than a solution for a bunker. If you rely on a different power solution for emergency situations and only harden that solution, then a critical system isn’t going to be regularly operated. It’s probably going to be considerably more expensive to run and maintain a hardened system than a standard one even in normal times—so normal-time operation is likely to also require some significant subsidies. As a result, you’re going to have to put a lot of eggs in a single basket for cost reasons alone.
If I take the power plant for example, let’s imagine you want to build a hardened geothermal power plant in some kind of significantly sheltered (maybe underground) environment as part of the citadelle concept. So you want a 40mwh power plant to support @30k people in the refuge. Well in normal times—that power goes straight into the grid and earns back revenue. Yes, it’s probably cheaper to build a field of solar, but not that much cheaper, Dinorwig Power Station was built in the 70′s in a mountain and that’s still cost effective today even though it’s slightly harder to build.
This is where the paradox of scale economics comes into play, the more you do something at scale, actually the lower it costs and the more simple it becomes. It’s like using rare minerals—the more you use, the greater the demand, the more get’s found in new reserves.
I do agree that you have a valid point regarding the mobile phone vs. simple radio analogy. I wonder if there’s principle that could be adopted to beat this complexity problem though—what your essentially saying is the goods produced by the modern world value chain are ill suited to a disaster scenario due to their dependency on components that could be impossible to source in a different context. Maybe a principle along the lines that any goods used in the refuge must be able to be 100% fabricated in the refuge by materials available to the refuge. The Mormons have been doing something fairly similar for decades and it seems to work quite well for them.