Homeland Security Watch

News and analysis of critical issues in homeland security

July 27, 2012

SnOODAn: Boyd, Snowden, and Resilience

Filed under: Preparedness and Response,Risk Assessment,Strategy — by Philip J. Palin on July 27, 2012

Last Thursday I posted a bit on Cynefin. Developed by David Snowden and others, the Cynefin Framework can be a helpful tool for engaging reality’s varied flows, especially the flows — sometimes floods —  from known to knowable to complex to chaotic and betwixt and between.

Cynefin is both a strategic and an operational tool. Depending on one’s strategic perception it calls for adjusting how reality is engaged. For example, dealing with what is known is a matter of sensing, then categorizing, and responding appropriately. We choose a response to match our understanding of what is happening, our prior experience with what is happening, and how we have previously dealt with this category of event.

In contrast, a complex context presents a novel environment that needs to be probed in order to sense what is happening and then we respond to that understanding… often an incremental understanding that comes from multiple probes (some helpful and some not). Snowden argues that chaos does not allow for investigatory probes, but requires full-fledged actions and adaptation as we move with reality’s cascade.

In a comment to last week’s post John Plodinec suggested that Cynefin reminds him a bit of the OODA (Observe, Orient, Decide, Act) framework developed by John Boyd.  I agree.  The two frameworks are especially helpful when applied together.

I use Cynefin to understand the context in which I find myself.  I use OODA to better understand myself.  Simultaneous application helps me adjust effectively to unfolding reality.

The principal impediment to recognizing a shift from a complicated context into complexity or from complexity into chaos is my own orientation, my own readiness and (un)willingness to recognize reality.

By clicking on the illustration a larger version will appear in a new window

My orientation has significant influence on my observation.  Instead of seeing unfolding circumstances I often “see” a prior circumstance.  Instead of receiving outside information, I may depend on inside information (often inside my own mind).  Instead of interacting directly with the environment, I interact with data-feeds, indirect reports, and other representations of reality rather than reality-itself.

Not surprisingly given this warped view of reality my decisions (conscious or usually not)  can produce actions wildly mis-matched to reality.  In mistaking a complex context for a merely complicated context, my decisions and actions amplify the complexity.  By mistaking a chaotic situation for a complex situation I undertake tentative decisions and actions that merely delay the bolder steps that are the best bet for stabilization.

Snowden warns that mistaking chaos for a known — and controllable — situation is often the precursor to catastrophe.  This is an error to which experienced experts are, paradoxically, especially susceptible.

The Orientation element of the OODA framework (inside the blue in the illustration) consists of what Boyd suggests are five anchors… predispositions… core capabilities…

  • Genetic Heritage:  We see, hear, smell, taste,  feel and think within the limits of our species.
  • Previous Experiences:  We tend to expect what we have previously experienced.
  • Cultural Traditions:  We tend to process new experiences with concepts derived from our social experience.
  • Analysis and Synthesis: Boyd especially emphasized the speed with which we can analyze and synthesize, greater speed providing greater potential advantage.
  • New Information:  Our receptiveness to novelty can profoundly affect every other aspect of orientation.

The more open I am to new information, the quicker I am to analyze/synthesize new information, and the less constricted I am by genetics, culture, and prior experience the more resilient I am likely to be in dealing with complexity and chaos.

Another way of saying the same thing:  My resilience is advanced when I can take thoughtful action even when seriously doubting my own judgment.  The more complex and chaotic the context, the more self-doubt is productively adaptive… as long as I take action, monitor outcomes, and adjust as best I can.   Will this work for a group?  For a community?  For a region?  For a nation?

Can a society increasingly organized around specializations affirmatively embrace self-doubt?  We usually speak of self-doubt as a problem.  Yet Jim Collins found that Level 5 Leaders “build enduring greatness through a paradoxical blend of personal humility and professional will.”  What is humility, but self-doubt courageously deployed?


I constantly stumble over pronouncing cynefin (it’s Welsh and sounds something like “kuh-ne-vin”.  Whenever I ask someone if they know about OODA they seem to think I’m asking about a breakfast cereal.   So I’m going to start writing and talking about “The Snoodan Frameworks” (Say Snowden with a kind of Scottish brogue or Scandinavian sing-song.)

We’re about one-third or so through a series on catastrophe, resilience, and civil liberties that started with a post on May 18. The series will continue next Thursday or Friday.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn


Comment by Dan O'Connor

July 27, 2012 @ 9:39 am

Thank you Phil

Your point of view on this resonates with me. I find the integration of Cynefin and OODA as both requiring context. Orientation without context adds greater distortion to observation and also allow for a bleeding of sorts from simple to chaotic. I have read a lot on Boyd and his work and find great relevance between trying to understanding or defining resilience and Boyd’s use of Heisenberg and Gödel.

The Heisenberg’s Uncertainty Principle simply states that there is a limit on our ability to observe reality with precision. We believe our observations to be very precise when in fact they are not. What is real is difficult to because we all come with our own set of criteria. Being aware of that predilection is an asset, I think. Gödel’s Incompleteness Theorem simply states that any logical model of reality is incomplete (and possibly inconsistent) and must be continuously refined/adapted in the face of new observations. Novel situations are dynamic and constantly morphing. Observations are subject to a myriad of factors and what the brain doesn’t understand the eye does not see.

Our ability to observe novelty is often thwarted by our experience and training with emphasis on heuristics to observe. I think being aware of these traps or patterns is akin to resilient thinking. Resilience in these contexts to me is surplus, overlap and margins. Being able to adapt and respond may require surplus time, assets, or other. When those margins begin to contract and the time/space relationship is shrinking or perceives to be, decisions are made under an artificial duress or the appearance of duress that exacerbates a decaying situation.

Speed and efficient observation in these cases are not the same thing.

I think being aware of cynefin and OODA at the very least enables someone to step back from a situational myopia and ask; what am I not seeing, observing, understanding, etc. I do not pretend to be an expert in these subjects. However, I find great utility in having diversity in backgrounds and expertise of others to form a collective of generality to see many facts seeing a spectrum of contextual orientation. I think Maslow nailed it here (pun intended) “I suppose it is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail”. Too many like-minded, like experienced people may see the same thing or not see what may be readily apparent to others.

Comment by Lynn WHeeler

July 27, 2012 @ 2:35 pm

Part of Boyd’s briefing was contrasting the rigid, top-down, command&control structure of the US military going into WW2 with the German military structure. He would then comment that former WW2 officers beginning to permeate US corporate leadership was starting to contaminate the US corporate structure with similar rigid, top-down command&control paradigm. Rigid, top-down, command&control paradigm was inhibiting the ability to recognize and adapt to changing circumstances (undermining OODA-loop).

Comment by Philip J. Palin

July 27, 2012 @ 4:30 pm

Dan and Lynn: In eco-systems resilience is almost always enhanced by diversity. Sounds like you both think this is also key to the resilience of human organizations. Diversity is not stress-free in non-human settings. But in the long-run (sometimes even in the short run) it pays dividends.

Yet diversity is also a source of complexity… yes? Are you saying effective habituation to complexity may serve to cultivate resilience for chaos… and even disorder?

Comment by Lynn Wheeler

July 27, 2012 @ 6:34 pm

our last product before leaving IBM was high-availability/cluster multiprocessing … which required doing a lot of study about how things failed. it isn’t diversity and complexity directly … it is no common modes/points of failure. random diversity and/or random complexity … may or may not have common ways or place of failure. if you have no idea about ways things fail … then going for random diversity may be just wishful thinking that they won’t have common failure/vulnerabilities/exploits.

other areas where it plays is multi-factor authentication, presumed to be more secure with implicit assumption that the different factors have unique/different vulnerabilities … which may or may not be true. For instance pin-based magstripe debit cards were presumed to be “more secure” … pin typically treated as countermeasure to lost/stolen card. However, a common exploit for decades is compromised end-point (atm machine, pos terminal, etc) that has been able to harvest both pin&magstripe information … invalidating the assumption about multi-factor authentication having independent failures/exploits.

rigid, top-down, command&control paradigms tend to be susceptible to single/common failure/vulnerability modes.

Comment by Philip J. Palin

July 28, 2012 @ 5:13 am

Lynn, Another question: A small group of supply chain operators are engaged in a parallel process of vulnerability analysis. They are each attempting to better understand how things have failed and may fail. The process is the same for each, but each is conducting the examination independently. They then intend to consider what vulnerabilities, sources of failure, they share… with the thought they will collaborate in mitigation.

But I may read in your comment a caution?

Comment by Lynn WHeeler

July 28, 2012 @ 7:00 am

part of supply chain management tends to optimize by eliminating redundancy, increasing vulnerability to failures in such areas (that have eliminated redundancy).

in rigid, top-down, command&control structure, group-think can be frequent culture paradigm. group OODA-loop sharing sould enhance group operation … but non-sharing may be an attempt at countermeasure to pervasive group-think culture (some of this comes through in Boyd’s Organic Design For Command & Control briefing)

at early financial industry critical infrastructure meetings, industry representatives didn’t want to share because 1) they viewed vulnerability information as competitive advantage and 2) they were worried that ISACs might be subject to FOIA and they didn’t want pervasiveness of exploits leaking to public (way ahead of worries that exploit techniques would leak to the bad guys).

Comment by Lynn WHeeler

July 28, 2012 @ 8:20 am

minor side-track … we were tangentially involved in the cal. state data breach notification legislation having been brought in to help word-smith the cal state electronic signature legislation. Many of the parties were also heavily involved in privacy issues and had done extensive, in-depth public surveys. The #1 issue was identity theft, primarily the form of “account fraud” (fraudulent financial transactions) frequently as the result of data breach. The issue was that little or nothing was being done about such breaches (aka normally entities take exploit countermeasures motivated by the risk to themselves … the fraudulent financial transactions as a result of the data breaches were against individuals … not the institutions having the breaches … so there was no self-interest involved). There was some anticipation that the publicity from the data breach notifications would motivate institutions to take countermeasures (also provide individuals opportunity to close accounts involved in the breaches).

In the more than decade since the cal. state data breach notification legislation, there have been lots of federal bills introduced … about evenly divided between those similar to the cal. legislation and those that would effectively eliminate notification (sometimes cleverly worded requiring breach to involve combinations of personal information that rarely occurs in the real-world)

Comment by Philip J. Palin

July 28, 2012 @ 8:38 am

Lynn, Thanks. In this particular case I think the supply chain owners/operators have seen it is in their self-interest to share — for reasons close to what you outlined. They are conducting individual vulnerability analyses specifically to avoid group-think. But they are using a common methodology to encourage sharing. They have also involved a china-breaker specifically to challenge group think.

Based on the results of the vulnerability analysis they will conduct a joint exercise where they will try to cause more failure. From all this activity they are attempting to identify where they should focus their mitigation efforts. I can imagine the group-think risk becoming more acute as there is an attempt to focus in one place and not another. But we’re not there yet.

There is no command or control. No one is required to be at the table and they participate as they want. So far they have collaborated because they find the process more creative and productive than trying trying to achieve the same goals alone. Some have said they are already handling internal difficulties differently than before. None have yet been faced with an acute challenge to test the results… and in any case it is very early in a process.

A very different network than those on which you are reporting, but it sounds like the same principles largely apply.

Comment by Lynn WHeeler

July 28, 2012 @ 2:06 pm

Lots written about group-think, conformity and hierarchy are epidemic in the culture … with non-conformity being beaten out from early age; … then how to reverse the process and foster innovation.

IBM under Watsons had culture where it was claimed “wild ducks” were needed. Then in the mid-70s the company had a major stumble that precipitated major change in the corporate culture … and after that the joke was wild ducks are tolerated so long as they fly in formation.

Boyd would talk about observing from every possible facet … image the OODA-loop is perimeter of a circle with the subject matter in the middle and constantly circling to observe from every possible perspective.

Isolating multiple teams helps as countermeasure to group-think … but it is also useful to give the teams slightly different directions/starting-point to encourage taking different perspectives. This also shows up in red/blue teaming.

Comment by Arnold Bogis

July 29, 2012 @ 8:54 pm

To be upfront, while I know the OODA loop and of Boyd in general, I’ve never read his work. However, this doesn’t stop me from clarifying one assertion and asking a question.

First the assertion. Dan wrote: “The Heisenberg’s Uncertainty Principle simply states that there is a limit on our ability to observe reality with precision. We believe our observations to be very precise when in fact they are not. What is real is difficult to because we all come with our own set of criteria.”

I’m assuming (maybe hoping?) that Boyd used Heisenberg’s principle as a metaphor. The actual Principle addresses measurement at the sub-atomic or quantum scale. In fact, measurements at the “everyday” scale where Newtonian mechanics and relativity hold sway are INCREDIBLY precise. Even quantum mechanics makes predictions of energy levels and whatnot that have proven accurate to ridiculous levels of precision. Heisenberg cared nothing about criteria or what was brought to the table, only the interaction of the particles to be measured and those used to measure. It is math, not psychology.

The question. Lynn wrote: “Part of Boyd’s briefing was contrasting the rigid, top-down, command&control structure of the US military going into WW2 with the German military structure. He would then comment that former WW2 officers beginning to permeate US corporate leadership was starting to contaminate the US corporate structure with similar rigid, top-down command&control paradigm.”

What’s interesting is that I’ve heard something similar to the first sentiment, but replace “US” with “USSR” and “German” with “US.” But my question has to do with the corporate comment. Was Boyd caught up in the late 70s, early 80s fear of US decline and Japanese economic rise? I have no background in business, but I’ve always had the sense that different corporations have different degrees of freedom in terms of decision making but that few, if any, don’t adhere to a basic top-down model. It worked for decades, than didn’t, then was the envy of the world, and then wasn’t, etc. When the US economy is doing well, our “system” works better than everything else. When it isn’t, the almost-same system needs to be radically changed…until it starts working again.

Phil, your comments about transition among the Cynefin quadrants reminds me of the concept of “emergent crises” as put forth by Dutch Leonard and Arnold Howitt of Harvard: “But some forms of crisis do not arrive suddenly. They fester and grow,arising from more ordinary circumstances that often mask their appearance. We term such situations emergent arises – a special and especially difficult category.” For further explanation and the difference from what they term “routine emergencies” and “crisis emergencies,” see:

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>