SlideShare uma empresa Scribd logo

Safety Bot Guaranteed -- Shmoocon 2017

Transferir como PPTX, PDF
Richard Seymour
Richard Seymour

Chat bots been have popping up everywhere for silly things, but what if they can help us make the world more safe and secure? The work of designing secure systems often involves iterating over designs with a team but what if you don’t have a team? What if you could iterate over system design and analysis in a chat window and have a design document with safety constraints as the end product? This talk will present an original chat bot that will do just that

Tecnologia
1 de 80
January 15, 2017 SAFETY BOT GUARANTEED RICH SEYMOUR
Who Am I?  Data Scientist at Endgame  Got a PhD in Materials Science doing nanoscale simulations on supercomputers  Play bass in a band (bleach bones)  @rseymour on twitter 2
Outline  Bots  Safety  Their powers combined! 3
Outline  Bots  Safety  Their powers combined! 4
BOTS the hype cycle peaks?
Talking about chatbots  Image and many of these bot slides courtesy of bot master and coworker:  Bobby Filar @filar 6
Popular Bots  Amazon – Alexa  Apple - Siri  Facebook - M  Google - Google Home  Microsoft – Cortana 7
Bots are Changing Lives 8
Bots are Changing Lives Pt 2 9
Bots Boiled Down  Bots take words and turn them into actions.  “Alexa, turn on the lamp” “Ok”  “Open the pod bay doors HAL” 10
Voice Recognition and Speech Synthesis  We don’t need these pieces to have a bot 11 Text to Speech bot Speech to Text
Click-Through vs. Conversational Interfaces 12 + 6 more steps vs Id like to order a cheese pizza. Great! What size pizza would you like? Medium Okay. I have an order for a medium cheese pizza. Is that all? Yes. That is all.
Causes of the Bot Revolution?  Platform Diversity • Messaging • Intelligent assistants • Team collaboration software  App Stagnation • More users on messaging platforms • Hard to gain traction w/in App Stores  Ease-of-Use • Simplifies UI/UX • Allows user to maintain focus on current screen/activity • Provide walkthroughs • Eliminates need to know query languages 13 Cortana
Bot Development Kits (BDKs)  The rise of bots is largely due to an increase in BDKs  Companies like Chatfuel, Wit.ai, and API.ai • Provide simple UI for development • Closed-domain, Rule-based, goal-oriented bots • No programming skills required  How popular have these frameworks become? • Wit.ai  purchased by Facebook (Jan 2015) • API.ai  purchased by Google (Sep 2016)  Major companies pushing out frameworks too! • Microsoft Bot Framework • Amazon Alexa Skills Kit 14
What bots are made of.
GENERATIVE RETRIEVAL 16 OPEN DOMAIN CLOSED DOMAIN LONG CONVERSATION SHORT CONVERSATION Types of Bots Active Research Surprisingly Easy
GOOD BOTS  DoNotPay Bot • Bot helps people fight parking tickets • Wildly successfully in 3 major cities  Esterbot • QA bot tied to a LinkedIn account or resume. • Recruiters talk to a bot before they get to you BAD BOTS  Microsoft TayBot • Great idea gone terribly awry • Learning from internet conversations sometimes leads to being… the worst. 17 Good Bots and Bad Bots
18 GENERATIVE RETRIEVAL PROS • Bots of the future! • Excellent recall ability • Ability to learn as exposure to user increases • Simple to implement • Smaller datasets • No grammatical mistakes CONS • Requires a lot of data • Complex models  large vocabularies  massive training time for model building • Prone to grammatical errors • Really, really inappropriate… right TayBot? • Not intelligent • Limited “memory” • Works best in closed-domain, short conversation scenarios Which is best?
Bot Workflow aka Bot Vocabulary  Session  Identity  Dialogue Script  Context  Intents  Entities  Action 19
Pattern Matching without Context (Eliza 1964-1966) 20
Context & Intent  Context (teal) • Current state • Steers conversation • Ensures all req’d parameters are collected to perform Action  Intent (red) • Maps Utterance (blue)  specific Action • What does the user want? 21
Entities  Entities are parameters needed to satisfy Intents and execute Actions.  Entities can be anything • File hash • IP address • Cities  Permutations of an entity allow for diversity of vocabulary • Regular Expressions • Synonyms 22
Training Data  Few bot developers have necessary training data  BDKs provide access to Domains or pre-defined Knowledge packages: • Reservations • Small Talk • Weather  BDKs log user interactions to constantly update training set 23
Natural Language Processing & Machine Learning  BDKs have built in ML/NLP capabilities  NLP used to handle incoming data • Tokenization • Word Boundary & Word Sense • Synonym generation • Entity extraction  ML used to classify user input to an Intent and map to an output • Supervised Learning • Features: n-gram or word-based vectors • Model constantly updated as bot gets used 24 Input  NLP Output  ML features
NLP 101  Direct Matching (No ML) Show flights from Washington to Denver on Monday Show flights from Washington to Denver on Monday Show flights from Washington to Denver on Monday VB NNS IN NNP IN NNP IN NNP if utterance contains show_vb AND flights_nns: Utterance Tokenization Parts-of- Speech Tagging (POS) Show flights from Washington to Denver on MondayNamed Entity Recognition (NER) Location Location Date SHOW_FLIGHTS(Washington, Denver, Monday) Perform Action 25
NLP 101  ML-Based Show flights from Washington to Denver on Monday Show flights from Washington to Denver on Monday Utterance Tokenization Show flights from Washington to Denver on Monday Named Entity Recognition (NER) Location Location Date 0 1 1 0 1 0 1 0 1 1 0 0 1Bag-of-Words (Feature Vector) SHOW_FLIGHTS CHANGE_FLIGHTS BOOK_FLIGHTS Intent Classification SHOW_FLIGHTS(location, location, date) SHOW_FLIGHTS(Washington, Denver, Monday)Perform Action 26
Getting started with this Language Stuff I recommend spaCy available at spacy.io 27
How can bots help Security? Some Ideas
Guidance and Training 29 Is the command line a chatbot?
Guidance and Training 30 disown
Guidance and Training 31
Search 32
Search (but not security twitter, let’s say your logs) 33  “What can I help you with today?”  “Show me all of the processes running that started in the last hour”  “Ok which endpoints?”
Search (but not security twitter, let’s say your logs) 34  “What can I help you with today?”  “Show me all of the processes running that started in the last hour”  “Ok which endpoints?”
Search (but not security twitter, let’s say your logs) 35  “What can I help you with today?”  “Show me all of the processes running that started in the last hour”  “Ok which endpoints?”  “Everyone!”  “Ok”  Search results ensue
Question and Answer Bots 36
Q&A Bots 37
Chat Ops and Checklists 38  Hubot – GitHub *  ScoreBot - Netflix * https://www.youtube.com/watch?v=NST3u-GjjFw
Chat Ops and Checklists 39 Ignorance Ineptitude
Chat Ops and Checklists 40
Chat Ops and Checklists 41 But checklists are the worst!
Chat Ops and Checklists 42 Well maybe bake the checklists into the bots?
Outline  Bots  Safety (get shmoo balls out)  How To! 43
Safety
Safety! 45
Just what is Safety? How is Safety different from Security? 46
Just what is Safety? How is Safety different from Security? Safety generally means preventing people getting hurt 47
Just what is Safety? Safety ideas have historically been borrowed by Security. 48
Domino Theory -- Heinrich 1931 49
Domino Theory -- Heinrich 1931 50 Bigotry included
Others have followed 51  Root Cause Analysis  Fault Tree Analysis  Swiss-cheese model
Engineering a Safer World 52 Engineering a Safer World Systems Thinking Applied to Safety Nancy G. Leveson 2012 Systems Theoretic Process Analysis (STPA)
Engineering a Safer World 53 Engineering a Safer World Systems Thinking Applied to Safety Nancy G. Leveson 2012 Systems Theoretic Process Analysis (STPA)
Systems Thinking Applied to Safety 54 Bertalanffy Wiener
Systems Thinking Applied to Safety 55 Bertalanffy – Systems Theory Wiener - Cybernetics
Safety Defined 56  Hazard: a system state or set of conditions that combined with worst case environmental conditions will lead to an accident  Accident: an event that results in an unacceptable level of loss  Safety: freedom from accidents
The Driving Force of Systems Safety 57  Accidents today happen while the each component of the system is working
The Driving Force of Systems Safety 58  The accidents we see now are:  Component Interaction Accidents
The Driving Force (continued) 59  “Preventing future accidents requires shifting from a focus on preventing failures to the broader goal of designing and implementing controls that will enforce the necessary constraints.”
What it doesn’t do 60  It doesn’t use Risk %s  It doesn’t catalog possible failure  It doesn’t blame operator error  It doesn’t triage
Purpose 61  What does your system do?
Losses 62  Unacceptable.  Not component failures.  Real. Bad. Stuff.
Hazards 63  What could make you suffer a loss?  Threats?
Hazards 64  What could make you suffer a loss?  Threats?  Check out William Young’s STPA-Sec work
Constraints 65  How can we stop hazards from becoming losses.  How can these in turn be violated. (iterate)
The minimal system 66
The minimal system 67 Yup, just boxes and arrows!
68 Nancy Leveson’s outline of possible “control flaws leading to hazards” Engineering a Safer World p 93
Very High Level 69
Maybe this is a useful process? 70
Maybe this is a useful process? 71
STPA takes a high level view, early in the design 72  What if we had a bot to help us go through this process?
Outline  Bots  Safety  How To! (SafetyBot!) 73
SafetyBot
STPA takes a high level view, early in the design 75  What if we had a bot to help us go through this process?  What if you had ~ 2 weeks to write such a bot!
GENERATIVE RETRIEVAL 76 OPEN DOMAIN CLOSED DOMAIN LONG CONVERSATION SHORT CONVERSATION Types of Bots Active Research Surprisingly Easy
Choose a language you’ve never used! 77
SafetyBot 78 context Context manager Node entity Node entity context Node entity Current context Next context The context manager is the main loop Prints out bot talk and pulls in user input. That is then passed to the current ‘node’ for processing / storage
SafetyBot Live Demo
Thanks thanks thanks thanks thanks! 80 Questions?

Recomendados

Joy of Coding Conference 2019 slides - Alan Richardson
Joy of Coding Conference 2019 slides - Alan RichardsonJoy of Coding Conference 2019 slides - Alan Richardson
Joy of Coding Conference 2019 slides - Alan RichardsonAlan Richardson
 
Technical and Testing Challenges: Using the "Protect The Square" Game
Technical and Testing Challenges: Using the "Protect The Square" GameTechnical and Testing Challenges: Using the "Protect The Square" Game
Technical and Testing Challenges: Using the "Protect The Square" GameAlan Richardson
 
Test Automation Day 2015 Keynote Alan Richardson - Practical Lessons Learned ...
Test Automation Day 2015 Keynote Alan Richardson - Practical Lessons Learned ...Test Automation Day 2015 Keynote Alan Richardson - Practical Lessons Learned ...
Test Automation Day 2015 Keynote Alan Richardson - Practical Lessons Learned ...Alan Richardson
 
The Future of Testing Webinar
The Future of Testing WebinarThe Future of Testing Webinar
The Future of Testing WebinarAlan Richardson
 
Your Automated Execution Does Not Have to be Flaky
Your Automated Execution Does Not Have to be FlakyYour Automated Execution Does Not Have to be Flaky
Your Automated Execution Does Not Have to be FlakyAlan Richardson
 
Odinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingOdinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingAlan Richardson
 
How To Test With Agility
How To Test With AgilityHow To Test With Agility
How To Test With AgilityAlan Richardson
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 

Recomendados

Joy of Coding Conference 2019 slides - Alan Richardson
Joy of Coding Conference 2019 slides - Alan RichardsonJoy of Coding Conference 2019 slides - Alan Richardson
Joy of Coding Conference 2019 slides - Alan RichardsonAlan Richardson
 
Technical and Testing Challenges: Using the "Protect The Square" Game
Technical and Testing Challenges: Using the "Protect The Square" GameTechnical and Testing Challenges: Using the "Protect The Square" Game
Technical and Testing Challenges: Using the "Protect The Square" GameAlan Richardson
 
Test Automation Day 2015 Keynote Alan Richardson - Practical Lessons Learned ...
Test Automation Day 2015 Keynote Alan Richardson - Practical Lessons Learned ...Test Automation Day 2015 Keynote Alan Richardson - Practical Lessons Learned ...
Test Automation Day 2015 Keynote Alan Richardson - Practical Lessons Learned ...Alan Richardson
 
The Future of Testing Webinar
The Future of Testing WebinarThe Future of Testing Webinar
The Future of Testing WebinarAlan Richardson
 
Your Automated Execution Does Not Have to be Flaky
Your Automated Execution Does Not Have to be FlakyYour Automated Execution Does Not Have to be Flaky
Your Automated Execution Does Not Have to be FlakyAlan Richardson
 
Odinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingOdinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingAlan Richardson
 
How To Test With Agility
How To Test With AgilityHow To Test With Agility
How To Test With AgilityAlan Richardson
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 
ms_3.pdf
ms_3.pdfms_3.pdf
ms_3.pdfSatishBhalshankar
 
Get your Hero Groove On - Heroes Reborn
Get your Hero Groove On - Heroes RebornGet your Hero Groove On - Heroes Reborn
Get your Hero Groove On - Heroes RebornCaleb Jenkins
 
From SLO to GOTY
From SLO to GOTYFrom SLO to GOTY
From SLO to GOTYScyllaDB
 
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...Margaret-Anne Storey
 
The gordian knot
The gordian knotThe gordian knot
The gordian knotAlberto Brandolini
 
Designing with capabilities (DDD-EU 2017)
Designing with capabilities (DDD-EU 2017)Designing with capabilities (DDD-EU 2017)
Designing with capabilities (DDD-EU 2017)Scott Wlaschin
 
DOES SFO 2016 - Greg Padak - Default to Open
DOES SFO 2016 - Greg Padak - Default to OpenDOES SFO 2016 - Greg Padak - Default to Open
DOES SFO 2016 - Greg Padak - Default to OpenGene Kim
 
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...Burr Sutter
 
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tDefcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tpseudor00t overflow
 
Whats Next for Machine Learning
Whats Next for Machine LearningWhats Next for Machine Learning
Whats Next for Machine LearningOgilvy Consulting
 
Back to School with 50 Tech Tips
Back to School with 50 Tech TipsBack to School with 50 Tech Tips
Back to School with 50 Tech TipsLegal Services National Technology Assistance Project (LSNTAP)
 
I Smell A RAT- Rapid Application Testing
I Smell A RAT- Rapid Application TestingI Smell A RAT- Rapid Application Testing
I Smell A RAT- Rapid Application TestingPeter Presnell
 
Tech Talk @ Dev Bootcamp Chicago
Tech Talk @ Dev Bootcamp ChicagoTech Talk @ Dev Bootcamp Chicago
Tech Talk @ Dev Bootcamp ChicagoFred Lee
 
How To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersHow To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersZeroTurnaround
 
Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane Lackey Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane LackeyYandex
 
Growing as a software craftsperson (part 2) From Pune Software Craftsmanship
Growing as a software craftsperson (part 2) From Pune Software CraftsmanshipGrowing as a software craftsperson (part 2) From Pune Software Craftsmanship
Growing as a software craftsperson (part 2) From Pune Software CraftsmanshipDattatray Kale
 
Clever data building a chatbot from your database
Clever data building a chatbot from your databaseClever data building a chatbot from your database
Clever data building a chatbot from your databaseLuis Beltran
 
Secrets and Mysteries of Automated Execution Keynote slides
Secrets and Mysteries of Automated Execution Keynote slidesSecrets and Mysteries of Automated Execution Keynote slides
Secrets and Mysteries of Automated Execution Keynote slidesAlan Richardson
 
How HipChat Ships and Recovers Fast with DevOps Practices
How HipChat Ships and Recovers Fast with DevOps PracticesHow HipChat Ships and Recovers Fast with DevOps Practices
How HipChat Ships and Recovers Fast with DevOps PracticesAtlassian
 
How an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsHow an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsSecurity Innovation
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 

Mais conteúdo relacionado

Semelhante a Safety Bot Guaranteed -- Shmoocon 2017

Get your Hero Groove On - Heroes Reborn
Get your Hero Groove On - Heroes RebornGet your Hero Groove On - Heroes Reborn
Get your Hero Groove On - Heroes RebornCaleb Jenkins
 
From SLO to GOTY
From SLO to GOTYFrom SLO to GOTY
From SLO to GOTYScyllaDB
 
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...Margaret-Anne Storey
 
Designing with capabilities (DDD-EU 2017)
Designing with capabilities (DDD-EU 2017)Designing with capabilities (DDD-EU 2017)
Designing with capabilities (DDD-EU 2017)Scott Wlaschin
 
DOES SFO 2016 - Greg Padak - Default to Open
DOES SFO 2016 - Greg Padak - Default to OpenDOES SFO 2016 - Greg Padak - Default to Open
DOES SFO 2016 - Greg Padak - Default to OpenGene Kim
 
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...Burr Sutter
 
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tDefcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tpseudor00t overflow
 
Whats Next for Machine Learning
Whats Next for Machine LearningWhats Next for Machine Learning
Whats Next for Machine LearningOgilvy Consulting
 
I Smell A RAT- Rapid Application Testing
I Smell A RAT- Rapid Application TestingI Smell A RAT- Rapid Application Testing
I Smell A RAT- Rapid Application TestingPeter Presnell
 
Tech Talk @ Dev Bootcamp Chicago
Tech Talk @ Dev Bootcamp ChicagoTech Talk @ Dev Bootcamp Chicago
Tech Talk @ Dev Bootcamp ChicagoFred Lee
 
How To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersHow To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersZeroTurnaround
 
Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane Lackey Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane LackeyYandex
 
Growing as a software craftsperson (part 2) From Pune Software Craftsmanship
Growing as a software craftsperson (part 2) From Pune Software CraftsmanshipGrowing as a software craftsperson (part 2) From Pune Software Craftsmanship
Growing as a software craftsperson (part 2) From Pune Software CraftsmanshipDattatray Kale
 
Clever data building a chatbot from your database
Clever data building a chatbot from your databaseClever data building a chatbot from your database
Clever data building a chatbot from your databaseLuis Beltran
 
Secrets and Mysteries of Automated Execution Keynote slides
Secrets and Mysteries of Automated Execution Keynote slidesSecrets and Mysteries of Automated Execution Keynote slides
Secrets and Mysteries of Automated Execution Keynote slidesAlan Richardson
 
How HipChat Ships and Recovers Fast with DevOps Practices
How HipChat Ships and Recovers Fast with DevOps PracticesHow HipChat Ships and Recovers Fast with DevOps Practices
How HipChat Ships and Recovers Fast with DevOps PracticesAtlassian
 
How an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsHow an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsSecurity Innovation
 

Semelhante a Safety Bot Guaranteed -- Shmoocon 2017 (20)

ms_3.pdf
ms_3.pdfms_3.pdf
ms_3.pdf
 
Get your Hero Groove On - Heroes Reborn
Get your Hero Groove On - Heroes RebornGet your Hero Groove On - Heroes Reborn
Get your Hero Groove On - Heroes Reborn
 
From SLO to GOTY
From SLO to GOTYFrom SLO to GOTY
From SLO to GOTY
 
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...
To Bot or Not: How Bots can Support Collaboration in Software Engineering (I...
 
The gordian knot
The gordian knotThe gordian knot
The gordian knot
 
Designing with capabilities (DDD-EU 2017)
Designing with capabilities (DDD-EU 2017)Designing with capabilities (DDD-EU 2017)
Designing with capabilities (DDD-EU 2017)
 
DOES SFO 2016 - Greg Padak - Default to Open
DOES SFO 2016 - Greg Padak - Default to OpenDOES SFO 2016 - Greg Padak - Default to Open
DOES SFO 2016 - Greg Padak - Default to Open
 
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...
Teaching Elephants to Dance (and Fly!): A Developer's Journey to Digital Tran...
 
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tDefcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
 
Whats Next for Machine Learning
Whats Next for Machine LearningWhats Next for Machine Learning
Whats Next for Machine Learning
 
Back to School with 50 Tech Tips
Back to School with 50 Tech TipsBack to School with 50 Tech Tips
Back to School with 50 Tech Tips
 
I Smell A RAT- Rapid Application Testing
I Smell A RAT- Rapid Application TestingI Smell A RAT- Rapid Application Testing
I Smell A RAT- Rapid Application Testing
 
Tech Talk @ Dev Bootcamp Chicago
Tech Talk @ Dev Bootcamp ChicagoTech Talk @ Dev Bootcamp Chicago
Tech Talk @ Dev Bootcamp Chicago
 
How To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersHow To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven Peters
 
Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane Lackey Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane Lackey
 
Growing as a software craftsperson (part 2) From Pune Software Craftsmanship
Growing as a software craftsperson (part 2) From Pune Software CraftsmanshipGrowing as a software craftsperson (part 2) From Pune Software Craftsmanship
Growing as a software craftsperson (part 2) From Pune Software Craftsmanship
 
Clever data building a chatbot from your database
Clever data building a chatbot from your databaseClever data building a chatbot from your database
Clever data building a chatbot from your database
 
Secrets and Mysteries of Automated Execution Keynote slides
Secrets and Mysteries of Automated Execution Keynote slidesSecrets and Mysteries of Automated Execution Keynote slides
Secrets and Mysteries of Automated Execution Keynote slides
 
How HipChat Ships and Recovers Fast with DevOps Practices
How HipChat Ships and Recovers Fast with DevOps PracticesHow HipChat Ships and Recovers Fast with DevOps Practices
How HipChat Ships and Recovers Fast with DevOps Practices
 
How an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsHow an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software Systems
 

Último

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 

Último (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 

Safety Bot Guaranteed -- Shmoocon 2017

  • 1. January 15, 2017 SAFETY BOT GUARANTEED RICH SEYMOUR
  • 2. Who Am I?  Data Scientist at Endgame  Got a PhD in Materials Science doing nanoscale simulations on supercomputers  Play bass in a band (bleach bones)  @rseymour on twitter 2
  • 3. Outline  Bots  Safety  Their powers combined! 3
  • 4. Outline  Bots  Safety  Their powers combined! 4
  • 6. Talking about chatbots  Image and many of these bot slides courtesy of bot master and coworker:  Bobby Filar @filar 6
  • 7. Popular Bots  Amazon – Alexa  Apple - Siri  Facebook - M  Google - Google Home  Microsoft – Cortana 7
  • 9. Bots are Changing Lives Pt 2 9
  • 10. Bots Boiled Down  Bots take words and turn them into actions.  “Alexa, turn on the lamp” “Ok”  “Open the pod bay doors HAL” 10
  • 11. Voice Recognition and Speech Synthesis  We don’t need these pieces to have a bot 11 Text to Speech bot Speech to Text
  • 12. Click-Through vs. Conversational Interfaces 12 + 6 more steps vs Id like to order a cheese pizza. Great! What size pizza would you like? Medium Okay. I have an order for a medium cheese pizza. Is that all? Yes. That is all.
  • 13. Causes of the Bot Revolution?  Platform Diversity • Messaging • Intelligent assistants • Team collaboration software  App Stagnation • More users on messaging platforms • Hard to gain traction w/in App Stores  Ease-of-Use • Simplifies UI/UX • Allows user to maintain focus on current screen/activity • Provide walkthroughs • Eliminates need to know query languages 13 Cortana
  • 14. Bot Development Kits (BDKs)  The rise of bots is largely due to an increase in BDKs  Companies like Chatfuel, Wit.ai, and API.ai • Provide simple UI for development • Closed-domain, Rule-based, goal-oriented bots • No programming skills required  How popular have these frameworks become? • Wit.ai  purchased by Facebook (Jan 2015) • API.ai  purchased by Google (Sep 2016)  Major companies pushing out frameworks too! • Microsoft Bot Framework • Amazon Alexa Skills Kit 14
  • 15. What bots are made of.
  • 16. GENERATIVE RETRIEVAL 16 OPEN DOMAIN CLOSED DOMAIN LONG CONVERSATION SHORT CONVERSATION Types of Bots Active Research Surprisingly Easy
  • 17. GOOD BOTS  DoNotPay Bot • Bot helps people fight parking tickets • Wildly successfully in 3 major cities  Esterbot • QA bot tied to a LinkedIn account or resume. • Recruiters talk to a bot before they get to you BAD BOTS  Microsoft TayBot • Great idea gone terribly awry • Learning from internet conversations sometimes leads to being… the worst. 17 Good Bots and Bad Bots
  • 18. 18 GENERATIVE RETRIEVAL PROS • Bots of the future! • Excellent recall ability • Ability to learn as exposure to user increases • Simple to implement • Smaller datasets • No grammatical mistakes CONS • Requires a lot of data • Complex models  large vocabularies  massive training time for model building • Prone to grammatical errors • Really, really inappropriate… right TayBot? • Not intelligent • Limited “memory” • Works best in closed-domain, short conversation scenarios Which is best?
  • 19. Bot Workflow aka Bot Vocabulary  Session  Identity  Dialogue Script  Context  Intents  Entities  Action 19
  • 20. Pattern Matching without Context (Eliza 1964-1966) 20
  • 21. Context & Intent  Context (teal) • Current state • Steers conversation • Ensures all req’d parameters are collected to perform Action  Intent (red) • Maps Utterance (blue)  specific Action • What does the user want? 21
  • 22. Entities  Entities are parameters needed to satisfy Intents and execute Actions.  Entities can be anything • File hash • IP address • Cities  Permutations of an entity allow for diversity of vocabulary • Regular Expressions • Synonyms 22
  • 23. Training Data  Few bot developers have necessary training data  BDKs provide access to Domains or pre-defined Knowledge packages: • Reservations • Small Talk • Weather  BDKs log user interactions to constantly update training set 23
  • 24. Natural Language Processing & Machine Learning  BDKs have built in ML/NLP capabilities  NLP used to handle incoming data • Tokenization • Word Boundary & Word Sense • Synonym generation • Entity extraction  ML used to classify user input to an Intent and map to an output • Supervised Learning • Features: n-gram or word-based vectors • Model constantly updated as bot gets used 24 Input  NLP Output  ML features
  • 25. NLP 101  Direct Matching (No ML) Show flights from Washington to Denver on Monday Show flights from Washington to Denver on Monday Show flights from Washington to Denver on Monday VB NNS IN NNP IN NNP IN NNP if utterance contains show_vb AND flights_nns: Utterance Tokenization Parts-of- Speech Tagging (POS) Show flights from Washington to Denver on MondayNamed Entity Recognition (NER) Location Location Date SHOW_FLIGHTS(Washington, Denver, Monday) Perform Action 25
  • 26. NLP 101  ML-Based Show flights from Washington to Denver on Monday Show flights from Washington to Denver on Monday Utterance Tokenization Show flights from Washington to Denver on Monday Named Entity Recognition (NER) Location Location Date 0 1 1 0 1 0 1 0 1 1 0 0 1Bag-of-Words (Feature Vector) SHOW_FLIGHTS CHANGE_FLIGHTS BOOK_FLIGHTS Intent Classification SHOW_FLIGHTS(location, location, date) SHOW_FLIGHTS(Washington, Denver, Monday)Perform Action 26
  • 27. Getting started with this Language Stuff I recommend spaCy available at spacy.io 27
  • 28. How can bots help Security? Some Ideas
  • 29. Guidance and Training 29 Is the command line a chatbot?
  • 33. Search (but not security twitter, let’s say your logs) 33  “What can I help you with today?”  “Show me all of the processes running that started in the last hour”  “Ok which endpoints?”
  • 34. Search (but not security twitter, let’s say your logs) 34  “What can I help you with today?”  “Show me all of the processes running that started in the last hour”  “Ok which endpoints?”
  • 35. Search (but not security twitter, let’s say your logs) 35  “What can I help you with today?”  “Show me all of the processes running that started in the last hour”  “Ok which endpoints?”  “Everyone!”  “Ok”  Search results ensue
  • 38. Chat Ops and Checklists 38  Hubot – GitHub *  ScoreBot - Netflix * https://www.youtube.com/watch?v=NST3u-GjjFw
  • 39. Chat Ops and Checklists 39 Ignorance Ineptitude
  • 40. Chat Ops and Checklists 40
  • 41. Chat Ops and Checklists 41 But checklists are the worst!
  • 42. Chat Ops and Checklists 42 Well maybe bake the checklists into the bots?
  • 43. Outline  Bots  Safety (get shmoo balls out)  How To! 43
  • 46. Just what is Safety? How is Safety different from Security? 46
  • 47. Just what is Safety? How is Safety different from Security? Safety generally means preventing people getting hurt 47
  • 48. Just what is Safety? Safety ideas have historically been borrowed by Security. 48
  • 49. Domino Theory -- Heinrich 1931 49
  • 50. Domino Theory -- Heinrich 1931 50 Bigotry included
  • 51. Others have followed 51  Root Cause Analysis  Fault Tree Analysis  Swiss-cheese model
  • 52. Engineering a Safer World 52 Engineering a Safer World Systems Thinking Applied to Safety Nancy G. Leveson 2012 Systems Theoretic Process Analysis (STPA)
  • 53. Engineering a Safer World 53 Engineering a Safer World Systems Thinking Applied to Safety Nancy G. Leveson 2012 Systems Theoretic Process Analysis (STPA)
  • 54. Systems Thinking Applied to Safety 54 Bertalanffy Wiener
  • 55. Systems Thinking Applied to Safety 55 Bertalanffy – Systems Theory Wiener - Cybernetics
  • 56. Safety Defined 56  Hazard: a system state or set of conditions that combined with worst case environmental conditions will lead to an accident  Accident: an event that results in an unacceptable level of loss  Safety: freedom from accidents
  • 57. The Driving Force of Systems Safety 57  Accidents today happen while the each component of the system is working
  • 58. The Driving Force of Systems Safety 58  The accidents we see now are:  Component Interaction Accidents
  • 59. The Driving Force (continued) 59  “Preventing future accidents requires shifting from a focus on preventing failures to the broader goal of designing and implementing controls that will enforce the necessary constraints.”
  • 60. What it doesn’t do 60  It doesn’t use Risk %s  It doesn’t catalog possible failure  It doesn’t blame operator error  It doesn’t triage
  • 61. Purpose 61  What does your system do?
  • 62. Losses 62  Unacceptable.  Not component failures.  Real. Bad. Stuff.
  • 63. Hazards 63  What could make you suffer a loss?  Threats?
  • 64. Hazards 64  What could make you suffer a loss?  Threats?  Check out William Young’s STPA-Sec work
  • 65. Constraints 65  How can we stop hazards from becoming losses.  How can these in turn be violated. (iterate)
  • 67. The minimal system 67 Yup, just boxes and arrows!
  • 68. 68 Nancy Leveson’s outline of possible “control flaws leading to hazards” Engineering a Safer World p 93
  • 70. Maybe this is a useful process? 70
  • 71. Maybe this is a useful process? 71
  • 72. STPA takes a high level view, early in the design 72  What if we had a bot to help us go through this process?
  • 73. Outline  Bots  Safety  How To! (SafetyBot!) 73
  • 75. STPA takes a high level view, early in the design 75  What if we had a bot to help us go through this process?  What if you had ~ 2 weeks to write such a bot!
  • 76. GENERATIVE RETRIEVAL 76 OPEN DOMAIN CLOSED DOMAIN LONG CONVERSATION SHORT CONVERSATION Types of Bots Active Research Surprisingly Easy
  • 77. Choose a language you’ve never used! 77
  • 78. SafetyBot 78 context Context manager Node entity Node entity context Node entity Current context Next context The context manager is the main loop Prints out bot talk and pulls in user input. That is then passed to the current ‘node’ for processing / storage
  • 80. Thanks thanks thanks thanks thanks! 80 Questions?

Notas do Editor

  1. Working on making our product better using the techniques of data science
  2. Bot is an application that assists in the automation of tasks Chatbots Conversational Agents Dialog Systems Mimics human conversation Uses Natural Language Understanding to determine user intent and initiate a task
  3. chat is more natural and can facilitate the completion of a task much faster than a clunky multi-step/page UI
  4. The bot was made available to New Yorkers in March. In recent years and decades, residents of The Big Apple have seen a persistent increase in traffic fines. A record $1.9 billion in traffic fines was issued by the City of New York in 2015. Since the first version of the bot was released in London last fall, 160,000 of 250,000 tickets have been successfully challenged with DoNotPay, Browder said. “I think the people getting parking tickets are the most vulnerable in society,” said Browder. “These people aren’t looking to break the law. I think they’re being exploited as a revenue source by the local government.”
  5. Session – current conversation w/ a specific user Identity – (not mandatory) maintains credentials, addresses, etc of a given user for easy recall Dialogue Script – Flow Chart on previous screen. Action – step bot takes when intention is triggered by user utterance https://api.ai/blog/2015/11/23/Contexts/
  6. Joseph Weizenbaum Award in Information and Computer Ethics
  7. - The templates key are user utterances that trigger this “intent”. Contexts are affected by intent, here by saying “I want to make a bouquet, the user shift context from None to Compose/Bouquet This is just moving down the tree show a few slides back. “Speech” is the response the bot will give the user…
  8. Is the shell the original ChatBot?
  9. Working on making our product better using the techniques of data science
  10. Electro mechanical systems
  11. Fault trees, risk % etc.
  12. Ludwig von Bertalanffy bio
  13. Ludwig von Bertalanffy bio Palomilla – followed a light 1950
  14. The things you can’t afford to have happen
  15. The things you can’t afford to have happen
  16. The things you can’t afford to have happen
  17. The things you can’t afford to have happen
  18. The things you can’t afford to have happen