Thursday, April 13, 2017

What is R&D and why should SMEs have one?

In this post I would like to describe what is R&D. This is a continuation of a more general idea of cooperation between industry, academia and government about what I wrote in the previous post. By describing what is R&D I hope also to answer the other part of the post's title, why SMEs should have one. In doing so, I'm not going to give formal definitions for now but only my opinion, while definitions I'll leave for another post. Before continuing, I must stress again that I'm not an expert on this subject nor I represent my employer. As such, this is purely my opinion which might be completely wrong. That said, obviously, I don't believe I'm wrong in general though I accept that some ideas might not be well thought out.

I'll start by enumerating several intuitive properties I expect from R&D, looking from the perspective of a company having or wanting to have one:
  1. It adds some new value which can be monetized in some way.
  2. The new value should not be easy to obtain.
  3. It is a midterm process.
  4. It is a process that should be done methodologically with clearly defined steps and goals.
  5. There is uncertainty as to whether there will be positive results, or any results at all.
  6. It is a continuous process.
  7. R&D process requires investment.
Note that when we discuss whether something is R&D and whether something produced is a product of R&D then we are not requiring that all properties hold, it is enough for a majority to hold! Now, let me discuss each property in a bit more detail.

First, there is a property that it adds some new value which can be monetized in some way. I think that this one is obvious. Everything company does has a goal of improving profits. Now, maybe more correctly would be to say that everything company does serves it to fulfill its mission. This view of helping fulfill mission actually broadens potential topics that can be covered by R&D since some results that don't necessarily produce money can also be covered by R&D. But, more on to the earth, the company is there to make profits and if it doesn't do that, than it ceases to exist. So, R&D should support this. I will refer to the purpose of directly increasing profits as R&D in a narrower sense, while R&D in a broader sense supports company mission. I could theorize further that R&D in a broader sense is more expensive with less direct ROI and thus more suitable for large enterprises, while R&D in a narrower sense is more suitable for SMEs. Nevertheless, in the following text I'll concentrate only on R&D in a narrower sense unless I explicitly say otherwise.

The next property of R&D is that a new value produced should not be easy to obtain. In other words, if the output of some, supposedly R&D, activity is something that anyone can come up immediately, then it's not the product of R&D activity and probably there is no R&D activity at all. This property is desirable for a simple reason that it helps company keep competitive edge. The more a single company has something that others don't have, the more competitive it is and likely the more successful. But, there is a but. Namely, some outputs of R&D are complex and others are deceptively simple. The advantage of having complex products is intuitively easy to understand by anyone, but the simple ones seek some clarification. Namely, they are indeed simple but the process of generating them isn't simple. You can find examples of such output everywhere. How many times you learned something and your first reaction was: How I did not think of that !? Well, that's because the process to reach it is hard, but the output itself is simple. Now, it is obvious that copying simple stuff is easy and to prevent that patent system was invented.

The third property is somewhat related to the previous one, i.e. R&D is a medium term process. The reason is that short term process is less likely to produce something that fulfills the previous property of not easily replicating results, but other properties are also harder to achieve. In other words, if you invest brief time into development of something, in general you can expect some simple results. On the other hand, having a long-term projects allows one to obtain very good, deep, well thought out results, but in a fast paced world it is entirely possible that the results once obtained, are useless. It also might happen that in the meantime, due to not having any results, company doing R&D fails and vanishes from the market. So, the key is to have a process that is long enough to produce useful results, but not too long for these results to be useless. Finding sweet spot is more of an art than a science.

The fourth property, that the R&D process should be done methodologically with clearly defined steps and goals, basically means that certain steps have to be present. For example, goals or requirements must be defined in order to be able to assess whether the result meets goals set at the beginning or not. Then, there has to be exploratory step of studying existing work, i.e. repeating what already has been done is definitely not something that leads to good R&D, or R&D at all. If nothing else, where is the added value required by one of the previous properties? Even worse, it might happen that the results obtained are worse than what the others achieved, and potentially use. After all, the current state of the art was reached through a lot of investments - in terms of time and money. Not to mention that there is a problem with patents and it doesn't matter if you something copied or invented on your own. If it is patented, you cannot use it without the consent of the patent holder! To continue with steps that should be present in R&D activity, we also have to mention evaluation of proposed solutions. It is mandatory. This can be done by experiments, simulations, etc. The evaluation must be done in a rigorous way so that it is beyond reasonable doubt that proposed solutions do indeed lead to better results. I'll stop here because I intent to write more about this topic in a separate post that deals with an issue of how to establish R&D.

The fifth property is uncertainty as to whether there will be positive results, or results at all. There is a reason why it is called research and development. If it were not so, then it would be engineering. Note that sometimes people mistakenly confuse uncertainty in building a new product that could fail on market with the uncertain results of a research. The two are independent and might interplay in several ways. What we are talking about here is that when doing R&D it might happen that the ideas or goals turn out to be non-feasible. But, this has nothing to do with the fact that if the ideas and goals are feasible, will they be successful on the market or not. Take for example an idea about a system that would allow replacement of programmers. This goal isn't achievable and no R&D activity would be able to produce something like that. But, if it were achievable, it would certainly be huge commercial success. So, care should be taken not to confuse uncertainty of research results with uncertainty of market success.

Finally, the sixth property of continuity of R&D process is something that should be satisfied in order for R&D to be useful. This follows from the ever-changing environment and improving competition. If some company does one-shot R&D this could help the company in a short run, but in the long run there will be no benefit from having R&D.  So, just as company has to continuously adapt to state of the environment, so R&D has to be there to support necessary changes. There is also one additional reason for continuous R&D process. Namely, it is rather expensive to establish R&D process so payoffs are better if R&D is established and allowed to continuously function.

The seventh property I added later, after colleague of mine read the post and commented that the R&D process is expensive. After some thought I decided to rephrase it differently, namely R&D process requires investment. I'm still not certain whether this should be separate property or not because I believe it is implied by combination of previous properties. In the end, I decided to put it as a separate property, just in case. I should clarify this property a bit. Namely, everything is expensive when we talk about activities in the company, but it is outweighed by earnings which are immediate, either direct (e.g. selling a product to a customer) or indirect (e.g. bookkeeping activities). R&D is different in two aspects. First, it requires investment with returns coming only later and in a long run - if there is a result from R&D at all (property 5).

In conclusion, I listed six (seven) properties that can be used to determine if some company is doing R&D or it has something it thinks is R&D. Probably those are not the only properties and if you have any to add (or you think that some of the listed above is not important) please comment and provide your arguments. Anyway, probably not all of the listed properties will be present in many cases of R&D in the companies but as I said in the introduction majority would do. Maybe we can also talk about R&D maturity, i.e. the more properties are present, the more mature process is. But I'll leave this for another post.


Wednesday, April 5, 2017

Cooperation between industry, academia and government

This is a first in a series of post (I hope) that will deal with research and development in small and medium enterprises. The reason for me being interested in this topic will be clear after I describe a bit how I got into this. And before I start, let me clearly state that I'm not an expert for economy, management, or even a question of what science is. Everything I say is my personal view at the moment I wrote the blog posts and has nothing to do with anyone else. Especially it is not official position of Faculty or University.

I work on the Faculty of Electrical Engineering, University of Zagreb. My firm belief is that no university can be successful in a long run without being part of a prospective environment. The vice versa also holds, i.e. local economy can not be competitive and successful without support of a good university and colleges. To give an example that support this attitude, Stanford wouldn't be what it is without a brilliant leadership by Fred Terman who's vision helped create Silicon Valley. In essence he created successful local environment that helped Stanford, and the circle was closed.

Yes, we live in a global, highly connected world, and any student can work where ever she/he wants, the same goes for me. Furthermore, anyone can come to Croatia and work here, at least in principle. I can also cooperate with anyone I wish in the world. After all, just that is supported by EU through different programs, most notably Horizon 2020 which is encouraging EU companies and universities to cooperate. This is good, and necessary, but it is not so perfect for one simple reason, and that is the question who is paying me, and who is paying for education of students coming to my university? The answer isn't so global, it is actually very local. All that is payed by tax payers in Croatia, and tax payers are individuals and companies living and existing in Croatia!

With all that said, I think it is very important for local economy to grow and I must do as much as I can to help local companies grow and develop for a mutual benefit. And more importantly, I think that anyone in Croatia, working in companies or on universities, has to see things in such a way.

Now, we come to the question on how to help? The answer is actually quite straightforward, I should do what I'm supposed to do on the University, i.e. research. The companies should cooperate and contract universities for research in order to become more efficient, to have better and more competitive products and services. The truth is that not many companies have enough resources for research and development. It is a risky and expensive endeavor. So, the companies should rely on University and on EU funding. Namely, University provides research resources and EU with funding takes a part of the risk. Of all the funding available, I'll concentrate on one specific that supports Smart specialization, for several reasons:
  1. I was directly involved in one segment of its preparation.
  2. I'm involved in applications for several projects.
  3. It tries to connect universities and commercial sector.
  4. It isn't meant for large pan-European projects, but projects within a single country. 
Three years ago I was involved in the development of Smart specialization strategy (S3) of Republic of Croatia. This involvement lasted for about two years, a bit less. Smart specialization is actually something defined by European Commission which stated that each country (or region) has to specialize in something in order for the EU to be competitive on a global market in a long term. Of course, specialization has to be supported by the current economy, and obviously, it has to be focused. Now, I'm not aware of what other countries did, nor did I spent to much time searching around, so what I'm going to write is probably specific to Croatia, and even more specific for cyber security (one of the subareas selected for specialization in Croatia is cyber security which, which is where most of my work is done). One of the goals of S3 is to encourage commercial, academic and government sectors to cooperate. This should in turn make commercial sector more competitive.

I'm somehow under the impression that much was talked about S3 while it was developed, but now when the strategy is defined and we have to implement it there are not so much events, if there are any (apart from Ministry of Commerce that actually handles all activities related to S3). For example, I'm not aware of a single round table, workshop, conference or anything else organized by someone concerning S3, how it is progressing, have we learnt something, what can be done better, etc.

In the following posts I want to delve more into the following very important topics:
  1. What is R&D and why would SMEs should have one?
  2. How to have R&D?
  3. How to get ideas on what to R&D?
  4. How I think companies behave with respect to S3, and in general towards EU projects.

Monday, April 3, 2017

How to run Firefox in a separate network name space

In this post I'll explain how to run Firefox (or any other application) in a separate network name space. If you wonder why would you do that, here are some reasons:
  1. You connect to a VPN and want a single application to connect via VPN. All the other applications should access network as usual.
  2. You want to know what network resources specific application does access. For example, there is a JavaScript application that runs within the Web browser and you want to monitor it on a network level.
  3. You want to temporarily use another IP address, but in the same time keep the existing network configuration because some applications use it and they wouldn't react well on the change.
  4. You have alternative connection to the Internet (e.g. one via wired interface, and another via LTE) and you want some applications to use LTE, default being wired interface. This is actually variation of the cases 1 and 3, but obviously it's not the same.
Probably there are some other reasons, too, but I think this is enough to persuade you into advantages of using network namespaces on Linux. And note that you can run two instances of Firefox in the same time. One "normal" in the "normal" network namespace, and another one in new and potentially restricted network namespace. More on that later in the post.

So, here is how to create new network name space with network interface(s). Note that there are several different cases, depending on how you connect to the Internet and what you want to achieve. So, there will be several subcases. But first, create a new network name space using the following command (as a root user):
# ip netns add <NSNAME>
NSNAME will be the name of the network name space. You should use something short and meaningful, i.e. something that will associate you to what the network namespace is used for. You can check that there is a network name space using the following command:
# ip netns list
From this point on we have two subcases:
  • You are connected using wired Ethernet interface and you can attach new machines to the Ethernet network.
  • You are connected to the Internet using wireless Ethernet interface or you are connected to the wired Ethernet interface and are not allowed to connect new machines.
All those cases are described in the following subsections.

Wired Ethernet interface

This is the easiest case, and there are several options you can use. We'll use macvlan type of the interface that will create a clone of an existing wired Ethernet interface which will appear on the physical network with its own parameters. This is, in effect, like attaching a new host on the local network. Note that if you are not allowed to connect devices to the network, you should use routing method described for wireless interface.

First step is to create new interface:
# ip link add link <ETHIF> name <IFNAME> type macvlan
The parameters are: ETHIF is your existing Ethernet interface, while IFNAME is a new interface that will be created. You should then move the interface into the target network namespace (we assume here that you want to move it to NSNAME):
# ip link set <IFNAME> netns <NSNAME>
and then you have to activate it:
# ip netns exec <NSNAME> ip link set <IFNAME> up
note that the activation has to be done using "ip netns exec" since to access network interface you have to swich to the network namespace where the interface is! What is left is to assign it an IP address. This can be done statically or via DHCP.

Now that the network part is ready, skip to the section Starting Firefox.

Wireless LAN

In case you are connected to a wireless LAN, then macvlan link type will not work, so another mechanism is necessary. There are two options, bridging and routing. The problem with bridging is that you have to turn off wireless interface before enslaving it into a bridge. That creates two problems. The first one is that all current TCP connections will break, and the second is that it doesn't play nicely with NetworkManager and similar software. Thus, I'll describe routing case.

First, create pair of virtual Ethernet interfaces like this:
ip link add type veth
This will create two new interfaces veth0 and veth1. Those interfaces are actually two ends of a single link. We'll move one interface into another network namespace:
ip link set veth1 netns <NSNAME>
Next we'll configure interfaces with IP addresses. I'll use 10.255.255.1/24 for the interface that's left in the main network namespace (veth0) and 10.255.255.2/24 for the interface in the NSNAME network name space (veth1):
# ip addr add 10.255.255.1/24 dev veth0
# ip link set dev veth0 up
# ip netns exec <NSNAME> ip addr add 10.255.255.2/24 dev veth1
# ip netns exec <NSNAME> ip link set dev veth1 up
# ip netns exex <NSNAME> ip ro add default via 10.255.255.1
we also need to configure NAT because the network 10.255.255.0/24 is only used for the communication of two network namespaces and it should not go outside the host computer:
# iptables -A POSTROUTING -t nat -o wlp3s0 -s 10.255.255.2 -j MASQUERADE
you should change wlp3s0 with the name of your wireless interface. You should take note of two things in case it doesn't work:
  1. Forwarding has to be enabled. This is achieved/checked via sysctl /proc/sys/net/ipv4/ip_forward (it should contain 1).
  2. Maybe your host has firewall that blocks traffic. To check if that's the problem, temporarily disable firewall and try again. Note that disabling a firewall will most likely remove iptables rule you added so you'll have to add it again.

Starting Firefox

Now, when you handled creating the interface within the new network name space, to start Firefox (or any other application) in it, first you should switch into new network name space. Do this in the following way:
# ip netns exec <NSNAME> bash
Note that it is important to do it that way in order to preserve environmental variables, i.e. if you do "su -" or something else, you'll reset environment and you won't be able to start graphical applications. After you got bash shell as a root, switch again to a "normal" user:
su <userid>
again, it is very important to preserve network namespace, so you have to use command su as shown. Obviously, substitute userid with the user ID logged into graphical interface. Next, you should start Firefox:
$ firefox &
In case you already have running instance of Firefox that, for whatever reason, you don't wont to stop then you can start a new instance like this:
$ firefox -P -no-remote&
This will start new instance even though there is a running Firefox proces (-no-remote) and present you with a dialog box to choose a profile to run to. You can not use existing profile so it means that you have to create a new one specially for this purpose. The drawback is that your bookmarks, cookies and other thing won't be visible in a new instance. 

About Me

scientist, consultant, security specialist, networking guy, system administrator, philosopher ;)