I
Only from the position of macro-design can you argue from first principles to fixed conclusions. So, when I’m told that macro-principle also governs really-existing micro-operations (think: universal human rights applying equally to each and every individual across the planet), I’m left wondering: Just how does this work?
Such is why “design” is a trigger-word for me. Anyone who has tried to operationalize a project plan or blueprint—today’s version of clockmaker God and the echt rational—knows how contingency and context get in the way of plug-and-play implementation and any such arrow-straight causality.
Nothing, though, stops some principles being grounded explicitly in and around how things do work. In my field, policy analysis and management, I can think of three.
First—as a matter of principle—every design proposal must pass the ‘‘reliability matters’’ test. Would the proposal, when implemented, reduce the task volatility that managers face? Does it increase their options to respond to volatility? Does it increase their maneuverability in responding to different, often unpredictable or uncontrollable, performance conditions?
The test of efficacy here is not ‘‘Have we designed a system that can be controlled?,’’ but rather ‘‘Is this a system we can manage to redesign when needed?’’
Second—as a matter of principle—any macro-design that compels its professionals to work for an extended or indefinite period of time in a task environment outside their domain of competence cannot be expected to produce reliable services. A crisis of course can push real-time professionals to work beyond the limits of the known, even of the knowable—but management professionalism can’t make the coping professional as well.
Third, as a matter of principle, management alternatives exist because society and economy are complex, i.e., because problems are complex, they can be recast differently.
II
So what?
The three principles taken together insist that system designers learn about contingencies that cannot be planned for, but which must be managed in real time, and often only then case by case. This means that the responsibility and duty of real-time veto over infrastructure design and technology moves from the designers/planners to its operators/managers–when high reliability is the mandate.
WHEN COMPLEX IS AS SIMPLE AS IT GETS 