Monday, August 31, 2009

The Cost of High-Tech Medical Imaging

As federal health-care reform bills make their tortuous way through Congress in September, one aspect of medical care that engineers should pay attention to concerns the cost of procedures that use expensive pieces of equipment such as CT-scan X-ray machines and MRI (magnetic resonance imaging) systems. A recent op-ed piece by a group of medical experts pointed out that one reason we have the most expensive health-care system in the world (by many measures), is that we spend a lot of money on high-tech tests that really don't make people healthier. A study of CT scans in Cedar Rapids, Iowa revealed that in the community of 300,000 people, about 52,000 CT scans were administered in only one year. And that's below the national average, which is even worse. One thing that makes it easy to spend that money is the fact that high-end medical equipment is very expensive, both in terms of initial installation and operating costs. Why is that?

From an engineering point of view, medical imaging combines several factors to make a kind of perfect storm of expense. In the case of a CT-scan machine, you are dealing with X-rays, which require precisely controlled high voltages to generate, and a large array of precision detectors. MRI machines don't use X-rays, but instead they need something even more exotic and hard to generate: precisely controlled magnetic fields of tremendous intensity, which can only be produced with superconducting magnets that use liquid helium. Liquid helium is a costly, exotic material that has to be renewed regularly and needs a whole infrastructure to obtain. So even before you have your data, you've spent a lot of money just generating it. Besides that, a lot of intensive computation is needed to produce the images, but with computer and software costs falling these days, the computational aspect is probably the only part of the system that's cheaper than it used to be. Not just anybody can operate a CT-scan or MRI machine: you require highly trained radiologists or technicians who are familiar with safety requirements and the details of how to acquire good images. These people don't come cheap. Finally, every engineer knows that any piece of equipment's price goes up significantly if it is to be used in medicine. There are special safety and other regulations that medical equipment must meet, and the medical-equipment market is a strange and narrow one compared to, for example, consumer electronics. For all these reasons and more, the typical CT scan device goes for between $150,000 and $300,000, while a whole-body MRI machine will set you back more than a megabuck. And that doesn't count maintenance and operating costs.

Considering all this, it doesn't sound like there's much chance to develop really cheap MRI or CT-scan machines operated by the consumer, which after all would be one way to fix the cost problem. The last consumer-operated X-ray machines were the shoe-store fluoroscopes, now banned because they were dangerous, and rightly so. But suppose Congress succeeds in changing the business model of health care, so that we move away from the present system in which each MRI or CT-scan machine is like a piece of factory equipment whose owners are obliged to operate at full capacity in order to recoup their investment. What if we break the connection between the number of procedures and tests done, and the money taken in, so that it is not so direct as it is today? What consequences might this have for the future of high-tech engineering in health care?

For some reason, I find myself thinking about the computers used by the U. S. Postal Service. That agency does use computers, though it was probably not a national leader in pioneering business applications of computers. My impression is that whoever makes the USPS's computers (I'm talking about the little systems the retail clerks use at local post offices) won that contract a long time ago and has jealously guarded it ever since. Innovation and competition is not a big feature of this deal, I suspect. I have no particular complaints about how the Postal Service uses computers, but they could probably do better.

I pick the Postal Service because their near-monopoly status (at least in terms of small-town facilities nationwide) means their revenue is not that sensitive to the amount of money they spend on innovative technologies. Most of us have seen billboards in big cities advertising the latest and greatest medical testing equipment that thus-and-so hospital system has. Those billboards are there for a reason. You don't see billboards advertising the latest computer system that the Postal Service just bought, because it wouldn't make them any more money.

I'm not saying we should leave the present medical system alone, because it's not perfect, and I agree that we probably waste a lot of money on needless procedures that help pay for too many expensive pieces of medical imaging equipment. But every kind of system has advantages and drawbacks. If health-care providers—private and public—can no longer directly recover capital expenses in a fee-for-service way, they will quit spending so much money on high-tech equipment. Maybe that's a good thing, to a degree. But I wouldn't want to go to the opposite extreme that would remind me of a doctor I once went to who prided himself on how long he could keep his semi-antique EKG machine going. The thing was at least thirty years old, and I had to wait an extra five minutes while the tubes warmed up. I felt like I was participating in a historic re-creation of the invention of electrocardiograms, and it did not impress me favorably.

The trick in this aspect of health-care reform is to negotiate the macro-ethics of finding a happy medium between overuse of expensive technology (which is probably where we are now) and underspending to the point that we fall behind the leading edge of technology, depriving some patients of newer procedures simply because we didn't spend the money on them. A thriving technology sector is a delicate thing, and while cost containment is good, we don't want to reduce spending so much that leading-edge medical imaging companies simply decide to leave the market. That would be a loss not only for us in the United States, but worldwide if such companies lead the global market too.

I'm glad I'm not having to make these decisions, but I hope the congressional staffers working on this decide carefully, and are willing to change course if things don't turn out the way they hoped. Any feedback loop that goes through the Congress and the President has a very long delay time, and so we better hope they get it right the first time, because fixing it might take quite a while.

Sources: The article "10 Steps to Better Health Care," in which the statistic on the Cedar Rapids CT scans appears, is from the online edition of the New York Times at http://www.nytimes.com/2009/08/13/opinion/13gawande.html.

Monday, August 24, 2009

Lessons from Russian Hydroelectric Plant Accident

Most of the time, hydroelectric plants are one of the safest ways to generate electricity. The technology has been well established for a century or more, there are few toxic substances or chemicals involved, pollution and other environmental problems are at a minimum, and all in all, hydropower is a pretty benign enterprise. But on Aug. 17, a week ago today, Russia's largest hydropower facility, the Sayano-Shushenskaya plant in Siberia, experienced a massive explosion and flood that at last report killed at least 69 people, knocked out the entire facility, and sent an oil slick down river for miles. What happened?

According to the Wikipedia website on the plant, there have been four major accidents including this one since construction was completed in 1978. The earlier mishaps in 1979, 1985, and 1988 were caused by spring floods that overwhelmed the dam's capacity. This does not give one a positive feeling about the overall balance of the system design. Again according to Wikipedia, the sequence of events last week apparently went like this.

The way a hydroelectric dam works is to direct water under high pressure to turbines. Of course, this means you have a lot of pipes, valves, and regulator mechanisms, and great quantities of water flowing at high speeds and pressures. Somehow a "water hammer" developed in the system. This is basically the same kind of thing you will sometimes hear in domestic plumbing when a toilet or washing-machine valve shuts off suddenly. Moving water has inertia, and when a column of water moving in a confined place suddenly has nowhere to go, the energy stored in the water's motion turns into a sudden pressure surge that makes the pounding noise. In homes, this is usually no more than an annoyance, but at a hydropower facility, the much larger volumes and energies involved can have serious consequences. Well-designed plants have surge absorbers of various kinds installed to prevent this sort of thing, but either the Sayano-Shushenskaya plant didn't have the right kind, they didn't work right, or perhaps an operator error caused a water hammer that exceeded the system's capacity to deal with it.

In any event, a severe water hammer ruptured a conduit leading to a turbine, immediately flooding the engine room and turbine room. This would have been bad enough, but apparently the flood caused a transformer to explode. Transformers used in power plants are filled with oil for insulation and cooling purposes. Ideally this oil is non-flammable, but the high cost of non-flammable oil sometimes means that flammable kinds are used. Whether or not a fire resulted, the explosion wrecked a large area of the turbine hall, apparently breaching outside walls, as some photographs show. As of Sunday, 69 bodies had been recovered from the wreckage, making this the worst hydropower accident in recent memory.

The worst regional consequences of this accident involve the oil slick previously mentioned, and the economic harm to Siberia's aluminum-smelting industry, which used 70% of the power-plant's output. These, while serious, are nothing like the global effects of the Chernobyl disaster, which also involved a power plant in the former Soviet Union. That 1986 accident was caused by operator error at the nuclear facility and emitted tons of highly radioactive material into the air. Nevertheless, I believe more people died in the hydropower incident than died immediately following the Chernobyl accident, so in that sense the hydropower disaster was worse.

Normally, hydroelectric plants do not need large numbers of personnel, especially in areas of the plant that could become hazardous if something went wrong. Small hydroplants can go for days or weeks under totally automatic operation with no personnel present at all, and while a huge facility like the Sayano-Shushenskaya plant would need some operators, it is at least odd that seventy or more people were in harm's way when the explosion occurred. Perhaps this is a legacy of the old Soviet Union days when facilities were often designed to maximize employment rather than efficiency or profit. If that is the case, I hope operators of similar plants realize that even hydroplants are dangerous places, and allowing large numbers of employees to congregate in places that could be flooded if something went wrong, is a bad policy.

If the operation records can be reconstructed, we can eventually discover the cause of the fatal water hammer—whether it was a design flaw, an operator mistake, or a combination. And while I am no hydroelectric-plant designer, floods are fairly easy to model, and if there was some way to keep transformers from exploding in the event of a flood, taking such measures would have at least mitigated the size of last week's accident.

Our sympathies are with those who lost loved ones and friends in the Sayano-Shushenskaya accident. If we can learn that even apparently safe facilities such as hydroelectric plants have their hazards, and prevent such accidents in the future, they will not have died in vain.

Sources: The Wikipedia article referred to is at http://en.wikipedia.org/wiki/Sayano–Shushenskaya_hydroelectric_power_station, and is being updated currently as more information emerges. I also referred to news articles on the disaster at http://news.yahoo.com/s/ap/20090818/ap_on_re_eu/eu_russia_power_plant and http://hosted.ap.org/dynamic/stories/E/EU_RUSSIA_POWER_PLANT?SITE=MOSTP&SECTION=HOME&TEMPLATE=DEFAULT.

Sunday, August 16, 2009

Carbon Sequestration: Worth the Trouble?

In August of 1986, over 1700 villagers living as far away as 25 km from Cameroon's Lake Nyos died when a mysterious, invisible suffocating cloud enveloped them. They were victims of one of the two known limnic eruptions in recorded history. For years, the waters of Lake Nyos had absorbed carbon dioxide from underground sources, probably volcanic in origin. Because of temperature differences in the lake, the gas-saturated water remained at the bottom until something, possibly as insignificant as high winds, triggered a lake turnover. Once the eruption began, the lake began to boil like a soft-drink bottle you leave out in the sun and open by mistake. A giant cloud of carbon dioxide spilled out of the lake and smothered people and animals for miles around.

This is the same compound that, if numerous carbon sequestration projects now underway are successful, will be buried under tremendous pressure in dozens or hundreds of locations all over the world. The question is: will it stay there?

Ever since humans discovered fire, we have been adding to the amount of carbon dioxide in the atmosphere. Until the 1800s, the quantity of carbon dioxide humans put into the air was negligible compared to that contributed by natural causes such as forest fires and volcanic activity. The concern with rising levels of atmospheric carbon dioxide, of course, is that it tends to raise the Earth's temperature, other things being equal (which they never are). There is a general scientific consensus that (a) human activity has caused much if not most of the rise in carbon dioxide levels in the past two hundred years and (b) this will cause some increase in the Earth's average temperature, though how much and for how long is a matter of debate. Some theories even posit that a short temperature rise will trigger an instability that will wind us up in another Ice Age a few decades afterwards. Whatever actually happens, the political fact these days is that reducing one's carbon footprint has become a virtue, while emitting carbon, even for a good cause such as bringing the blessings of electric power to poor people, is a sin.

The business world has seen the politicians writing "cap-and-trade" on the wall, and so there is big private money to be made in developing systems that will capture the carbon dioxide generated when fossil fuels (most notably coal) are burned in power plants. A French firm called Alstom is currently building several pilot plants around the country, including one attached to a coal-fired power plant in New Haven, West Virginia.

The technology itself is rather clever. After cooling and washing the flue gas with cold water, they bubble it through a solution of ammonium bicarbonate (contains hydrogen) and ammonium carbonate (no hydrogen). Nearly all the carbon dioxide combines with the ammonium radicals. They pump the fizz-rich liquid under pressure to a heater where the carbon dioxide boils off and is compressed to send it underground. And there, in my opinion, the real trouble begins.

Never mind that the whole pile of machinery is doing something that engineers of an earlier era would have considered ludicrous: capturing the main gaseous combustion product and shooting it underground. The operation adds nothing to the efficiency of the plant, takes a fair amount of energy itself, and creates a long-term hazard compared to which nuclear waste is relatively harmless.

Look at it this way: would you rather live five miles from some well-shielded solid radioactive stuff whose emissions can't even be detected outside the plant boundaries, and which will just sit there and gradually cool off for the next few hundred years; or, would you like to live an equal distance from the wellhead of a giant underground reservoir which, if released, will suddenly spew out and make Lake Nyos look like a minor traffic accident? For my money, I'll take the nuclear stuff any day.

Presumably, geologists have been careful to select locations where the underground carbon dioxide is relatively safe and isolated. Okay, but our experience with large underground gas reservoirs of artificial origin is limited, to say the least. While natural gas has been stored underground for many years (often in depleted gas fields, not coincidentally), the two cases are significantly different. For one thing, natural gas storage is limited to transient market-related storage needs, and so the pressures and volumes required are relatively modest. By contrast, carbon sequestration will be "permanent"—the whole point is to send it down there and make it stay there indefinitely. If it escapes to the atmosphere we are back at Square One after spending billions of dollars for nothing, plus quite likely having numbers of dead citizens on our hands. The pressures and volumes eventually needed for carbon sequestration, if carried out on a large scale, will dwarf the current natural-gas underground storage facilities. While I am unaware of any major accidents that have happened with underground natural gas storage, there may have been some. Of course, carbon dioxide doesn't burn and natural gas does, but suffocation from a non-flammable gas makes you just as dead as if you had burned to death.

What makes a whole lot more sense from a technical point of view is to replace coal-fired power plants with nuclear plants as fast as we can. Nuclear energy generates zero carbon emissions, the nuclear waste problem is manageable even without the ill-fated Yucca Mountain disposal facility that the Obama Administration recently axed, and there are no particular concerns about running out of nuclear fuel any time soon. If we get low we can switch to the kind of reactor that makes more than it consumes.

That is the technical reality. But the political reality right now, which engineers as well as everyone else has to deal with, is that nuclear power is under the same emotion-laden mushroom cloud that has characterized it ever since nuclear weapons ended World War II, and has never freed itself from the almost superstitious fear that the word "nuclear" inspires in many people. Some of that fear has now been transferred to plain old carbon dioxide, a gas which each living human being emits every time we take a breath. When you end up being afraid of yourself, there's no place to hide.

It is still early in the carbon sequestration business, and there is time for the political winds to change before we all get burdened by carbon cap-and-trade taxes to pay for giant sequestration plants that send carbon dioxide into the ground, only to have some of it pop up one day in an unexpected place. Let's hope that cooler heads prevail and we reach a consensus that does sensible things about carbon emissions without burying a lot of unwelcome surprises for our descendants.

Sources: A good article originating at the Washington Post, describing the technology and politics of the carbon sequestration process pioneered by Alstom can be found at http://www.pittsburghlive.com/x/pittsburghtrib/business/s_638488.html. A description of the geology surrounding the Lake Nyos disaster can be found at http://www.cevl.msu.edu/~long/nyos.htm.

Monday, August 10, 2009

Twitter and Facebook Silenced by Russo-Georgian Cyberspat

You didn't quite see it here first (as usual, the New York Times seems to be the best source), but just last week we were writing about how cyberwars could cause serious collateral damage. Well, according to the Times, last Thursday millions of users of the social-media sites Twitter and LiveJournal had their service disrupted for the simple reason that a professor in the country of Georgia (formerly part of the old USSR) aroused the ire of some hackers whose malware-spawning abilities were way ahead of their good judgment. The 34-year-old economics professor was posting some nostalgic photos and recollections about the Russia-Georgia conflict of August 2008 when he noticed that the LiveJournal site he was using had gone bad. He tried switching to Facebook, which was also jammed, and then Twitter, which also flaked out for him. It took him a while to learn that he was the main reason that these sites were targeted by a distributed-denial-of-service attack that not only kept him from using them, but disconnected many millions of other users around the world as well. One expert said it was like bombing a TV station because you didn't like one of the newscasters.

Social media have taken on the roles formerly held exclusively by major news outlets with amazing speed. In Iran, during a June 20 election protest a young woman named Neda Agha Soltan was shot and killed. Cell-phone videos of the incident spread around the world to make her the iconic figure of the rebellion, and social media were crucial in this process.

So far, no one is relying on Twitter for much more than entertainment, unless you count a few businesses and advertisers. And so having it disappear for a few hours is nothing compared to finding a terrorist's bomb planted by a railroad line, for example. The argument I hear is that sooner or later, we will have life-critical systems that depend on the Internet in a way that hasn't happened yet, and that's when cyberwars will get serious.

There are several possible ways this situation could go in the future.

One is that engineers who design life-critical systems, keenly aware of the less-than-perfect reliability and security of Internet-based communications, will continue to take precautions that no matter what happens on the Internet, nobody will die as a consequence. That is more or less the case now, at least judging by the absence of fatal outcomes from cyberwars so far.

A second possibility is that cyberattackers will get much more sophisticated and go after hardened systems such as banks and military networks. These are much harder to crack than sites that put a lower priority on security, but determined and disciplined attacks, perhaps using dedicated cyberwar server farms rather than the rather flaky botnets, might cause serious disruptions which would be economically equivalent to blowing up a large number of office buildings (minus the people). Say somebody got hold of a bank's network and messed it up so thoroughly with misinformation and garbage transactions that it would take weeks to straighten it out, and in the meantime no electronic transactions could take place through that bank. This could effectively ruin a financial institution, unless the government stepped in to help, and we're seeing what a mixed bag that can be. And like other terrorist acts, you don't have to shut down the entire system. There is probably a psychological trigger point for bank runs, and the terrorists would only have to reach that point. Mass panic—millions of people lining up at money machines to get cash all at once—would do the rest.

Nobody would get killed, unless maybe in the crush of people around the ATMs, but you would still have an outcome equivalent in economic terms to a physical bombing.

A third scenario is something that I suppose most computer experts believe can't happen: a total freeze-up of the Internet. This might not be as bad as you think. Back when international communications were restricted to submarine cables and radio, every now and then the Earth would be hit by a geomagnetic storm caused by solar flares. Big ones occasionally caused so much surge current in undersea cables as to render them useless, and the ionosphere would get so trashed that long-distance radio channels would go down as well. In really severe storms, domestic telegraph and telephone long-distance lines would see some trouble as well. For a day or two, we'd be back in the early 19th century when the fastest message from London to New York took about a week by sea. The world survived these incidents, nevertheless, and although international commerce was a smaller portion of each nation's economy back then, I think the consequences of a worldwide Internet freeze-up might not be as bad as you might think at first, as long as it didn't last too long.

But if it took more than 24 hours or so to restore service, or if it was a patchwork thing that took weeks to get everyone back to normal, then the consequences would be severe. Just as a lot of the damage from 9/11 was to economic interests in terms of lost airline revenue, depressed retail sales, and so on, the same sort of thing would happen during and after an Internet freeze-up. So it's worthwhile at least thinking about how to prevent such a thing, or how to survive it in case it ever happens.

In the meantime, let's hope that the worst cyberattacks are no worse than last week's Twitter and Facebook scares. Personally, while there are some people I might like to get back in touch with via Facebook, the prospect of hearing unexpectedly from certain others has led me to leave the whole thing alone for the time being, so I didn't miss them. But we'll see how long I can hide.

Sources: The New York Times article on the Georgian cyberattack is at http://www.nytimes.com/2009/08/08/technology/internet/08twitter.html?_r=2&hpw.

Monday, August 03, 2009

Cyberwars: From Plans to Reality

A report in the New York Times recently revealed that the U. S. military has already engaged to a limited degree in "cyberwar": attacks on an enemy's communications and computer networks. On two separate occasions, attempts were made to disrupt communications networks: one in Serbia in the late 1990s, and another during the early hours of the attack on Iraq in 2003. Both missions were at least partly successful, but both also caused collateral damage in the form of communications disruptions in nations that were not targeted for attack. The same report also described a much more ambitious plan to freeze Iraq's financial system electronically, but the Bush administration vetoed the idea over fears that it might cause a widespread financial panic. As was demonstrated last fall, inaction can just as easily cause widespread financial panic, but that is worlds away from deliberately fouling up a country's banking system. Nevertheless, the fact that we are already in a world where cyberwar is part of the armamentarium may be news to many people, including engineers.

As we mentioned in this space not long ago, the technology of cyberwar has outpaced the legal and moral traditions that govern, or at least address, the conduct of conventional warfare. Clearly, doing something to the Internet that would disrupt services to large numbers of people outside the territory under attack is not a good idea, which is one reason the Bush administration may have restrained themselves from putting Iraq's financial system in the deep freeze. But other issues related to cyberwar are less clear-cut than this.

Consider the principle that military forces should be clearly identifiable (wearing uniforms, etc.). This idea is routinely violated by terrorists, who like to fade into the background of ordinary citizenry, and also by cyberattackers, who are experts at hiding their true identity and whereabouts. I suppose you could leave return addresses in plain text in viruses designed to attack enemy networks, but I somehow doubt anyone is worrying about this.

A more serious consideration is the distinction between civilian and military populations. Until about 1900, it was not considered cricket to target civilian populations in warfare. This rule went by the board in a big way during World War II, when bombers on both sides began carpet-bombing attacks on cities without special regard for limiting their targets to sites of strategic significance. Since then, the principle of no attacks on civilians has received occasional lip service, but that's about all. It's very hard to imagine how a cyberattack could sort out only strategically important computers from those belonging to the average citizen, but maybe as the technology progresses, this sort of thing would be easier to do. The planned but never executed attack on Iraq's financial system would not have discriminated between a paycheck for a general and a payment for a bottle of milk, so clearly we have a ways to go in this regard.

The Obama Administration has said it is going to name a cyberwar czar who will try to centralize activities concerning cybersecurity and related matters. But so far no one has been nominated to the post, and we'll have to wait and see what happens once that person is in place. If history is any guide, this office will languish in obscurity until a major cyberattack causes serious damage to U. S. interests. Then there will be enough political steam generated to get something done, although the horse will have left the barn by then.

Fortunately, defending against cyberattacks is something that we have lots of experience with, since the field of computer science seems to have been born with a native proclivity to spawn hackers of all descriptions who like nothing better than to tear down what other programmers have spent months or years constructing. I don't know why this field is so hacker-prone, but the practical outcome is that we have lots of private-enterprise expertise already that knows how to defend against a variety of attacks, and these experts even work in a coordinated fashion most of the time. Let's hope that whatever the government does will not cripple this advantage, but instead will build upon it and encourage even better cooperation than we have already.

I wish the world was a place where computers and networks were used only for good and productive purposes. But anytime something of value comes into being, somebody is going to get jealous or greedy and want to use it as a pawn in conflicts and wars. The Internet and modern telecommunications systems are a part of our lives now, and so we need to think about how to defend them, and if need be, attack them along with other kinds of infrastructure that is the focus of war. So far, the worst consequences of cyberattacks have been financial losses and inconvenience. Let's hope that with wise planning and forethought, nothing worse will happen to us in this area.

Sources: The New York Times article " Halted ’03 Iraq Plan Illustrates U.S. Fear of Cyberwar Risk" appeared in the Aug. 1, 2009 online edition at http://www.nytimes.com/2009/08/02/us/politics/02cyber.html. Full disclosure: as I will mention every now and then, my wife works for About.com, a division of the New York Times Company.