by Sue Denim
[Please note: a follow-up analysis is now available here.]Imperial finally released a derivative of Ferguson’s code. I figured I’d do a review of it and send you some of the things I noticed. I don’t know your background so apologies if some of this is pitched at the wrong level.
My background. I have been writing software for 30 years. I worked at Google between 2006 and 2014, where I was a senior software engineer working on Maps, Gmail and account security. I spent the last five years at a US/UK firm where I designed the company’s database product, amongst other jobs and projects. I was also an independent consultant for a couple of years. Obviously I’m giving only my own professional opinion and not speaking for my current employer.
The code. It isn’t the code Ferguson ran to produce his famous Report 9. What’s been released on GitHub is a heavily modified derivative of it, after having been upgraded for over a month by a team from Microsoft and others. This revised codebase is split into multiple files for legibility and written in C++, whereas the original program was “a single 15,000 line file that had been worked on for a decade” (this is considered extremely poor practice). A request for the original code was made 8 days ago but ignored, and it will probably take some kind of legal compulsion to make them release it. Clearly, Imperial are too embarrassed by the state of it ever to release it of their own free will, which is unacceptable given that it was paid for by the taxpayer and belongs to them.
The model. What it’s doing is best described as “SimCity without the graphics”. It attempts to simulate households, schools, offices, people and their movements, etc. I won’t go further into the underlying assumptions, since that’s well explored elsewhere.
Non-deterministic outputs. Due to bugs, the code can produce very different results given identical inputs. They routinely act as if this is unimportant.
This problem makes the code unusable for scientific purposes, given that a key part of the scientific method is the ability to replicate results. Without replication, the findings might not be real at all – as the field of psychology has been finding out to its cost. Even if their original code was released, it’s apparent that the same numbers as in Report 9 might not come out of it.
Non-deterministic outputs may take some explanation, as it’s not something anyone previously floated as a possibility.
The documentation says:
The model is stochastic. Multiple runs with different seeds should be undertaken to see average behaviour.
“Stochastic” is just a scientific-sounding word for “random”. That’s not a problem if the randomness is intentional pseudo-randomness, i.e. the randomness is derived from a starting “seed” which is iterated to produce the random numbers. Such randomness is often used in Monte Carlo techniques. It’s safe because the seed can be recorded and the same (pseudo-)random numbers produced from it in future. Any kid who’s played Minecraft is familiar with pseudo-randomness because Minecraft gives you the seeds it uses to generate the random worlds, so by sharing seeds you can share worlds.
Clearly, the documentation wants us to think that, given a starting seed, the model will always produce the same results.
Investigation reveals the truth: the code produces critically different results, even for identical starting seeds and parameters.
I’ll illustrate with a few bugs. In issue 116 a UK “red team” at Edinburgh University reports that they tried to use a mode that stores data tables in a more efficient format for faster loading, and discovered – to their surprise – that the resulting predictions varied by around 80,000 deaths after 80 days:
That mode doesn’t change anything about the world being simulated, so this was obviously a bug.
The Imperial team’s response is that it doesn’t matter: they are “aware of some small non-determinisms”, but “this has historically been considered acceptable because of the general stochastic nature of the model”. Note the phrasing here: Imperial know their code has such bugs, but act as if it’s some inherent randomness of the universe, rather than a result of amateur coding. Apparently, in epidemiology, a difference of 80,000 deaths is “a small non-determinism”.
Imperial advised Edinburgh that the problem goes away if you run the model in single-threaded mode, like they do. This means they suggest using only a single CPU core rather than the many cores that any video game would successfully use. For a simulation of a country, using only a single CPU core is obviously a dire problem – as far from supercomputing as you can get. Nonetheless, that’s how Imperial use the code: they know it breaks when they try to run it faster. It’s clear from reading the code that in 2014 Imperial tried to make the code use multiple CPUs to speed it up, but never made it work reliably. This sort of programming is known to be difficult and usually requires senior, experienced engineers to get good results. Results that randomly change from run to run are a common consequence of thread-safety bugs. More colloquially, these are known as “Heisenbugs“.
But Edinburgh came back and reported that – even in single-threaded mode – they still see the problem. So Imperial’s understanding of the issue is wrong. Finally, Imperial admit there’s a bug by referencing a code change they’ve made that fixes it. The explanation given is “It looks like historically the second pair of seeds had been used at this point, to make the runs identical regardless of how the network was made, but that this had been changed when seed-resetting was implemented”. In other words, in the process of changing the model they made it non-replicable and never noticed.
Why didn’t they notice? Because their code is so deeply riddled with similar bugs and they struggled so much to fix them that they got into the habit of simply averaging the results of multiple runs to cover it up… and eventually this behaviour became normalised within the team.
In issue #30, someone reports that the model produces different outputs depending on what kind of computer it’s run on (regardless of the number of CPUs). Again, the explanation is that although this new problem “will just add to the issues” … “This isn’t a problem running the model in full as it is stochastic anyway”.
Although the academic on those threads isn’t Neil Ferguson, he is well aware that the code is filled with bugs that create random results. In change #107 he authored he comments: “It includes fixes to InitModel to ensure deterministic runs with holidays enabled”. In change #158 he describes the change only as “A lot of small changes, some critical to determinacy”.
Imperial are trying to have their cake and eat it. Reports of random results are dismissed with responses like “that’s not a problem, just run it a lot of times and take the average”, but at the same time, they’re fixing such bugs when they find them. They know their code can’t withstand scrutiny, so they hid it until professionals had a chance to fix it, but the damage from over a decade of amateur hobby programming is so extensive that even Microsoft were unable to make it run right.
No tests. In the discussion of the fix for the first bug, Imperial state the code used to be deterministic in that place but they broke it without noticing when changing the code.
Regressions like that are common when working on a complex piece of software, which is why industrial software-engineering teams write automated regression tests. These are programs that run the program with varying inputs and then check the outputs are what’s expected. Every proposed change is run against every test and if any tests fail, the change may not be made.
The Imperial code doesn’t seem to have working regression tests. They tried, but the extent of the random behaviour in their code left them defeated. On 4th April they said: “However, we haven’t had the time to work out a scalable and maintainable way of running the regression test in a way that allows a small amount of variation, but doesn’t let the figures drift over time.”
Beyond the apparently unsalvageable nature of this specific codebase, testing model predictions faces a fundamental problem, in that the authors don’t know what the “correct” answer is until long after the fact, and by then the code has changed again anyway, thus changing the set of bugs in it. So it’s unclear what regression tests really mean for models like this – even if they had some that worked.
Undocumented equations. Much of the code consists of formulas for which no purpose is given. John Carmack (a legendary video-game programmer) surmised that some of the code might have been automatically translated from FORTRAN some years ago.
For example, on line 510 of SetupModel.cpp there is a loop over all the “places” the simulation knows about. This code appears to be trying to calculate R0 for “places”. Hotels are excluded during this pass, without explanation.
This bit of code highlights an issue Caswell Bligh has discussed in your site’s comments: R0 isn’t a real characteristic of the virus. R0 is both an input to and an output of these models, and is routinely adjusted for different environments and situations. Models that consume their own outputs as inputs is problem well known to the private sector – it can lead to rapid divergence and incorrect prediction. There’s a discussion of this problem in section 2.2 of the Google paper, “Machine learning: the high interest credit card of technical debt“.
Continuing development. Despite being aware of the severe problems in their code that they “haven’t had time” to fix, the Imperial team continue to add new features; for instance, the model attempts to simulate the impact of digital contact tracing apps.
Adding new features to a codebase with this many quality problems will just compound them and make them worse. If I saw this in a company I was consulting for I’d immediately advise them to halt new feature development until thorough regression testing was in place and code quality had been improved.
Conclusions. All papers based on this code should be retracted immediately. Imperial’s modelling efforts should be reset with a new team that isn’t under Professor Ferguson, and which has a commitment to replicable results with published code from day one.
On a personal level, I’d go further and suggest that all academic epidemiology be defunded. This sort of work is best done by the insurance sector. Insurers employ modellers and data scientists, but also employ managers whose job is to decide whether a model is accurate enough for real world usage and professional software engineers to ensure model software is properly tested, understandable and so on. Academic efforts don’t have these people, and the results speak for themselves.
My identity. Sue Denim isn’t a real person (read it out). I’ve chosen to remain anonymous partly because of the intense fighting that surrounds lockdown, but there’s also a deeper reason. This situation has come about due to rampant credentialism and I’m tired of it. As the widespread dismay by programmers demonstrates, if anyone in SAGE or the Government had shown the code to a working software engineer they happened to know, alarm bells would have been rung immediately. Instead, the Government is dominated by academics who apparently felt unable to question anything done by a fellow professor. Meanwhile, average citizens like myself are told we should never question “expertise”. Although I’ve proven my Google employment to Toby, this mentality is damaging and needs to end: please, evaluate the claims I’ve made for yourself, or ask a programmer you know and trust to evaluate them for you.
To join in with the discussion please make a donation to The Daily Sceptic.
Profanity and abuse will be removed and may lead to a permanent ban.
Nobody can be trusted with our data. Least of all the state and the government.
The author may scoff at the obtuseness of DS readers, but he is even more ignorant of his own blind spot.
Governments are the biggest abusers of power. The bigger the entity, the bigger the abuse.
This man/woman just doesn’t get it.
Exactly, Stewart. Perhaps the author can be persuaded to reveal who he/she is. As far as I am concerned, it’s gaslighting.
Yep. Exactly this, government are always the biggest threat to citizens. A few examples, ww1 the mindless slaughter of young men to no purpose, convid the ventilation to death of the elderly and finally the stabbination program that randomly killed/maimed all ages groups.
The difference between big tech and goverment is what? The two are the two side of the same coin.Anyway see an example of whether to trust goverment- see Hallet inquiry.
Why so certain they don’t know what we’re buying?
There will be a transaction code and the till generates a receipt number so even if they don’t CURRENTLY know what we’re buying it’s not a big step to join the two up…
Add to this reports of when the police are trying to track people for identity theft they look at what brands/products they’re buying to try and link them it suggests some parts of the state already can/do so
Gives the lie to the NatWest bullying, doesn’t it – bet they’re not targeting existing veggie noshers. Supermarket chains can already tailor vouchers to previous purchases; similarly Ebay, Amazon and other online retailers – they’ll all try and sell you another gizmo like the one you just bought. If they hold that data, don’t tell me the bank data scrapers can’t access it if they wanted to. It’s what ‘purchase history’ is all about!
The option of non-banking PIPs to provide wallets sounds intriguing; but what’s the betting they’ll make it extremely difficult for the FSU or other motivated organisations to set one up – as with anyone wanting to start an independent bank, for example.
Ditch your Nectar and Clubcards. You’re selling your data and facilitating surveillance.
Also get rid of your bank’s app on your phone, and certainly don’t use google or apple pay either.
I wonder how many excitable Islamofascist Jihadis have already been debanked?
None and zero point zero being even vaguely considered?
Well! My flabber is absolutely ghasted!
Quite why you’re always ‘anonymous’ is not clear to me but that aside I simply don’t agree with you. If it’s programmable, digital currency using online access, it can, in theory, be taken over and abused by other less-than beneficial parties. That makes it unsafe and far from secure. Personally, I see this drip-drip of articles in support of some sort of digital currency as nothing but gaslighting. Am I to believe that the DS has also been co-opted and corrupted?
Exactly Aethelred. I am all for hearing the alternative point of view but how many more times do we have to have the case for CBDC’s in the face of resolute ‘no thank yous’ from the DS membership?
The possibility that CBDC’s will not be abused is so remote as to be on a par with a government that would act in the best interests of its people.
One reason could be that ‘anonymous’ doesn’t necessarily have to be just one person. Of course the Elephant in the room is that we all hide behind a nom de plume on DS.
My name really is Aethelred though!
“Sustainable Development”——–The lowering of living standards and therefore well being and life expectancy based on a political agenda regarding the earths resources and wealth ,all to be controlled by technocrats at the global government in waiting at the UN and WEF and to which all western politicians have signed up to. We see that with their endless preaching about a climate crisis unsupported by any science and their determination to enforce NET ZERO.
That’s everything in a nutshell.
wink
Beautifully put.
wink to you as well. ———–I have been looking into this issue since about 2007. I don’t think I know everything but I do feel I understand this issue better than ordinary people that are being fleeced. But often you find those being fleeced think that any opinion that contradicts the current narrative of a climate emergency must be some kind of conspiracy theory.
The last paragraph seems plausible , maybe something like that will materialise
Has Anonymous IT Reporter ever explained why, in his opinion, governments are so keen on CBDCs?
I make many of my purchases using a credit card which I pay off automatically in full each month. Best of luck to my bank in assigning a carbon footprint to these purchases from home and abroad.
“The design choices will need the wisdom of Solomon”.
Considering that these deign choices will have gone through multiple iterations and passed through the hands of multiple technical and management committees, wisdom of any sort will have been lost at an early stage.
Boom. Nail on head, but, no, CBDCs are not the solution. The solution is rebalancing society, which means razing the current political system to the ground, and introducing legislation that makes it unlawful to restrict how people use their own money. The solution is not to provide even more potential for the state to engage in totalitarian control. To have lived through the last few years and come to the conclusion that CBDCs are the answer is absolutely perverse.
Like others, I think we must know the authors identity. Tony, please step forward.
How do you introduce legislation after razing the current political system to the ground?
Related to Net Zero in the name of saving the planet. Goes to show just how far removed from concerns about the flora & fauna of the natural world the net zero zealots are.
https://www.spectator.com.au/2023/11/killing-koalas-to-save-wind-farms/
To make the case against CBDCs, watch this:-
https://twitter.com/Alphafox78/status/1703924055508656404
Here we go again.
As we saw during the Covid Lunacy, the Government and the B of E are the chief protagonists of control, surveillance, propaganda and currency destruction (inflation).
Climate Change propaganda and coercion comes direct from the Nudge Unit.
A CBDC isn’t the way to fight propaganda, coercion, surveillance and cancel culture: it’s the way they intend to make it unstoppable and impossible to oppose.
Hmm, the private sector’s making a really bad hash of it. Let’s hand it to the Government to do. When has that ever worked?
Natwest started calculating your “Footprint” LAST YEAR. it’s Orwellian. you can turn it off but it continues to monitor in the background. it makes suggestions like “Buy used clothing” etc. It must have been in the small prints somewhere & they just launched it. I have moved a huge chunk of money out of my natwest account as these bankers are NOT on our side.