The Pan System

παν, “pan”, everything. Pan is also the name of the Greek god of Nature, the “piper at the gates of dawn”. His physical depiction with goat horns and feet was parodied by the Christian Devil, so his adoption here parallels the innocent little “daemons” who do much of the hard work on many an IT system.

σὐστημα “systema”, a framework.

A framework for everything.

This post is very much a work in hand, no more than a draft of the overall concept.

Contents

Goals

The goal of the Pan system is to create a total system environment which is:

Aims and Components

From these goals, key aims fall out. Each spawns a distinct component of the framework specification:

Supporting Components

In pursuit of these aims, two major supporting components fall out:

Panathorm: Data and Stuff

αθορμη, “athormee”, data or information (lit. starting-point).

Panathorm is an overall data framework for digital information environments such as data processing and communications. What better starting point than the gates of dawn?

Everything is “stuff”. Everything gets organized and dealt with in the same way.

A file system is an object tree is a database schema, there is no distinction: a file is a document is an object is a database entry (such as a row or cell in a table).

Data in storage is data in transit, there is no distinction. Accessing either will always create a stream, only the stream can be processed directly, the content of a static blob is only ever inferred from the stream. Stasis is a property of the hardware layer.

However some stuff is more equal than other stuff, for example it may be executable as code or visible only to its owner and the system.

Every item of stuff is potentially a container for more stuff. It can also potentially link to other stuff, acting as a virtual container for the other stuff. Recursive cycles are broken at the point of returning to the container currently in focus, by treating its invocation as a static link.

Pantechnicon: Universal Communications

Pantechnicon provides a secure, layered and channel-independent protocol for data exchange. Dialects provide for synchronous or asynchronous streaming. It functionally replaces sftp, ssh, https, mailto and all the rest of the current heterogeneous protocol salad, while allowing them to coexist if they have to.

Calling service

Today we have so many tools to make contact, but very few to find out which tools others are using or to connect via disparate tools. Open-source services such as the Matrix network are making progress, but it remains piecemeal. So here is my concept of how it should go.

The core idea is to put up a service which you just tell who you want to connect to and it does all the rest. The service needs to be:

It makes no difference whether it is via text, images, voice, video, whatever. It makes no difference whose services they use, as long as they have at least one in your address book. It might be a one-to-one call or an open session that anyone can join or somewhere in between. You just click your contact in your address book, and off it goes. During the call, anybody can invite others in and anybody including the originators can leave. Voice/text/video etc. each work seamlessly according to your individual client facilities and options.

In order to achieve this, the service centres around rooms in which people meet up. A temporary room is created automatically when you intiate the call, if one does not exist already. The service is decentralised; anybody can set up an instance and all the instances then synchronise databases to make rooms available and connect calls through. Encryption for private calls is a click away. If you want a call record, you can take one yourself and the others will be informed that you are doing so.

Many users will already have IDs with other services. If you do not, then you will need to set up your own instance and give it an ID for others to connect to. This ID will be passed to other instances and so must be unique among them.

If you are calling someone with a phone, one of you can register a mobile phone number for your rooms, so that other voice callers can ring through. Indeed, telcos can set up their own rooms so that subscribers can call contacts who do not have a phone, or conversely connect through via VoIP or WiFi calling or whatever, and not need to find a good mobile signal themselves.

Panscript: Universal Language

Panscript has its own page here. Although ostentisbly a markup language for writing web pages and the like, it also has a full programmatic vocabulary or sub-language which can be compiled or interpreted to taste. Other subsets provide for text markup (Pantext), vector graphics (Pangraph), data structures and so forth. In this sense, Panscript is a ground-up revisiting of the XML concept.

To date I have begun notes on two of its dialects or subsets:

UI/UX

Based on several core observations:

  1. Everything is “stuff”. A file system is an object tree is a database schema, there is no distinction.
  2. When I want stuff, I dive at it from different angles at different times and even in mid-flow - by date, recipient, subject matter, to finish writing it, to execute it, whatever.
  3. When I make a decision, I don't expect to have to wait. My user device must give me instant priority, no matter what else is going on. (It may politely ask me to wait, that is another matter). When I want to stop and think or go back, I want the device to stop or go back - right now! (it is high time Pandora's box was given freeze and undo functions).
  4. Integrated Help environment where all OS, desktop, app and other help/diagnostics are available.

Copying an object copies all its sub-hierarchy (unless otherwise selected via 'Copy > without' or similar)

A window is just a dynamic script (DOM) and has a View as.. > Script option in the window widget set.

Modal windows: to open a file in a different app, select Action > App_name

Other typical Action > .. options include View, Play, Edit as.., Run.

Esc key stops current user-level processing and launches Pan in system monitoring/troubleshooting mode. Review recent activity and kill rogue tasks/connections.

"Pan" help/assistant fully integrated into system, in both traditional Help GUI and voice Assistant forms. All Help available via voice and GUI (possibly Nav and Search only in GUI for 1st release):

Pan help includes:

Five levels of user privilege (Desktop):

PDA and tablet have only three levels: System, Owner and Guest.

For device control, such as a vehicle, the main control algorithms would run in System space while user functions such as navigation, entertainment and Internet access would run in user space. There is nothing to stop these spaces from being mounted as separate devices, helping to meet the needs of safe and secure vehicle control.

Intelligent devices

Any AI capability would run in user space. This ensures that critical safety behaviour cannot be compromised by bad decisions and, in say a dual-mode vehicle, a driver or pilot can take over from the AI without affecting the critical safety systems.

Pandora: Security

Pandora provides a secure architecture for implementing safe, reliable and usable systems. Besides data theft and perversion, it also covers data loss and recovery.

Elements of it appear in most of the other component specifications. Broadly speaking, it divides into resistant architectures, access controls and multiply layered relatively-weak-but-fast encryptions to build up a strong overall defence in depth.

Pan OS

Memory reserves lowest block as a Standby space, enough to run Pan's Escape toolset. [Um. Should it go after the System space?]

Above Standby is System space, owned by the System user, where the OS runs and a few system buffers live.

Above System is User space where all user sandboxes (processes, data and associated buffers) go.

Thus, buffer overrun exploits cannot hurt Standby space, while sandboxed stuff can only hurt user space (which is journalled so little gets lost).

Any System-owned stuff in User space is flagged as malware.

An object tree is a database is a filesystem - there is no distinction.

Objects may be nested, e.g. a saved document contains all displayed objects (but not linked ones).

2 kinds of object: media and process.

Sandboxed: every window/tab opens in its own sandbox until you click 'Save' or 'Install'. AV then kicks in.

Incremental journalling, automated periodic snapshots: viewable changelogs, everything can be undone.

Four activity modes:

Hardware

It would be nice to have compatibility with all the major computing architectures (primarily x64 and ARM). However, given the nature of the Escape function I am not sure if it might require a specialist CPU design. Other limitations would arise from the use of a remote terminal, as freezing of the terminal input would disable any remote Escape request. Nor would it be desirable in an autonomous vehicle (except maybe for development/diagnostics). Implementation of the full Escape function is therefore probably dependent on the user regime.

Pan is compatible with a wide variety of form factors, from smartphone to desktop workstation.

Physical connectors required include only:

Air connectivity required includes: WiFi/bluetooth/NFC/GPS (or similar)

Connectivity options may also require:

Physical buttons or keyboard keys required:>/p>

  • Power ON/OFF.
  • [Esc] key or button to pause all current user-level processing and launch Pan in troubleshooting mode.
  • [Pan] key or button activates Help/assistant.
  • LED indicators required:

    Keyboard:

    Reference designs

    PDA: 6.9" (17.5cm) x 3.5" (8.9cm) x 0.6" (1.5cm)

    Netbook: 19.0cm (7.5") x 12.5cm (4.9") x 1.8cm (0.7").

    Desktop: based on standard PC hardware.

    Updated 16 July 2022