There are some things that should stop everyone in their tracks. At the top of that list should be an apparent lack of risk awareness concerning nuclear weapons.
This line from Patrick Tucker’s article in last month’s The Atlantic stopped me cold;
Future nuclear missiles may be siloed but, unlike their predecessors, they’ll exhibit “some level of connectivity to the rest of the warfighting system,” according to Werner J.A. Dahm, the chair of the Air Force Scientific Advisory Board. That opens up new potential for nuclear mishaps that, until now, have never been a part of Pentagon planning. In 2017, the board will undertake a study to see how to meet those concerns. “Obviously the Air Force doesn’t conceptualize systems like that without ideas for how they would address those surety concerns,” said Dahm.
Stop. Stop right there.
If this reporting is accurate, the work of Air Force Scientific Advisory Board needs to be halted immediately and a thorough review of the members and leadership of the board conducted by an outside party.
Our nuclear weapons themselves must in no way be part of any IP connectivity or network enabled in any way. Full stop.
“We have formal Air Force documents that detail the formal certification process for nuclear weapons. To what extent do the current models for certifying nuclear systems carry over into these modern, network enabled systems and how would you re-conceptualize certification for systems that are likely to come out of these recap programs?” asked Dahm.
Some support systems? Sure, but command, control, mission loading, arming, and launch must be contained in a robust, hardened, isolated & closed system. Simple, almost primitive, with multiple physical human interfaces required. To be even thinking of network access to the weapons systems themselves is the height of irresponsibility; even more irresponsible than a reliance on GPS or satellite systems as a point of failure between authorization, launch, and “servicing the target.” Ahem.
This is the same kind of thinking that leads otherwise smart people to think “smart gun” technology is a good idea. It simply assumes away all risk, and places everything in the unstable hands of hubris-centered hope ungrounded by operational experience.
The fact that future nuclear weapons will be far more networked (though not necessarily to the open Internet) will create better safety and oversight, and allow for more coordinated operations. But more connectivity also introduces new potential vulnerabilities and dangers.
“You have to be able to certify that an adversary can’t take control of that weapon, that the weapon will be able to do what it’s supposed to do when you call on it,” said Dahm. “It isn’t just cyber. That’s definitely the biggest piece, but … When was the last time we built a new nuclear system? Designed and built one? It’s been several decades now. We, as an Air Force, haven’t done certification of new nuclear systems in a long time. These systems are different … What are the surety vulnerabilities for such a system, so to speak? How would you address them? How would you certify that the system will work when you need it to work and will do what it’s supposed to do?”
That’s what the study will cover.
The entire entering argument is wrong.
The only thing worse than the accidental launch of a nuclear weapon would be for our deterrent to be unable to perform when tasked – or worse – a hostile power thinks they can prevent its use.
Eric Schlosser’s book, Command and Control: Nuclear Weapons, the Damascus Accident, and the Illusion of Safety, is required reading for those not up to speed on how lucky we have been when it comes to nuclear weapons in case you are overconfident.
Opening additional paths for benign or malicious human malpractice?
No. Just no.
