Military

Nuclear weapons write their own security codes

Intrinsic Use Control uses the weapon’s fluctuating radiation fields to create use control numbers, known only to the weapon (Photo: Julie Russell and Bob Sickles/LLNL)
Intrinsic Use Control uses the weapon’s fluctuating radiation fields to create use control numbers, known only to the weapon (Photo: Julie Russell and Bob Sickles/LLNL)

Nuclear weapons are a paradox. No one in their right mind wants to use one, but if they're to act as a deterrent, they need to be accessible. The trick is to make sure that access is only available to those with the proper authority. To prevent a real life General Jack D Ripper from starting World War III, Livermore National Laboratory’s (LLNL) Defense Technologies Division is developing a system that uses a nuclear weapon's own radiation to protect itself from tampering.

Nuclear weapons are extremely complex. In part, this is due to the nature of the weapon, but much of the complexity is because of the high degree of redundancy in the arming and firing mechanisms, plus the security controls. In other words, all the machinery needed to make sure that the bomb doesn't go off before its supposed to, and make absolutely sure that it does go off when it should.

This is what's known as the always/never dilemma. The tricky bit is to hit the right spot in between what seems like mutually exclusive ideas, yet leaves the baddies and loonies out of the loop.

One way is to rely on the people in charge of the nuclear weapons. For example, up until the late 1990s, the Royal Navy and RAF relied on simple keys and the integrity of their officers and the professionalism of their crews to maintain control. The idea was to put the right people in charge of a system that could only be compromised by a massive conspiracy, such as a whole submarine crew agreeing to launch the missiles.

On the other hand, the US military uses Permissive Action Links (PAL). Instead of relying on fences, guards, bunkers, steel doors, or even arming locks, the security is built into the weapon itself. In the case of PAL, a special code is needed to arm the bomb. When the correct code is entered, it doesn't just unlock the mechanism, it reconfigures it, so it can operate. Without the code, the weapon not only won't fire, but it can't.

The system works, but it has its limitations, and it is possible to work around the PAL codes. That's where Intrinsic Use Control (IUC) comes in.

Intrinsic Use Control (IUC) was developed by Mark Hart, a scientist and engineer at the LLNL Defense Technologies Division. The idea is to go one step down from PAL. Instead of protecting the bomb, IUC passively protects the components using existing technology. More than that, the weapon is designed to protect itself so thoroughly that even the engineers who created the bomb can't compromise it, yet the device remains ready for immediate use by the US President.

IUC uses the radiation of the bomb to protect it from tampering. According to Hart, the low level radiation emitted by a nuclear weapon isn't constant, but fluctuates. When a weapon using IUC is assembled, various key components are designed to digitally communicate with one another. As they do so, the radiation is used to generate a very long random number. Unlike random number generators in computers, this number isn't based on an algorithm, so it can't be deduced or duplicated.

"Using the random process of nuclear radioactive decay is the gold standard of random number generators," Hart says. "You’d have a better chance of winning both Mega Millions and Powerball on the same day than getting control of IUC-protected components."

What this means is that the weapon not only can't be armed by unauthorized persons, it can't be tampered with. Any attempt to remove or replace a key component alerts the other components, and the bomb shuts down.

Hart says that the odds of gaining control of one component are less than 10-18. Taking over an entire bomb is a less than 10-72 chance.

"An IUC-class weapon would function reliably as intended, when intended, exclusively under authorization by the National Command Authority," Hart explains. "The component use control that IUC provides is sufficiently robust to defeat any unauthorized attempt to make these components function, even by the people who designed and built the arming, firing and initiation components.”

Hart’s work was awarded the 2015 Surety Transformation Initiative (STI) Award from the National Nuclear Security Administration’s (NNSA) Enhanced Surety Program.

In the video below, Mark Hart discusses the IUC system.

Source: LLNL

  • Facebook
  • Twitter
  • Flipboard
  • LinkedIn
6 comments
Mel Tisdale
I might be out of date, but it used to be the case that there were two different authorisation regimes. One for strategic ICBMs and one for battlefield nuclear weapons. The ICBM one had authorisation at presidential level (Re, the officer with the briefcase holding the launch codes who goes to the presidential inauguration with the outgoing president and leaves with the new one). At the opposite end of the spectrum the battlefield nuclear weapons were launched by the officer in charge shouting the command: 'Fire!" The reasoning being that battlefields are fluid and only those in the midst of the battle could decide on the need for their use and thus issue the necessary order.
If the above is still the rationale for use of battlefield nuclear weapons, let's hope that their old fashioned 'lock and key' security system is still up to the job. The danger is not that the weapons might be compromised, but that they might fall into the wrong hands. Imagine ISIS getting hold of a few, though only one would be enough. They would only need to detonate one without warning in a major city somewhere (probably in the West) and the world would change overnight, and not for the better, except, perhaps, in the minds' of ISIS members. And that is only one of many scary scenarios one can imagine without much effort.
We live in 'interesting' times.
Slowburn
So you can't maintain the bombs replacing failed components without stripping it down to the detonator wires. This is a solution looking for a problem.
Joseph Mertens
So to render a nuke with this system inert and unable to launch all you need to do is find some means of remote "tampering" and it is out of the war, great plan in opposite world.
Bob Tackett
Nuclear weapons writing their own security code. What could possibly go wrong? :-S
toolman65
even with the computer on lockout, a stolen bomb could still be turned into a dirty bomb.
weapons that think for themselves reminds me of "the forbin project" 1970.
Slowburn
@ Mel Tisdale
Tactical nukes had to be released by the national command authority as well before the battlefield commanders had access to them. But it was understood that for them to be of use the exact time and target had to be made by a field commander.