THE WORST Y2K "millennium bug" scenario envisages nuclear missiles launching from their silos at midnight on Dec. 31. Fortunately, experts agree this scenario is so unlikely that it can be safely disregarded. However, the mistaken launch of missiles, caused by the combination of bad data from Y2K-related failures and a crisis scenario, is taken very seriously at the highest levels of U.S. government.
To address this concern, the United States has been working with Russia, with an emphasis on maintaining the early-warning systems that detect the launch of missiles. Because of the absence of a Russian Y2K repair program, NATO recently offered to cooperate on millennium bug repairs and sponsored a two-day Y2K workshop early this year.
As a result of this and other bilateral meetings between the United States and Russia, repair technologies are being transferred to Russia, including software packages that identify date fields in millions of lines of code. More ambitiously, the United States has offered to set up a "Center for the Year 2000 Strategic Stability" outside of North American Aerospace Defense Command (NORAD) in Cheyenne Mountain, Colo. If the facility is constructed in time, data collected by American satellites and radars, including missile launches by the United States, would be shown to the Russians soon after transmission. This is intended to preclude a nuclear war started by Russian commanders acting upon incomplete or erroneous information from their sources.
Neither proposal addresses the fundamental problem: the bilateral dangers of U.S.-Russian "hair trigger" force postures. Roughly 4,400 warheads in Russian and U.S. arsenals are in "ready to launch" mode.
For the United States, the three required steps for launch can be implemented in one minute or less. Also, the U.S. Strategic Command (STRATCOM) continues to emphasize offensive military options that incorporate quickly executed, pre-emptive first strikes against the enemy's nuclear arsenal. Trident submarines deployed in the North Atlantic can hit Russian targets with extraordinary accuracy in 15 minutes or less.
Given that Russia's nuclear weapons are more vulnerable to first strikes (because the majority of their force consists of easy-to-target, stationary ICBMs), Russia has increasingly stressed the importance of launching on first indication of U.S. attack. This mutual doctrine of launch-on-warning is highly destabilizing, as it puts incredible pressure on both sides to launch as quickly as possible. Concerns about whether incoming data are accurate only shortens the time frame commanders have available in which to react, increasing this pressure.
Large gaps in Russian coverage of U.S. launch activities only complicate the efforts to maintain this posture. At the height of the Cold War, Russia had at least seven, and sometimes nine, satellites monitoring U.S. launches. Today, it has three.
'Hair trigger' force
Presumably, American military officials are not alarmed by our "hair trigger" force posture because they believe U.S. systems will be Y2K-compliant, and through the early-warning cooperative agreement U.S. data can take the place of flawed Russian information. On this assumption, officials have repeatedly rejected measures that would "stand down" nuclear arsenals by lowering alert rates.
But it would be a mistake to assume that U.S. systems will be insulated from Y2K problems. Many critical U.S. systems have indeed been "renovated," and the Pentagon is completing the testing phase of the Y2K remediation process. But a U.S. Air Force official speaking for NORAD acknowledged in a Senate hearing recently that these tests included only "the thin line, the minimal number of [computer] systems required to execute the mission."
Also, commercial providers of telecommunications routers and switches were not incorporated in the test plans. (Even in the event of a nuclear crisis, Strategic Command might need the regional telephone companies and other commercial telephone companies.)
Nor were private suppliers of electricity included. This leaves the possibility that when Y2K arrives, computers left out of the integrated test schedules will "infect" the tested systems or cause other disruptions in normal operations.
STRATCOM has failed to learn from computer accidents that occurred throughout the Cold War. In U.S. operations in 1980, an embedded 64-cent chip with a flawed design, nestled deep in telephone switching hardware at NORAD, suddenly started sending messages to other command posts that a Soviet attack was under way, causing two raised alert levels within a three-day period. This incident was not an isolated case.
According to nuclear expert Bruce Blair of the Brookings Institution, official correspondence among U.S. commanders of recent years refer obliquely to multiple computer-based mishaps, such as false reports from an infrared satellite that "could have resulted in unacceptable posturing of [Strategic Air Command] forces."
In a series of reports on the computer modernization programs at NORAD during the past 18 years, the General Accounting Office has described an operating environment troubled by flawed and lost data, bad screen displays for human operators, and sub-optimal system performance.
Y2K vulnerabilities only add to this disturbing history of unforeseen glitches in the early-warning information pipeline. Most experienced computer scientists will acknowledge that dedicated testing programs will reveal only the presence of errors, not their complete absence. Complex computer systems have been prone to sudden shutdowns or bizarre changes in normal operations.
Moreover, computer failures rarely repeat themselves in the same form, with the result that none of the documented U.S. and Russian near-accidents could have been predicted by knowledgeable experts.
Relying on the proposed early-warning facility as a cure-all for Russia's lack of a Y2K program is a counterproductive diversion from more meaningful policies. The only guaranteed way to avoid accidental nuclear war is to end Russian and American dependence on the extravagantly complex computer systems that provide early-warning information to commanders.
This can be done only by instituting mutually verifiable de-alerting procedures, replacing the current "warfighting" nuclear stance with a doctrine that reflects true post-Cold War international realities.
Michael R. Kraig is a Herbert Scoville Jr. Peace Fellow at the British American Security Information Council, with offices in London and Washington.
Pub Date: 05/09/99