Trident Missiles Safe From Unauthorized Launch
Remember the Cold War? Step into the past, to the decades between 1950 and 1990.
In the United States, we had developed the Strategic Triad concept to protect our country-and the free world-from nuclear attack. Our defense against nuclear attack rested on three fundamentally different and independent legs.
Leg one was manned bombers-beginning with World War II-era B-29s and ending in the 1990s with B-52Hs, B-1Bs, and B-2As.. Because these aircraft were continuously control by humans, in an emergency they could be launched and vectored towards the enemy-all the while negotiations attempted to prevent further escalation into full-blown nuclear war. At any time, the aircraft could be recalled, or ordered not to drop their lethal loads. In the event of an escalating situation, aircraft could be maintained in a local flight pattern, continuously refueled and ready on a moment’s notice to fly towards designated targets.
Leg two was land-based missiles carrying one or more independently targeted warheads. These missiles were stored in silos that were capable of withstanding all but a direct nuclear hit. They were capable of withstanding an enemy first strike and could then deal a devastating blow to his ability to follow through with further strikes.
The third Triad leg was our fleet of missile submarines. These subs carried either sixteen or twenty-four missiles with multiple independently targeted warheads. Since submarines are nearly impossible for a potential enemy to track, we were, therefore, practically guaranteed the ability to deliver a killing blow to any attacking enemy, even after he launched a full-blown nuclear strike.
This Triad assured our ability to deter an enemy from striking in the first place, because he could not survive such a strike.
At least, that’s how it was supposed to work.
One could argue that since we did not have a nuclear war, it must have worked. Since the collapse of the Soviet Union, documents found in the KGB archives, and reports from senior former Soviet government personnel, lend credence to this argument. The concept was called MAD, for Mutual Assured Destruction. Despite the wags who could not refrain from Dr. Strangelove analogies, MAD appears to have been very effective in deterring the Soviets from launching a preemptive nuclear strike against the United States and NATO.
The good news is that the Cold War is over. In response, we and the Russians have destroyed most of our land-based intercontinental ballistic missiles, and we have severely reduced the size of the remaining two Triad legs. In today’s world, however, hitting a typical attacker with submarine launched nukes is overkill; but using expensive ballistic missiles to deliver anything smaller than large nukes is a huge waste of money. We can do much better with high-flying bombers and smart bombs.
The bad news is that we still have a fleet of 18 Trident ballistic missile subs – soon to shrink to 14 — floating around, but there really is no significant military adversary that they can effectively deter. It is clear that our missile subs and bomber fleet clearly did not deter the al Qaeda terrorist strikes on last September 11. For deterrence to work, you must know where the strike originated. In the wake of the destruction of the New York World Trade Center we face something completely different: the need to create a totally new deterrent.
In Afghanistan, we have been able to use our bomber fleet effectively to combat terrorism, but fleet ballistic missile subs still have only one purpose, to deter nuclear armed adversaries. As long as Russia and China – despite current ties with the United States – possess nuclear arsenals that pose a potential threat – we still have an effective fleet of hidden and essentially unstoppable vehicles capable of totally destroying any nation choosing to attack us. As such, it still deters.
Having these missile subs out there, however, raises an interesting and important question: Could a ballistic missile submarine commander launch his missiles without specific presidential authorization? Could a few men conspire and successfully bypass the built-in safety systems to launch nuclear weapons?
The people who established our nuclear weapons control systems created the Personnel Reliability Program (PRP) to offset the element of human uncertainty.
Anybody with access to any element of nuclear weapons is under continuous, close scrutiny. From the admiral in command of a flotilla to the least significant seaman swabbing the deck around a missile tube-every individual having even the remotest contact with nuclear weapons and their means of delivery participates in the most closely supervised “buddy-system” in the world. Every participating individual submits to an appropriate background investigation. Before being assigned to more sensitive positions, each individual’s dossier is updated.
Beyond this, however, each individual is specifically and legally responsible for observing every other individual in the program with whom he comes into contact.
If Lt. Jones suddenly starts drinking three cups of coffee in the morning instead of just one, Seaman Smith, who brings him the coffee, must report this change. If he doesn’t, and if this change and Smith’s knowledge of this change become factors in a future problem, Smith will suffer consequences as severe as Jones.
Every element that is remotely connected with launch authorization is under continuous “two-man control”. It takes two individuals to bring together any system element that can ultimately lead to launch of a nuclear weapon. These individuals, while they usually will know each other, are prohibited from establishing close personal ties. In the event that such ties happen, they must voluntarily step forward with this information and be reassigned. Failure to do this requires their dismissal and disciplinary action.
Only the president can authorize a nuclear weapons launch. His encrypted authorization will arrive at the submarine by secure radio. Sealed authenticators which are kept under continuous two-man control ensure the message’s authenticity. These plastic chips are created automatically by computers programmed to insert completely random symbols.
A launch message identifies a specific authenticator and lists the symbols it should contain. These symbols will have been determined by the sender only moments before transmitting the message by manually opening one of the authenticators. If the local authenticator does not match, the message is not authenticated, and the launch is denied.
While SSBN missile warheads do not contain mechanical ‘Permissive Action Links’ designed to prevent unauthorized launches that are built into nuclear gravity bombs and land-based missile warheads, during the 1990s the Navy added extra security measures to the Authentication System used with the Trident sub fleet that ensure the virtual impossibility of an unauthorized launch from a submarine. Details are highly classified.
There is no realistic scenario wherein a nuclear missile either can be accidentally launched or deliberately launched without authorization – ever – under any circumstances – period.
The system isn’t foolproof, but within the limitations of the trust we place in our highest officials it nearly eliminates the chance of a nuclear weapon being launched without proper authority.
Robert G. Williscroft is DefenseWatch Navy Editor