Could year 2000 gremlins trigger Armageddon?
Fortunately, the answer is "no," according to military officials and experts in the U.S. and Europe.
While date-sensitive information is used in the software that plays a part in launching intercontinental ballistic missiles, "Every plausible implication the year 2000 may have on the computer systems involved ... has been examined and solutions have been devised," says a spokesman for the U.S. Strategic Command.
Outside experts agree that year 2000 bugs won't cause an accidental nuclear launch, but they can't rule out other grim possibilities. For example, such bugs could prevent strikes from being launched because of flaws in communications systems or the systems used to maintain the missiles, the experts say.
That kind of uncertainty lurks in every weapon that relies on software - and the problems can be enormously hard to find.
Take the case of the rogue Norwegian Navy torpedoes, which in the early 1990s went off course so badly that one steered back at the ship that launched it.
Ingvar Tronstad, an electrical engineer and former Norwegian Navy commander, says the torpedoes were getting inaccurate data because updates on their location were being sent a split second earlier or later than the torpedoes expected them. Over the seconds and minutes the torpedoes ran, the errors added up and were compounded by an error in application logic, sending the torpedoes off course.
This error involved only seconds, but many such "embedded systems" use years in critical calculations, says Tronstad, now the chief scientist at Ascent Logic Corp., a systems integration and consulting firm in San Jose, California. This error involved only seconds, but many such "embedded systems" use years in critical calculations, said Tronstad, now the chief scientist at Ascent Logic Corp., a systems integration and consulting firm in San Jose, California.
Embedded systems which use years in their calculations track targets, calculate weapons trajectories, encrypt code and transmit orders, current and former military officials said.
The failure of date-based filters that prioritize data could prevent the right data from getting to the right person at the right time, said Adam Luther, director of computer services at the Center for Defense Information, a Washington nonprofit watchdog group.
Even if the application itself doesn't use years, a related system that handles configuration management or maintains software licenses can fall victim to date-handling problems.
The U.S. Air Force learned that in March, when an incorrect expiration date in the license manager for a word processor shut down the application during a military exercise. As a result, the Air Force couldn't send critical mission data, grounding 2700 simulated flights in the Persian Gulf and elsewhere until the Air Force and vendor created a fix.
After the snafu, tests of other systems revealed a similar problem that would have shut down the Combat Intelligence System, which generates information and images needed for targeting, on November 11. "It's extremely fortunate that it was an exercise environment that this happened in," says Colonel Carl Steiling, director of Theater Battle Management Core Systems at Hanscom Air Force Base in Massachusetts.
"The scenario that we fear most is that something like this may occur without our knowledge."