The RISKS Digest
Volume 1 Issue 38

Friday, 10th January 1986

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…

Contents

Ad-hominem SDI discussion
Mike McLaughlin [and Peter Neumann]
Men in the loop
Martin J. Moore
Failure probabilities in decision chains
Jim Miller
Testing SDI
Karl Kluge
Robert Goldman
Summing Up on SDI
Jim McGrath

Ad-hominem SDI discussion

Mike McLaughlin <mikemcl@nrl-csr >
Wed, 8 Jan 86 05:48:49 est
I note with dismay the ad-hominem phraseology that is appearing in the 
SDI discussions.  It is understandable but unacceptable.  The issue is 
too important.  I request that the participants review their inputs 
prior to submission, and edit out phraseology that is not relevant to 
the issue.  It is not fair to expect the forum's moderator to be a 
censor.  - Mike McLaughlin                                 [Thanks.  PGN]
 
     [I have received various complaints about some of the recent SDI
      verbiage — its quality, accuracy, relevance to RISKS, what right has
      RISKS to distribute SRI discussion when it should be in ARMS-D, etc.
      In general, I have to hope that our contributors exert some good sense.
      Some of the nit-picking should clearly be resolved privately.  In some
      cases I might request two antagonists get together and write a single
      position statement to which they both agree — but that seldom works.

      So, at this point I would like to elevate the quality of SDI
      discussion — but not to stifle meaningful discussion that is really
      RISKS-related.  SDI remains one of the most important issues
      confronting us, and open 

Testing: Differences between SDI and other systems.

<Karl.Kluge@G.CS.CMU.EDU>
7 Jan 1986 22:41-EST
Message-Id: <505539701/kck@G.CS.CMU.EDU>

> Date: Mon 6 Jan 86 18:24:44-PST
> From: Jim McGrath <J.JPM@LOTS-A>
> 
> You are, of course, correct.  The problem is that your points could
> also be (and are) made about any complex weapons systems (or indeed,
> any complex system at all).  It is NEVER possible to fully test ANY
> system until it is actually used in battle (and even then it can fail
> in future battles).

1) The consequences of failure of an SDI system are orders of magnitude
   greater than the consequences of failure of a "normal" weapons system.
   We damn well should be orders of magnitude more confident in it.

2) Which is really irrelevant, since the function of the SDI is to enhance
   deterrence, not replace it. The SDI system doesn't have to work, it just
   has to create reasonable worry that it might work in the mind of a potent-
   ial attacker. This makes it different from most systems, which are built
   to be used. If the SDI system ever has to be used then it has failed, 
   which means...

(* rest of message on ARMS-D.  Karl *)  [THANKS... PGN]

My opinion, of course, in no way reflects the opinion of anyone I'm
associated with.  Karl


Testing SDI

Robert Goldman <rpg%brown.csnet@CSNET-RELAY.ARPA>
8 Jan 86 (Wed) 15:26:18 EST
In RISKS-1.34 Jim McGrath discusses testing the SDI.  A common objection to
the SDI is that it could not realistically be tested.  

McGrath correctly points out that this is true of any modern weapon system.
I agree with this basic point, but of course, some weapons systems are
easier to test than others.  For example, Mr. McGrath points out

    it took WWI for the Germans to realize that the
    lessons of the 1880's concerning rapid infantry fire (and thus the
    rise of infantry over calvary) did not take artillery development
    adequately into account
This is correct, but dodges the point that at that time, modern artillery,
rifles and machine guns HAD all been fired in anger.  The almost universal
inability to profit from the experience was due to institutional failures,
rather than lack of raw data.

I need hardly point out that ICBMs and SLBMs have NOT been tested in wartime
conditions, and that we have reason to believe that there won't be a second
chance to correct any mistakes.

Mr. McGrath goes on to suggest that the SDI might be tested against meteor
storms.  I question this for three reasons:
1.  As I understand it, the particle-beam weapons of the SDI are not
intended to destroy warheads outright, but rather prevent them from reaching
their targets and detonating.  How would one judge that a meteorite's fusing
and guidance mechanisms had been destroyed?
2.  Meteorites are not human-made objects which are designed with an eye to
penetrating enemy defenses:  they do not drop chaff, employ electronic
counter-measures, etc.
3.  Meteorites have a wholly different flight pattern.  As I understand it,
ICBMs have a boost phase, a cruising phase and a re-entry phase.  Doesn't a
missile's detectability and vulnerability depend on which of these phases it
is in?
                    Robert Goldman

     [I deleted a paragraph on what might happen "if the SDI accidentally
      (or on purpose) shot down a Soviet reconnaissance satellite?"  PGN]


Summing Up on SDI

Jim McGrath <J.JPM@Epic>
Thu 9 Jan 86 22:45:57-PST
To: "risks@sri-csl"@Sushi
Reply-to: mcgrath%mit-oz@mit-mc.arpa

        [Reminder: I have omitted a bunch of McGrath-Lin messages.  
         If you wish to read them, see aove.  PGN]

From all these messages, I've come to two conclusions.  First, that on
the whole, I tend to feel that SDI is a more complex system (mainly
because of its mission size) than existing ones, such as Aegis.  But I
could be wrong (either way).  And I do not believe that it is "orders
of magnitude" more complex than existing systems.  Thus it would seem
that it could be built to existing system performance standards.

The second question is whether these standards are "adequate," and if
not can we improve upon them?  It is clear that existing systems are
not being tested as fully as possible (Herb Lin's report on the Aegis
tests makes them appear to be a joke).  I've already pointed out that
substantial testing of mid-course and terminal phases, far more
extensive testing than any of our other systems have received, can be
carried out.  Thus, provided we have a proper commitment, even our
current testing technology can be better applied (with better results)
than we have done up until now.

To a large extent the standard you require depends upon your
definition of the mission of the system.  Clearly the system was never
designed to make OUR nuclear weapons obsolete (just the Soviet's).  So
under any mission we would probably retain a force sufficient to
destroy the USSR, and so can always fall back on MAD.  Any reasonable
performance level would protect our weapons to a significant extent
(and if not, you can always keep a sub force).  So the real question
is whether it can protect cities.

I would tend to doubt it, under a full and unimpeded Soviet attack.
But there are many scenarios (from accidental launch to a limited
(decapitation or counterforce) strike to a second strike (the first
perhaps going to Europe and/or China)) where it quite possibly could.

In any event, I am certainly not sure enough to either commit to SDI
deployment nor to terminate research.  Since all SDI is at the moment
is research, I have no problem with the existing program.  Still,
knowing how programs have a tendency to outlive their usefulness, I
think strong scrutiny is appropriate.  But not mindless opposition.

Jim

Please report problems with the web pages to the maintainer

x
Top