"As the coffin passed each SEAL, they slapped down the gold Trident each had removed from his own uniform and deeply embedded it into the wooden coffin. For nearly 30 minutes the slaps were audible from across the cemetery as nearly every SEAL on the West Coast repeated the act.[8]"
The Zumwalt is using Real-Time Java, using a JVM from IBM that has an incremental GC with real-time guarantees (unlike the real-time Java spec, which essentially works by disabling the GC for real-time threads, so their NonHeapRealTime threads were essentially an architected memory leak). IBM's Real-Time Java, with their real-time Metronome GC, is running on real-time Linux, for which I was the tech lead at the IBM Linux Technology Center.
It was a fun project; since we were able to use the real-time Linux code base which Ingo Molnar and Stephen Rostedt worked on upstream, we spent most of our time stablizing the patches, and fed quite a few patches back upstream to get it into a production-ready state. Anyway, we had 50 microsecond interrupt and scheduler latency using real-time Linux, which allowed millisecond level real-time guarantees using garbage collected java threads.
an anti-ship missile at 2 Mach would move 0.7m during an ms and it wouldn't be a lateral move - sounds like Java has reached the level of getting into fire control systems :)
Anybody remember the USS Yorktown?
The one that ran Windows NT 4.0 and had the apocryphal story about blue-screening and having to be towed back to shore?
In 3 August 1998 issue of Government Computer News, a retraction by DiGiorgio was published. He claims the reporter altered his statements, and insists that he did not claim the Yorktown was towed into Norfolk. GCN stands by its story.[7]
Atlantic Fleet officials also denied the towing, reporting that Yorktown was "dead in the water" for just 2 hours and 45 minutes.[6] Captain Richard Rushton, commanding officer of Yorktown at the time of the incident, also denied that the ship had to be towed back to port, stating that the ship returned under its own power.[8]
Even though the problem was caused by programming error in the Remote Data Base Manager application and not by problems with the operating system itself, criticism of operating system choice ensued. Ron Redman, deputy technical director of the Fleet Introduction Division of the Aegis Program Executive Office, said there have been numerous software failures associated with NT aboard the Yorktown.
That's not so bad. So long as they have the option to skip this week's reboot, this shouldn't be a problem in combat. (They should've randomized the reboot schedule so that an enemy couldn't exploit it.)
It seems you could get close to ensuring such a time would exist by creating constant emergencies for the crew to deal with such that rebooting would be hazardous, and waiting for the reboot-or-crash date to launch the major attack.
What would seal the deal would be if there was some external signal that revealed that the crash happened. This could be as easy to arrange as a confederate onboard with a powerful laser pointer.
He's saying, how do you know that the system hasn't acquired some sort of configuration/software/hardware degradation in the meantime that only manifests on boot?
If you don't regularly exercise/test a critical function, then you substantially increase your risk that the critical function will fail when you really do need it.
Q: What's the worst time to find out your system won't boot?
A: Right after it crashed.
You are better off with scheduled maintenance periods where you can reboot the server and it isn't critical if it fails. That gives you a chance to correct anything on your terms rather than fire-fighting.
A similar non-OS example - early versions of the Patriot missile had to be rebooted every 8 hours or less because their clocks built up rounding errors over time.
"Almost all of the ship's internal communications are based on Voice Over IP (with the exception of a few old-school, sound-powered phones for emergency use)."
Interesting, I'd never heard of sound-powered phones before:
Well, that brought back some memories. Shouting into sound powered phones over the din of the engine room of a submarine is one thing, but trying to actually hear what the other person is shouting back... it must be the audio equivalent of learning to read doctor's prescriptions.
I, too, had to shout into a sound-powered phone in the very center of a ship's plant. Often it was with the bridge crew. The bridge is very quiet at night, so the crew up there would almost whisper into the phone, completely oblivious to the fact that I can't hear a damn thing over the turbines.
Nuclear, but the plant was fairly loud. That or the phone system sucked, not sure which. The effect was still the same - lots of shouting and guessing what was said. :-D
Ah yes, the 8-step method conducted in accordance with the Doctrine for Submarine Interior Communications Manual (w/ Change 1). Fun times, especially if you were the phone talker.
Well, fixed installations of sound-powered telephones do typically come equipped with hand cranks to activate the "growler"/signaling system at the destination station.
However many sound-powered telephones are portable (as in, headphones and a microphone set with a long cord that you could walk around in). These portable sets would be quite unwieldy with a growler-style set attached, you'd have to crank throughout the conversation to achieve amplification, and you'd also make each sound-powered telephone set that much more complicated and expensive.
But the reality is that usually volume isn't that bad of a problem. If the circuit is quiet the solution is always the same: SPEAK LOUDER. Eventually you get used to being loud when needed.
I always find this phrase 'powered by...' a bit sad when used in relation to computer software. I'm pretty sure the ship is powered by a large diesel engine or a small nuclear reactor. It's managed or controlled by Linux...well, technically via Linux but that's beside the point. A trivial objection, but I don't care for my news reporting to read like a breathless press release complete with meaningless marketing-speak.
But it's not actually Linux that's managing or controlling the ship. It's Linux that's managing or controlling the software that's actually managing or controlling the ship.
I mean, if we're getting into a semantic argument.
You could also argue the semantics that the ship is powered by its sailors. Without them, it's not going to go anywhere; it's their actions that are the root cause of moving the thing.
I get your point, but that's just semantics. You go down on the list of definitions in Webster and you could find that "power" means exactly what the Title eludes.
I'm coming to the conclusion that when citing a dictionary or other reference work, the probability of an unforced language error in the same sentence asymptotically approaches 1.
This will be interesting (it takes containerized data centers to an interesting place). Given that naval engagements seem to be either 'unsophisticated Somali pirate' level or 'super sonic ship-killer cruise missile' there isn't a whole lot of middle ground in terms of reaction space.
I can say this though, I'd love to see the insides of one of these ships.
They look just about the same as ships in the current fleet. Much of the new tech is not easily recognizable, even from the inside. For example, high-tech materials, C4I systems, etc.
So living in Las Vegas in the 70's there was an amazing place called 'Buck's War Surplus' that had all sorts of stuff [1] end up there, it will be interesting if the self contained data center units do. Since they are designed to take "regular" gear instead of mil spec gear they could make for a heck of a doomsday data center backup :-)
[1] The top bubble dual 50 cal from a B25 Mitchell showed up once (demilitarized) and I could not convince my Dad to loan me the money to install it in my 1970 Pontiac Bonneville :-(
Great -- now the fragment of code I wrote for the kernel make s me potentially party to killing.
The long-term ethics of producing open source are fascinating -- you know we're all pretty gross if the NRA is wrong, don't you? About X not killing people, people killing people. 'Cause we brought a whole lot of X, and gave it away, puffed with pride, to people who can name something a 'dreadnought' without it being weird.
By that measure, one might be complicit in a bombing strike if the aluminum cans they recycle are used to build aircraft, missiles, or other weapons (, much like your code was recycled by the navy contractors).
If we live in a society where any measure of cooperation with others is subject to such a high level of scrutiny, we are all guilty of every moral indiscretion committed by anyone. Individual responsibility is almost a requirement for the complex and interdependent world in which we exist.
Not to mention that if you pay taxes to a government that has a military presence anywhere you're much more directly supporting killing, if you want to look at it that way.
You really should look at it that way. The armed forces are directly representing your democratically expressed will. We should feel responsible, because we are. If the government is not interpreting our will accurately, we need to change the representatives.
The war where we blow up wedding parties full of children. I doubt there is popular support for that. We are responsible for every action, however popular the overall war.
But taxes aren't optional. You can't just choose opt out of them because you don't agree with what the money's being spent on. You might as well say you're complicit just by having being born in a country with a military.
DoD employee here - maybe it's just me assuaging my conscience, but I always like to think that in the case of working on software for weapons systems, I've merely helped make them more accurate - I have absolutely no control over what they are aimed at, and that's a bigger problem than I can solve. To put it more succinctly: all Americans are responsible for the leaders they elect, and what they do.
These days, I'm fortunate enough to work on training sims for demining. I'd have to recommend that if you are really concerned about being a potential party to killing, don't worry about it - until you vote. Or maybe even write a letter or do some activism. But the last thing you should do is cripple the tools you make for others to use in some sort of ignoble bid to be moral. That's not moral, it's unprofessional.
As someone who has done DOD work (though not on anything "pointy") I've never felt the need to justify myself in this way. Throughout history, countries have lived and died by the strength of their military.[1] America's global supremacy would not be possible without its military domination, and our standard of living would not be possible if we had to worry about falling under some other power's thumb. Also, while we're at it, we subsidize defense for nearly all the liberal democracies in the world. I feel quite positively about my contributions to all these things.
[1] The study of history is, to a first approximation, the study of war. I am not conceited enough to believe that my generation is the first one that is living outside of history.
Exactly. I worked at a defense contractor for a long time, on language training software. I've never felt the need to defend myself despite having a strong antiwar stance.
We need a strong military - we just need to stop going to war at the drop of a hat.
> But the last thing you should do is cripple the tools you make for others to use in some sort of ignoble bid to be moral. That's not moral, it's unprofessional.
I could just stop making tools.
I don't think I'm okay with making wars a clean, professional thing. It should be brutal and bloody and messy at every stage, so we can't isolate ourselves from what we're doing.
If you're making weapon systems and going "Well, I'm not responsible, I just helped make a technology" and the guy firing them is saying "Well, I'm just following orders and pressing some buttons, I'm not really killing them" and the guy in charge is saying "I'm just implementing what the politicians/people want" (depending on how high up the command), who exactly is left actually carrying the price of it?
No, I think I should do everything I can to make sure that we are forced to viscerally feel the terribleness of war when we decide to wage it - not pretend it's a video game.
>It should be brutal and bloody and messy at every stage, so we can't isolate ourselves from what we're doing.
If you believe that carnality would put a stop to warfare, I think the last couple thousand years of it might disagree with you.
Granted, the sight of carnage can turn the tide of public opinion against a war... that's been the case since World War 1 put an end to the idea of war as a noble game where boys became men. But it's not going to stop wars from being waged, just make the politics of managing them more difficult, and make it more torturous for the soldiers doing the killing. The generals probably aren't going to lose a night of sleep even if people have to hack away at each other with machetes.
I disagree - I think making people more connected to it raises the cost of war for the people who tend to cause them, because of the political capital they have to expend on managing people who can see just how brutal it is, who have friends and relatives who are maimed or don't come home, etc.
My goal it's to End All Wars Forever! (TM), it's to raise the cost of waging wars for a society, so it's something we do less casually.
media also has a hand in sanitizing war. they censor the images so stacks of mangled corpses arent stuck in your head when they should be. unbelievably my fearless leader uses a WWI memorial that reads "never again" to promote new wars every year.
On the other hand, we have twitter, and youtube, and stories do tend to get around the media more often than, perhaps, they would have in Vietnam or even the first Iraq war.
The container design is heavily inspired from Google's Datacenters. This will continue happening and cannot be prevented, even a new license for the Kernel prohibiting a military use won't help. Because they can fork an "old kernel" and continue their secret development on it. It's better to know what the government is doing rather than just trusting on a "license". We've been shown often enough in the past and present that people can't blindly trust a Government's actions and ethics.
Do the containers shield against strong EM fields? Otherwise an enemy could detonate a mini em-/atom-bomb close to the target, in order to destroy their operative computer systems. Is that the reason for the heavy metal casing? In that case they probably also used Fiber cables with the lastest known modulation techniques to get (n-)Terabit/s per container. Maybe they even have radiation shielding [1] to protect from inner and outer radiation. This beast doesn't look like it solely runs on diesel, but on an atom-reactor.
"Do the containers shield against strong EM fields?"
from article: Each EME has its own shock and vibration damping, power protection, water cooling systems, and electromagnetic shielding to prevent interference from the ship's radar and other big radio frequency emitters.
I would imagine that would include EMP given the modern threats and US Navy's general understatement of capabilities.
Err, any nuclear attack be it "mini" or regular is provocation to nuclear war. The US won't sit back and watch the Chinese blast our navy to bits with airburst nuclear weapons causing EMP. More than likely the US would strike back with nukes.
You don't get to avoid the whole balance of power/MAD card because your nukes were used for EMP only.
Well, for USA there are only two possible kinds of war opponents - guerilla warfare or countries that have also nukes; and you're not that likely to use ships like the one described for Afganistan. The only combat use for the ship is against nuke-capable opponents, and MAD is not an excuse to build military systems that won't function in any serious war with the intended enemies.
"Each EME has its own shock and vibration damping, power protection, water cooling systems, and electromagnetic shielding to prevent interference from the ship's radar and other big radio frequency emitters."
The military is no stranger to EM hardening their systems. They've been doing it since the cold war after all.
I doubt she has a nuclear plant, actually; there's a Raytheon paper [1] which spends some time talking about the need for fuel efficiency to maximize operational availability, which isn't often a concern for nuclear-powered ships whose rate of fuel "burn" is constant and whose refueling intervals are best measured in years.
Everything in the U.S. fleet except the large aircraft carriers and the submarines burns crappy low-grade diesel fuel. For the submarines, there are major advantages to not having oxygen-requiring engines, and for the aircraft carriers, they want to carry a lot of fuel for aircraft, not themselves. On the other hand nuclear reactors are too expensive to merit putting in ships which don't require them.
That is part of it. The other part is that for smaller ships, you end up having over half the ship manned by sailors who can handle the engine room and reactor. The Navy has enough trouble finding and keeping sailors for their nuclear power program, so they tend to restrict how they use them, otherwise they might end up in the unfortunate situation of needing to allow less qualified candidates through nuclear power school just to keep the fleet running.
"It should be noted that no ethically-trained software engineer would ever consent to write a DestroyBaghdad procedure. Basic professional ethics would instead require him to write a DestroyCity procedure, to which Baghdad could be given as a parameter. " -- Nathaniel Borenstein
That is a horrible approach to take. Eventually you will end up with a DestroyCity, DestroyBuilding, DestroyBridge, ETC procedures. You should create a simple Destroy procedure that can take any valid target.
> Great -- now the fragment of code I wrote for the kernel makes me potentially party to killing.
In much the same way that the food one grew might make one party to killing, should it nourish a killer, sure. But that's a bit of a dorm-room realisation: nothing any of us does can be wholly good or wholly evil; rather, we must each strive to do the most good and the least evil within our ability.
> you know we're all pretty gross if the NRA is wrong, don't you?
And elephants are spherical if ducks are constructed of silicon and finely-shredded buts of the Rubaiyat. Fortunately, the NRA's not wrong: it's not the technology, but the people who wield it, which can be a problem.
Yeah , FOSS projects should add "The Software shall be used for Good, not Evil." to their licenses ! though it is not clear how one would define evil ;)
No worse than a farmer whose produce gets sold further down the chain to the military, or the soup kitchen volunteer who doles out soup to a man who later murders someone.
You're part of a system/society which depends on force to maintain its existence. If you don't like that fact and don't want to be part of that system, stop paying taxes and go live in the woods. After all, your tax money is contributing just as much as your source code to the military.
Such a license would violate Clause 6 of the Open Source Definition (src: http://opensource.org/osd-annotated ), which states that you cannot restrict use based on fields of endeavor. Therefore, you could make the license, but you could not call it open-source.
One license offered for Phil Rogaway's OCB block-cipher mode explicitly prohibits military use. (although, as I read it, the military could use still open source implementations under the other license)
Most open source licenses explicitly say that the software is provided with no warranty. IANAL, but I think that's intended to prevent people suing you if they use your code and something goes wrong.
We'll just have to cross our fingers that they don't run into any cylons...
More realistically, I wonder what the attack surface of a highly computerized, networked ship like this is? What kind of separation can you achieve between the layered networks - would there be systems that are essentially air gapped from one another?
Traditionally they might have been air gapped but from the description of anyone being able to use any station that would not longer possible. They might run on isolated servers, almost definitely since the Armed forces are religious about separation of classified and non-classified systems and data. (This is one reason why sites hosting the Wikileaks and Snowden documents are banned from networks. If classified data, which the leaks still are despite being leaked, appears on an unclassified system there's hell to pay.)
As for the attack surface incoming communication is encrypted a lot these days which severely limits an attackers ability to even get a hook in the system to start with. They also probably isolate the communication systems from an other systems requiring users to input any order, eg vm000123 is running on the gun controllers station relaying firing authorization and targeting which is entered into vm0002020 which manages the gun systems.
From the article, it sounded like each of the systems was running on a stripped down Linux VM, so each of the stations would be logically isolated from each other, running in the same "data center".
> more than 235 equipment cabinets (racks) in total
I wonder what they're doing that needs that much processing power? Or is it that every part of every subsystem has a dedicated server assigned to it no matter how little power it needs, just to stop the possibility of interference?
They are trying to find, track, and compute a shot at lots of things that can be very stealthy or go very, very fast. They would also like some redundancy since a server fail gets very costly.
Seeing as this is the military, I would guess that they have triple redundant systems for some things, but that still is a decent amount of computing power there.
I once interviewed a guy whose resume implied he played a large part in designing some of these redundant systems for carriers/whatever.
I asked him how he dealt with failover/etc, and said they used master election, and that it was guaranteed to work, and then proceeded to describe exactly a system guaranteed to fail. He had never heard of paxos, and when i described it to him, he was sure it wouldn't work.
The "Regimental Commander" of the military academy boarding school I went to was a James Kirk my freshman year. And his school rank was captain.
EDIT: Actually, the Zumwalt looks promising this way. Just add two nacelles and a saucer section.
EDIT: The Zumwalt bridge looks promising in another way. (Leiji Matsumoto) But instead of the 3 smaller screens, have a single 30x30 foot screen leaning forward at a 45 degree angle.
It's a mission designed to run Crysis 1 at 60FPS. I hear rumors that if they reach 61, the full fury of an uncontrollable lens flare reaction takes place, so they can only do this mission in the Mariana Trench for safety reasons.
This made me wonder what the state of the art is in open source realtime operating systems these days. RTLinux is one of the options, but I've forgotten many of the rest by now. Anybody had any positive or negative experiences with any of the RT flavors?
A few software licenses restrict the use of software in use of nuclear weapons & other WMD. I'm sure this vessel is capable of launching nuclear weapons, but it makes me wonder if the government will honor those license agreements or even if they were apart of the consideration.
While some software has such strange licenses, most ‘free’ software is truly free and e.g. Debian even makes it a strict requirement for inclusion that there are no restrictions on how software can be used.
So I’d say the question whether the USG will honour such licenses is somewhat moot, as there is plenty of software around without such restrictions.
No, the GPL only requires you to share your changes if you distribute the product (and no, issuing it to your own soldiers/employees doesn't count). If they give/sell these to other countries, though...
Which licenses exactly? I've never seen such a clause, and I'm pretty sure it would be against the FSF's definition of Free Software, and definitely against the OSI's definition of Open Source.
I don't know if my perspective is just so heavily biased or impractical at this point, but I'm almost embarrassed that my country's Navy would use windows for such a critical system.
10 aircraft carriers, not 13 (though it will be 11 again in a couple years).
The reason extends from matters of strategic planning though. Carriers provide "power projection" capabilities to about 90% of the populated earth.
Power projection is inherently needed for the DoD planning assumptions (which are now, IIRC, to be able to fight and win 1 major conflict while responding to at least one other military contigency). The expected military requirements for those worst-case plans probably involve having at least 3-4 carriers.
However, this is a worst case plan, which means those 3-4 carriers must be available, and on station (or nearby to respond), at all times.
When you include the requirement to maintain/repair/overhaul the vessels, handle training periods for embarked aircrew, training and certification workup periods for the embarked ship's crew, you quickly end up multiplying the ship count you need by at least 3-4.
In this case when they crunched the number I believe that they came to 9-10 to handle defense requirements. And then Congress told them to keep an 11th carrier anyways...
Need to find a way to use up the excess produced in this world. You could just dig big ditches in the ground and dump lots of new goods in there, but the general public wouldn't get behind that the same way they do a war.
Such a clause is trivial to get around, and is exactly how the US argues for its massive military budget: "This is for defense, not offense. Therefore good". Who do you then appeal to in order to stop them?
That's the real story here. The military has control of the allowed corba implementations so they don't suffer from different runtimes, and get all the typed benefits and speed benefits.
The Navy has actually used Linux within warships for awhile now (via its defense contractors). The boat I served on a few years ago used Linux for at least two different subsystems. And before Linux they've used UNIX so it's not as if the Navy is completely new to all this.
I once heard that the Navy has a electronics phobia and relies as much as possible on mechanical and physical human control because EMP (e.g. du atomic bombs) are such a big thread. Maybe this is untrue or only true for key vessels like air craft carries. Does anyone know?
I wouldn't say a phobia, as much as an acknowledgment that historical experience has shown that electrical-type facilities are the most susceptible to damage, and that the conversion from analog electrical to digital electronic didn't always help matters.
I've served on a ship where we had to keep a "fake" target entered into the fire control system at all times, since it would crash if the last target was dropped. That system was our only interface to the torpedoes, so in that scenario we'd be left in the situation of having to wait minutes for the system to reboot before we could launch weapons again. Peacetime or not, it's not a good feeling.
Top all of that with the fact that we have to survive damage from accidents and casualties and not just battle damage. E.g. what happens if a fire breaks out in the port turbine generator and fries the connector wires to the solenoid for an important valve needed to control ship's list and trim? Without the possibility of manual backups we'd possibly be in for a very bad time.
The Navy has a lot of experience with how the oceans and the enemy will conspire against a ship. However well you design your circuits, it's still better to have something available which always Just Works.
Military spec processors are specially made to be "hardened" against that kind of thing. Back in the late 90's military spec Intel chips were almost one chip generation behind consumer cpus, but the packaging was considerably different.
EDIT: In the competition between EMP nuclear weapons and Faraday cages, Faraday cages win. They're fundamentally cheaper tech.
"As the coffin passed each SEAL, they slapped down the gold Trident each had removed from his own uniform and deeply embedded it into the wooden coffin. For nearly 30 minutes the slaps were audible from across the cemetery as nearly every SEAL on the West Coast repeated the act.[8]"
http://en.wikipedia.org/wiki/Michael_A._Monsoor