Principles of Nuclear Weapons Security and Safety

Last changed 1 October 1997

Due to their extreme destructiveness, nuclear weapons require stringent measures to ensure that they are never detonated, either intentionally or by accident, except under properly authorized circumstances. In addition, since most nuclear weapons contain strongly radiotoxic materials (plutonium and tritium) it is important to prevent accidental release of these materials in an accident.

The first line of defense against accident is to design into the weapon an " exclusion zone" that encloses the detonation system and physically prevents electrical energy from reaching it. Access from the firing system is provided by a " strong link". This is a mechanism (a motorized switch for example) that maintains physical isolation unless it is closed by the arming system. The strong link is thus the 'draw bridge' across the exclusion zone 'moat'.

Now it is possible for an accident of some kind (a crash, fire, munition explosion, lightning strike, etc.) to destroy the integrity of the exclusion zone or the strong link and theoretically open the possibility of the detonation system being activated. To prevent this, there is one or more " weak links" is inserted into the detonation system inside the exclusion zone. These weak links will fail, rendering the weapon inoperable, when exposed to abnormal stresses (heat, acceleration forces, etc.) that are below the level that could possibly disrupt exclusion zone integrity.

Result - any accident that could circumvent the exclusion zone/strong link protections will disable the weapon by breaking the weak links first.

The first line of defense against unauthorized activation is a lock on the weapon. The earliest locks were mechanical combination locks, but since the early 1960s a more sophisticated system called a " permissive action link" (PAL) has been increasingly employed. A PAL is an electronic (originally electro-mechanical) device that prevents arming the weapon unless the correct codes are inserted into it. Two different codes must be inserted, simultaneously or close together. This is the "two man rule" principle - which requires it to be impossible to arm any nuclear weapon through the actions of a single individual. The codes are usually changed on a regular schedule.PALs have been developed in several versions of increasing sophistication, designated A through F.

Once the PAL has been enabled, it now possible to arm and fire the weapon. The " unique signal generator" is a technique for making the weapon extremely discriminating about the arming signal so that spoofing signals, noise, or other interference will not cause arming. There is a signal recognition system in the weapon that responds only to a single, very specific, complex signal. This signal is produced by the unique signal generator (which is actually outside the weapon). A more recent approach has been to replace the unique (analog) signal approach with digital communinications and codes.

Once the weapon is armed, " environmental sensing devices" (ESDs) prevent detonation of the weapon unless it is properly delivered to the target. These devices detect external effects that should occur during the delivery process, things like - free fall period, acceleration curves, temperature, pressures, etc. Unless these effects are detected in the proper sequence, and fall within specified parameters, the weapon will not detonate.

There are other safety measures that have been included in some or all modern weapons:


Sources

PAL
Category
Description
(none) Mechanical combination lock
A Four-digit, 10-position electromechanical coded switch (most retired or replaced by 1987)
B Ground & airplane-operable 4-digit coded switch (later version with limited try followed by lockout until reset)
C Single-code 6-digit switch, limited try followed by lockout
D Multiple-code 6-digit switch, limited try followed by lockout
F Multiple-code 12-digit switch, limited try followed by lockout