Session
Fahrplan 34C3
Hardware & Making

Vintage Computing for Trusted Radiation Measurements and a World Free of Nuclear Weapons

Eliminating nuclear weapons will require trusted measurement systems to confirm authenticity of nuclear warheads prior to their dismantlement. A new idea for such an inspection system is to use vintage hardware (Apple IIe/6502) instead of modern microprocessors, reducing the attack surface through simplicity. In the talk, we present and demo a custom open hardware measurement system based on gamma spectroscopy.

Twenty-five years after the end of the Cold War, there are still about 15,000 nuclear weapons in the arsenals of the nine nuclear weapon states. After an era of transparency, cooperation, and confidence-building in the 1990s, progress in nuclear arms control has slowed down in the 2000s and is currently in a crisis. The newly negotiated Treaty on the Prohibition of Nuclear Weapons (“Ban Treaty”) and the 2017 Nobel Peace Prize have given new attention to the enduring threat posed by these weapons and the urgency of further reductions. Any further progress toward nuclear disarmament will have to rely on robust verification mechanisms, especially while there is limited trust among relevant states. This requires trusted measurement systems to confirm the authenticity of nuclear warheads based on their radiation signatures. These signatures are considered sensitive information, the systems have to be designed to protect them. To accomplish this task, so-called “information barriers” have been proposed. These devices process the sensitive information acquired during an inspection, but only display results in a pass/fail manner. Traditional inspection systems rely on complex electronics both for data acquisition and processing. Several research efforts have produced prototype systems following fundamentally different design philosophies, but it has proven difficult to demonstrate that hidden switches and side channels do not exist. After almost 30 years of research and development, no viable and widely accepted system has emerged.

We pursue a fundamentally different approach: Our prototype of an inspection system uses vintage hardware built around a 6502 processor. The processor uses 8-micron technology (about 600 times larger than current 14-nanometer technology) and has only about 3500 transistors. Vintage hardware may have a number of important advantages for applications where two parties need to simultaneously establish trust in the hardware used. CPUs designed in the distant past, at a time when their use for sensitive measurements was never envisioned, drastically reduce concerns that the other party implemented backdoors or hidden switches on the hardware level. Today, the design of the 6502 is de-facto open source, and several projects have explored the hardware in great detail (visual6502.org, monster6502.com). The technology is so basic that it would be difficult or impossible to surreptitiously implement extra functionalities that could be used to leak secret information. For the same reason, however, using vintage hardware also comes at a price, as the performance of the inspection system is limited, and data acquisition and processing has to be designed and highly optimized accordingly.

In this talk, we demonstrate the performance of the inspection system in an actual inspection setting. For this purpose, we built a prototype system using an Apple IIe and a custom-made open-source data-processing board connected to a sodium-iodide radiation detector for low-resolution gamma spectroscopy. Data processing and analysis is exclusively done on the Apple IIe hardware. In inspection mode, the Apple IIe is used as an information barrier, and the result of the analysis is simply displayed by a green/red (pass/fail) LED on the data-processing board. To wrap up, we discuss the broader context required for verifying deeper cuts in the nuclear arsenals and demonstrate the system as part of a notional inspection scenario, including its capability to detect basic cheating scenarios, in which a dishonest party presents an invalid item that has a different radiation signature.

Additional information

Type lecture
Language English

More sessions

12/27/17
Hardware & Making
Paul Emmerich
Saal Borg
Network cards are often seen as black boxes: you put data in a socket on one side and packets come out at the other end - or the other way around. Let's have a deeper look at how a network card actually works at the lower levels by writing a simple user space driver from scratch for a 10 Gbit/s NIC.
12/27/17
Hardware & Making
Saal Borg
Did you ever want to run your own IoT cloud on your IoT devices? Or did you ever wonder what data your vacuum cleaning robot is transmitting to the vendor? Why a vacuum cleaning robot needs tcpdump? Nowadays IoT devices are getting more and more powerful and contain a lot of sensors. As most devices are connected directly to the vendor and transmit all data encrypted to the cloud, this may result in privacy issues. An IoT device with no internet connection lacks numerous features or is even ...
12/27/17
Hardware & Making
Jean Rintoul
Saal Clarke
An open source biomedical imaging project using electrical impedance tomography. Imagine a world where medical imaging is cheap and accessible for everyone! We'll discuss this current project, how it works, and future directions in medical physics.
12/27/17
Hardware & Making
Saal Borg
The Apollo Guidance Computer ("AGC") was used onboard the Apollo spacecraft to support the Apollo moon landings between 1969 and 1972. This talk explains "everything about the AGC", including its quirky but clever hardware design, its revolutionary OS, and how its software allowed humans to reach and explore the moon.
12/28/17
Hardware & Making
Saal Dijkstra
Over the past year, we have been developing open source wheelchair add-ons through user research, ideation, design, prototyping and testing. We present the outcome and insights from the process.
12/28/17
Hardware & Making
Katja Bach
Saal Dijkstra
„5.-Klässlerinnen, die über die Millisekunden für einen delay()-Aufruf diskutieren! Gibt es nicht? Doch, gibt es!“ Ein Modellprojekt mit sieben Schulen in Aachen hat diese Frage untersucht – wir haben die Schülerinnen und Schüler begleitet und würden gerne darüber berichten, denn wir wissen jetzt: Programmieren macht ihnen Spaß!
12/28/17
Hardware & Making
MathiasL
Saal Clarke
In this talk I describe the basic makeup of FPGAs and how I reverse engineered the Xilinx 7 Series and Lattice iCE40 Series together with the implications.