The viability, efficiency, and, ultimately, success of he global economic ecosystem depend in part on he flow of goods and services throughout the global value chain, from design through fabrication to consumption. In computing and information technology, the locus of innovation, influence, and early access can and has shifted throughout the history of the modern information technology (IT) era. These shifts can have significant implications for U.S. competitiveness and national security.
In the committee’s view, the United States currently enjoys a technological advantage in advanced computing hardware and software capabilities but that technological gap is narrowing, not only due to the technical challenges described in Chapter 1, but also because other global economic competitors (e.g., China) are making a concerted effort to develop their own indigenous computing design and manufacturing capabilities. Moreover, the design and fabrication of such technologies are increasingly globally distributed. Market success, of course, is only partially correlated with technological preeminence, as the ecosystem of producers and consumers and market size, together with network effects, are also key determinants.
In the committee’s view, national security concerns for the United States related to anticipated long-term developments in advanced computing come not just from potential threats to U.S. technological superiority, but also from changes to the nature and structure of technical innovation and to the marketplace for computing and information technology. Intensifying competition will affect the global supply chain and reshape the numbers and types of commercial players that survive in a rapidly evolving marketplace. The diminishing performance returns from traditional silicon advances that have helped existing software systems run ever faster (described in Chapter 1) and the rise of the post-personal computer (PC) ecosystem of smart devices, coupled with cloud-computing capabilities, further complicate the landscape. This chapter discusses several emerging changes in the global advanced computing landscape that have implications for U.S. national security, including parallelism in hardware and software (Section 4.1), the integrity and reliability of the global supply chain (Section 4.2), the decline of custom production (Section 4.3), convergence of civilian and defense technological capabilities (Section 4.4), the rise of a new post-PC paradigm driven by mass information and communications technology (ICT) consumerization (Section 4.5), new market-driven innovation centers (Section 4.6), the future educational and research landscape on advanced computing (Section 4.7), cybersecurity and software (Section 4.8), and possible defense ICT outcomes (Section 4.9).
In U.S. defense and national security, one element of the U.S. advantage in defense ICT has accrued from rapid increases in application performance, which in turn has depended on rapid increases in single-processor performance. As the latter ends, continued application performance increases will likely only be possible if there is a shift to the development of applications that can take advantage of parallel hardware. The inability of defense software to make this transition faster than competitors in the global market or our potential adversaries has significant implications for U.S. competitiveness and national security.
The slowdown in performance increases for single-core processors is a matter of physical (e.g., power density and dissipation and quantum barriers) and
technological (e.g., gate length, lithography, power dissipation, wire scaling, and materials) limits. Thus, even if resources were plentiful, it would not be possible to simply buy or make appropriately targeted investments that would result in continuing exponential speed-ups for single-core processors. An additional matter of physics is the power constraints that are driving the industry from homogeneous multicore chips to heterogeneous parallelism, for example, using graphics processing units, accelerators, and reconfigurable fabrics. Once again, national security processes and deployments will need to adapt to use heterogeneous parallelism to maintain advantage.
Exponentially increasing processor speed has traditionally served as a proxy for higher-performing, more capable, and more innovative systems. Absent this traditional metric of continually increasing performance (whether from sequential or parallel systems), focusing on other metrics will likely come to the fore. In many cases, design and innovation efforts will focus on combinations of improvements in diverse dimensions, such as cost, energy, weight, robustness, and security. Traditional performance improvements would help to achieve these, but if such improvements are not forthcoming, other means of achieving these improvements will be needed.
Developing, verifying, and deploying software to complement advanced hardware is fraught with challenges. Moves to homogeneous and then heterogeneous parallelism will amplify these challenges.1 These challenges are especially prevalent in defense and national security systems. Moreover, defense is notable for its relatively slow adoption of innovative hardware and software that now emerge from the commercial rather than the military sector. New and faster-moving threats with fewer legacy concerns may make this status quo untenable.2,3
U.S. national security has long relied on an information technology advantage. Given the dramatic shift to multicore chips and explicit parallelism, defense ICT will need to transition to tools, techniques, and processes that can meet defense needs through effective use of new parallel software models and emerging hardware approaches. Such a transition will be difficult, and even if this transition is made successfully—a challenge not just for defense, but for even the most advanced commercial interests as well—the growth rate of computing performance is expected to continue to slow, making it easier for the rest of the world, including adversaries, to catch up.
Maintaining the integrity of the global supply chain is a serious challenge. The supply chain for integrated circuits (computer chips) is of particular interest given that they are key components of all computing systems. Some fabrication facilities are still present in the United States. For instance, Intel is the primary operator of large-scale, state-of-the-art semiconductor fabrication facilities in the United States, though it also has such facilities outside the United States. IBM and other companies operate facilities in the United States that target more specialized markets and national security needs.4 However, the United States is increasingly dependent on foreign sources of microchip production and on device assembly and testing capabilities that are concentrated in a handful of countries.
Developing secure sources of production is also challenging. A global supply chain increases the likelihood that compromised and counterfeit products can be introduced in mission-critical infrastructure.5
1The 2009 National Research Council (NRC) report Critical Code: Software Producibility for Defense assesses the growing importance of software for national security and examines how the U.S. DOD can most effectively meet its future software needs.
2The 2009 NRC report, Achieving Effective Acquisition of Information Technology in the Department of Defense calls for the DOD to acquire information technology systems using a fundamentally different acquisition process based on iterative, incremental development practices.
3This is reminiscent of the 20th century U.S. automobile sector. The U.S. auto industry moved from being the best in the world to being high cost and slow to adopt new processes and technologies. This decline was masked for years by the lack of credible competition. The arrival of Japanese and other foreign automakers changed the competitive landscape two ways. First, the Japanese focus on manufacturing efficiency exposed U.S. companies’ process problems and eroded near-term profits. Second, sustained long-term Japanese investments (e.g., on energy efficiency) contrasted with U.S. companies’ more near-term focus. Too much of a short-term focus cuts into long-term success. Moreover, once the former made less money available, addressing the latter became more difficult.
5Indeed, an immediate challenge for U.S. access to the global semiconductor value chain is that some U.S. defense contractors have been deceived into using counterfeit electronics parts. At a November 2011 hearing, the Senate Armed Services Committee noted that such fake parts could have disastrous consequences for the performance of U.S. defense equipment such as helicopter night-vision systems and aircraft video display units. See U.S. Senate Committee on Armed Services, Hearing to receive testimony on the Committee’s investigation into counterfeit electronic parts in the Department of Defense supply chain, November 8, 2011. See also DOD’s TRUST in Integrated Circuits Program (available at (http://www.darpa.mil/Our_Work/MTO/Programs/
Developing ways to ascertain and monitor the provenance of semiconductor products will become ever more important. Related issues of hardware and software verification and validation will continue to be critical issues, particularly as the complexity of systems continues to rise.
In addition to challenges related to integrity and security, the global interdependence of design, component fabrication, and assembly means that risks of disruption due to natural disasters, political conflict, or constrained access to raw materials become greater. A single event, such as the March 2011 earthquake-tsunami in Japan or the more recent floods in Thailand, can disrupt global product deliveries for months.6 Similarly, restrictions on shipments of rare earths, key elements of chip fabrication, can stall production lines. The globalization of science and technology (S&T) and of the computing marketplace in combination with specialization (only a few suppliers of a particular component) and just-in-time inventory practices all add to the risk as well. More generally, a disaster or a well-targeted action from an adversary could constrain or interrupt global supplies, potentially placing the United States in a defensive position due to competing demands between U.S. defense needs, commercial production requirements, and the producing region’s own needs.
A decrease in the number of specialized companies able to make custom products for defense needs is also relevant to national security. Although commercial off-the-shelf (COTS) products are widely used in defense materials, there are specialized components and products that are not commodity products.
This reduction is driven in part by the exponentially rising cost of state-of-the-art fabrication facilities, which places a premium on volume production. In turn, this limits the economic incentive for any company to respond to the defense needs for specialized devices—for example, the capacity to design and fabricate radiation-resistant integrated circuits (ICs). Further, the concentration of design and production to a small group of dominant market players that make commoditized products may significantly increase costs.
The convergence of civilian and defense technologies is accelerating, driven by rapid and cost-effective technological progress in a highly competitive commercial marketplace, especially as compared with the often lengthy and rigid procurement processes in the defense sector. Convergence is most evident in electronics, where a growing proportion of U.S. defense needs are being met by COTS technologies. At the same time, the U.S. defense establishment’s ability to influence the development of the global semiconductor industry, similarly to what happened with supercomputers (which create the chip components of COTS products) through sheer volume has been reduced. For instance, the U.S. military accounted for a large proportion of sales from the global semiconductor industry in that industry’s formative years, but that proportion had fallen to just 1 percent of global microcircuit sales by the late 2000s.7
The convergence between civilian and defense hardware capabilities and ease of access to openly available technological products that may be just as good or even more advanced than equivalent defense technologies has implications for U.S. defense.8 In particular, such convergence allows greater opportunity for adversaries to narrow the technological gap with the United States. In such an environment, time to integration and time to deployment will be the primary factors that determine technical superiority, rather than who is the first to develop a particular technology.
This suggests that deeper awareness of the differing processes and timescales for hardware and software development must be part of the design and procurement process. Semiconductor design and fabrication, as well as subsequent integration of fabricated chips, have a substantial lead time. Although it is possible to develop portions of new software systems with simulators and emulators, integration and complete testing is dependent on hardware availability. Thus, the overall time to deployment of new hardware and software systems will be especially critical when the software requirements for
Trusted_Integrated_Circuits_%28TRUST%29.aspx, last accessed on February 7, 2012) that seeks to “provide trust in the absence of a ‘trusted foundry’.”
6As an example, the shortages of disk drives and flash memory resulting from the Japan and Thailand natural disasters affected many devices and vendors. See http://www.isuppli.com/Home-and-Consumer-Electronics/News/Pages/IHS-iSuppli-NewsFlash-Thailand-Flood-Spurs-Nearly-4-Million-Unit-Shortfall-in-PC-Shipments-in-Q1-2012.aspx Last accessed on February 7, 2012.
7Annual Industrial Capabilities Report to Congress, 2008 (Washington D.C.: Office of Under Secretary of Defense Acquisition, Technology and Logistics Industrial Policy, February 2008).
8An ongoing NRC study, Ethical and Societal Implications of Advances in Militarily Significant Technologies that are Rapidly Changing and Increasingly Globally Accessible is exploring these issues.
defense missions must be developed based on predicted, rather than current hardware. This further emphasizes the importance of hardware-software co-design and rapid testing and of drawing lessons from consumer device deployment.
The expected length of the life cycle for consumer devices continues to decrease; for instance, the replacement time for smartphones is now less than a year. Comparatively slow and cumbersome Department of Defense (DOD) procurement and deployment cycles mean that units may lack access to current-generation technology. Defense organizations must balance rapid adoption for commodity technologies against more measured and careful integration and deployment of devices and technologies that are unique to defense needs. Risks increase when applying the same process and evaluation to both without distinguishing the risks and benefits.9 At the same time, proven technology—even if it is not the most current—may provide better results with cost-effective performance. Managing these tensions suggests that requirements and designs should be based not just on current technology but on projections of technology available two or even three generations ahead.
One area in which COTS has become the principal technological driver is in the ongoing consumerization of ICT and the emergence of what might be called a post-PC technological paradigm. Smartphones, tablets, cloud-computing capabilities, and other related commercial technologies are the hallmarks for this new era. Industry projections10 suggest there could be as many as 50 billion devices connected to the Internet within a decade. Global sales of mobile phones now exceed those of PCs, and the Chinese phone market alone exceeds that of the United States or Europe.11 For much of the world’s population, a phone is the primary computing device.
More generally, low-power designs, based on licensable components and created by semiconductor design firms without fabrication capabilities, along with the rise of system-on-a-chip (SoC) ecosystems are increasingly enabling new companies and enterprises to offer devices that compete with the traditional x86oriented PC ecosystem.
In both the x86 and ARM SoC ecosystems, some elements of each SoC are likely to be common (for example, general-purpose cores); others will be tailored to specific applications (for example, cryptography blocks, media encoders and decoders, digital signal processors, or network interfaces) and drawn from an array of internationally available and licensable silicon design blocks. This mix-and-match model, now prevalent in the mobile device space, challenges the traditional software development and maintenance model, where legacy software could execute unchanged (often without recompilation) as described in Chapter 1. A DOD shift to application-tailored classes of chips will require software refactoring and optimization for each new class of chips, each with different functionality, adding complexity to the software design and maintenance life cycle. Unless the software design process and toolset for distinctive defense software is adapted to this shift, the useful lifetime of the chips will be determined by software availability, not hardware.
In addition to the rise of a new and complementary COTS ecosystem, the consumerization of ICT has profound implications for how organizations manage their own ICT. The proliferation and popularity of new device functionality challenges traditional approaches to organizational technology uptake. Consumers drive adoption of technology in large organizations by forcing central ICT organizations to respond to consumer acquisition outside the organization. This socially activated disruption changes the planning and deployment of software and services. The DOD is not immune to this effect. As the perceived and actual differences between commodity technology availability and centrally mandated deployments rises, individuals and groups may circumvent best policies and practices in system security and information flow in order to access improvements in functionality.12 In addition, the proliferation of mobile devices with personally identifiable data and institutional data brings information leakage risks due to the possibilities of device loss and theft.
9A 2009 NRC report, Achieving Effective Acquisition of Information Technology in the Department of Defense calls for the DOD to acquire information technology systems using a fundamentally different acquisition process based on iterative, incremental development practices.
10CISCO White Paper, 2011, The Internet of Things: How the Next Evolution of the Internet is Changing Everything. Available at http://www.cisco.com/web/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf. Last accessed on February 7, 2012.
11See http://www.strategyanalytics.com/default.aspx?mod=reportabstractviewer&a0=6871. Last accessed on February 7, 2012.
12A recent NRC report, Toward Better Usability, Security, and Privacy of Information Technology, examines some of the competing motivations for users of technology and identifies research opportunities and ways to embed usability considerations in design and development related to security and privacy, and vice versa.
Similarly, the rise of big data and rich data analytics, made possible by the proliferation of these inexpensive networked devices and by massive cloud data centers, are challenging traditional notions of computing. The balance of value is shifting from isolated devices and software to capabilities embodied by an integrated system of devices, data, and services. A data-rich, consumer-driven world where data is ubiquitous and often accessible has profound implications for U.S. DOD notions of information superiority, privacy, and security.
The increasing diversity and independence of global supply chains for new generations of COTS devices will challenge existing approaches to system security. Demand for software verification of diverse components with multiparty provenance will increasingly be the norm, but thus far verification of even existing systems remains a challenging research problem. When coupled with device heterogeneity and specialization for performance, verifying functionality and the absence of implicit or explicit security backdoors will require new organizational and software security approaches.
The emergence of foreign markets that are larger, are potentially more lucrative, and have better long-term growth potential than in the United States and other developed countries also has significant implications for the ability of the United States to shape technological directions. A shift in the global commercial center of gravity (either as the result of a new development or of decreased public or private research investments) may lead to a shift in the global research and development (R&D) center of gravity. For example, this could occur if international firms are required to locate in these markets to remain competitive, to meet the requirements of government regulations in the target markets, and to better understand those markets. The availability of trained and talented researchers and developers, particularly in parallel computing, will also affect these placements, as today’s devices are dependent on parallel applications and system software to meet performance and functional targets.
In the committee’s view, the United States became the leader in advanced computing because of its significant and sustained investment in long-term basic research, especially its combination of risky, big bets, some of which had significant financial returns, and curiosity-driven, smaller-scale research.13 A diverse portfolio of research was supported by multiple agencies in the Networking and Information Technology Research and Development (NITRD) Program over many years. This era of diverse funding has undergone changes in recent years. There is now an increasing monoculture of research funding for computing research, centered on the funding model of the National Science Foundation (NSF). Because NSF emphasizes single-investigator and small-group research, it has not historically supported long-term, large-scale infrastructure for either chip and system fabrication or compiler and tool infrastructure.
In contrast, China, for example, has been increasing its R&D investment in advanced computing over the past decade and appears willing to invest in research aimed at both incremental and higher-end computer innovation. At the same time, China is investing heavily in the training of advanced scientists and engineers at the undergraduate and postgraduate level both at home and abroad. If these trends continue, the still-wide gulf in the educational and R&D capabilities between China and the United States will narrow.
The growing R&D competitiveness of other countries has potentially far-reaching ramifications for the United States in cybersecurity. The DOD and the U.S. government cybersecurity strategy depends upon the U.S. commercial information technology sector remaining as the world leader.14 Software development is an increasingly central driver of computing innovation, whether it is parallel tools and applications for new devices or advanced software services and data analytics running atop massive, highly parallel cloud data centers.
The interconnected nature of globally designed and manufactured consumer devices contributes to increased risk of data and software security breaches and makes clean separation of functions—a traditional tenet of good security—ever more difficult. The globalization of this software development, as well as state-sponsored cyberespionage, raises important software and cybersecurity questions.15 Cybersecurity may well become a pivotal long-term area of competition between the United States
14Office of the Deputy Assistant Secretary of Defense for Industrial Policy, 2010, DoD Cyberstrategy: Leveraging the Industrial Base, December.
and foreign competitors with fast-growing software industries, most notably India and China.16
The slowdown in the growth of single-processor computing performance described in Chapter 1 brought an end to the virtuous cycle of ever-faster sequential processors coupled with increasingly feature-rich software built atop a sequential model. Explicit parallelism in both hardware and software is now required to realize greater performance and desired functionality. The consequences of this shift are deep and profound for computing and for the sectors of the economy that depend on and assume, implicitly or explicitly, ever-increasing performance. From a technology standpoint, this has lead to heterogeneous multicore chips and a shift to new innovation axes that include but are not limited to chip performance. In turn, these technical shifts are reshaping the computing industry, with global consequences.
Today, global equilibration, access to standard hardware Internet protocol (IP) blocks, and open foundries have lowered the barrier to entry for international competitors, particularly in Asia. As a result, it is possible that the locus of innovation may shift further from the United States. Technology limitations are forcing a new ecosystem of mix-and-match IP blocks and heterogeneous multicore SoCs on all computer systems. This trend and the proliferation of device types present daunting challenges, especially given the historical hegemony of the United States in mainstream computing. Barring concerted action involving major technology breakthroughs and a major shift in U.S. industrial competitive policy, this accelerating innovation shift may open the door to a latecomer innovation advantage (discussed in Chapter 3).
The challenges and the opportunities for the United States are in capitalizing on its historical strengths in systems design, engineering, and integration. Defense systems and their information technology components are often large and complex, with interconnected and often redundant components. Advanced computing is a critical element of such systems, but only one element. If the United States focuses on nimble and rapid system integration, with designs that emphasize reliability and verification, it can continue to build effective defense systems.
Otherwise, the DOD could find itself with deployed computing technology that is no better than, or even inferior, to its adversaries.17 Such technical parity (or even inferiority) could occur due to either a loss of U.S. technological capabilities or the inability to deploy the appropriate new technologies sufficiently rapidly to maintain a competitive advantage.
16N. Gregory, S. Nollen, and S. Tenev, 2009, New Industries from New Places: The Emergence of the Software and Hardware Industries in China and India, Stanford University Press and World Bank, Washington, D.C.
17Further, computing technologies could also potentially be manufactured by adversaries.