Jasmine Auda
Abstract
The rapid pace of technological advances presents numerous implications for global security and nonproliferation that may manifest as either challenges or opportunities. The exploration of these emerging technologies in the context of the Comprehensive Nuclear-Test-Ban Treaty (CTBT) is critical to ensuring that the Treaty can continue to uphold and eventually enforce a global moratorium on nuclear testing. Pending entry into force of the CTBT, the Treaty can be promoted and strengthened through diverse means including awareness-raising and enhancing the operational capability of the Treaty. Blockchain technology is one prospective solution to strengthen the CTBT’s verification regime by further strengthening the security, confidentiality, and surety of data gathered through its monitoring systems, which is a core obligation of the CTBTO to its Member States. In turn, this may create a greater sense of trust and confidence in the regime and contribute, in part, to its universalization and entry into force.
Trust and Global Security
The trust that states and individuals place in existing systems and institutions, especially those that are tasked with the ambitious mission of making our world a safer place, is critical to ensuring their continued success and fulfillment of their mandate. The Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO), which seeks to instate a global ban on nuclear explosions underground, underwater, in the atmosphere, and on the Earth’s surface, is an institution where trust plays a critical role. As all CTBTO Member States have equal access to the data gathered through its monitoring system, and given that it does not pass final judgements with regard to the nature of any event,[1] the Comprehensive Test Ban Treaty (CTBT) is considered to be both democratic and non-discriminatory,[2] which is not always the common perception of global nonproliferation regimes. Despite the exhibited level of confidence and trust in this framework, however, the CTBT has not yet met the conditions required in order to enter into force.
The elusive issue of trust is especially important to consider when it comes to arms control and verification, as these areas and their associated frameworks can be viewed through a primarily technical lens. In the context of arms control, it is generally acknowledged that absolute certainty in the implementation of any verification system is not possible, and we therefore must go beyond the technical issues and acknowledge that the human factor along with inherent perceptions of trust can in fact influence verification outcomes.[3] This is especially true in instances where respective parties that may not traditionally trust each other may have concerns about the detection and verification of potential non-compliance. Exploring the different ways in which we can enhance our trust and confidence in such systems and institutions must therefore be a proactive endeavor to identify potential shortcomings and propose suitable solutions.
As this article will posit, Blockchain is one such solution that warrants further investigation in the context of its potential applications to the CTBT. Blockchain, which is referred to as “The Trust Machine,” is a technology known to be characterized with transparent, verifiable, and tamper-proof mechanisms. The arguments set forth herein will present Blockchain as an innovative way to strengthen the operational capability of the Treaty. Blockchain is one way in which trust can be furthered, given a number of attributes inherent to the technology that align with the CTBT’s monitoring and verification components to ensure the integrity, confidentiality, and certification of the data [SA1] that is gathered and analyzed by the CTBTO and distributed to Member States as data and products.
In pursuit of the above, the article will begin by providing background and context to the CTBTO and the technological evolution of its current verification system, namely the International Monitoring System and International Data Centre. It will go on to discuss the potential role of Blockchain in enhancing trust and confidence in the Treaty, and how this can be leveraged by the CTBTO in order to strategically plan for the Treaty’s future. Next, the fundamentals of Blockchain will be introduced, along with the characteristics of the technology that could benefit the CTBTO. The article will then explore potential applications of the technology specifically for the CTBTO’s verification regime and discuss how this would contribute to supporting the Treaty. Finally, the article will conclude by discussing challenges to implementation and recommendations on practical next steps.
CTBT and the Path to Universality
In September 2021, the CTBTO celebrated the 25th anniversary of the adoption by the UN General Assembly, and opening for signature, of the CTBT. While this undoubtedly represents a notable milestone for the global nonproliferation regime, the significance is further underscored by the fact that the Treaty has yet to enter into force during that time, even though it is near-universal with 185 signatory states, 170 of which have ratified the Treaty.[4] One of the most unique features of the Treaty, which has also proven to be its biggest limitation, is the requirement for the “Annex 2” states to ratify the Treaty; this is a provision in the CTBT for the 44 states that were deemed nuclear-capable at the time the Treaty opened for signature, to ratify the CTBT before it can enter into force. Today, there are eight such states barring entry into force, five that have signed but not ratified, and three that are non-signatories[5].
While the CTBT has been lauded for its ability to successfully establish a norm against nuclear testing, with only three states having conducted nuclear tests since its adoption in 1996[6], the Treaty will never be able to actualize its full potential if it is not on solid legal ground. With respect to the Annex 2 states, there are numerous political, domestic, and strategic reasons for why they have not ratified the CTBT to date. Official proclamations for the lack of progress range from regional instability for states including Israel and Egypt, domestic considerations regarding maintaining a reliable nuclear arsenal for the United States, and perceptions about reinforcing inequalities among nuclear states by India.[7] Entry into force of the CTBT is critical to upholding the norm against nuclear testing, and to continuing to effectively monitor and verify such a ban. There is not much consensus amongst policymakers and analysts, however, regarding whether or not entry into force will materialize anytime soon; where there is agreement, is that the CTBT needs to continue to be defended, promoted, and strengthened through numerous pathways. The main actions that can be taken to strengthen the CTBT broadly fall under three main pillars – universalizing the Treaty, raising awareness about the Treaty, or enhancing the operational capability of the Treaty.[8]
As mentioned in the introduction, the remaining sections of this article will focus on innovative ways to strengthen the operational capability of the Treaty, particularly that of its verification regime, through innovation and the promotion and application of new technologies such as Blockchain. The CTBTO has been heralded for its technological prowess since its inception, but it needs to continue to innovate and explore new methods and technologies that keep pace with evolving challenges in order to complement and strengthen its verification efforts.
CTBTO Verification Regime
The CTBTO’s current system of monitoring and verification is one of the most inclusive multilateral arms control agreements in the world[9] in terms of its adherence, scope, and geographical coverage. The CTBT is a framework fundamentally based on science and technology, and it is this foundation that provides the basis for its verification regime. According to Article IV, Paragraph 1 of the CTBT, the verification regime consists of the following elements: (a) International Monitoring System; (b) Consultation and clarification; (c) On-site inspections; and (d) Confidence-building measures.[10] For the purposes of the article, this section will focus primarily on the International Monitoring System (IMS) and its related components, namely the International Data Centre (IDC) and the Global Communications Infrastructure (GCI).
The IMS is the central component of the CTBT’s verification regime, and is comprised of a global network of monitors and sensors that utilize four main monitoring technologies: seismic, hydroacoustic, infrasound, and radionuclide monitoring.[11] When complete, the IMS will consist of 337 facilities across almost 100 countries, including 321 monitoring facilities and 16 radionuclide laboratories. Today, the system is over 90% complete, with 302 facilities that are certified and operational and gather data from all around the globe. This data is then sent to the IDC via the GCI, a global satellite communications network that utilizes a combination of different communication technologies, where it is then automatically processed, interactively analyzed, and the products are distributed to Member States. The details regarding the collection and processing of the data are extensive and beyond the scope of this article; nonetheless, a few key characteristics of the data, its analysis, and distribution will be briefly recounted below given their relevance to the article’s main hypothesis regarding how they could potentially benefit from Blockchain applications.
The data gathered by the monitoring facilities and laboratories forms the primary core of the CTBT’s verification efforts. The IDC receives approximately 10 GB of data daily from the IMS stations, most of which is transmitted in near real-time on a continuous basis. Once this data is transmitted, it is processed through automatic station processing in order to determine the characteristics of a recorded event. According to Part I of the Protocol to the Treaty, the IDC is responsible for applying on a routine basis automatic processing methods and interactive human analysis to IMS data [SA2] in order to produce and archive standard IDC products on behalf of all Member States, which should include the following: (a) Integrated lists of all signals detected by the IMS; (b) Standard screened event bulletins; (c) Executive summaries; and (d) Extracts or subsets of IDC products.[12] Member states are expected to be provided with open, equal, timely, and convenient access to all IMS data, whether raw or processed, in addition to any data in the archive of the IDC.[13]
The CTBTO Preparatory Commission’s Provisional Technical Secretariat (PTS) is responsible for the operation and maintenance of these processes, and by extension, the associated security of all relevant data. The Commission oversees the continuous development, enhancement, performance monitoring, and testing of the IDC, which is in provisional operational status until the entry into force of the Treaty.[14] The IDC’s Operations Centre, which was established in 2005 and recently updated in 2019[15], can ensure full redundancy of its computer network and availability of archived verification data covering more than 15 years.[16] Moreover, the PTS guarantees the security of the data by embedding it with digital signatures and ensuring that the data collected at IMS stations is signed and authenticated using a Public Key Infrastructure (PKI) software, operated by the PTS.[17] This approach, however, while fulfilling current requirements, is not sustainable in the long-run given that it represents a single point of failure, and may not continue to remain fit for purpose.
As with any technological system, the CTBTO’s verification regime needs to remain relevant and effective if it is to continue providing utility and value to member states while maintaining their trust and confidence in the system. Keeping pace with technological developments is critical to ensuring the system’s relevance and identifying and exploring the ways in which these technologies could impact its operational capabilities, whether for better or for worst.”[18] As for the efficacy of the system, it is generally agreed that the IMS in particular needs to be the focus of renewed attention as it is currently transitioning from the “build-up” phase to the “sustainment” phase of its facilities and associated technologies. When CTBTO Executive Secretary Dr. Robert Floyd was recently asked about some of the main challenges facing the organization, his response focused on the depreciation of the IMS, a US $1B asset, and the recapitalization that would be necessary to repair or replace components of the system as needed.[19]
Attributes and Applications of Blockchain
Blockchain, which is a subset of Distributed Ledger Technology (DLT), is an emerging technology that has garnered exceptional attention for its revolutionary potential. While most commonly associated with cryptocurrencies, Blockchain applications are now ubiquitous across numerous industries beyond finance and include healthcare, supply chains, retail, insurance, and government, among others. Blockchain even has potential in supporting the UN Sustainable Development Goals due to its transformative and decentralized governance model that can help confront global challenges,[20] and because it addresses issues of inclusion, trust, and multilateralism from a technical perspective.[21] As far as nuclear nonproliferation is concerned, applications of Blockchain are still in the exploratory phase, but this nonetheless demonstrates the potential and relevance for the technology in this field. One such noteworthy example is the development of a DLT prototype to manage data and safeguards information sharing between nuclear regulators and operators in Finland.[22]
In the most basic sense, Blockchain is considered to be a distributed and timestamped data structure with “append-only” data that cannot be altered.[23] Blockchain networks can either be public (permissionless), or private (permissioned), and are thought of as systems that do not require an intermediary – in the case of the CTBTO, any application would most certainly be permissioned. One of the most comprehensive definitions of DLT states that it is a system of electronic records that: (i) enables a network of independent participants to establish a consensus around (ii) the authoritative ordering of cryptographically-validated (‘signed’) transactions. These records are made (iii) persistent by replicating the data across multiple nodes, and (iv) tamper-evident by linking them by cryptographic hashes. (v) The shared result of the reconciliation/consensus process – the ‘ledger’ – serves as the authoritative version for these records.[24]
To give further context to the above definition, it is helpful to look at some of the main properties and attributes of the technology. The central properties of Blockchain are (i) consensus mechanisms, algorithms that establish agreement between participants in a given network about updates to the ledger and addition of new data; (ii) hashing, a process that creates a unique cryptographic code that makes it almost impossible to alter; (iii) public key cryptography, a cryptographically linked public key and private key that encrypt data and authenticate digital signatures; and (iv) distributed storage, which means that each node of the network maintains a complete and identical version of the ledger.[25] While there are other existing technologies that may utilize certain aspects of these functions, it is the combination and interaction of all these properties collectively in Blockchain that contribute to its attractiveness and inherent attributes that ensure data integrity, immutability, and transparency.[26]
In the context of the CTBTO, Blockchain is a way to address the challenge of secure data management, which could in turn create a greater sense of trust amongst member states in the verification regime. The CTBTO is an inextricable component of the global nonproliferation architecture, which means that perceptions of the regime and its prospects for achieving universality are heavily influenced by the prevailing situation in arms control, international cooperation, and geopolitics more broadly. The data collected and products generated that are verified by the CTBTO can be considered to be highly sensitive in nature, meaning that current hold-out states may also have reservations regarding the sharing of that data. Blockchain, which is thought to create a technical foundation for cooperation among parties that have a limited basis to trust each other,[27] could therefore potentially alleviate some of these reservations because of its assurances of data integrity, confidentiality, and security. As mentioned above, states’ respective reasons for not ratifying the CTBT are numerous and complex – the expectation is not that strengthening the verification regime or giving greater assurances would suffice for eventual entry into force, rather, it would be one of the components required to contribute to their trust in the regime and confidence that it could in fact meet their national requirements and concerns.
The data that is collected globally, processed and analyzed at the IDC, and distributed to member states, is the CTBTO’s most valuable asset. This value lies both in terms of the function the data serves in verifying compliance with the Treaty’s provisions, as well as in the immense utility it holds for other civil and scientific applications such as climate change research and early warning systems. Therefore, the core obligation for the CTBTO to provide its member states with data surety makes the consideration of Blockchain a particularly relevant proposition. Data surety and integrity are essential to the CTBT, as its primary purpose is to provide meaningful data – this means that users need to have confidence regarding the authenticity of the data, and confidence that it has not been tampered with in any way.[28] As such, the most suitable area in which a Blockchain application could benefit the CTBTO, would be the main repository of this data, the IDC.
Blockchain could enhance the security and integrity of data at the IDC through the following means: (i) securing the data that flows from the IMS facilities to the IDC; (ii) securing data collected through eventual On-Site Inspections; and (iii) enhancing the IDC’s processing, analysis, and distribution. The foremost benefit of Blockchain in this respect would be to reduce the possibility of a single point of failure. This is one of the most relevant aspects of the technology to the CTBTO, and given the decentralized nature of how the data would be stored, there would be a significant increase to the system’s resiliency. It is not beyond the realm of possibility that a malfunction in the IDC’s physical or storage systems could happen that would compromise data archives or certificates. Emerging technologies such as Blockchain could prevent such incidents from occurring in the future – current PKI frameworks, as mentioned above, represent a centralized point of failure, and it is envisioned that next-generation PKI solutions will likely utilize Blockchain technology.[29] Given that the IDC is tasked with the responsibility of continuously improving the quality, reliability, and cost effectiveness of its services and products over time,[30] such scenarios highlight the need for the active pursuit of solutions fit for the future.
Another way that Blockchain could contribute to increasing the trust and confidence of the CTBTO’s verification regime is by enhancing cybersecurity more broadly. The IDC, which collects a wealth of data on a daily basis, and maintains a large archive of historical data, could be susceptible to either accidental data loss or intentional data breaches. Cybersecurity risks are growing in volume, nature, and sophistication, and it is now believed that we are in the middle of a ‘cyber pandemic,’ with cyberattacks on critical infrastructure in particular on the rise.[31] If the CTBTO is targeted in the future, this would not only put the data repositories at the IDC at risk, but would also significantly undermine member states’ confidence in the system and in the confidentiality of their respective data. While Blockchain would not completely eliminate the possibility of an attack or tampering of existing databases, it would make it extremely difficult to do so, and immediately apparent if it does happen.
Challenges and Way Forward
Notwithstanding the conceptual benefits that could be provided by Blockchain applications for the CTBTO’s verification regime, there would undoubtedly be numerous challenges to implementation revolving around feasibility, scalability, and cost. Further research and development on applications of Blockchain in the nonproliferation sphere are necessary in order to validate the utility and value of the technology in this regard. For the CTBT, issues of Blockchain’s compatibility with the Treaty’s technologies would be one of the most dominant concerns; if the CTBTO can look into preliminary research on Blockchain and explore how it could be integrated with existing systems and processes, this would be a constructive first step to engaging with the technology and possibly harnessing its power in the future.
In its path toward universality and entry into force, the CTBTO should continue to demonstrate its relevance and effectiveness, and the exploration of emerging technologies to enhancing the operational capacities of the Treaty is one such way of doing so. The CTBTO is considered a pioneer when it comes to exploring new technologies and their applications to further nonproliferation objectives, as evidenced by the four treaty-bound monitoring technologies stipulated in the CTBT. While it is unlikely for there to be any fundamental changes in this regard before the Treaty enters into force, when it comes to technologies that can enhance the verification and analytical processes, the spirit and provisions of the CTBT would not only allow, but in fact encourage such pursuits.
[1] CTBT, Protocol I, Paragraph 18.
[2] Bell, R.W. (2018) CTBTO Science and Technology for a Safer World. In: Maiani L., Abousahl S., Plastino W. (eds) International Cooperation for Enhancing Nuclear Safety, Security, Safeguards and Non-proliferation–60 Years of IAEA and EURATOM.
[3] Bowen, W. Q., Elbahtimy, H., Hobbs, C., & Moran, M. (2018). Trust in Nuclear Disarmament Verification. (1 ed.) Palgrave Macmillan.
[5] Non-signatories: DPRK, India, Pakistan; Signatories: China, Egypt, Iran, Israel, United States
[6] India, Pakistan, DPRK
[7] Giovannini, Francesca (2021). The CTBT at 25 and Beyond. Arms Control Association. <https://www.armscontrol.org/act/2021-09/features/ctbt-25-beyond>
[8] Carlson, John (2019). Comprehensive Nuclear-Test-Ban Treaty: Possible measures to bring the provisions of the Treaty into force and strengthen the norm against nuclear testing. Vienna Center for Disarmament and Nonproliferation.
[9] Bell, R.W. (2018).
[10] CTBT, Article IV, Paragraph 1.
[11] CTBT, Article IV, Paragraph 16.
[12] CTBT, Protocol I, Paragraph 18.
[13] CTBT, Protocol II, Paragraph 20.
[14] CTBTO (2019). Annual Report 2019: Advancing Verification Capabilities. Provisional Technical Secretariat of the Preparatory Commission.
[15] CTBTO. <https://www.ctbto.org/verification-regime/the-international-data-centre/operations-centreand-computer-centre/>
[16] CTBTO Annual Report 2019.
[17] Coyne, J., Bobrov, D., Bormann, P., Duran, E., Grenard, P., Haralabus, G., Kitov, I., Starovoit, Y. (2012) CTBTO Goals, Networks, Data Analysis and Data Availability (Chapter 17), DOI: 10.2312/GFZ.NMSOP-2
[18] Giovannini, Francesca (2021).
[19] Arms Control Association (2021). Confronting the Comprehensive Test Ban Treaty Challenge: An Interview with New CTBTO Executive Secretary Robert Floyd. <https://www.armscontrol.org/act/2021-10/features/confronting-comprehensive-test-ban-treaty-challenge-interview-new-ctbto>
[20] World Economic Forum (2021). Could blockchain be the key that unlocks the SDGs? <https://www.weforum.org/agenda/2021/10/why-blockchain-is-the-key-to-meeting-the-sdgs/>
[21] Mulligan, C. (n.d.). United Nations Chronicle. Blockchain and Sustainable Growth. <https://www.un.org/en/un-chronicle/blockchain-and-sustainable-growth>
[22] Vestergaard, C., Obbard, E., Yu, E., Putra, G., Green, G. (2020) SLAFKA: Prototype Blockchain in Practice Program Demonstrating the Potential for Distributed Ledger Technology for Nuclear Safeguards Information Management. Stimson Center.
[23] F. Casino, T.K. Dasaklis, C. Patsakis (2019). A systematic literature review of blockchain-based applications: current status, classification and open issues. Telemat. Informatics., 36, pp. 55-81.
[24] Rauchs, M., Glidden, A., Gordon, B., Pieters, G., Recanatini, M., Rostand, F., Vagneur, K. and Zhang, B. (2018). Distributed Ledger Technology Systems: A Conceptual Framework, University of Cambridge, UK, p. 19.
[25] Burford, Lyndon (2020). The trust machine: Blockchain in nuclear disarmament and arms control verification
[26] Vestergaard, C., Obbard, E., Yu, E., Putra, G., Green, G. (2020).
[27] Burford, Lyndon (2020).
[28] U.S. Department of Energy (1998) Comprehensive Test Ban Treaty Research and Development: Plans and Accomplishments. <https://www.osti.gov/servlets/purl/651817>
[29] Medium (2019). Why Next-Generation PKI Will Reside on the Blockchain. <https://medium.com/remme/why-next-generation-pki-will-reside-on-the-blockchain-44befcd2af3a>
[30] CTBTO Introductory Curriculum, International Data Center.
[31] World Economic Forum (2021). Protecting critical infrastructure from a cyber-pandemic. <https://www.weforum.org/agenda/2021/10/protecting-critical-infrastructure-from-cyber-pandemic/>
Jasmine Auda
Jasmine is a consultant on issues related to Middle East security and development. She was previously the Deputy Managing Director of the Middle East Scientific Institute for Security (MESIS), a Jordanian NGO.