Windows for Submarines has now "shipped" (sorry)

In Friday's IT Blogwatch, Richi Jennings watches bloggers watch the UK's Navy finish installing Windows XP in all its nuclear submarines, replacing the existing command system. Not to mention PING: happy holidays...

Lewis Page can't quite believe his ears:

Astute class submarine (source: BAE Systems plc)
The Royal Navy and BAE Systems plc were pleased as punch yesterday to announce that their implementation of Windows for Submarines™ is complete ahead of schedule. Windows boxes on Ethernet LANs are now in control of the UK's nuclear-propelled and nuclear-armed warship fleet.

The programme is called Submarine Command System Next Generation (SMCS NG), and uses varying numbers of standard multifunction consoles with two LCD screens, hooked up on an internal Ethernet network installed on each sub ... The use of commercial-off-the-shelf technology is expected to save the taxpayer as much as £22m in support costs over the next ten years - a bit more than £2m a year, or about a thousandth off Trident's running costs.


Many in the software community have viewed the Royal Navy's wholesale move to Windows-based command systems with concern, feeling that the savings are not such as to justify possible losses in security, reliability and assurance. In addition to the existing nuclear submarine fleet, the RN will use similar equipment to handle its new Type 45 destroyers in combat, and ... the upcoming Astute-class subs..

Microsoft's Ian McKenzie grins proudly:

Windows for Submarines is the programme undertaken by the Royal Navy and BAE Systems to equip the nuclear-propelled and nuclear-armed warship fleet with a Windows-based command system.  The transition to the Windows for Submarines command system on HMS Vigilant, a Trident nuclear missile submarine, was completed in just 18 days.

The Windows for Submarines programme is an example of one of the many areas where Microsoft works in partnership with the MOD to ensure that our products have the resilience, security and communications efficiency required to operate effectively in challenging military environments.

Jonathan Racicot reminds us:

The SMCS NG system is the descendant of the previous SMCS system that was proposed back in 1983, when the U.K decided to build a new command system for the then-new Trident class. Before, all electronics were custom built by Ferranti. The SMCS would use COTS [Commercial, Off-The-Shelf] material to minimize the costs and become fewer dependants on one company. The architecture of the command system was modular and was written in Ada 83 ... The first phase of the project was to install the SMCS on the Vanguard class submarines.

In 1990, it was decided to extend the SMCS to other submarine classes and that the new command system would use UNIX as its base operating system. Because of the Ada architecture, problems arose when the technicians tried to map the SMCS to run-time processes of UNIX. Solaris and SPARC machines were finally selected for Multi Function Consoles. The central nodes kept their original architecture in Ada.


Windows was chosen even after the USS Yorktown accident in 1997, in the US. The ship was crippled after the sysadmin entered invalid data.

Andy Hanley makes the ob. joke:

BSOD? ... I would hope that they've at least made it the Yellow Submarine of Death.

Peter Cooper waves a flashlight under his chin:

And the scary thing is British Navy submarine captains are the only officers worldwide (as of the mid 90s or so) to have the independent right to launch nuclear missiles if they lose contact with the Admiralty.

Richard Stiennon offers a historical perspective:

British subs started running the windows based SMCS-NG in 2004 after all the people that opposed the use of such an unstable operating on nuclear subs were kicked off the deciding committee.


For the most part I am not really criticizing Windows just the use of a bloated OS for simple or mission critical tasks.

But freddy_dreddy wants open source kept out of defense:

Given the fact that Linux is built mostly by anonymous contributors, kept on servers which are hacked every now and then (Fedora Signing Key Server Hacked in August - Red Hat Infrastructure Servers recently Hacked, Cracked & Compromised) what guarantee is there that Linux ... doesn't contain sleeping trojans written by Russians or Chinese?

And finally...

Buffer overflow:

Other Computerworld bloggers:

Like this stuff? Subscribe to the RSS feed.

Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 23 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You can follow him on Twitter, pretend to be Richi's friend on Facebook, or just use boring old email:

Previously in IT Blogwatch:

Copyright © 2008 IDG Communications, Inc.

Shop Tech Products at Amazon