dyb

The Decision Nobody Makes

אִם יִרְצֶה הַשֵּׁם

America's Autonomous Weapons Have a Sovereignty Problem That Can't Be Fixed

Copilot_20260523_234518

ג׳ סִיוָן תשפ״ו

The boost-phase intercept window for a ballistic missile is somewhere between sixty and one hundred eighty seconds. Within that window, the entire kill chain must execute: detect the launch, classify the threat, assess options, authorize engagement, release the weapon. Every handoff is autonomous. The time budget for a human to review the decision is measured in single-digit seconds. The time it actually takes to inform a human decision-maker, present the relevant data, receive a judgment, and transmit that judgment back to the system is measured in minutes.

By the time anyone with authority could weigh in, the weapon is away and the window is closed.

Nobody decided. The system produced an output. That output carries the same consequences that sovereign military decisions have always carried: cities destroyed or spared, populations killed or protected, wars started or prevented. But the decision itself, the act of a responsible authority choosing to use force, never happened.

This is not a complaint about Pentagon acquisition timelines or bureaucratic dysfunction. It is a mathematical fact about the relationship between decision speed and human cognition. And it applies to every autonomous weapons system operating under hard time constraints, not just missile defense.

The control problem is worse than you think

Most policy discussions about autonomous weapons focus on whether humans should be "in the loop" or "on the loop." The assumption is that with enough engineering, we can design systems where a human retains meaningful control. The Department of Defense Autonomous Weapons Policy (DoDD 3000.09) requires "appropriate levels of human judgment." The consensus position among arms control experts is that the problem is political, not technical: if we want human control, we can build it.

That consensus is wrong. For the class of systems that matter most, human control is formally impossible. Not difficult. Not expensive. Impossible, in the same sense that perpetual motion is impossible. Three independent mathematical results close every path to sovereign human authority over these decisions.

You can't verify what the system will do

The first problem is verification. Before delegating authority to an autonomous system, the commander needs to know that the system will follow the rules it was given. Will it distinguish combatants from civilians? Will it respect the engagement boundaries? Will it do what it was told to do?

A result in computability theory called Rice's theorem, proved in 1953, shows that no general procedure can answer this question. For any non-trivial property of a program's behavior (meaning anything more interesting than "does it exist"), there is no algorithm that can examine the program and determine whether it has that property. This is not a limitation of current technology. It is a proven impossibility, as solid as the impossibility of solving the halting problem, which is the result Rice's theorem rests on.

The standard objection is that real weapons systems are tested extensively before deployment. That is true and irrelevant. Testing covers the system as built, against the scenarios the testers imagined. The decision that sovereignty depends on happens at runtime, against inputs nobody anticipated, in an environment an adversary is actively manipulating. The gap between what testing can cover and what the system will actually face is exactly the gap where the impossibility applies.

Simple weapons don't have this problem. A landmine has a pressure plate and an explosive charge. Its behavior is fully specified by its mechanism. But an adaptive autonomous system processing sensor data from an adversarial environment, updating its internal models in response to novel inputs, making decisions the designers never specifically anticipated, is a fundamentally different kind of machine. Its behavior cannot be fully characterized in advance. That is not a bug. That adaptability is the entire reason it exists.

You can't get the answer back in time

The second problem is consensus. Even if you could somehow verify the system's behavior in advance, you still need to get the authorization to the right place at the right time. In a distributed command-and-control architecture, this is a consensus problem: multiple nodes (sensors, processors, communication relays, human terminals) must agree on what happened, who authorized it, and under what rules.

A result in distributed systems theory called the FLP impossibility, proved in 1985, shows that no deterministic protocol can guarantee agreement in an asynchronous system where even one component might fail. Military C2 systems are asynchronous by nature: the components run on different clocks, messages arrive with unpredictable delay, and adversarial jamming makes the timing worse. Under these conditions, there is no protocol that can guarantee the authorization message arrives, is processed, and produces agreement before the engagement window closes.

Workarounds exist, but they all weaken the guarantee in ways that break the sovereignty claim. Randomized protocols can reach agreement with high probability, but no worst-case bound. Protocols that assume partial synchrony work, but only after a stabilization period nobody can predict in advance. Neither gives you what sovereignty requires: certainty that the authorized decision was conveyed and agreed upon within a fixed deadline, under adversarial conditions.

You can't tell which system you're talking to

The third problem is authentication. Even if you could verify behavior and guarantee timely consensus, you still need to confirm that the system executing the decision is the one you authorized. In an adversarial environment, this is an attestation problem: a verifier tries to confirm the identity and posture of an agent that an adversary may have compromised, spoofed, or replaced.

Results from cryptographic complexity theory show that when the adversary gets to choose the agent class after the verifier commits to a testing strategy, no feasible testing protocol can distinguish a compliant agent from a defecting one. The adversary can always construct agents that pass every test you can afford to run but behave differently on inputs you didn't test. This is not a failure of imagination. It is a consequence of the same mathematical structure that makes pseudorandom number generators possible.

Three walls, no exit

These three results, verification, consensus, and authentication, are mathematically independent. Each one rests on a different branch of mathematics (computability theory, distributed systems theory, cryptographic complexity). Defeating any one of them requires a separate assumption, and those assumptions don't help with the other two. Even if some future breakthrough overcame one wall, the other two would still stand.

Together they close every path to sovereign control. You cannot verify what the system will do. Even if you could, you cannot get the decision ratified in time. Even if you could, you cannot confirm that you are talking to the right system. Any architecture that claims to maintain human sovereignty over time-constrained autonomous decisions must defeat all three simultaneously. That is what the mathematics says cannot be done.

What this means for policy

The implications cut in a direction that should discomfort both advocates and opponents of autonomous weapons.

For advocates: the claim that autonomous weapons can operate under meaningful human control, that a commander's pre-set rules of engagement constitute a sovereign decision, is formally untenable for adaptive systems under hard time constraints. Pre-delegation is not delegation. It is a blank check whose terms cannot be verified, written against an account whose balance is unknown, payable to a beneficiary who may not be the one you intended. Every DOD policy framework that assumes "appropriate human judgment" can be engineered into these systems is assuming something the mathematics forbids.

For opponents: the standard arms control framing, which treats the problem as one of political will, is also wrong. The void at the center of autonomous governance is not a policy choice. It is a structural feature of the physics and mathematics of these systems. No treaty, no regulation, no organizational redesign can make a human decide faster than the engagement window allows. The correct response is not to demand the impossible but to understand what governance looks like when traditional sovereignty does not apply.

For strategists: the uncomfortable truth is that China and Russia are building these systems regardless, and they are not burdened by our sovereignty pretenses. The US faces a choice between ceding the domain to adversaries who accept the void, or accepting it ourselves with eyes open. The question is not "human or autonomous?" It is "autonomous with honest governance, or autonomous with institutionalized denial?"

The honest assessment is this: for the first time in the history of warfare, there exists a class of military decisions where the question "who decides?" has no answer. Not because we haven't built the right institution, but because the question itself does not apply. The decision happens in a space where human authority cannot reach, not for lack of trying, but because the mathematics of computation, communication, and verification make it unreachable.

That is not an argument for or against building these systems. It is a fact about what they are. Policy that ignores it is not serious. And right now, almost all of the policy ignores it.

← Previous
Ricky polyglot software developer
Next →