One of the main problems in counterterrorism today is that there are so many people and vehicles, and so much data and material, moving through globalization's myriad networks that it seems virtually impossible to track it all effectively. Nowhere has this problem been more acute than on the high seas.

In 2006, Adm. Harry Ulrich, then U.S. commander of NATO Naval Forces Europe, decided to do something about it. Despite having virtually no resources, his dream was to transpose the global air-traffic control system onto sea traffic.

Worldwide, aircraft are transparent, because they're all required to carry an identification beacon that allows them to be tracked leaving and entering airports, and monitored between airports, by a global network of sensors. Act suspiciously and somebody's fighter aircraft will soon be on your tail.

No such pervasive system currently exists globally for maritime traffic. While bigger ships carry an ID beacon similar to aircraft, without a shared monitoring network, that's like tracking only selected commercial jets and giving everyone else a pass.
So Ulrich, upon taking command, asked a simple question: "If we can do that in the air, why can't we do it on the sea?" He made a point of pioneering his sea-traffic-control effort first inside the Mediterranean, where NATO's southern naval forces have historically been concentrated, but his real target was waters off Africa -- the most ungoverned maritime space in the world.

Ulrich knew the U. S. Navy couldn't do it alone, much less bring Africa's meager coast-guard-like navies up to snuff so they could do it on their own. So he quickly created a network of assets -- both public and private -- to manage that space, modeling his monitoring system on international air-traffic control.

Ulrich began stitching together a network of shore-based sensors ringing the Mediterranean. His naval command then began initial monitoring by tapping into the International Maritime Organization's existing Automated Identification System, transforming NATO's ability to track ship traffic in the Med.

Almost overnight, NATO went from tracking dozens of ships on the Mediterranean to thousands, and instead of getting the data sometimes up to 72 hours late, now the contacts were being tracked in one to five minutes -- to an accuracy within 50 feet on the earth's surface.

When the classic big-firm systems integrators told Ulrich it would be too costly to pull it off, the admiral turned to the Volpe Center in Cambridge, Massachusetts, a U.S. Department of Transportation research center. Instead of hundreds of millions of dollars, Ulrich's initial network cost $900,000. The shore-based receivers are small, roughly the size of a radar dish you might find on a pleasure craft.

The strength of the system is a function of its reach: the more countries join, the larger the shared operational picture. By the time Ulrich retired at the end of 2007, he had enlisted 32 countries throughout the Mediterranean, the North Atlantic, along the west coast of Africa, around the Black Sea, and in the Pacific. Today, the network continues to spread around the planet.

With Ulrich's system in place, local police, coast guards, and border patrols catch most bad guys, obviating American military responses. As Harry told me for an article I wrote about his work in a fall 2007 issue of Esquire, "I don't do defense; I do security. When you talk defense, you talk containment and mutually assured destruction. When you talk security, you talk collaboration and networking. This is the future."

The admiral's legacy program, the Maritime Safety and Security Information System, earned the Volpe Center a prestigious "Innovations in American Government" award this month from Harvard University's Ash Institute for Democratic Governance and Innovation.

Yesterday, they posted a terrific blog post about what they saw at Interop. Fortunately, ScienceLogic was one of the technologies that they highlighted from the show. I have written earlier posts about how difficult it has been to gain smart, insightful coverage for our solutions with technology media.

I have to say that they really got it! And it feels so good. We know that we have a bit of a hidden gem of a product here at ScienceLogic and will be working overtime in the coming months to take our business and products to a “Blue Ocean” environment that will shock and surprise many others in the media. However Sevick and Wetzel will be amongst the first to get a close-up on why and how we will deliver a new paradigm to this marketplace in 2009!

A few excerpts from their post:

“We noticed yet more specialty network management vendors, leading us to wonder how the market can support such a plethora of them, and we felt empathy for IT teams that have to master yet more interfaces.”

“Application performance management and application acceleration vendors were well represented. Such products play well in today’s climate because they allow enterprises to get the most out of existing IT investments instead of buying more “stuff”. One particularly interesting vendor we talked to was ScienceLogic. They are integrating IT infrastructure and application monitoring into a single, not-very-expensive platform that will serve mainstream business well. This is smart, and we predict they will give the CA’s, BMC’s, HP’s and IBM’s of the world a run for their money.”

Check out the blog post here and keep App Performance View on your radar..

Italian free space optics test hits 1.2 terabits per second (in Italian, Google translation): Researchers in Pisa, Italy, along with colleagues from two Japanese institutions, crossed 1.2 Tbps in a test. Free space optics typically uses infrared lasers, and can work over a distance of kilometers.

More Canadian Wi-Fi health fears: This time in an island in Montréal. One of the concerned citizens: "This is something that is really under the radar. People do not know that long-term health hazards are associated with wireless technology." They don't know that because all verifiable, repeatable, well-conducted, academic tests so far indicate that there's no such health hazard associated with EMF. The concerned folks are raising an alarm about Wi-Fi being broadcast island wide, but are not paying attention, obviously, to the AM/FM radio, satellite radio, cellular, cordless, and thousand other wireless uses that are bombarding them right now, often at far higher signal levels.

Wi-Fi in a tub: I'm not going to say anything more.

QuickerTek adds antenna to 300 mW ExpressCard for MacBook Pro: Users of Apple's higher-end laptops can drop $200 to get a 300 mW Draft N (802.11n) ExpressCard and 5 dBi external antenna with a mounting clip. That's a lot of power, and it's important to recall that have a louder signal doesn't mean that distant base stations can necessarily hear you better. Draft N devices typically pair better listening (receive sensitivity) with higher transmission power, however.

Mac product ties location settings to Wi-Fi position: Centrix has updated its $29 Mac OS X location preferences program NetworkLocation to take advantage of Skyhook Wireless's Wi-Fi positioning data. You can now tie the package of settings that control what email account you use, iChat status, programs launched, disks mounted, and other factors, to where you're currently at.

ATC is an excellent working example of complex event processing.   Radar and GPS provide the basic sensory information to accurately track and trace the position of each aircraft in the area of responsibility (AOR) of a particular control tower/zone.     Naturally,  sensory information is preprocessed and formatted in such a way that the data can be processed upstream by multiple real-time applications.

Before we look at complex ATC scenarios, such as “potential collision” or “aircraft off approach vector” we must trace and trace individual objects, aircraft-objects, accurately with very high confidence.    In addition to tracking aircraft-objects, there is a database of information about the aircraft (ideally), such as make, model, age, range, passengers and other properties about the aircraft-object.      In addition, there is a state-model for each aircraft, for example the aircraft might be “on the ground”, “approaching the runway”, “cleared for takeoff”, “cruising altitude”, “approaching runway”, “final decent” etc.  

Tracking and tracing individual aircraft is what is generally referred to as “object refinement” in our CEP/EP reference architecture.   The reason we call this function “object refinement” is that system engineers are focused on optimizing the situational knowledge about individual objects.     Sometimes we refer to this function as “track and trace” because that is what we are doing to  each object in the model.  In Marc Adler’s recent shoplifting scenario, Marc was interested in tracking and tracing people in a store using imaging processing techniques to estimate their behavioral patterns.  In the same way, before we can process for scenarios such as “potential shoplifter” or “suspicious criminal gang activity” we must be able to accurately process (track and trace) individual object, such as people or merchandise.

Back to aircraft and ATC, the “complex event processing” begins when we are looking about object-object relationships, in this model, aircraft-to-aircraft, but this is an overly simplistic model, as we have not yet added (to our model) ground features (towers, buildings, power lines), weather (storm cells, wind) and other flying objects (known migratory bird paths, swarms of insects) to our simple model.  

Complex event processing occurs when we are processing multiple objects in our model looking for threats in real-time.     Practically speaking, all ATC applications are CEP applications.  This means that vendors and integrators who build ATC applications are also CEP vendors.   

Editorial Note: CEP/EP has been around for a long time and was not recently invented in the past decade as some “inventors” would like for us to believe. 

As you can imagine, there is considerable “complex event processing” that goes on “behind the scenes” to provide air traffic controllers and pilots situational knowledge into the “friendly skies”.   As you might further imagine, the situation is more complex when the skies are “not so friendly”, for example, in air combat situations.   

Processing myriad objects is not the end of the processing “chain”.  For example, decisions are being made constantly about potential damage, alternative airports, and more.    In our reference model, we refer to this, generally speaking, as “impact assessment” because we must take an estimated detected complex event, for example “aircraft collision,” and estimate potential damage based on numerous factors such as, the amount of jet fuel in the aircrafts and the location of the aircrafts (over a large city or rural area, near a hospital and emergency services).   Regardless of the scenario, an impact assessment is normally required before optimal decisions can be made.

This is true, by the way, for our shoplifting example (the impact is different if a piece of gum is stolen versus a $1,000,000 diamond necklace or weapons-grade nuclear material) and other scenarios and models.  Static data (information about objects) is required for accurate decision processing.  

Impact assessment is not the end of the “knowledge chain”.    Decisions are constantly being made that effect resources.  For example, suggestion an alternative route for an aircraft is a resource management decision.    Turning on and off radar or switching to alternative tracking devices is a resource management function.  In our CEP/EP reference model (based on the JDL data fusion model), we call this “resource management”.   This function includes contacting emergency services and directing them to a potential crash location or sending out a message to instruct all aircraft to stay off a certain radio frequency.  Resource management is critical.

Our simple ATC model today is by no means complete, it just scratches the surface.  In fact, I have a very close friend, Mark Secrist, who is a former Marine fighter pilot and currently a senior captain for American Airlines.   I have asked Mark to read this post and help me further refine this crude “laymans” ATC model (Thanks Mark!).

ScienceLogic: Can you share any of the strategies/advice that you give to companies embarking on their BSM journeys?

Doug McClure: Well, first they’ve got to have a BSM strategy. Nearly all the clients I talk to or hear about wanting to do BSM do not have a BSM strategy. I talk a lot about this on my blog and with clients and it is relevant whether you’re going to think about “BSM Lite” or “BSM Heavy” approaches.

Once we have a BSM strategy, we need to establish a BSM roadmap that guides us in how we’ll implement the BSM strategy in a more tactical manner, focusing on short term iterative quick wins and 30-60-90 day projects. For more of my thoughts on BSM strategy and roadmapping, see the following blog posts.

• Elements of Business Service Management Part 3: Getting Business Service Management on the Radar Screen

• Elements of Business Service Management Part 4: What’s your Business Service Management Strategy?

As I’ve alluded to previously, a client first must define and understand what “BSM Lite” may mean to them. Don’t take what the analysts or the vendors pitch for what you should do to achieve BSM or what value you should get from it.

For any type of BSM to be successful, each client must define what BSM means to them and state what they expect to get from BSM. They must make it personal, make it a part of their company culture and elevate it to be as an important initiative as compliance, risk management, SOA, ITIL, or other initiatives may be within the company.

Please don’t get scared off from this strategy thing. Please don’t blow this off as something that the secret enterprise architecture council should be doing. If you’re unable to get an audience in these areas within your company, start within your own sphere of influence.

Your strategy could be as simple as enabling the local operations center to more efficiently classify, triage and resolve problems based on a simple business service or application contextual understanding. Focus on how this changes the game within your environment. Come up with your own metrics and measures to assess the value this has to this organizational use. Trust me, you’ll need to justify your investment some time in the future.

Another trait of successful BSM implementations is that of the formal monitoring and management tools group has established some sort of database or knowledge repository that enables them to “manage the business of IT management and monitoring” if you will. In my opinion, the vendor community has let their clients down significantly in this area. The CMDB may be the correct answer, but most companies just don’t value monitoring enough to demand that this be included in their formal CMDB initiatives.

In my last job, we developed an application that I referred to as the “Service Management Database” or “SMDB”. Others may call it something else, but in essence, it was the database that captured what was monitored, how it was monitored, who owned it, what business services and applications it supported, the impact an outage or event from it had on the business services or applications, etc.

One key component of this “SMDB” was establishing the relationships of real and synthetic user and transaction monitoring steps to associated servers and applications. This is a significant gap area in many tools and vendor CMDBs.

Clients who have instituted something formal such as this generally have a very good handle on management and monitoring within their environment. Far too many clients do not have adequate monitoring (read visibility) in place to begin their BSM journey.

I’d strongly recommend a good hard look at how well the client’s monitoring and management practices are implemented and managed. Simply put, if they don’t have adequate visibility into how well those business services and applications are performing, you can’t expect to manage what you can’t “see” that may be impacting the business, clients, revenue, etc.

Just ask yourself this – can you explicitly state what monitoring is in place for a given business service or application? Can you quantify the impact of a simple event to a business service or application? Can you explain why something is red, yellow, purple or green and what causes it to change from one color to another? If you can’t, your BSM journey will be challenging.

Those with formal CMDB initiatives have their hands full with high risk, long time to value projects to just get a handle with traditional configuration management models. Taking these low level configuration items (CI’s) and establishing application and service dependencies comes after a lot of work getting through the organizational challenges of getting systems access to populate the CMDB.

I strongly recommend that the formal monitoring and management tools group create an authoritative database that enables them to establish end-to-end visibility into the service and application delivery chain and the impacts it has on the business, customer, etc. This ultimately becomes part of a more realistic federated CMDB within the business.

ScienceLogic: Can you provide an example of a successful implementation of BSM? Were there specific factors that especially contributed to its success?

Doug McClure: I’ve touched on the highlights of the most successful BSM implementations throughout my previous answers. Clients that have rallied around an organizational change or transformation focusing every team member’s efforts and energy towards ensuring that the business goals and objectives are being met through the delivery of highly available business services and applications.

Far too often the “change” never happens and it’s the “talking heads” that are preaching to the choir about what should be done. Every person on the front line, in the support teams, at the help desk, etc. must understand how they support or impact the business in business terms. Try putting this simple phrase after job titles “Hi, my name is Doug. I’m a Systems Administrator, Supporting the Business”.

That was a mouthful, but simply put, these clients have an impressively instrumented business and IT environment with the right amount of visibility into each area, joined together with an organization that thinks, operates and responds based on their understanding of the business goals and objectives and how these business services and applications enable business success.

The operational model for an organization fully adopting BSM identifies ways to establish a service management mentality across the entire business service and application delivery and support chain. The delivery, operations and support organizations must be incented to manage the services and applications being delivered with this end-to-end context.

A leading, outside the box “service management organization” may include the traditional IT silos but within a matrixed fashion focused on one or more key business services and applications. The “service management organization” is then incented to work together, as a team, for the end-to-end delivery and support of these services or applications.

It’s no longer one’s job to just be the systems administrator, database administrator or network engineer, their job is now to support specific business services and applications. They provide the subject matter expertise needed to support the services and applications together, as a team, eliminating the finger pointing or “not my problem” attitudes that exist in the majority of IT organizations today.

Overall, the KISS approach is what will enable BSM of any type (lite, heavy) to be the most successful. If it just feels natural, doesn’t take any additional effort, clicks or tasks to do then it’s going to work. BSM should be transparent and not just another buzz word. It’s not a form that gets filled out or a special process to follow in the run book. It’s doing the right thing for the business, no matter what the situation, crisis, buzz word or technology initiative of the day is.

ScienceLogic: How did you get involved in BSM?

Doug McClure: I think the foundations of my service management background and passion were initially established during my service in the US Navy. Today, I relate that experience to what I call BSM for the Military or Mission Services Management (MSM).

We had been taught over and over that extreme attention to the details of the mission at hand (aka “the business”) was the number one priority and that all of our technology, services, and applications existed for those Sailors and Marines on the other end (the “customer”). I can recall countless instances where mission critical communications services (telephony, orderwires, teletypes, command and control systems, etc.) were impacted in one way or another. It was extremely critical that we understood who was impacted and to what degree so that contingency plans could be activated. We weren’t just talking about lost revenue, poor sales or customer experience; we were talking about human lives and the security of the United States.

It is that military bearing, attention to detail and real world experience that drives me with many of my modern day BSM endeavors. That migration from “Mission Services Management” to BSM was honed working for over 10 years working in the Internet Service Provider (ISP) and datacenter, hosting and colocation business.

In those rapid growth businesses during the Internet boom, service differentiation was what “made you millions” or paved your way to bankruptcy. The companies I worked for had an extreme passion and focus on ensuring that their services, applications and Internet access products were of the highest quality, highly reliable and just plain better than the competition.

Again, the IT infrastructure, service quality and customer experience relationship was ingrained in all of our heads. It was all hands on deck when Webmail, Internet access, DNS, or the network experienced problems. We were measured in terms of how many customers experienced a busy signal or dropped connection or if you couldn’t log in fast enough to read your email. Companies like Keynote Systems and LionBridge/Veritest/Inverse tested the quality of our networks, services and applications and publicly ranked us against our competition. We thought in terms of customer experience and impact every minute of the day, 24×7.

It was in my last job managing a traditional enterprise management and monitoring development group for a nationwide ISP where I was able to work with emerging technology to help get a handle on the complexities of these rapidly growing IT environments filled with emerging technologies and products. Applying this early technology to complex service problems in our environment proved to me that the technology, coupled with the right emphasis on how the technology was implemented and an emphasis on the people and processes within the organization could bring BSM to life.

Where I felt left out in the cold was with my vendor relationship. While their technology gave me the potential, they didn’t teach me how to work through the organizational and technological problems to successfully implement the BSM strategy. My very first end-to-end BSM pilot was extremely successful and provided visibility into the IT environment and business service impact that have never been available before.

And here I am today, working at a software vendor for the first time. Welcome to the “dark side” as they say. The approach and methodology we followed for BSM has become the basis of the core BSM Methodology that I teach IBMers and our clients around the world today.

My personal mission and drive here at IBM Tivoli is to ensure that BSM is something that the typical monitoring tools administrator can actually implement and that our BSM story is something that any of our clients can be successful with. The sales and marketing slicks must be backed up by something like this whomever you are these days. Clients shouldn’t put up for “marketecture”, me too and gee whiz buzz words.

BSM takes a partnership and commitment to every client’s success, and I want to be involved in those BSM efforts in every industry or market worldwide. We need more thought leaders collaborating together in an open and public forum to change legacy attitudes about BSM and do what we can to enable client’s to be as successful as they can be.

ShareThis

But there's this lovely new segment of lightly licensed spectrum in the U.S., the 3.65 GHz band. It's a non-exclusive licensed band available only in parts of the country that don't have pre-existing ground-to-satellite or radar uses that overlap. This omits most of the eastern seaboard and most major cities; Seattle is one exception.

The licensing mechanism allows any number of operators to obtain inexpensive licenses, and register the base stations they use by location. If interference arises among base stations, operators are required to work out the problems themselves. I wrote extensively about this band and its rules on 9-May-2008 in profiling Azulstar, formerly a metro-scale Wi-Fi firm, but now a big proponent of WiMax in 3.65 GHz. I also went over the rules for the band on 11-June-2007 when the FCC announced the arrangement.

Several firms offer base station and customer premises equipment for this band now, so close to the 3.5 GHz band more commonly exclusively licensed in Europe and elsewhere. WiMax equipment is available because the 3.65 GHz band can be used with WiMax without any modifications to that protocol, although limited to just 25 MHz of the 50 MHz that the FCC set aside.

Equipment that conforms to a more stringent set of rules about contention and other factors can use the whole 50 MHz, and that's where 802.11y comes in. It's an extension of Wi-Fi to cope with the specific needs--and to open Wi-Fi technology up to 20 W EIRP, a vastly higher power output. This could allow connections over 5 km, the group says.

The Wikipedia entry on 802.11y, clearly written by someone involved with the specification, notes that three specific additions are needed: a tweak to support the way in which the FCC wants contention among competing devices to work; a method for an access point to tell a station (a connecting radio) that it's about to switch its channel or its channel's bandwidth, and the station should do likewise; and a mechanism to handle a base station allowing or revoking permission to use the spectrum without uniquely identifying the user's system or broadcasting its precise GPS-based location.

The standard is near completion and initial approval. I don't have any knowledge about whether any mainstream Wi-Fi equipment makers or metro-scale equipment makers are looking into building 802.11y into their gear.

The fact is that this could be a great technology for the mostly sub-metropolitan markets that 3.65 GHz is available in, although it has the same pain as WiMax: all new gear on the towers and all new adapters for customers.

If yes, how come? If not, why?

From Network World:

It’s still not good enough. That’s the reaction of IT analysts and security outfits to Apple’s new iPhone 3G. Sure, the iPhone 2.0 software will support Microsoft Exchange and Cisco VPNs. But is it safe enough for enterprise use — as safe as, say, PCs? Gartner says not quite. The security guys say be afraid. It’s just not good enough yet.

And it never will be. Oops, that wasn’t supposed to slip out.

But hasn’t that historically been IT’s official position? We’re the Department of No. Whatever it is, we’re against it.

Cell phones? Wi-Fi? BlackBerries? Web sites? LANs? Laptops? Spreadsheets? PCs? Departmental minis? Not one of those technologies was secure enough, reliable enough and enterprise-ready enough when business users first insisted on sneaking them in under the IT (or MIS or DP) department’s radar.

Of course, users had to sneak that stuff in. They knew what the answer would be if they asked us: No. Not ready. Not good enough. Not yet.

No? Never heard that one before? Ha!

As a security guy, I’m a little more open minded on the introduction of the iPhone. Now the ball point pen mind you, that is somewhat suspect in my book.

Article Link

In development for more than 30 years, the research is beginning to bear fruit, and may soon spawn more powerful bombs, warheads that tear apart stone and concrete, mines that can be set to stun or kill, and grenades that can swat rockets or mortar rounds out of the sky like flies.

"You can get effects that are more precisely tailored to a particular target," says John Pike, director of Washington military research group GlobalSecurity.org. "And you're able to get a greater effect out of a smaller munition."

Reactive materials are combinations of materials that are normally stable, but, when subjected to sudden shock -- such as striking a target -- release a large amount of energy. Depending on the composition and warhead design, the energy can be released as heat, a blast or a combination of the two. Unlike conventional explosives, RMs cannot be set off by fuses. Technically, they are classified as flammable solids, and they are less hazardous to transport and store than explosives.

While they're more energetic than explosives, RMs are not intended to be a substitute. Instead, they will replace warhead components normally made of metal.

An analysis of U.S. military procurement papers and defense contractor presentations, as well as interviews with companies working on the technology, suggests that a wave of munitions using reactive materials may be headed for a battlefield near you.

The material can dramatically magnify the yield of conventional bombs, and do away with the waste embodied by a bomb's inert metal skin. The U.S. Air Force's 5,000 BLU-122 bunker buster, for example, contains just 780 pounds of explosives; the other 80 percent is the bomb's thick steel casing. DARPA's Reactive Munition program (.doc) aims to replace that steel with RMs, to create a bomb with a blast four times as powerful. Alternatively, a new bomb could be half the size of existing weapons but twice as powerful.

Conventional warheads could also benefit from an RM makeover. For centuries, shells have blasted out steel shrapnel, small pieces of metal that cause damage with their high speed. Defense contractor Alliant Techsystems is developing a warhead called BattleAxe for the Air Force that uses fragments made of RM instead of metal. Those fragments will explode on impact, making the warhead far more effective against soft targets like trucks.

RM shrapnel is also being touted as the ideal way of shooting down incoming rockets and mortar bombs (.pdf).

A radar-guided defense pod can automatically engage incoming rockets or other threats using RM-based grenades. Weapons designers suggest that RMs can be five to ten times as effective as the existing inert shrapnel for this task. Moreover, RM shrapnel can be engineered to burn out at a set distance, so there is no hazard to nearby friendly forces.

Bullets can even be made of RM. The Navy's new electromagnetic railgun has been criticized because it can only fire solid slugs, not the usual explosive shells. However, documents reveal that tungsten-based RM rounds are being developed for the weapon. These will explode on impact, making the railgun effective against buildings, ships and vehicles.

Shaped charges are another application where RMs can increase the effectiveness of existing designs. In a shaped charge, a hollow metal cone is surrounded by explosive material, which is then detonated, forcing the blast through the small end of the cone.

"The action is analogous to stamping on an open toothpaste tube, ejecting the liquid contents," says Douglas Millard of British defense contractors QinetiQ.

Replace the metal liner with RM, and the explosive power of that jet will increase dramatically.

"Such reactions are highly exothermic and therefore lead to the release of large amounts of energy, which is in addition to the kinetic energy within the jet," Millard says. "An increase in the energy coupled into the target occurs and this results in the creation of greater damage to the target."

QinetiQ is marketing an RM-based shaped charge called Connex for oil-well perforation in the civil market. Meanwhile, the U.S. Army is developing a demolition charge called Bam Bam that blasts a jet of RM deep into stone or concrete, producing massive damage

One version of the Bam Bam charge is intended for demolishing bridges and other structures. An alternative version blasts broader, shallower craters in roads or runways, making them useless.

RMs will also transform another mutation called the Explosively Formed Penetrator, a modified version of the shaped charge. Instead of producing a narrow, short-range jet, the Penetrator fires an aerodynamic slug of metal over a long distance. It's best known as a favored weapon of insurgents in Iraq. Again, replacing the metal with RM makes a much deadlier weapon -- after punching through armor, the slug releases energy like a grenade going off.

If you're a weapons designer, RMs also offer amazing flexibility. Alliant Techsystems is building a variable landmine (.pps) -- a so-called "dial-a-yield" weapon that can produce a range of different effects.

At the lowest setting, most of the output would be light -- a dazzling warning that would be impossible to miss. A higher setting would produce intense heat, creating a "discomfort zone" to drive off intruders. The third setting produces a nonlethal blast, like the concussion stun grenades used by Special Forces. If lethal force is called for, the mine could be set to produce either inert shrapnel or reactive shrapnel that explodes on impact.

RM munitions may face legal challenges. Under the St. Petersburg Declaration of 1868, the use of explosive projectiles with a weight of less than 400 grams is forbidden, as is using incendiary ammunition, like napalm, against personnel. But RMs are not technically explosive or incendiary, and although the effect on human targets might cause protests from some groups, they are likely to be accepted, human rights experts say.

"Like any weapon, it would have to go through a lengthy effectiveness and then legal review, " says Marc Garlasco, senior military analyst at Human Rights Watch. "If used in the open against military targets, it does not seem to have any obvious problems at first blush."

However, there may be technology issues too. Although the developers sound very upbeat in all their descriptions of RM munitions, producing material that will reliably release energy only when required is extremely challenging.

"The fact that they've been working on it so long and don't seem to have fielded anything yet suggests that there may be a problem with the technology," GlobalSecurity's Pike says.

Normally new weapons are fielded rapidly if there is a military demand -- assuming they work. So far, RMs have not made it into the field, and the technology may not be as mature as developers suggest.

But Pike also notes that there has been an unprecedented surge in munitions development over the last few years, with "all kinds of weird stuff" being developed.

So after decades of being kept very quiet, reactive materials may soon be making a lot of noise.

---

Check out Danger Room for more on reactive materials.