Joint authors: Lenny Simon, Senior Research Associate, and Max Smolaks, Research Analyst, Uptime Institute
The digital infrastructure sector has expanded rapidly over the last few decades, not only because of a seemingly insatiable appetite for digital services but by harnessing the benefits of cheap capital, globalization and free trade. While demand for compute and storage are as strong as ever, global market conditions have become more difficult. For 2023 and beyond, many of the threats to digital infrastructure development and stability do not come from design and operational failures or from managing complexity, but from external forces.
The Covid-19 pandemic — and the subsequent disruption to supply chains — demonstrated the data center industry’s reliance on interdependent global markets and the components they produce.
Although the data center sector was just one of many industries affected, the extensive variety of the often complex electrical and mechanical equipment involved exacerbated supply chain problems.
Engine generators illustrate the problem: they typically comprise hundreds of constituent parts shipped from at least a dozen countries spanning North America, Europe and Asia. Shortages of seemingly ordinary components, such as voltage regulators, air filters, valves or battery terminals, can lead to major delays in delivery. Even when the production of data center equipment (such as lead-acid batteries and fiber optic cables) is relatively localized, pricing and availability will be subject to changing dynamics in global markets.
The end of the pandemic does not mean a return to the normality of previous years, as strong pent-up demand, higher costs and abnormally long lead-times persist.
The Uptime Institute Supply Chain Survey 2022 illustrates the extent of the problem, with one in five operators reporting major delays or disruption to their procurement over the previous 18 months. Unsurprisingly, satisfaction with vendors’ supply chain management has nosedived: nearly half of respondents are unhappy with at least some of their suppliers. The availability of computer room cooling units and major electrical equipment — specifically, UPS, engine generators and switchgears — appear to be the greatest pain-points as of the end of 2022. Larger operators (superior purchasing power notwithstanding) are apparently bearing the brunt of supply problems.
A total of 40% of operators responding to the survey confirmed they were investigating additional sources of supply in response to these issues. A similar number reported increasing their inventories of parts and materials to safeguard maintenance schedules and operational resiliency. Vendors, too, have taken similar measures to address shortages and delays. Supply appears to be improving as of the second half of 2022, with more than half of operators reporting improvements, albeit slow improvements for most (Figure 1).
Rising geopolitical tensions generate risks
Crucially, geopolitical dynamics — specifically between the US-led Western alliance, China and, to a lesser degree, Russia — are giving rise to additional threats. Even with more diversified supplies, higher inventory targets and a build-up of muscle memory, the data center industry remains particularly exposed to the threats posed by current geopolitical trajectories.
The profile of these emerging geopolitical risks is starkly different from other major events, however rare. In contrast to a pandemic, natural disaster, or grid energy crisis, it is more difficult to model the occurrence and fallout from geopolitical events — and, consequently, more difficult to develop effective contingency plans. This is because these threats are primarily the results of highly centralized political decision-making in Beijing, Brussels, Moscow and Washington, DC.
The shock therapy of the Covid-19 pandemic has made industries more resilient and mindful of potential future disruptions. Nonetheless, if some of the more radical threats posed by the current geopolitical situation become reality, their effects are likely to be longer lasting and more dramatic than anything experienced up to now.
Uptime Intelligence sees two major areas where the combination of global interdependency and concentration has made digital infrastructure vulnerable to potential economic and military confrontations, should the current geopolitical environment deteriorate further:
Semiconductors pose a unique problem
Nothing demonstrates the problem of global interdependency and systemic fragility better than the world’s reliance on advanced semiconductors. This issue is not just about IT hardware: controllers, processors, memory chips and power electronics are embedded in virtually every product of any complexity. Chips are not present just to add functionality or to enhance controls: they have become essential.
The health monitoring, real-time analysis, power correction and accident prevention functions offered by modern electrical gear occur through the use of high-performance chips such as signal processors, field-programmable logic and microprocessors. Some recent delays in data center equipment deliveries (including switchgear and UPS shipments) have been caused by shortages of certain specialist chips.
This reliance is precarious because chip production is globally entangled. Semiconductor manufacturing supply chains span thousands of suppliers, across a wide range of industries, including ultra-pure metals and gases, chemical agents, high-performance lasers and optics, various pieces of wafer processing equipment, clean-room filtration systems and components, and the fine-mechanical packaging of chips. At every stage, only a small number of highly specialist suppliers are able to meet the required quality and performance standards.
The production of state-of-the-art photolithography machines, for example, relies on just three noteworthy vendors — ASML, Canon and Nikon. Of these, only ASML has the capability to produce the most advanced equipment, one which uses extreme ultraviolet wavelengths to create the smallest transistor structures.
The level of complexity and specialization required to manufacture advanced semiconductors means that no single country or trading bloc — no matter how large or resource-rich — is entirely self-sufficient, or will become so within reasonable timeframes and at reasonable economic cost. This means that multiple single points of failure (and potential bottlenecks) in the data center and IT equipment supply chain will persist.
Governments have become acutely aware of these issues. The US government and the European Commission (EC) have responded with legislation directed at supporting and stimulating investment in local production capacity (the US CHIPS and Science Act and the European Chips Act). China, too, while still lagging some five to 10 years behind its international competitors, continues to invest in its capabilities to develop a more competitive semiconductor industry. In the meantime, political battles over intellectual property (combined with problems over the supply of and access to materials, components and expertise) remain ongoing.
Any impact from these legislative initiatives is likely to take a decade or more, however, and will largely only address the “onshoring” of chip manufacturing capacity. Even assuming unsparing political will (and bottomless fiscal support for private investment) to promote self-sufficiency in chipmaking, decoupling semiconductor supply chains (all the way from raw materials to their processing) borders the impossible. The complexity and costs involved cannot be overstated.
It is for this reason that the US government’s increasingly stringent measures, designed to limit China’s access to cutting-edge semiconductor technology, are proving effective. But it is precisely because they are effective that the situation is becoming more volatile for the entire industry — increasing, as it does, the likelihood of reprisal.
Taiwan is of particular concern. The high concentration of the global semiconductor fabrication and IT hardware manufacturing in and around the island, home to the world’s largest and most advanced contract chipmaking cluster, creates major supply chain vulnerabilities. The consequence of any major confrontation (economic or military) would result in profound and far-reaching disruption for the entire IT industry and many others.
Deep risks around subsea network
The vulnerability of subsea fiber optic cables is another concern — and, as is the case regarding semiconductors, by no means a new issue. Growing geopolitical tensions, however, have raised questions regarding the likelihood of sovereign states engaging in acts of sabotage.
Subsea fiber optic networks consist of hundreds of subsea cables that carry nearly all intercontinental data traffic, supporting trillions of dollars of global economic activity. There are currently more than 500 international and domestic networks in operation, which are owned and operated (almost exclusively) by private companies. The length of these cables makes them very difficult to protect against potential threats.
Some subsea cables represent high-value targets for certain actors — and are attractive because they can be damaged or broken in secrecy and without the blowback of a traditional attack.
Most subsea cable breakages do not result in widespread outages. Typically, traffic can be rerouted through other cables, albeit at the cost of increasing latency. But when multiple lines are simultaneously severed in the same region (undermining path diversity), the effect can be more substantial.
In 2006, a major earthquake (with multiple aftershocks) in the Luzon Strait (between Taiwan and the Philippines) resulted in seven of nine subsea cables being taken offline. This caused severe and widespread outages across the Asia-Pacific region, significantly disrupting businesses and consumers in Hong Kong, Japan, Singapore, South Korea and Taiwan. Fixing these vital network connections ultimately involved more than 40 percent of the global cable repair fleet. Full restoration of services was not complete until seven weeks after the initial outage.
Cables are also vulnerable to human activities - both accidental and deliberate. Ships are the most common cause, as fishing equipment or anchors can catch a cable and damage it. Malicious state actors are also a threat: for example, unidentified individuals seized telecommunications nodes and destroyed terrestrial cables in 2014, as Russia occupied the Crimean peninsula. The same could happen to submarine cables.’
Acts of sabotage, if they take place, would fall into the category of hybrid warfare: any such attack would be unlikely to trigger a conflict but, if successfully coordinated, would cause severe disruption. Protecting against such threats — and detecting and monitoring potential threats or identifying those responsible when attacks occur — is difficult, particularly with regard to subsea cables often spanning thousands of miles. Since the location of these cables is in the public domain, and international law prohibits the boarding of foreign vessels in international waters, protecting these vital facilities is particularly fraught.