X-Message-Number: 10209
Date: Sun, 02 Jan 2000 08:38:38 -0800
From: Peter Merel <>
Subject: Y2k: which problems are "minor and surmountable"?

Perry Metzger writes,

>I still think you're nuts, but I decided there was little point in
>discussing it at length. I've been monitoring lots of Y2K verification 
>tests at clients, and I've done a bunch of the work, and I personally
>*know* that the problems will be minor and surmountable. 

After all the gloom I've found online it's a genuine pleasure to hear 
such reports of success and confidence; with the new "good samaritan" laws 
in place, which will indemnify organizations against damages caused by 
their releasing potentially flawed y2k data, I hope we'll hear a lot more 
detail about status and confidence levels to counter the dire-sounding
studies published so far.

I'd like to ask a few more specific questions of Perry and anyone else here
with direct, positive, experience of y2k amelioration so we can get a better
feeling for the basis of their confidence. I don't expect detailed answers;
to answer these properly would be far too much to expect for just a casual
enquiry. A simple, "yes, this too is well in hand, don't fret" would be a
wonderful reassurance. 


1) One way to gauge progress in a y2k project is to determine how far along
it is, how long it's taken to get this far, and to map this onto published
experiences of the proportions of time taken to complete y2k work.

A common breakdown of the stages of y2k amelioration suggests projects 
follow 5 phases: Inventory, Assessment/Planning, Conversion, Testing and

I've seen two published estimates of proportions of time spent in these 
phases: http://www.cips.ca/papers/y2k/paper/checklist2.htm gives 5%, 20%, 
20%, 45%, 10%. http://www.year2000.ca.gov/correspondence/CA2000WhitePaper.asp
gives 2%, 20%, 20%, 40%, 18%. Other estimates place a larger emphasis on 
time spent testing - up to 70%.

If this is a fair characterization of progress, then, of projects with 
which you have familiarity, how long have they been running 
and can you say what phase you think they've reached?


2) Embedded systems issues have only recently become the focus of y2k 
concern. Some embedded systems problems, such as the "time dilation"
effects in many RTC chips (http://www.nethawk.com/~jcrouch/dilation.htm), 
have only come to light in the last few months. The effects of such problems,
if uncorrected, are very likely to interfere with mission-critical business

This week's Gartner Group study of 57,000 US businesses found that only 11%
have paid any attention at all to embedded systems issues. In some businesses,
such as oil drilling and pipelines, just inventorying embedded systems is
extremely difficult for logistic reasons. In terms of the phases above, to 
what extent have projects with which you have familiarity resolved 
embedded systems issues?


3) Almost all organizations are dependent on external suppliers of services
for mission-critical functions. To properly gauge compliance your businesses
must survey their suppliers (and their suppliers, and so on the whole way 
around their supply life-cycle) to anticipate glitches. How much 
contingency planning and/or stockpiling has your organization undertaken 
and has this taken into account the strong likelihood of multiple 
simultaneous supply-chain failures in early '00?


4) Utilities and their distribution networks may fail for periods of
days or weeks in many areas all over the globe in early '00. One of the 
worst effects of embedded systems problems may be oil shortages. Offshore 
oil rigs are constructed in dry harbour and then towed into position; some 
of their embedded systems are on the sea floor where they are very difficult
to find and fix. Land-based oil drilling enterprises are most often 
in countries with minimal y2k preparedness, and so are vulnerable to both
direct negligence and failures in support structures. The UAE, for example, 
has only this month announced its first y2k campaign. Do your y2k 
contingency plans factor in the likelihood of utility failures and
oil shortages?


5) There's a high likelihood of global bank runs during 1999. What effects 
will these have on your business, and could they effect the viability of 
your y2k amelioration efforts?


>I am therefore not worried. As I noted, most organizations other than
>governments don't survive long by being totally incompetant.

In the presence of overwhelming published evidence to the contrary,
and with no empirical support for your position beyond your own
anecdotes, I'm sure you'll forgive me if I remain a little skeptical. 
But you raise another excellent question: 

6) Senator Horn, in summarizing congressional testimony on government Y2k 
compliance, gave US federal departments grades between D and F; the 
"A++" exception to this, the department of transport, was blown out
of the water just this week when the GAO trashed the FAA's claims of 
having achieved 70% compliance in just 3 months. US State and County 
governments appear to be in still worse straits. To what extent is your 
organization dependent on the functions of these state-run systems for
its mission-critical functions, and do you have any contingency plans
should these state-run systems fail? 

>There is no need to wait very long periods to get an answer here. In 
>17 months, we'll just know who's right, and 17 months is a blink of an eye.

17 months gives each of us some chance of preparing for what will happen. 
I think it's worth burning a few bits to try to figure out the scale of 
this problem now, while we can still act on the knowledge. But 17 months 
is probably much longer than we've got until the bank runs; that April 
Fools '99 date - on which Japan hits fiscal y2k - is the one that has me 
most immediately concerned.

To finish on one more less than happy note: most folk are aware that 
Windows '95 is not y2k compliant. But it turned out this week that 
Windows '98 isn't compliant either: 


Now ask yourself how that could possibly have happened if anyone inside MS 
had spent even five minutes doing the most basic test for y2k compliance. 

Peter Merel.

Rate This Message: http://www.cryonet.org/cgi-bin/rate.cgi?msg=10209