|
|
Y2K…Are you concerned enough?
By
Iamm Vincentson
As society enters into the last six months of the twentieth century many questions are asked about the future. Will the family unit continue to exist? What types of new jobs will be created? How will society handle the transition into the new century? Will we have the form of government running this country that was created by the founding fathers over two centuries ago, or will it be different? What new medical cures will be discovered? How will education change? How will the economy be affected by the transition into the new century? And what will happen with the Y2K problem?
It is surprising how many people do not understand what Y2K is all about. Far too many people still think of it as a hoax, a joke, or a con. Yet if you ask them what do they have to support their belief that it is a joke they will be hard pressed to show anyone their supporting data. The occasional newspaper article that appears in the newspaper simply glosses over many of the facts that people need to know to be more fully informed about the difficulties concerning Y2K. It will provide the reader with information that is not openly discussed in public, but is public information.
It was said in Washington, not to long ago, that the best place to hide from the public is to put it on public record. The thinking being that too much of the public is just not interested in what is happening in this country, and therefore would not care enough to check the public record. Fortunately there are people in this country that do care. They will check the public record, and they will try to share what they learn with others. This is what this report is all about, sharing information with the public, with you, so that you can make better decisions, because you will be better informed. The information in this report is not prettied up, or softened up so people will be not be offended. Too much of that has happened already.
It should be made clear at this point that this report will not suggest that anyone quit their job, sell their home and move up north, because of Y2K. It will not suggest that people should acquire an arsenal to protect themselves, or to buy two years worth of food. The purpose of this report is simply to raise the awareness of the public to the difficulties that surround Y2K and the associated problems if it is not fixed.
The process of correcting the Y2K problem is labor intensive, time consuming, and must be done while many of the computer systems are still functioning. The general public must understand that typical systems may contain tens or hundreds of computer programs, each of which contains thousands, tens of thousands, and at times millions of lines of computer code. For example, the Social Security Administration (SSA) has over 30 million lines of code now in use, and each line must be checked. Initial estimates in 1996 indicate that it will take 300 work years to test and correct SSA’s computers. As of June 1999, the SSA computers have been reported as Y2K compliant.
An average computer system may require five to ten work years to make it Y2K compliant, and that has to be completed by January 1, 2000. A medium sized organization, with an average sized technology portfolio could require one hundred to several hundred work years to complete their Y2K project. Some large organizations may face a work effort of over 1000 work years to make their systems compliant.
It is not only the quantity of the lines of code, but the fact that some of the computer language used in these programs are old, such as Cobol, Joval, C, Ada, or were specially written for a specific application. Often times these old programs or specially written programs do not have the documentation or the personnel available to fix them, and thus it becomes harder to correct any Y2K problems in the software. In 1995, it was estimated that the cost of checking, repairing and testing each line of code was .50 cents per line. In 1996 that cost estimate was already up to $1 – $2 per line.
What makes the process so time and labor intensive is that each line of code must be checked and where necessary corrected, and all embedded chips must be located, tested, replaced if necessary, and tested again. Once all this has been done, then end-to-end testing must be done to ensure that all of the corrected parts will work together. The end-to-end testing can take between six and twelve months to complete and is critical to the smooth operation of any business or government. As an example, the Fermi II nuclear plant in Flat Rock, Michigan, is currently in the testing stage and they are having problems with the simulation tests that they are running, because when the clocks are moved forward to the year 2000, the computers continue to shut the system down.
In 1996, industry estimates indicated that 10 – 20 percent of the effort spent on Y2k would be for the actual repairing of the systems, 25 – 35 percent would go into planning, and 45 – 55 percent would go into testing. Current estimates indicate that testing alone will use up 40 – 70 percent of the total Y2K effort.
It is estimated that the average person will come into contact with something that is controlled by computers 240 times a day. Many people have heard the term "mission critical systems" at one time or another on television, the radio, or seen it in the newspaper, but they do not understand what is a "mission critical system". A "mission critical system" is a computer system that any government or business relies on to such a degree that should it fail it would cause any one or all of the following:
It is estimated that in the United States, 15 percent of all local, state, and federal governments as well as businesses will experience at least one "mission critical system" failure. The financial cost of a "mission critical system" failure will range from $20,000 to $3.5 million, and will take 3 – 15 days to correct. Globally the estimate is that between 30-50 percent of all governments and businesses will experience at least one "mission critical system" failure.
Over the past several decades’ computer programs were written in such a manner that the last two digits of the year were used instead of using all four digits. For example "97" instead of "1997". This was done to save valuable space in the memory of the computer. Although this problem has been around for a long time, it has only been the past four or five years that it has become an issue.
Why is the year 2000 such a problem? It’s a problem because if the computer is not Y2K compliant, the computer will read "00" as the year "1900’ not the year 2000. The impact of misreading "00" as "1900" is that computer calculations using time and date information will be incorrect, or could cause the computer to shut down.
Adding to this problem, is that unlike most Information Technology (IT) projects, the Y2K bug has an unchangeable completion date that cannot be moved back to provide more time to finish all that has to be done. The public must be aware that 80 percent of all IT projects are not completed on time, or are not completed at all.
Other factors adding to this problem include: 1) inexperienced management trying to cope with the magnitude of the work that has to be done; 2) a general attitude that this is just a hoax, a con-job, and a joke; 3) trying to find the money in budgets that may already be strained (as in Asia); 4) the shortage of experienced personnel to work on the problem, and 5) the embedded chip.
Inexperienced management is going to be a problem worldwide. There are simply not enough people with the kind of computer experience necessary to manage the magnitude of this problem. Technicians will become a scarce commodity toward the end of 1999, and the beginning of the year 2000, and consulting companies are beginning to refuse to take on any more work. This will leave many companies that waited to the last minute to begin repairs, in an unenviable position later this year.
A poor attitude is another problem that many people have concerning Y2K. They simply do not believe that it is real. Yet it is easy to understand why they feel this way. Some people have created a world around them, which does not allow room to get involved. They can not see because they do not want to see, because by seeing what is going on, the protective world they built around themselves may be turned upside down, and they can not allow this happen. It is simply safer for them to pretend that it is not real.
Additionally, people today have become so conditioned to letting the government worry about things that they do not know how to take care of themselves. If they have a problem, they just let the government know about it and the government throws another social program at the problem, thus relieving the public of still more personal responsibility over their lives. Contributing further to the problem people have in addressing the Y2K issue is the economy. As long as the economy is rolling along at full steam, and they have their six pack of bear, a fifty-two inch screen television, and a new car in their driveway, they are not going to worry about Y2K.
The embedded chip is an even bigger problem than the software. It is estimated that between 30-50 billion embedded chips exist around the world. Of these embedded chips approximately 5-10 percent of these chips are not Y2K compliant. The question is: which ones? Embedded chips can be hard to find and many of them are in older computer systems that will be difficult or impossible to get to, such as satellites, oil wells out at sea, those buried deep inside the backup systems in nuclear power plants, or in pollution control devises at the top of factory smoke stacks.
To further complicate things the electronic chips were massed produced without knowing the purpose in which they would be used. A circuit board could have 20 – 50 chips from various manufacturers and each one would have to be checked. There is simply not enough time to find, replace if necessary, and test every one of these embedded chips before the year 2000.
Even if the countries around the world could fix the Y2K bug by the year 2000 that would not be good enough! Over the past 30 – 40 years the global computer network has been linked together using a patchwork of old and new computer languages, and for this very reason doing end-to-end testing will be extremely difficult and time consuming, and the world is running out of time to complete the job.
A lot has been made over the fact that the banking industry in the United States is Y2k ready. Does this mean that the public has nothing to worry about? No. Data transfers could still cause problems for the banking industry. Transferring data from one bank to another, or between banks in different states, or from one country to another that is not Y2K compliant could contaminate the data at a bank that was Y2K compliant. The United States exposure to the Y2K bug is complicated by its dependency on computer technology. There is no other country in the world that is as dependent on computers, and consequently as vulnerable, as the United States.
It is not only computer problems that are of concern, nature will also make an impact on how smoothly things will run at the end of the year, and the beginning of the year 2000. In November, the Leonid Meteor Showers will cross the earth’s path. The Leonid Meteor Showers has a 33-year cycle and the last time it appeared was in 1966. It is uncertain just how spectacular the showers will be in November. In 1966, the Leonid Meteor Shower was only considered mediocre with an estimated 100 – 200 meteors entering the earth’s atmosphere per hour at its peak. In 1833, the Leonid Meteor Showers were spectacular with an estimated 10,000 meteors entering the earth’s atmosphere an hour at its peak. The implications today are considerable when it is realized that in 1833, satellites were non-existent, yet today there are 100’s of satellites circling the globe. Should the Leonid Meteors Showers be as spectacular as in 1833, it could play havoc with the satellites and possibly damage or destroy many of them. Should this happen, major disruptions in telecommunications will result.
If Y2k and Leonid meteors are not enough, scientists are telling the public to expect disruptions caused by "space weather". What they are referring to is solar flares. Solar flares are a naturally occurring phenomenon that will reach the peak of an eleven-year cycle this January and will last for about four months. The increase of solar activity occurs as the sun’s magnetic field reverses every 10 or 11 years. The public recognizes the visual effects of the solar flares as the Northern Lights.
It is the release of highly charged particles resulting from solar flares which when they enter the earth’s atmosphere create the waves of color at night in the sky. These waves of color look like curtains blowing in the wind and can be as colorful as the rainbow or just appear as single colors of red, yellow, white, etc.
The solar flares and the charged particles that are sent racing toward earth can cause electrical power outages, cellular phones and pagers to malfunction, and satellites to veer off course. Technology, if it is working at the time, will be capable of monitoring these solar flares and give scientists a 30 – 60 minute advanced warning.
Federal Government
Given the limited amount of time and the immensity of the Y2K problem the federal government is placing emphasis on "mission critical systems". The Fed’s have broken down the process of fixing the computers into five categories. These categories are:
In theory these completion dates would have put the federal government where it wanted to be on January 1, 2000, but the government rarely keeps on schedule and this is the case today with the Y2K problem. To its defense, the government clearly had no idea how immense the work would be to get this job done.
As of July 1997, six of the 24 department in the federal government were already behind schedule. These departments are defense; treasury; transportation; veteran affairs; the agency for international development and the nuclear regulatory commission. These six departments represent 70 percent of the overall cost of fixing the federal governments "mission critical systems". As of November 1998, the following departments (one third of the departments) will not be compliant on March 30, 1999: OPM, Education, DOT, DOD, Justice, Health & Human Services (HHS), State, and AID. The federal government has to have the "mission critical systems" repaired by March in order to have time to do the necessary testing. Remember that testing alone requires 6 – 12 months to complete. Will the federal government operate if one third of the governmental departments shut down on January 1, 2000?
In this country over 70 million people rely on Medicare to pay for their health care requirements. To process Medicare claims, Medicare uses 78 different systems operated by 60 private insurance companies. Hospitals and other health care providers could have trouble processing their claims if Medicare’s computers are not Y2K compliant. In November 1998, Congressman Horn stated in his report that the HHS’s Health Care Financing Administration (HCFA), the entity that administers Medicare, has only 7 of its 100 "mission critical systems" Y2K compliant. He went on to say that: "If HCFA does not accelerate its efforts dramatically, failure of Medicare’s systems is inevitable..." At its current pace HCFA will be compliant in the year 2001.
In a GAO report in April 1999, it was reported that based on independent verification, the 54 "mission critical systems" the HCFA said were Y2K compliant, were not. Should HCFA not be able to make their computer systems compliant, medical care may be on a cash basis only for many people. Some of the programs that could be affected would include: food stamps, unemployment insurance, temporary assistance for needy families, Medicaid – integrated eligibility system, Medicaid – management information system, child support, child care, child welfare, women, infants, and children.
At the opposite end to the scale, the Small Business Administration (SBA) has the notable distinction of being the first federal department to be Y2K compliant. It should also be noted that the SBA started their Y2K project in 1989, eight years before most of the departments began their Y2K efforts.
By February 1997, the federal government estimated that they would spend $2.5 billion correcting the Year 2000 problem. By March of the same year the cost had gone up by $500 million. The Office of Management and Budget (OMB) then estimated that federal costs had swelled to $5.4 billion as of August 15, 1998. A Senate report in March of 1999 estimated the cost of repairing the Y2k problem to over $7.5 billion. Some estimates indicate that when all is said and done the federal government will have spent over $30 billion in addressing the Y2K problem.
Part of the lack of concern that the public has over Y2K is the lack of understanding of the consequences if Y2K becomes a serious problem. What then are some of the risks? The following list explains the risks.
As of October 26, 1998 it was estimated that the federal government will have only 66 percent of their "mission critical systems" compliant by March 1999, and that figure did not include the testing and implementation phases. It must be remembered that without thorough end-to-end testing, which could take six to twelve months to finish, no "mission critical system" can be certified ready.
Ten’s of thousands of data transfers can occur within the federal government every day. The end-to-end testing must include the testing of these data transfers between not only other federal agencies, but also between state and local agencies, and other international governments. Data transfers between government computers systems and businesses must be checked as well, and if at any point a software problem or a non-compliant embedded chip is passed up, all the work that was done to make the systems compliant may be for naught. Concern has been expressed by some in Washington D.C. that some "mission critical systems" that have been declared Y2K ready, were actually found to be non-compliant when they were tested at a later date.
Red flags were already being raised as to the lack of progress by the federal government as early as July 1997. In a report by the GAO it was reported to say:
"OMB’s perspective that agencies have made a good start and that no mission critical systems were reported to be behind schedule would seem to imply that there is no cause for alarm. On the contrary, we believe ample evidence exists that OMB and key federal agencies need to heighten their levels of concern and move with more urgency...
And in another report in October 1998, it was stated that:
"It is now clear that a large number of federal computer systems simply will not be prepared for January 1, 2000..."
To add further concern, the "mission critical systems" are only part of the government’s over all problems. There is another priority level called "mission essential systems", and these are nearly as important as the "mission critical systems. It is these "mission essential systems" that the federal government is using to hide those "mission critical systems", through redefining, that will not be ready on January 1, 2000.
The public has to go back over the past couple years in order to understand why redefining has become important to the over all picture of the federal government’s effort to be Y2K compliant. In 1997, the federal government said that they had 9100 "mission critical systems, and by July of the same year they dropped the number down to 7,649 "mission critical systems" By October 1998, they said they only had 7300 "mission critical systems. Again in March 1999, the federal government said that now they only had 6,399 "mission critical systems". Then in April 1999, they said that they only had 6138 "mission critical systems". What happened to some 3000 "mission critical systems" over the past two years?
Is it an accident that as the government redefines "mission critical systems" in such a way that the total number of systems continues to decline, while the percentage of those systems that are compliant continues to rise? The federal government reported in May 1997, that only 21 percent of the federal "mission critical systems" were compliant. In March 1999, the Fed’s said that they were now 92 percent compliant in spite of the fact that 11 agencies had not met the March 1999 deadline for compliance. Those agencies are:
It is reasonable to believe that some of these "mission critical systems" were old and obsolete, and were simply dropped from the list. What is not reasonable is that all 3000 systems were considered old and obsolete. If the federal government continues to redefine "mission critical systems" without the public’s knowledge, the government will be able to paint a rosy picture that the public appears eager to accept without question. Should the American people trust the federal government’s claim that they will be ready by the Year 2000?
Many of the senior citizens in this country have been led to believe that their social security checks will be delivered as scheduled. President Clinton has made big public announcements that the Department of Social Security (DSS) is ready for the year 2000, and he is correct. In fact the Department of Social Security has been given an A+ rating for some time now. Yet caution is still in order.
What the president is not saying is that the Department of Social Security does not write the checks, the Department of Financial Management Services (DFMS) does and at this point they are not ready. The DSS simply tells the DFMS, who to write the checks out to and for how much money.
In spite of the optimistic reports from Washington, a closer look reveals as of June 1999, that of 43 federal health and safety programs, only the Department of Social Security and the Weather Service are ready for the year 2000. Those federal programs that have not even finished testing include among others child nutrition programs, disaster relief, Medicare, Medicaid, federal prisons and the air traffic control.