Rachel's Environment & Health Weekly on Y2K
=======================Electronic Edition========================
RACHEL'S ENVIRONMENT & HEALTH WEEKLY #604
June 25, 1998--- THE Y2K PROBLEM, PART 1
We've been hearing about this problem for some time now, but like
most people we have been ignoring it. As with many problems, we
clip articles about it, then file them for later reference. It's
the Y2K problem. To a scientist, Y means Year and K means 1000,
so Y2K refers to the year 2000 problem. It's a computer problem
with possibly-serious environment and health implications.
Like most people, we are very suspicious of alarming predictions
about the year 2000. What finally focused our attention on the
Y2K problem was a small item in the back pages of the NEW YORK
TIMES Saturday June 13th.[1] It began, "The nation's utilities
told a Senate panel today [June 12] that they were working to
solve expected computer problems when 1999 ends but that they
could not guarantee that the lights would not go out on Jan. 1,
2000."
The utilities say the lights may go out. This seems like a
problem worth examining.
The TIMES went on, "An informal survey by a Senate panel of 10 of
the nation's largest utilities serving 50 million people found
none had a complete plan in case its computers failed because of
the problem." The TIMES explained, "Many electrical plants use
date-sensitive software to run built-in clocks that monitor and
control the flow of power. These could fail if not updated."[1]
The utilities say the lights may go out, yet none of them has a
full contingency plan. How serious could this problem become?
As we examined the items in our "Y2K" file, we found opinions
ranging all over the place. Some people said, "This is a fake
problem invented by people who want to sell fixes." Others said,
"This is going to be the end of civilization as we know it."
Where does the truth lie?
I worked 5 years in the Computing Center at Princeton University,
so have more than a passing familiarity with computers. My
crystal ball is as hazy as any one else's, but here is an attempt
to offer a realistic look at the nature of this Y2K problem.
Unlike most problems, we know when this one is going to hit us:
on January 1, 2000, just a little over 500 days from now.
Here is the crux: Many computers only recognize dates by two
digits. In these computers, 67 is 1967 and 98 is 1998. In these
computers, a 00 date will mean 1900, not 2000, unless their
software is re-written. When such computers start calculating or
comparing dates after 1999 they won't work right --they may
simply shut down, or they may seem to run fine but produce
incorrect information that is very hard to detect.
Computers that have this Y2K problem are called "noncompliant"
computers, and it turns out there are quite a few of them.
Many noncompliant computers are the really big "mainframe"
machines that serve as the central nervous systems of financial
institutions (banks, savings & loans, credit unions), stock
exchanges, air traffic control systems, missile defense systems,
government tax agencies, the Social Security Administration, the
Medicare program, the insurance industry, and all of the Fortune
1000 multinational corporations. (And of course this problem is
not limited to the U.S. Every industrialized country depends
heavily upon large mainframe computers.)
A report published by Merrill Lynch, the financial management
company, says flatly, "When the millenium arrives, many computer
systems and global networks will fail because of an inability to
properly interpret dates beyond 1999."[2]
Mainframes will not be the only computers to fail on January 1,
2000 if they are still noncompliant by then. Many industrial
machines contain "embedded systems" --computer chips that are
literally embedded within some larger piece of equipment, such as
power stations, oil refineries, telephone switches, burglar
alarms, emergency room equipment, air traffic control systems,
military defense gear, and chemical plants, among others.
By the year 2000, there will be an estimated 25 billion embedded
systems, according to the Gartner Group, which advertises itself
as the world's foremost authority on information technology.[3]
By Gartner Group's estimate, two-tenths of one percent of these
25 billion embedded systems will be noncompliant.[4] Two-tenths
of one percent of 25 billion is 50 million. Therefore, the
problem, according to Gartner Group, is to identify and replace
those 50 million noncompliant embedded systems in the next 500
days. To solve this problem, someone would have to identify,
replace, and test about 100,000 chips each day between now and
December 31, 1999. Does the U.S. have enough technicians to
identify, replace and test 100,000 chips each day? It seems
unlikely.
These embedded systems tend to be embedded in the nation's core
infrastructure --in the water, sewage, and electrical utilities,
in railroads and other transportation systems, in hospitals, in
police and fire services, in the defense infrastructure, and in
petrochemical (and other manufacturing) plants.
BYTE magazine, a technical computer journal, wrote recently, "One
commonly cited problem is associated with gadgets that monitor
periodic maintenance. When the clock strikes twelve on New
Year's Eve, 2000, these devices might think it's been 99 years
since their last maintenance, realize that's too long for safe
operation, and shut down."[5]
Virginia Hick, who writes a column called "Technology and You"
for the ST. LOUIS POST DISPATCH recently interviewed Peter de
Jager, a well-known Y2K consultant to industry. (See
www.year2000.com). Here is what Hick
wrote:[6]
".... De Jager talked recently with an executive of a company
that makes a volatile gas --he would not identify the company
more specifically --who told de Jager how his plant discovered
the seriousness of faulty embedded chips.
"The plant found a chip that failed when the date was moved
forward. When the chip failed, it shut off a valve that would
have shut down the cooling system. A cooling system shutdown,
the executive said, would have caused an explosion.
"That was great news," de Jager said. "Because they checked
--there will be no explosion. They're replacing the chips."
"De Jager worries about the companies that are not checking,"
Hick wrote.
Conclusion No. 1: If we lived in a community with one or more
chemical plants, we would be asking our local government to hold
public hearings on the Y2K problem, seeking public assurances
from local plant managers that they really have this problem
under control. What written plans do they have for assessing
these problems, and how large a budget have they committed to
solving them? What progress can they demonstrate? Does the plant
manager have sufficient confidence in the plant's safety systems
to be at the plant with his or her family at midnight December
31, 1999, to celebrate the new year?
Now let's return to the mainframe problem. Because non-compliant
computers could harm a company's financial picture (up to and
including bankruptcy), on January 12, 1998, the federal
Securities and Exchange Commission (SEC) issued SEC Staff Legal
Bulletin No. 5, which requires publicly-held companies to report
their progress toward solving their Y2K problems. On June 10,
1998, Steve Hock, president of Triaxsys Research in Missoula,
Montana, testified before the Senate Banking, Housing and Urban
Affairs Committee that his company had examined the SEC filings
of America's 250 largest corporations.[7] Mr. Hock told the
Senate that 114 of the 250 companies had filed no Y2K information
with the SEC. Of the 136 companies that HAVE filed Y2K
information, 101 reported their progress on the assessment phase
of the problem. Of these 101, 60% revealed that they have not
yet completed their assessments of the Y2K problem.
Mr. Hock testified that 36 companies reported their estimated Y2K
project costs and how much they had so far spent. The average
company reported having spent 21% of the expected total costs of
Y2K fixes. Mr. Hock concluded, "[The] data shows remarkably
little progress by the largest US companies in addressing the
Year 2000 problem. Most of the work has been compressed into an
extremely tight window of time. Given the information technology
industry's long history of failure to complete large scale system
conversion projects on time, this is cause for serious
concern."[7]
The New York Federal Reserve Bank has said that it will take more
than a year for a large corporation to test its computers for Y2K
compliance AFTER all their software has been fixed.[8] This
means all fixes must be completed by September or October of 1998
so testing can begin in time. But many large corporations are
still at the stage of assessing the problem, and it's now late
June.
How big is the task for a complex corporation? State Farm
Insurance --a company that believes it is on top of the Y2K
problem --began working on the problem in 1989 and found that it
had 70 million lines of computer code to convert, 475,000 data
processing items, more than 2000 third-party software programs,
900 shared electronic files, plus miscellaneous telephone and
business equipment in 1550 corporate and regional service
facilities. State Farm still has 100 employees working "around
the clock" on nothing but Y2K.[9]
But even a forward-looking company like State Farm could be
harmed by this problem if its customers, suppliers, partners,
bankers, and regulators aren't compliant by the year 2000. As
Merrill Lynch says, "Even institutions that have fixed their own
internal problem will feel the ripple effects from problems
occurring externally."[2]
A survey of small businesses by the National Federation of
Independent Businesses (NFIB) reported June 1 that 75% of small
businesses have done nothing about the Y2K problem.[10] The NFIB
estimated that 330,000 small businesses will go bankrupt and
another 370,000 will be "temporarily crippled" by the Y2K problem.
Conclusion No. 2: Portions of the nation's basic infrastructure
(utilities, transportation, defense, manufacturing) seem likely
to be disrupted by the Y2K problem. Furthermore, parts of the
world's core commercial institutions, such as banking and
insurance, seem likely to be disrupted by the Y2K problem.
Therefore, in our opinion, we each would do well to ask
ourselves: if the electric utilities may not be reliable, the
petrochemical industry (which delivers our gasoline) may have
difficulties of its own, the trains may not run well, and the
world banking system may be plagued by errors and glitches, how
can we be sure that our employers will be able to pay us so that
we can put food on the table? It even seems as if we should be
asking, how can we be sure there will be food in the grocery
stores? Given what we know, these seem to be reasonable
questions.
More next week.
--Peter Montague
==========
[1] "National News Briefs; Utilities Say Outages Are Possible in
2000," NEW YORK TIMES June 13, 1998, pg. 16.
[2] See <http://www.ml.com/woml/forum/millen.htm>.
[3] See: <http://gartner12.gartnerweb.com/public/static/home/home.html>
.
[4] Thanks to Roleigh Martin for the Gartner Group estimate. See
<http://ourworld.compuserve.com/homepages/roleigh_martin/y2journ.htm>.
The most comprehensive --and most pessimistic --web page on Y2K
is that of historian Gary North: <www.garynorth.com>.
[5] Edmund X. DeJesus, "Year 2000 Survival Guide," BYTE (July
1998),
pgs. 52-62.
[6] Virginia Hick, "Expert Warns Computer World is Running Out of Time
to Meet 2000; Code is Broken and Needs to Be Fixed Fast, He Says,"
ST.
LOUIS POST-DISPATCH Nov. 19, 1997, pg. C8.
[7] Mr. Hock's testimony is available at <http://www.senate.gov/~banking/98_06hrg/061098/witness/hock.htm>
[8] See <http://www.ny.frb.org/docs/bankinfo/circular/10937.html>.
[9] See <http://www.statefarm.com/about/year.htm>.
[10] See <http://www.amcity.com/sacramento/stories/060198/smallb2.html>
.
=======================Electronic Edition========================
. .
RACHEL'S ENVIRONMENT & HEALTH WEEKLY #605
July 2, 1998 --- THE Y2K PROBLEM, PART 2 .
Y2K is the shorthand name for Year 2000, a computer problem that
may affect both environmental and human health in every
industrialized or industrializing country. Many thousands of
operating computers currently represent the year by two digits:
25 is 1925 and 98 is 1998. When January 1, 2000 rolls around,
these computers will assume 00 means 1900, not 2000, unless their
software is fixed. Computers that have this "Y2K date problem"
are called "noncompliant."
If you were born in 1935, a computer this year would determine
that your age is 98-35=63. However, two years from now that same
computer may determine that your age is 00-35=-35. At that point
the computer may stop working, or it may pass this incorrect
information on to others, including other computers.
This seemingly-simple problem has large consequences.
BYTE magazine, a technical computer journal, calls Y2K "a crisis
without precedent in human history."[1] FORTUNE magazine calls it
"the biggest screwup of the computer age"[2] and says it may cost
$1 trillion to fix. (The Vietnam War cost half that much, $500
billion.) The Electric Power Research Institute (EPRI) --a trade
association for electric utility companies --says the Y2K problem
will begin to disrupt businesses, including electric utilities, a
year before the new century begins: "Major disruptions in
technical and business operations could begin as early as January
1, 1999. Nearly every industry will be affected," EPRI says.[3]
If the disruptions don't begin January 1, 1999, they may begin
July 1, 1999, when fiscal year 2000 begins for 46 out of the 50
states, or on October 1, 1999, when fiscal year 2000 begins for
the federal government. But most of the problems will probably
surface after midnight December 31, 1999.
Charles Rossetti, commissioner of the U.S. Internal Revenue
Service (IRS), told the WALL STREET JOURNAL April 22, 1998, that
Y2K is a "very, very serious problem." "There's no point
in
sugarcoating the problem," he said. "If we don't fix the
century-date problem, we will have a situation scarier than the
average disaster movie you might see on a Sunday night.
Twenty-one months from now, there could be 90 million taxpayers
who won't get their refunds, and 95% of the revenue stream of the
United States could be jeopardized."[4] Mr. Rossetti went on to
say he is confident that these problems will not occur because
IRS computer experts will prevent them. Critics of IRS are not so
sure.[5]
In addition to many thousands of noncompliant computers needing
to be fixed, there are millions of noncompliant "embedded
systems" --computer chips embedded in other equipment such as
photocopiers, telephones, elevators, traffic lights, electric
generating plants, and nuclear missiles --that also need to be
fixed or replaced.
The deadline for having everything fixed --December 31, 1999 --is
just over 500 days away, and it is an unusual kind of deadline
because it cannot be ignored or extended. FORTUNE magazine
reported April 27, 1998, that, on average, large corporations are
only 34% of the way through the job of making their systems
compliant.[2]
Government agencies are doing only slightly better. The
Government Accounting Office (GAO) said in March, 1998, "Time is
running out for solving the Year 2000 problem. Many federal
agencies will not be able to renovate and fully test all of their
mission-critical systems and may face major disruptions in their
operations. At the same time, systems that have been renovated
and tested may encounter unanticipated Year 2000 problems."[6]
The GAO gave examples of what might go wrong:
** The nation's air transportation may face major delays and
disruptions because the airlines may not be able to file flight
plans with the Federal Aviation Administration.
** Taxpayers may not receive timely tax refunds because the
Internal Revenue Service (IRS) may be unable to process their tax
returns.
** Payments to veterans and retirees may be delayed or disrupted
by the failure of mission-critical systems supporting the
nation's benefit payments systems. [In other words, people may
not receive their social security or disability checks in a
timely fashion.]
GAO reported June 10, 1998, that 24 government agencies are only
40% of the way toward their goal of Y2K compliance.[7] GAO said
it had published 40 reports on government computers during the
past two years: "The common theme has been that serious
vulnerabilities remain in addressing the federal government's
Year 2000 readiness, and that much more action is needed to
ensure that federal agencies satisfactorily mitigate Year 2000
risks to avoid debilitating consequences." GAO concluded, "As
a
result of federal agencies' slow progress, the public faces the
risk that critical services could be severely disrupted by the
Year 2000 computing crisis."
No one knows what will happen as we approach the year 2000. We do
know that many manufacturing processes are dependent upon
computers, especially in the chemical process industries. FORTUNE
magazine said recently, "The precision and interdependence of
process controls in chemical plants, for instance, make a Rube
Goldberg fantasy contraption look simple. Let a single
temperature sensor in the complex chain of measuring instruments
go cuckoo because of a year 2000 problem, and you'll get a
product with different ingredients than you need--if it comes out
at all."[2]
Even the nation's defense apparatus could be adversely affected.
The GAO reported June 30 that the U.S. Navy is far behind in
fixing its Y2K problems and concluded, "Failure to address the
year 2000 Problem in time could severely degrade or disrupt the
Navy's day-to-day and, more importantly, mission-critical
operations." GAO said the Navy does not even know how many of its
computers have Y2K problems, so it doesn't know how big the task
ahead may be.[8]
Why is this seemingly-simple problem so difficult? Merrill Lynch,
the financial management firm, says there are four reasons:[9]
1. Pervasiveness. Computers that depend on dates are present in
every kind of technology --manufacturing systems, medical
equipment, elevators, telephone switches, satellites, and even
automobiles.
2. Interdependence: Computers exchange information among
themselves. "A single uncorrected system can easily spread
corrupted data throughout an organization and even affect
external institutions," Merrill Lynch says.
3. Inconsistency: Computer languages do not store and use dates
in a consistent way. Dates are labeled, stored, and used in
different ways from program to program and even within a single
program. Therefore, identifying and correcting dates requires
close inspection of the computer code line by line.
4. Size: Most large corporations and government agencies use
thousands of programs containing millions of lines of computer
code. Each line of code must be inspected manually and, if
necessary, fixed.
There are additional reasons why this is a particularly difficult
problem.
** Many business computer programs that run on the largest
("mainframe") computers are written in an obsolete language
called COBOL. COBOL hasn't been taught for 10 years, so there is
a distinct shortage of COBOL programmers.[2,10]
** Indeed, there is a shortage of all programmers to work on Y2K
problems. Swiss Re (a firm that insures insurance companies
against major losses) says, "A total of well over three million
programmers would be needed to solve the millenium [date] problem
in the US. In actual fact there are only around two million of
them at present."[11]
** When computer code is re-written, new errors are introduced at
an average rate of one new error in every 14 lines of re-written
code. Thus even "Y2K compliant" code may not work right when the
time comes.[2]
Therefore, we believe it is reasonable to conclude that portions
of the nation's critical infrastructure (water, electricity,
telecommunications, and transportation) may be disrupted for a
period --perhaps a few days, but conceivably longer. Essential
government services may also be disrupted.
We could be entirely wrong. However we believe it is sensible to
hope for the best but prepare for the worst.
Individuals might take precautions to protect their families.
They need water, food, shelter, and a cash reserve.[12] They need
paper records of bank accounts and insurance policies, in case
computerized records are lost. But even more importantly,
communities need to begin now to think about ways to mitigate
these problems. All is not lost. Much trouble can be averted by
focused efforts now. Awareness is the first issue. (A recent
survey of 643 individuals found that 38% had never heard of the
Y2K problem. Among the 400 (62%) who HAD heard of it, 80% said
they believed it would be fixed before the year 2000 arrived.
This contrasts with an earlier poll of technology and business
executives charged with fixing Y2K problems: only 17% of them
said they thought the problems would be fixed before the year
2000.)[13] People need to be told.
Coordinated action is the second issue. People need the resources
to fix their own computers.[1] Third, communities need to think
creatively about ways to help those who are most vulnerable:
people who rely on social security, veterans benefits, and
private pensions, for example. What will happen if their funds
are delayed? Local governments, churches, and civic groups, could
begin now to bring communities together to find ways to avert
serious problems that might occur. Approached properly, Y2K could
become a catalyst for positive community growth and development
in the best sense of those words.[14]
--Peter Montague
(National Writers Union, UAW Local 1981/AFL-CIO)
===============
[1] Edmund X. DeJesus, "Year 2000 Survival Guide," BYTE (July
1998), pgs. 52-62. Good web sites covering this problem include:
<http://www.yourdon.com;
<http://www.webcom.com/~yardeni/y2kbook.html;
<http://www.euy2k.com;
<http://www.year2000.com;
<http://www.y2ktimebomb.com;
<http://www.garynorth.com;
<http://www.y2kwomen.com; and
<http://www.transform.org/transform/tlc/Resiliency.htm.
[2] Gene Bylinsky, "Industry Wakes Up to the Year 2000 Menace,"
FORTUNE April 27, 1998, pgs. 163-180. Available on the web:
<http://www.pathfinder.com/fortune/1998/980427/imt.html.
[3] See <http://year2000.epriweb.com/year2000/challenge.html.
[4] Tom Herman, "A Special Summary and Forecast of Federal and
State Tax Developments," WALL STREET JOURNAL April 22, 1998, pg.
A1.
[5] Peyman Pejman, "Industry rep voices doubt over federal
2000-readiness," GOVERNMENT COMPUTER NEWS June 15, 1998. See
<http://www.gcn.com/gcn/1998/June15/industry_rep_voices_doubt_over_f.htm.
[6] Joel C. Willemssen and Keith Rhodes, YEAR 2000 COMPUTING
CRISIS: BUSINESS CONTINUITY AND CONTINGENCY PLANNING
[GAO/AIMD-10.1.19] (Washington, D.C.: General Accounting Office,
March, 1998). Available at: <http://www.gao.gov/y2kr.htm.
[7] Joel C. Willemssen, YEAR 2000 COMPUTING CRISIS; ACTIONS MUST
BE TAKEN NOW TO ADDRESS SLOW PACE OF FEDERAL PROGRESS
[GAO/T-AIMD-98-205] (Washington, D.C.: General Accounting Office,
June 10, 1998). Available at: <http://www.gao.gov/y2kr.htm.
[8] John B. Stephenson and others, DEFENSE COMPUTERS; YEAR 2000
COMPUTER PROBLEMS PUT NAVY OPERATIONS AT RISK [GAO/AIMD-98-150]
(Washington, D.C.: General Accounting Office, June, 1998).
Available at: <http://www.gao.gov/y2kr.htm.
[9] See <http://www.ml.com/woml/forum/millen.htm.
[10] Rajiv Chandrasekaran, "Older Programmers May Fix Future,"
WASHINGTON POST March 2, 1997, pg. A1. See:
<http://www.washingtonpost.com/wp-srv/frompost/features/mar97/2000.htm.
[11] See <http://www.swissre.com/download/public/millen-e.pdf.
[12] See <http://www.y2kwomen.com.
If you need this "how to
protect your family" information sent to you by mail, send us
$2.00 to cover postage and copying; we'll mail you 27 pages of
information. Please mark your envelope Y2K.
[13] Susan Watson [(508) 935-4190] and Karen Fogerty [(508)
935-4091], "CIO Magazine Study Shows Many Consumers Clueless
About Year 2000 Computer Glitch," press release dated June 12,
1998. See <http://www.cio.com/marketing/releases/y2k_release.html.
[14] See, for example, Robert Theobald's work on community
responses to Y2K: <http://www.transform.org/transform/tlc/Resiliency.htm.
. Environmental Research Foundation .
. P.O. Box 5036, Annapolis, MD 21403 .
. Fax (410) 263-8944; Internet: erf@rachel.org
.
. Back issues available by E-mail; to get instructions, send .
. E-mail to INFO@rachel.org with the
single word HELP .
. in the message; back issues also available via ftp from .
. ftp.std.com/periodicals/rachel and from gopher.std.com .
. and from http://www.monitor.net/rachel/
.
. Subscriptions are free. To subscribe, E-mail the words .
. SUBSCRIBE RACHEL-WEEKLY YOUR NAME to: listserv@rachel.org.
NOTICE
Environmental Research Foundation provides this electronic
version of RACHEL'S ENVIRONMENT & HEALTH WEEKLY free of charge
even though it costs our organization considerable time and money
to produce it. We would like to continue to provide this service
free. You could help by making a tax-deductible contribution
(anything you can afford, whether $5.00 or $500.00). Please send
your tax-deductible contribution to: Environmental Research
Foundation, P.O. Box 5036, Annapolis, MD 21403-7036. Please do
not send credit card information via E-mail. For further
information about making tax-deductible contributions to E.R.F.
by credit card please phone us toll free at 1-888-2RACHEL, or at
(410) 263-1584, or fax us at (410) 263-8944.
--Peter Montague, Editor