Software Engineering Laboratory, Department of Computer Science

Year 2000 Issues

Or "Waiting for the Second Shoe to Drop"
... and the shoe dropped very softly :-):-):-)

[Notice] [Back to Portal] [Cynics] [It's Y2k, NOT Y2K] [IEEE Standard for Year 2000 Terminology] [PC Y2000 Alliance]

General
Hardware Compliance	Software Compliance
What is the Y2k Hardware Problem? My computer? National Software Testing Laboratories YMARK2000 PC Hardware Test Package List of Y2k compliant PC hardware More Test Packages IBM Y2k PC Site Issues Tools	About the Software Problem Some Tools IBM Y2k Site IBM Y2k PC Site Compliance Driver IBM PC Software Databases More Vendor Sites Additional Tips and Tools
Science	Examples
Mitre site USA TODAY/GALLUP POLL/NSF Marcoccio Report To US Senate	NCSU Software & Hardware WLS is Y2k compliant! [Risk: NONE]
Virus Protection
AVERT Y2k Resource Center (Network Associates) Symantec AntiVirus Research Center (Norton Utilities) Some trigger dates

What am I to do?

[GSA Best Practice] [IEEE Recommended Practice] [Commone Sense]

"Don't Panic!". Get informed about the problem using knowledgable, reliable and reputable sources. Beware of con-artists, self-proclaimed experts (no matter how well they manipulate the Y2k jargon), and both well meaning and not-so-well-meaning panick-brokers and doom predictors! Web, and many other sources (including bookstores), is full of inaccurate, incomplete and market-driven overly pessimistic information and materials about Y2k events that may not be true at all, or have a very low probability of happening. A large number of "doomsday Y2k experts" that "air" their opinions over the networks and in various other information outlets have no appropriate computer science or computer engineering training, do not really understand the basic issues, or have ulterior motives. Those that do understand the underlying technological issues invariably have reasonable views and predictions, and do not forsee major perturbations, if any, beyond the failures and pain that computers and software give us on a daily basis in any case :-).
FRAUD ALERT
On the other, hand, you should not be complacent, and you should not totally ignore the issue. "A stich in time ... ", etc. So,

Be Aware. You need to know there is a potential problem before you can fix it. It may be that there is no problem to fix.
Inventory. Count and record everything that may have software or computer chip associated with it, or that depends on one! Do walk throughs to make sure you don't miss anything.
Backup. If you have a computer, back-up all its content regularly. Find software licenses and original diskettes/CDROMs (or copies) so that you can re-load the operating system or software, if the necessity arises.Unless you are running from a stand-alone diskette/boot, DO NOT "fastforward" dates on your computer BEFORE backing-up the system. You could cause application and license damage that may not be reversible.
Research & Evaluate. Use Web, contact vendors, other resources to determine if your hardware/software is compliant. Run compliance tests.
Fix. Address (mission) critical items first. Create prioritized (risk) list of things to fix.
Plan for Contingencies (Risk Management). Create a risk management plan, a plan on how to address emergencies that may arise, how to proceed if your fixes do not work, and what your alternatives are. Do this early, do not leave it for the last minute. If you have to cut corners, the plan should have in it where to cut and what the potential impact/cost of a short-cut or a failure to fix is. Plan workarounds and backup strategies.

Risks

Area
(with related Notes, Sources & Opinions) Y2k Risk as of 7/28/99
(Risk Definitons and Scale)

Public View of the Y2k Risks
How concerned is the public? - a poll - following two items are some of the poll results:

What will be the overall Impact? (Minor to no problems 66%, Major 34%)
What will be Imact on you Personally? (Minor to no problems 86%, Major 14%)
Concern Declining

Frequently asked Questions
More FAQ
Gartner Group Report
Some other "witching hours" (please take these with a large grain of salt )

April 9, 1999 (99th day of the year 99 - see 9/9/99 entry below) - Nothing really happend.

A mention
A longer explanation

August 21, 1999 (GPS rollover)
September 9, 1999 (and more) (e.g., 9999 used to be a common stop code for card-based input as well as data files. 9/9/99 offers possibilites if one uses old code) - Nothing really happend.

LOW to MEDIUM (trend towards low)

COMPUTERS
Personal computers?
(please check the table above entitled "GENERAL")
Start tracking problem behavior of your software and/or computing system between NOW and 31-Dec-99. Record all failures, problems and undesirable behaviors (time/date when they happen, brief description & cirmstances, duration of the downtime or recovery time, fixes, impact, include reboots due to software freezing or misbehaving, crashes, just nusance failures, your own mistake, communication/modem failures, etc.). Find failure rate by dividing the total number of failures by the total time (e.g., days) over which you are tracking. This will give you an idea how often your system fails as part of the "pre-Y2k" behavior. Keep track of how often you use date-sensitive applications. Make sure those are Y2k compliant. How many of the "pre-Y2k" problems your experience are date related? How often do they happen?
This PC risk and impact assessment assumes absence of Y2k viruses, and lack of deliberate Y2k related security attacks. It also excludes the pre-existing software, hardware and failure conditions, i.e., software and PCs fail regulary for a number of reasons that have nothing to do with Y2k.
An active Y2k compliance evaluation and risk/threat resolution and mitigation is needed on the part of the owner. BACKUP your system THOROUGHLY & FREQUENTLY!
Apple/Macintosh NONE to LOW (there is no hardware or operating system problem, but application software may still have problems of its own).
Unix boxes and software manufactured since 1997 LOW to NONE (you need to check for compliance)
PCs and software manufactured since 1997 LOW (you must check for compliance)
Embedded Chips (microcontrollers and microprocessors) - for embedded computer-controlled systems see under computer type that provides control.

Press Release (10-Nov-99)
Summary
Managing Y2k embeded chip risks
A useful set of access points
Some articles
Some scary stuff :-)
Embeded Chip sites

LOW (but you must check for compliance, especially if you suspect a chip-generated date is being used to make decisions - the latter is very unlikely in microcontrollers, perhaps 1 in 100,000, and more likely in microprocessors, perhaps 2% to 7% of the microprocessors could be affected)
Unix boxes and software manufactured before 1997 MEDIUM (you must check for compliance)
PCs and PC Software Manufactured before 1997 MEDIUM to HIGH
(you absolutely must check for compliance)
Poorely, inexpertly, or unprofessionally executed Y2k fixes UNKNOWN (If Y2k software change activities follow the usual industrial software development trends, then as much as 25% of the Y2k fixes could result in new maintenance bugs that will linger on for years. This could be a real problem, be very careful what you download from the Web, or who you let work on your system or application - download/deal only from/with reputable sites and vendors!)
Y2k related Computer Viruses, and other deliberate Security attacks and threats (via network, via "backdoors", via trojan horses, via "Y2k-fixit" tools, etc.)? UNKNOWN (could be a real problem, be very careful what you download from the Web, or who you let work on your system or application - download/deal only from/with reputable sites and vendors!)

COMMUNITY in General

Press Release (10-Nov-99)
2nd Summary - overall and by sectors (Apr 21, 1999)
Summary (Jan 7, 1999)
Summary By Sectors (e.g., Power, Food Supply, Oil and Gas, City Governments, States, Counties)
Products
The Law
National Institute of Standards and Technology
Gartner Group Report on US and International Readiness
Risk assesments presented here, assume at least the present level of ACTIVE and CONTINUED risk awareness, assessment, tracking, resolution and mitigation on the part of all involved parties.

Cars/Trucks
NONE

Government/Social Benefits Payments
LOW to NONE

Internet
Draft Internet Report
LOW to NONE

Communications (including telephones)
Sector Report
LOW to NONE

Emergency Services
Press Release (10-Nov-99)
Summary
Red Cross
LOW to NONE

Elevators
Buildings
Press Release (10-Nov-99)
Summary
LOW to NONE

Economy & Financial Structure (including banks)
U.S. Economy
U.S. Securities and Echange Commission
Press Release (10-Nov-99)
Summary Assessment
Banks
Wall Street
Brokerage Firms
LOW to NONE

Electricity/Power
NERC Press Releases
Report
Local Utilities
Power Plants Running under 2000 Dates
Press Release (10-Nov-99)
Summary
LOW to NONE

Water, Sewage, Solid Waste
LOW to NONE

Food Supply
Press Release (10-Nov-99)
Summary Assessment
USDA
LOW to NONE

Household Appliances
LOW to NONE

Postal Service
LOW to NONE

Oil & Gas
LOW

Air Traffic (by the way, air navigation works on Greenwich Mean Time, five hours ahead of U.S. Eastern Standard Time at the end of the year. The "critical" hour is 7 p.m. not midnight in whatever zone one is :-).

Air Traffic - FAA (FAA is Y2k compliant!)
FAA Bosses
Y2k and Air Traffic

NONE to Very LOW

Health Services
Compliance Survey
Product Database
RTP Area Medical
Medicare
LOW

Large Businesses
LOW to MEDIUM (trend is towards LOW)

Overall Risks over all Federal Services and Functions
Mission Critical Systems
OMB Report
House Subcommittee Report
Press Release (10-Nov-99)
Presidential Commission Summary
More Federal Links

Federal Government
House Subcommittee
GSA Y2k site
Presidential Y2k Commission
LOW

Small and Medium Businesses
Small Businesses - Report
Small Business Administration
Help from NIST
PC Y2000 Alliance
MEDIUM to HIGH (trend is towards MEDIUM)

International
Links to Countries
Presidential Commission
A Testimony to House
A Testimony to US Senate
Gartner Group Report
UNKNOWN (It varies. "Western" countries are probably in the low to medium range, the rest of the world ranges from low to high. However, the impact will also depend on industrial level of the country and the level of automation/computerization of its industry and services. The most critical are the countries with high level of computer use, such as "Western Europe", Japan, Australia, etc. Those seem to be in a quite reasonable shape.
It is unlikely that the carryover IMPACT on the USA will be more than LOW).

LOCAL Community

RTP Local
News Report
National Association of Counties

Wake County

City Governments

Cary, Raleigh, Durham

LOW

Universities
N.C. State University
Duke
UNC-CH
LOW

North Carolina
State of North Carolina
NC Y2k Supply Chain
National Association of States
LOW

Miscellaneous Links

Ziff-Davis Y2k site
Year200.com
Y2K-Status.Org

Press Clippings
Some Good Related Sites

More related sites
Vouk (most of the quotes are correct, some are out of context )

(8/2/98, Article ID: 9808020141, THE CHARLOTTE OBSERVER, Charlotte, NC)
Millennium failures overstated, critics say (9/14/98, Triangle Business Journal, Triangle Research Park, NC)
Millennium world is not flat, critics say (12/28/98, Austin Business Journal, Austin, TX)
Zero Hour (1/1/99, News & Observer, Raleigh, NC)
Billions tied up battling Y2K bug economic perils unclear as 2000 nears
(3/24/99, Charlotte Observer, Charlotte, NC - essentially a re-post of the 8/2/98 article)
"Y2-OK?" by K. Yaman, The Alumni Magazine of NC State University, Summer 1999, pp. 28-33

Major Skeptics

"Waiting for the Second Shoe to Drop"

NCSU-SEL Y2k (Version 1.5.1/Last Modified 01/01/00 )
Contact: M. Vouk, E-mail: vouk@csc.ncsu.edu , Tel: 919-515-7886, Fax: 919-515-6497, Department of Computer Science, Box 8206, North Carolina State University, Raleigh, NC 27695, USA

What am I to do?
[GSA Best Practice] [IEEE Recommended Practice] [Commone Sense]
"Don't Panic!". Get informed about the problem using knowledgable, reliable and reputable sources. Beware of con-artists, self-proclaimed experts (no matter how well they manipulate the Y2k jargon), and both well meaning and not-so-well-meaning panick-brokers and doom predictors! Web, and many other sources (including bookstores), is full of inaccurate, incomplete and market-driven overly pessimistic information and materials about Y2k events that may not be true at all, or have a very low probability of happening. A large number of "doomsday Y2k experts" that "air" their opinions over the networks and in various other information outlets have no appropriate computer science or computer engineering training, do not really understand the basic issues, or have ulterior motives. Those that do understand the underlying technological issues invariably have reasonable views and predictions, and do not forsee major perturbations, if any, beyond the failures and pain that computers and software give us on a daily basis in any case :-). FRAUD ALERT On the other, hand, you should not be complacent, and you should not totally ignore the issue. "A stich in time ... ", etc. So, Be Aware. You need to know there is a potential problem before you can fix it. It may be that there is no problem to fix. Inventory. Count and record everything that may have software or computer chip associated with it, or that depends on one! Do walk throughs to make sure you don't miss anything. Backup. If you have a computer, back-up all its content regularly. Find software licenses and original diskettes/CDROMs (or copies) so that you can re-load the operating system or software, if the necessity arises.Unless you are running from a stand-alone diskette/boot, DO NOT "fastforward" dates on your computer BEFORE backing-up the system. You could cause application and license damage that may not be reversible. Research & Evaluate. Use Web, contact vendors, other resources to determine if your hardware/software is compliant. Run compliance tests. Fix. Address (mission) critical items first. Create prioritized (risk) list of things to fix. Plan for Contingencies (Risk Management). Create a risk management plan, a plan on how to address emergencies that may arise, how to proceed if your fixes do not work, and what your alternatives are. Do this early, do not leave it for the last minute. If you have to cut corners, the plan should have in it where to cut and what the potential impact/cost of a short-cut or a failure to fix is. Plan workarounds and backup strategies.

Risks
Area (with related Notes, Sources & Opinions)	Y2k Risk as of 7/28/99 (Risk Definitons and Scale)
Public View of the Y2k Risks How concerned is the public? - a poll - following two items are some of the poll results: What will be the overall Impact? (Minor to no problems 66%, Major 34%) What will be Imact on you Personally? (Minor to no problems 86%, Major 14%) Concern Declining Frequently asked Questions More FAQ Gartner Group Report Some other "witching hours" (please take these with a large grain of salt ) April 9, 1999 (99th day of the year 99 - see 9/9/99 entry below) - Nothing really happend. A mention A longer explanation August 21, 1999 (GPS rollover) September 9, 1999 (and more) (e.g., 9999 used to be a common stop code for card-based input as well as data files. 9/9/99 offers possibilites if one uses old code) - Nothing really happend.	LOW to MEDIUM (trend towards low)
COMPUTERS
Personal computers? (please check the table above entitled "GENERAL") Start tracking problem behavior of your software and/or computing system between NOW and 31-Dec-99. Record all failures, problems and undesirable behaviors (time/date when they happen, brief description & cirmstances, duration of the downtime or recovery time, fixes, impact, include reboots due to software freezing or misbehaving, crashes, just nusance failures, your own mistake, communication/modem failures, etc.). Find failure rate by dividing the total number of failures by the total time (e.g., days) over which you are tracking. This will give you an idea how often your system fails as part of the "pre-Y2k" behavior. Keep track of how often you use date-sensitive applications. Make sure those are Y2k compliant. How many of the "pre-Y2k" problems your experience are date related? How often do they happen?	This PC risk and impact assessment assumes absence of Y2k viruses, and lack of deliberate Y2k related security attacks. It also excludes the pre-existing software, hardware and failure conditions, i.e., software and PCs fail regulary for a number of reasons that have nothing to do with Y2k. An active Y2k compliance evaluation and risk/threat resolution and mitigation is needed on the part of the owner. BACKUP your system THOROUGHLY & FREQUENTLY!
Apple/Macintosh	NONE to LOW (there is no hardware or operating system problem, but application software may still have problems of its own).
Unix boxes and software manufactured since 1997	LOW to NONE (you need to check for compliance)
PCs and software manufactured since 1997	LOW (you must check for compliance)
Embedded Chips (microcontrollers and microprocessors) - for embedded computer-controlled systems see under computer type that provides control. Press Release (10-Nov-99) Summary Managing Y2k embeded chip risks A useful set of access points Some articles Some scary stuff :-) Embeded Chip sites	LOW (but you must check for compliance, especially if you suspect a chip-generated date is being used to make decisions - the latter is very unlikely in microcontrollers, perhaps 1 in 100,000, and more likely in microprocessors, perhaps 2% to 7% of the microprocessors could be affected)
Unix boxes and software manufactured before 1997	MEDIUM (you must check for compliance)
PCs and PC Software Manufactured before 1997	MEDIUM to HIGH (you absolutely must check for compliance)
Poorely, inexpertly, or unprofessionally executed Y2k fixes	UNKNOWN (If Y2k software change activities follow the usual industrial software development trends, then as much as 25% of the Y2k fixes could result in new maintenance bugs that will linger on for years. This could be a real problem, be very careful what you download from the Web, or who you let work on your system or application - download/deal only from/with reputable sites and vendors!)
Y2k related Computer Viruses, and other deliberate Security attacks and threats (via network, via "backdoors", via trojan horses, via "Y2k-fixit" tools, etc.)?	UNKNOWN (could be a real problem, be very careful what you download from the Web, or who you let work on your system or application - download/deal only from/with reputable sites and vendors!)
COMMUNITY in General
Press Release (10-Nov-99) 2nd Summary - overall and by sectors (Apr 21, 1999) Summary (Jan 7, 1999) Summary By Sectors (e.g., Power, Food Supply, Oil and Gas, City Governments, States, Counties) Products The Law National Institute of Standards and Technology Gartner Group Report on US and International Readiness	Risk assesments presented here, assume at least the present level of ACTIVE and CONTINUED risk awareness, assessment, tracking, resolution and mitigation on the part of all involved parties.
Cars/Trucks	NONE
Government/Social Benefits Payments	LOW to NONE
Internet Draft Internet Report	LOW to NONE
Communications (including telephones) Sector Report	LOW to NONE
Emergency Services Press Release (10-Nov-99) Summary Red Cross	LOW to NONE
Elevators Buildings Press Release (10-Nov-99) Summary	LOW to NONE
Economy & Financial Structure (including banks) U.S. Economy U.S. Securities and Echange Commission Press Release (10-Nov-99) Summary Assessment Banks Wall Street Brokerage Firms	LOW to NONE
Electricity/Power NERC Press Releases Report Local Utilities Power Plants Running under 2000 Dates Press Release (10-Nov-99) Summary	LOW to NONE
Water, Sewage, Solid Waste	LOW to NONE
Food Supply Press Release (10-Nov-99) Summary Assessment USDA	LOW to NONE
Household Appliances	LOW to NONE
Postal Service	LOW to NONE
Oil & Gas	LOW
Air Traffic (by the way, air navigation works on Greenwich Mean Time, five hours ahead of U.S. Eastern Standard Time at the end of the year. The "critical" hour is 7 p.m. not midnight in whatever zone one is :-). Air Traffic - FAA (FAA is Y2k compliant!) FAA Bosses Y2k and Air Traffic	NONE to Very LOW
Health Services Compliance Survey Product Database RTP Area Medical Medicare	LOW
Large Businesses	LOW to MEDIUM (trend is towards LOW)
Overall Risks over all Federal Services and Functions Mission Critical Systems OMB Report House Subcommittee Report Press Release (10-Nov-99) Presidential Commission Summary More Federal Links Federal Government House Subcommittee GSA Y2k site Presidential Y2k Commission	LOW
Small and Medium Businesses Small Businesses - Report Small Business Administration Help from NIST PC Y2000 Alliance	MEDIUM to HIGH (trend is towards MEDIUM)
International Links to Countries Presidential Commission A Testimony to House A Testimony to US Senate Gartner Group Report	UNKNOWN (It varies. "Western" countries are probably in the low to medium range, the rest of the world ranges from low to high. However, the impact will also depend on industrial level of the country and the level of automation/computerization of its industry and services. The most critical are the countries with high level of computer use, such as "Western Europe", Japan, Australia, etc. Those seem to be in a quite reasonable shape. It is unlikely that the carryover IMPACT on the USA will be more than LOW).
LOCAL Community
RTP Local News Report National Association of Counties Wake County City Governments Cary, Raleigh, Durham	LOW
Universities N.C. State University Duke UNC-CH	LOW
North Carolina State of North Carolina NC Y2k Supply Chain National Association of States	LOW