|
|
|
|
|
|
|
The Year 2000 Team
"I’m not even sure that it’s paved," the incredulous executive said, on receiving a form asking if his parking lot is "Y2K compliant." As related by the Wall Street Journal, the questionnaire asked, "Who is leading your Y2K efforts?" The executive, mocking the document wrote, "There are large rodents on the property who are in charge of our...Y2K efforts." In the margin he scribbled, "This is the best proof I’ve seen that the Y2K situation is a...scheme...to sell software."
The use of Y2K questionnaires has become a widespread practice. The occasional foolish inquiry may occur – and the leap from software to parking lot "Y2K-readiness" may seem odd? Yet most of MIT’s parking facilities require card access, and magnetic card systems are known to be vulnerable to Y2K-related failures. Our questioning the card-reader vendor makes sense. Avoiding a parking lot traffic jam on January 4, 2000 is but one of many such issues that must be tackled over the remaining months of 1999.
Y2K questionnaires have been received by most departments within MIT. The proper handling of these documents is very important. In this column, these and related concerns will be discussed.
Y2K requirements have been made clear. Government research and contract sponsors, recognizing that data errors could impact a broad range of activities, have issued stringent regulations for Y2K compliance. Questionnaires are often used to follow up with researchers.
The Federal Acquisition Regulations (FAR) Section 39.002 requires that "...information technology accurately processes date/time data (including, but not limited to, calculating, comparing, and sequencing) from, into, and between the twentieth and twenty-first centuries, and the years 1999 and 2000 and leap year calculations, to the extent that other information technology, used in combination with the information technology being acquired, properly exchanges date/time data with it."
A simple date example comes from Peter de Jager: "I was born in 1955 and if I ask the computer how old I am today, it subtracts 55 from 93 and announces I am 38. So far so good, but what happens in the year 2000? The computer will subtract 55 from 00 and will state I am – 55 years old. This error will affect any calculations that produce or use time spans." (Computerworld, September 1993 )
It’s easy to envision how time-span calculations in computer software can be impacted, and why sponsoring agencies would be concerned. Scientific data logging and analysis, financial calculations and process controls all use time-span calculations. For example, every time a data log is created or modified on a computer, it is date stamped. On a computer that is not Y2K-ready, a data log created on 12/30/99 will be considered 99 years newer than one created on 1/4/00.
Embedded microchips, which have hard-coded instructions including date calculations, are also affected. Embedded chips are ubiquitous - found in scientific and medical equipment, security systems, elevators, and other devices. Where 2-digit dates have been used, there is a Y2K risk. FAR Section 39.002 applies to these devices as well. As mentioned in my last Newsletter article, MIT has retained embedded systems specialists to assess non-computer equipment, and to make recommendations on steps that can be taken toward Y2K-readiness. However, it is important to note, the repairs and testing of suspect research equipment is the responsibility of the individual research areas.
In the meantime, questionnaires have been received from sponsoring agencies by MIT researchers, to confirm the Y2K-readiness of sponsored projects. Questionnaires received from sponsors should be forwarded directly to OSP, and should not be handled by individual researchers.
Other questionnaires, from a variety of sources, have been received on campus. The standard response to outside inquiries is available at: <http://mitvma.mit.edu/mity2k/mitstatus.html#inquiries>.
Another aspect of the MIT Y2K effort involves other questionnaires: those being sent by MIT to our primary vendors and suppliers. Is our parking lot equipment Y2K compliant? Have our vendors recognized the Y2K issue? Have they taken steps to correct their processes? A minor disruption in a vendor’s normal operations could have consequences on campus.
Suppose, in January 2000, an animal feed supplier becomes unable to deliver products because a scheduling system fails. The use of another type of animal feed would introduce a new variable into an ongoing experiment. What can be done?
Risk mitigation is the key. Questionnaires are being sent by MIT to the Institute’s primary vendors and suppliers, to determine their ability to provide goods and services without interruption after December 31, 1999. An important additional strategy within research areas is to consult critical providers of goods and services for research projects, paying particular attention to those providers who are sole resources for essential products, materials, and service contracts.
In many cases, there are legal concerns behind the exchange of questionnaires and requests for assurances. Questionnaire authors seek to avoid costly computer breakdowns, disruptions in the normal workflow, corruption of important data – as well as legal liability for Y2K-related failures. Because of the interconnectedness of our society, a Y2K-related failure in one organization could easily disrupt normal operations in many others.
According to a Palmer & Dodge LLP publication, "Behind all the remediation efforts, the specter of litigation looms. If the predictions are correct, Y2K litigation will be more costly and affect more businesses than any other type of litigation to date." Lloyd’s of London and others have predicted that claims worldwide could exceed $1 trillion.
In response to the legal issues anticipated, a number of pieces of legislation have been, or are being considered by the U.S. Congress. The Year 2000 Information and Readiness Disclosure Act of 1998 (Public Law 105-271, 112 Stat. 2386), passed in October 1998, reduced risks involved when companies share information about their Y2K readiness. The act is credited with improving the information flow among companies. Prior to the act, organizations would often say nothing about their Y2K compliance status, rather than risk being wrong. Other proposed legislation includes moves to cap punitive damages and attorney’s fees in Y2K litigation, and raise the plaintiff’s burden of proof above the current standard.
The MIT Year 2000 Team was created to assist the entire MIT community in effecting a successful and uneventful transition from 1999 to 2000. The primary goal of the team's work, undertaken with the cooperation of the MIT community, is to minimize Y2K-related risks.
MIT is committed to a goal of "no y2k-driven material systems failures or disruptions." (Material systems are defined as those required to support life, safety, security, and the environment on campus. Other vital systems may also be designated as "material.")
Detailed, up-to-date information is available at the MIT Year 2000 Team’s site: <http://mitvma.mit.edu/mity2k/>.
Team members are also available to make meeting presentations to departments, labs, and centers. Call 253-2000.
In the months to come, this column will address questions about individual preparations and frequently asked questions, as well as contingency planning and other work. Questions are welcome, and should be addressed to: <y2k-help@mit.edu>.
|
|
|
|
|
|
|