Managing the Embedded Systems Time-bomb
Supply-Chain Issues and Legal Implications
A Strategic Planning Approach
Project Management and Contingency Planning
Seeking Commitment and Sources of Support

Government Information Systems, Peter Bugeja, Divisional Manager, Information Systems Division, MITTS

Peter Bugeja commenced his presentation by explaining that MITTS is the Malta Government agency responsible for IT with 350 employees undertaking Government work. He said that work started on the Y2K problem in 1996 with an initial impact assessment to determine and understand the size and complexity of the problem. MITTS then approached the problem as an IT business issue by raising awareness at senior management level, and gaining commitment of resources - both budget and people.

He said that it was difficult to get commitment for "searching lines of code" rather than for a "new project".

The problem was broken down into Y2K compliance categories such as hardware, operating systems, software, office automation packages, and in-house utilities. The full hardware inventory amounted to over 7,000 PCs, over 100 servers and communications equipment. The full software inventory amounted to 190 applications and 21 different development languages.

MITTS prioritised the systems/services into high (28%), medium (34%) and low (38%) critical applications, and then tried to assess the internal resource required to service this need. After this, MITTS decided which work to outsource and which to resource internally.

Peter said that testing would account for over 50% of the Y2K effort. Compliance testing would identify areas of non-compliance by using a variety of dates. Benchmark testing would establish a set of results for comparison and fixing. Post-fix testing would be used to ensure that areas of non-compliance were addressed and correct functioning was not affected

Finally, Mr Bugeja said that it was important to have a supplier management strategy - initiate discussions with suppliers and obtain written confirmation of actions being taken as well as the legal and insurance liabilities of non-compliance.

 

Managing the Embedded Systems Time-bomb, Richard Wilson, BT Laboratories

Richard Wilson began his talk by saying that world-wide there were about 25 billion embedded systems or approximately 4 embedded systems for every man, woman and child on the planet. To bring it home to the audience he quoted a whole list of examples of embedded systems which affected our business and domestic lives - traffic lights, video recorders, fax machines, fire alarms, lift controllers, car engine management systems, medical monitors, telecommunications systems and military hardware.

He said that system failures would not all occur at the end of 1999 and detailed other likely dates - 1 Jan 99, 22 Aug 99, 9 Sep 99 (all "9"s), 23 Sep 99 (99 days to the year 2000), Dec 99, 31 Dec 99, 1 Jan 2000 and 29 Feb 2000 (leap year). He said some of the problems are already occurring but that they will reach a peak in Dec 99, and Jan and Feb 2000.

Richard continued by defining the Y2K problem as twofold - software code embedded into a device not programmed to cope with"00" as the year data, and an incorrect date obtained from an onboard or external clock chip.

He went on to describe the four basic modes of failure as follows:

Temporary malfunction where the system fails at the year 2000 but can be restarted;

Partial malfunction where the system continues to function with an incorrect date which might have a knock-on effect later;

Permanent malfunction where the system fails and cannot be reset or restarted;

Catastrophic malfunction where the system functions in an unpredictable way which breaches safety protocols, causes death or injury, or has disastrous knock-on effects with other systems.

Mr Wilson closed by discussing risk assessment, testing and validation, and listing a whole range of web site addresses for "best practice" action on the Y2K problem.

 

Supply-Chain Issues and Legal Implications, Alexander Borg, Year 2000 Supplier Management Coordinator, MITTS

Alexander Borg addressed the supply chain issues, the supplier management assets, and the legal implications.

The main supply chain issue is that products come from many different sources - dealers, resellers, distributors and manufacturers - and consist of many different components - sophisticated control equipment, computer hardware and software. This means that either the supplier or product, or both, is not necessarily compliant. One small hitch in the chain and the whole system could come to a stop.

On the supplier management side there is a whole contractual framework but essentially the strategy should be to inventorise all hardware and software, identify all licenses and agreements, conduct a legal analysis (warranties, limitations on liabilities, force majeure etc.), and identify third party vendors which can offer upgrades or compliance statements.

Many vendors may try to exploit the situation in order to make a fast buck but careful and planned negotiation will save a lot of money. The golden rules of negotiation should be followed - be tough and do not assume anything, know your rights and obligations, record all communications in writing and avoid litigation.

Mr Borg finished his presentation by referring to the legal implications of non-compliance citing the fiscal legislation of breaking the Corrupt Practices Act, failing to keep auditable records required by the Inland Revenue, and finally the law on Breach of Contract.

 

A Strategic Planning Approach, Joseph Zammit, Year 2000 Project Manager, MITTS

Joseph Zammit began his talk by saying that solving the Y2K problem is not rocket science in terms of complexity but it is the sheer size of the problem that has caused it to be the largest project ever undertaken by most IT organisations. The scale of the problem relates to the amount, age and provenance of the program code, the complexity of the application, the range and age of the hardware, and the number of vendor packages.

Referring to strategic planning, businesses should adopt strategies to tackle the problem by maximising the business value, maintaining business continuity and function, undertaking corrective actions in the right sequence and rationalising business processes at the same time. He outlined the overall strategies as testing, remediation, human resources and vendor management.

The testing strategy requires careful planning, may involve up to 50% of the work force, and cover all categories of computing - hardware, software and embedded and control systems. The remediation strategy focuses on converting, upgrading or replacing hardware and software in conjunction with suppliers and arranging corporate fixes and solutions. The human resource strategy is to overcome the lack of attraction of the work as it is perceived as being associated with old technology, repetitive and not in any way sexy. The vendor strategy is one of liaison, problem-sharing and the prospect of future business for the vendor if the partnership succeeds.

In conclusion, Mr Zammit said that the secret of success at a strategic level was to have complete commitment to solving the Y2K problem from all the enterprise's management board.

 

Project Management and Contingency Planning, Michel Ganado, Management Consultant, PricewaterhouseCoopers (PwC)

Michel Ganado opened his presentation by saying that PwC was involved in many projects in Malta. He said that solving the Y2K problem was a project management rather than a line management problem - the former having a fixed end point, cutting across functional boundaries and relying on influence and persuasion whilst the latter continues indefinitely, tends to be hierarchical and based on formal authority.

The project management lifecycle provides a tightly managed framework.

Normally in any project the risks can be identified and assessed, and actions can be taken to minimise them.

So what is different about a Year 2000 project? The deadline cannot be moved, it cannot be missed, and it is global. The dangers of the "Year 2000" is that it is simple to fix, it is assumed to be an IT problem, the cost of fixing it is substantially under-estimated, and "Year 2000" sends the wrong message.

Mr Ganado finished by saying that the risks associated with theY2K problem are enormous. The dangers include lack of knowledge of the problem and lack of senior management support, over-optimistic plans, and inadequate resources to deal with the problem, a failure to appreciate the system inter-dependencies, and the necessity to replace systems to maintain compliance.

 

Seeking Commitment and Sources of Support, Ian St. John Hugo, Assistant Director, Taskforce 2000, UK

Ian St John Hugo commenced his presentation by saying that he viewed the Y2K problem from a country perspective. Whereas Taskforce 2000 is funded privately, Action 2000 is funded by the British Government.

He proceeded with a national perspective but said the problems were the same whether at a company or country level - getting top level commitment, appointing project managers, setting up project teams, sizing the task and starting awareness programmes.

At a national level, the impact was on the economy, inward investment, employment and the international trading position and failure to tackle the problem could be reflected in the ballot box or even result in civil unrest.

Top level commitment meant ministerial responsibility, national initiatives for both government and other public sectors.

Sizing the problem meant picking out the most critical sectors of the national economy - key public services, key industries and key infrastructure services.

Priorities in Government departments included Inland Revenue, Customs & Excise, DSS, Dept of Education, Home Office, MOD etc. Key industries are materials, manufacturing, employment and other service industries. Infrastructure covers water, electricity, telecommunications, transport, fuel supplies, and food chains.

The methods of implementation of remedial action are through Government edicts, regulators - both national and international - and trade, industry and community associations. In addition, Government has the responsibility to promulgate national awareness campaigns to reach the people at large.

Mr St John Hugo finished his presentation by handing out copies of "The Millennium Watch" - a monthly magazine edited by himself, sponsored by Taskforce 2000 and distributed country-wide to increase public awareness of the Y2K problem.