Embedded systems on offshore oil production platforms can be tested and fixed according to the current Wired Magazine article (black issue). The oil company

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread

maintains a duplicate system on shore so that when a severe storm approaches, the workers can be evacuated from the production platform and the monitoring and control functions are transferred to the backup site on land. The backup site can be tested for Y2k compliance. The good news in the article is that the systems can be tested in the office and the bad chips can be replaced like in a home computer and the chips are not at the wellhead under 2000 feet of water. If they can find and replace the problem chips, the oil will at least flow from the well. The question is are most embedded chips in oil wells, refineries, pipelines, etc. located in SCADA type controllers where they are accessible or are they buried inside the guts of the refinery, pipeline, etc. so that they are physically difficult or impossible to get to? In other words, is it a matter of replacing the chips or is a worker required to physically replace valves, pipes, etc. to fix the problem? I had read where some entire refineries were not going to be fixed because it was too difficult to find and repair the problem equipment. Can any engineer types familiar with the embedded systems issues answer these questions? People would be less scared about this if the equipment to be fixed and tested is physically available. Are replacement chips generally available for this type equipment or are these designs where the company is out of business and compliant chips are not available making it necessary to replace valves and major components because the connenctions are not compatible with the current chips that would do the job?

-- Steve (curious@aaa.com), March 21, 1999


The last ten lines of your post hit the matter dead on. In cases where the control electronics are integrated into a single package with the valves and actuators, then yes, doing the embedded device replacements will require serious hardware replacements also.

Your next area of comment, replacement chips hits at the issue of advancing technology rendering some of the parts obsolescent. PROMS (Programmable Read-Only Memory) chips and EEPROMS (Electrically Eraseable PROM) which were standard items just two years ago are no longer in production. One instance comes to mind where we managed to buy up a supplier's remaining stock of older PROM chips that we needed to reprogram devices that had Y2K-noncompliant programming. We paid a premium price to get our hands on the last available stock of those chips. The cost of one new chip was almost equal to the cost of the embedded device it was installed into. But we couldn't replace the devices because no other available design fit into the space we had available.

I was involved in one product effort where the availble functional replacement device was four times the size of the original embedded device. We were lucky, we had plenty of internal space available. I can envision some situations where major modifications will be required to make a replacement workable. Situations like these will really complicate Y2K efforts on systems where they don't have lots of room to work in.


-- Wildweasel (vtmldm@epix.net), March 21, 1999.


-- SCOTTY (BLehman202@aol.com), March 21, 1999.

I wonder if some of these boards designed for harsh conditions are potted in epoxy making it immpossible to replace parts even if you can get them.

-- y2kbiker (y2kbiker@bellatlantic.net), March 22, 1999.

More likely, the effort to gouge out the expoxy will destroy the "embedded" ajacent parts. We did one NASA high volt power supply like that - happended to be for a satellite, but the principle holds true - the epoxy covered and insulated an entire group of controllers and regulators - there would be no way the pull parts and replace without detroying the assembly. There would be no way to avoid damage.

What concerns me was the added comments above "last controllers" "hard to find", "had to get" as replacement parts. The ones that fail - and those that fail because troubleshooting and ajacent controllers failed - may become worth many times their weight in diamonds and gold. Funny that silicon and carbon could be that valuable - but if the unit can't run without it in it - ya gotta have it in it!

-- Robert A. Cook, P.E. (Kennesaw, GA) (cook.r@csaatl.com), March 23, 1999.

Moderation questions? read the FAQ