Just some lite reading material. I have Edited it a bit
U. S. CHEMICAL SAFETY AND HAZARD
INVESTIGATION BOARD
Senate
Special Committee Chemical Reports Online
http://www.greenspun.com/bboard/q-and-a-fetch-msg.tcl?msg_id=000pfh
Year 2000 Computer Technology Problem
And Chemical Safety Issues
Testimony of
Gerald V. Poje, Ph.D.
Board Member
Before the
U.S. Senate Special Committee on the Year 2000 Technology Problem
United States Senate
Field Hearing
Trenton, New Jersey
May 10, 1999
Good afternoon, Mr. Chairman and Senator Lautenberg. I am Gerald V.
Poje, Ph.D., one of four members nominated by the President and confirmed
by the U.S. Senate to the U.S. Chemical Safety and Hazard Investigation
Board (CSB).
Snip
BACKGROUND
The U.S. Chemical Safety and Hazard Investigation Board, at the request
of Senators Bennett and Dodd of the U.S. Senate Special Committee on the
Year 2000 Technology Problem, has investigated the issues of chemical safety
and the year 2000 computer technology problem.
Snip
The board members have reviewed and approved the report which is available
via Adobe Acrobat at the Chemical Safety Board�s website: http://www.csb.gov/y2k/y2k01.pdf.
Snip
In synopsis, the Year 2000 Problem is a significant problem in the chemical
manufacturing and handling sector. All enterprises with sufficient awareness,
leadership, planning, lead time, financial and human resources are unlikely
to experience catastrophic failures and business continuity problems unless
their current progress is interrupted or there are massive failures of
utilities. Many larger corporate entities fit this profile. The overall
situation with small and mid-sized enterprises is indeterminate, but efforts
on the Y2K problem appears to be less than appropriate based upon inputs
from many experts. While the impact of the Risk Management Plans should
be positive, there are no special emphases or even specific mention of
Year 2000 technology hazards in either U.S. Environmental Protection Agency
(EPA) or Occupational Safety and Health Administration (OSHA) regulations
regarding process safety. Federal agencies are aware of and involved in
Year 2000 technology and chemical safety issues. However, significant gaps
exist, and there do not appear to be specific plans to address these gaps.
Scope of Issues
The Expert Workshop, as well as the research conducted for our report,
concluded that the Year 2000 problem is one of major proportions and has
the potential for causing disruption of normal operations and maintenance
at the nation�s chemical and petroleum facilities. Compliance activities
reported to the Chemical Safety Board to date have not found a single failure
(embedded microchips or software) which by itself could cause a catastrophic
chemical accident. However, it is unclear what the outcome might be from
multiple failures, e.g., multiple control system failures, multiple utility
failures, or a combination of multiple utility and control system failures.
Surveillance of the industrial sector that handles high hazard chemicals
is insufficient to draw detailed conclusions applicable to all localities.
One theme upon which experts agree is that failures from Y2K non-compliance
at small and mid-sized enterprises is more likely. The reason is a lack
of awareness regarding process safety in general and the Y2K impact in
particular, lack of resources, and technical know-how for fixing the problems.
Given the time constraints, altering this situation would require a massive
effort. The Board has concluded that this effort should focus on: 1. providing
easy-to-use tools, 2. promoting accessible resources, and 3. providing
attractive incentives for Y2K compliance efforts. Additional efforts should
be the focus of an urgent meeting of agencies convened by the Administration.
Facility Issues
The potential for catastrophic events, at US chemical process plants,
stemming from Year 2000 non-compliance, can be divided into three categories:
failures in software or embedded microchips within the process plants,
external Y2K-related problems (e.g., power outages), and multiple Y2K-related
incidents that may strain emergency response organizations. A check list
of devices to be assessed for Year 2000 compliance at a chemical plant
is identified in Appendix A.
Snip
While existing disaster recovery plans focus on loss of data centers,
facilities, or communications circuits, Year 2000 contingency planning
must focus on loss of external services and multiple simultaneous occurrences.
With Y2K issues, problems will be more complex and they will happen simultaneously.
Unpredictable human behavior will make them worse. The same problem may
occur in multiple places, and some problems will ripple into other areas
threatening health and safety, individual business continuity and supply
chain failures.
The CSB conclusions vis-à-vis large and multinational companies
should not be construed to mean that there is no potential for Y2K-related
catastrophic events at these facilities. It is possible that some Y2K-impacted
components may not have been identified, compliance programs may not achieve
100% completion before critical dates, or multiple failures that may not
have been considered may result in accidents.
In addition, the erosion of commodity pricing, merger and acquisition
activity and loss of critical Y2K staff through 1999 may create unique
threats to successful completion of Y2K projects.
The major control and instrumentation vendors canvassed in our study
are involved in an extensive program to provide Y2K compliance for their
products. There is, however, reason to believe that some independent control
systems integrators may have developed and implemented control systems
for which there is little or no documentation of Y2K-related vulnerabilities.
In addition, some vendors are no longer in business or not as cooperative
as the major control and instrumentation vendors.
Snip
-
After the Bhopal, India disaster in December 1984, Congress enacted
Title III of the Superfund Amendments and Reauthorization Act (SARA) in
1986. SARA Title III required states to establish state and local emergency
planning committees (LEPCs), mandated that facilities must make information
on hazardous chemicals available to the public, created basic research
programs at universities, and established training programs for workers
and emergency responders. Additional catastrophic failures in the United
States during 1988 and 1989 prompted the 1990 Clean Air Act Amendments
which established: a general duty obligation in regard to process safety,
OSHA Process Safety Management (PSM) rule, the EPA Risk Management Program
(RMP) Rule, and the formation of the Chemical Safety and Hazard Investigation
Board.
-
If Y2K failures become sufficiently apparent in 1999-2000, policy makers
likely will need to consider three major issues: 1. The absence of adequate
data regarding Y2K compliance, despite widespread recognition of the problem,
deadlines for compliance and consequences, 2. Inadequate application of
established principles for managing process safety in facilities, particularly
as it relates to automation and information technologies, and 3. Gaps in
process safety training, technical assistance, and research, particularly
as it applies to small to medium sized facilities and those in low income
and minority communities.
snip
Recommendations
The following recommendations were developed based on input from the
workshop attendees and research conducted during the CSB Y2K study.
Executive Administrative Agencies
-
The Administration should promote the development of an information clearing-house.
Information such as checklists and lists of devices or equipment susceptible
to Y2K failures should be provided specific to industry sectors. A Federal
government agency should be a focal point for the clearing-house in coordination
with other public and private entities, and thereby shielding organizations
that provide Y2K-related information from the threat of lawsuits.
-
The President�s Council on the Year 2000 should coordinate a contingency
planning phase to build public awareness and promote the ability of emergency
response infrastructure at the federal, state, and local levels. The U.S.
Environmental Protection Agency (EPA) should promote the development of
contingency plans to assure capable emergency response and promote communications
among facilities, local governmental agencies and the nearby communities
should problems arise. Federal initiatives should include the organization
of regional conferences focusing on ways to assess risks appropriately
and how to prioritize which systems and facilities pose greater risks.
-
EPA and the Occupational Safety and Health Administration (OSHA) and other
safety organizations should increase Y2K awareness in small and mid-sized
enterprises (SMEs).
Facilities
-
All processors that will run through the transition should have plans and
sufficient and trained staff on hand to manually take control of the process.
Facility managers should be prepared to shut down the process quickly and
safely should control problems occur. Manual operations, especially over
extended periods of time, may require significant changes in staffing and
comprehensive training of managers, operators and other workers.
-
Batch processors should consider delaying batches involving hazardous materials
that will be in the process as the clocks turn to 2000, and at other sensitive
dates, for processes where testing was not done or testing results were
inconclusive.
-
Chemical workers, emergency responders and local governmental agencies
that focus on environmental health and emergency response should be provided
with training and tools (e.g., guidelines, checklists, and software) to
address Y2K issues.
-
Facility managers should phase-in and coordinate shut downs, resulting
either intentionally as a safeguard against Y2K-related failures or as
a direct result of Y2K failures, and startups with local utilities and
agencies, including emergency response agencies and Local Emergency Planning
Committees.
Other Sectors
-
Power outages and other utility failures could constitute as much of a
threat, or even more so, than internal process plant Y2K-related failures.
Thus, utilities and oversight agencies should expend every effort to preserve
the integrity of the national power grid system, local power supplies and
other appropriate utilities. Chemical facilities individually and aggregately
can exacerbate unusual loading patterns and minimum generation condition
on the electrical grid. Therefore, contingency plans for utilities and
chemical facilities should incorporate specific elements for cross sector
communication.
-
Snip
Summary
In summary, the Year 2000 technology problem is a significant problem
in the chemical manufacturing and handling sector, posing unique risks
to business continuity and worker and public health and safety. All enterprises
with sufficient awareness, leadership, planning, financial and human resources
are unlikely to experience catastrophic failures and business continuity
problems unless their current progress is interrupted or there are massive
failures of utilities. Many larger corporate entities fit this profile.
The overall situation with small and mid-sized enterprises is indeterminate,
but efforts on the Y2K problem appears to be less than appropriate based
upon inputs from many experts. Federal agencies are aware of and involved
in Year 2000 technology and chemical safety issues. However, significant
gaps exist, and there do not appear to be specific plans to address these
gaps.