S. Africam govt's take on embedded systems--"The Hidden Menace"

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread


22 July 1999

The Hidden Menace

Like needles in a haystack, embedded systems must be found and tested to ensure that they are Y2K compliant.

In the years BC (Before Computers) the task of looking for a needle in a haystack was the metaphor commonly used to describe any labour of immense difficulty.

The Millennium Bug has brought with it a problem that supplants this folksy old simile and replaces it with a hi-tech task that is even more mind-numbing in its ramifications.

This is nothing less than the identification, testing and Y2K remediation of millions upon millions of date-sensitive microprocessors and microcontrollers currently in use worldwide in embedded systems.

The Gartner Group of the US, a highly respected computer industry research company, estimates that there are about 50-billion of these chips embedded in systems that drive everything from nuclear missiles and plant machinery to power-stations and wristwatches.

Of this staggering figure, the Gartner Group believes that one per cent will suffer from Y2K-related problems which will result in random, unpredictable behaviour at best, and total failure at worst.

Globally, some 25-million of these microchips control and monitor processes in mission critical systems, which means they must be located and fixed before 1 January 2000, or countries throughout the world will experience a rolling failure wave of devastating proportions.

Nobody knows for certain how many of these embedded date-reliant devices there are in South Africa, although we do know, for instance, that they are definitely to be found in many of the mission critical systems of municipalities and other agencies charged with the delivery of essential services to communities.

A general-purpose definition of embedded systems is that they are devices used to control, monitor or assist the operation of equipment, machinery or plant.

In many cases their embeddedness may be such that their presence is far from obvious to the casual observer and even the more technically skilled might need to examine the operation of a piece of equipment for some time before being able to conclude that an embedded control system was involved in its functioning.

At the other extreme, a general purpose computer may be used to control the operation of a large complex processing plant, and its presence will be obvious.

The description "embedded" refers to the date and/or time instructions permanently loaded into these critical microchips and to the fact that the device itself is often embedded deep within the systems or equipment they control.

They pose a number of problems. First of all, they have to be located, a difficult enough task in itself. Then they have to be tested and possibly remediated or replaced so that they recognise the rollover to the new century as the year 2000, and not 1900.

The problem is compounded by the fact that the economies of scale practised worldwide by manufacturers of these embedded devices often means that date and time sensitive chips have been placed in many systems that do not even require these capabilities for their normal functioning.

A further obstacle is that even when located, seemingly identical chips can react differently to the Y2K problem. The testing of a spare chip, therefore, will not necessarily indicate how a similar one embedded in plant or a critical piece of equipment will respond to the Millennium Bug.

The simplest approach to this complicated chain of Y2K problems is to ask the manufacturer of the embedded device whether or not it will handle the date change at midnight on 31 December this year.

A problem here is that the manufacturers are often unknown, and where they are they often cannot guarantee Y2K compliance as this is a factor that has only recently become part of chip design specification.

There is not even total agreement in the industry on what could be affected by non-compliant embedded devices.

All do agree, however, that electric power utilities are among the prime targets for embedded bugs.

In everyday life we can expect embedded problems to emerge in such areas as business machines, consumer electronics, alarm systems, computer motherboards, clocks, food production and distribution, ventilation and air-conditioning systems, lighting and refrigeration controls, medical and scientific apparatus, manufacturing equipment, telecommunications, printing presses, process controllers (PCs), and Supervisory Control and Data Acquisition (SCADA) systems.

For a more complete list of possible bug targets check the Internet website www.compinfo.co.uk/y2k/examples.htm#embedded. The mind-bending task of finding, funding and fixing only mere millions of mission critical embedded devices is already leading some experts to conclude that it will be cheaper to let some facilities fail and pick up the pieces later, especially as failures are expected to be spread in time and could happen throughout the first decade of the new century.

This is because Y2K problems in embedded systems differs from the problem in commercial/database/transaction processing systems (often referred to as IT systems). Firstly, the user's problem may lie much deeper than in packages or applications software. It may lie in and be inseparable from systems and operating software and from hardware, ie, in the platform on which the application software is based.

Secondly, embedded systems are often more concerned with intervals than with specific dates. The need may be for an event to occur at 100-day intervals rather than on, say, the fifth day of each month. Y2K problems may thus reveal themselves both before and for some time after 1 January 2000, and not at all on the date itself.

The lifespan of embedded systems is usually greater than for commercial data processing systems and they remain in use for longer without alteration to their software. The older the software, therefore, the more it makes it susceptible to Y2K problems.

The Institution of Electrical Engineers (IEE) of the UK quotes one expert as seeing possible embedded Y2K scenarios ranging from a "non-event," where nothing unmanageable happens; through "speed bump," with problems slowing down commerce and industry, and "slow drag," where problems appear over time after 2000; to "blizzard" with significant problems and a reversion to many manual operations, and "hurricane," where physical and technical disasters abound.

A postscript scenario is "Apocalypse Now," where public panic is added to all the foregoing disaster ingredients. A more sober assessment can be made from the Gartner Group's evaluation of the likely failure rates of:

Microcontrollers: These are found in domestic and consumer products. These cannot be programed and rarely have a real-time clock. Gartner estimates that the chance of one of these systems failing is 1 in 100 000; Microprocessors: These are more complex and sophisticated. They may cause problems if used in conjunction with a program that is connected to a real-time clock. It is estimated that seven per cent of these will have transient Year 2000 problems; two percent may have "persistent" problems; and Large-scale systems: These are where a computer with a hard disk drive is connected to equipment, which may incorporate microprocessors. The failure rate for these systems is estimated at 35 per cent.

The Institution of Electrical Engineers draws attention to the fact that virtually all media attention on Y2K has been focused on information technology (IT) problems and urges equal, if not more, attention be paid to embedded systems.

Says the IEE: "There are very many more of them than there are computers, and many companies (particularly smaller manufacturers) are much more liable to have a failure which seriously affects their business in an embedded system than in a computer...

"Many companies are much more liable to have a failure which seriously affects their business in an embedded system which controls some machine or a piece of equipment than a computer.

"Most small firms whose PC has a date problem will still be able to use it to deal with their correspondence, and if the worst happens they can probably revert to pen and paper. "The option of reverting to manual methods is probably not available in the case of plant they use in their production or service-provision process.

"Embedded systems -- and their failure -- may affect not only business profitability but also the safety of employees, customers and the general public."

The IEE notes that safety regulators have the power to demand that equipment be taken out of operation if its safety cannot be relied on.

In South Africa, the Y2K committee of the Highveld branch of the Association of Municipal Electricity Undertakings (AMEU) adds the warning:

"Many embedded systems may appear not to process information and therefore appear not to present a year 2000 risk.

"These embedded systems may, however, contain a timing chip with the capacity to keep time with reference to a specific date and time in the past.

"No system should therefore be excluded from consideration for year 2000 compliance solely on the basis that it has no apparent date function."

In view of the vital role played by the electricity distribution industry in keeping the wheels of industry turning in South Africa, the AMEU recently (April) established an open-ended database of critical Y2K date and time compliant and non-compliant logic-based control and command systems as part of efforts to ensure that power supplies to consumers are not interrupted before, during, and after the rollover to the new millennium.

-- Old Git (anon@spamproblems.com), August 08, 1999


Well???? C'mon, Flint, lets see the usual 1000 words of useless mishmash, the bottom line of which will be something like, "So, as you can see, this article is actually GOOD NEWS regarding embedded systems!"

-- King of Spain (madrid@aol.com), August 08, 1999.

Sounds like they need to send deJager on tour over there to "break some backs"

-- a (a@a.a), August 08, 1999.

Moderation questions? read the FAQ