De-coding Y2K

The apathy towards the Y2K bug has led some to believe that nothing is going to change except the year 2000, comes after midnight on December 31st this year. Despite the hoopla that the Y2K bug can or may cause, most dis-believers have a wait and see attitude. "I suppose we'll just get caught with our pants down," says one petroleum industry insider.

So what exactly is this Y2K bug and how is it going to affect the petroleum industry? Well, back in the 1960's and 1970's, Fortran and COBOL programmers used only the last two digits of the year to represent the date. Back then, memory and computers were very expensive. For instance, it cost about a million dollars to install 32K of memory for an IBM 3090. Soon two-digit dates became the industry standard and it was assumed that eventually hardware and software replacements would cure the ailment. But when the year 2000 is reached, many mainframes will assume it's the year 1900 and many personal computers will assume the year 1980. So when these computers mis-calculate the date next year, there's a chance that they will either malfunction or shut down entirely.

The year 2000 is further complicated by the fact that it is a leap year, a fact that some computers may fail to recognize. Even this year may be problematic, as "99" is sometimes used as a "destroy or expiration" date, when data can be archived permanently and sometimes lost. A critical date this year is September 9, 1999. Two more critical Y2K testing dates this year, include August 22, 1999 which poses a potential problem for global positioning system users and October 1, 1999 - the first day of Fiscal Year 2000. With estimates of 35 to 40 billion time-sensitive micro-processors worldwide, the Connecticut-based Cartner Group and the U.S. Congressional Research Service estimates the worldwide impact of the millennium bug to cost up to $600 billion. In the petroleum industry, computerized and automated systems with embedded date codes have become ubiquitous and are found in production, process control, transportation, security and communications.

In particular, embedded computer chips known as Programmable Logic Controls (PLCs) are used extensively to control metering equipment and compressors. PLCs are found in field instruments, such as flow meters, transmitters, wellhead management and leak detection systems, safety systems including emergency shutdown and environmental monitoring equipment, and machinery control. Consider an offshore drilling rig, which is comprised of 10,000 embedded computer chips. When taking inventory of a petroleum company's situation, the search for computer chips needs to examine platforms, pipelines, plants, refineries, facilities (including power supply and buildings), processes and retail outlets.

Without understanding the virulence of the millennium bug, a typical response for organizations is to just to buy new hardware and software. But as pointed out by the website of the Petroleum Services Association of Canada at www.psac.ca/y2k.html. "that even though you purchased hardware or software recently, it still may not be year 2000 compliant." Furthermore, Y2K will not be considered an "Act of God". Insurance coverage may not protect you against Y2K losses. Claims may be made against directors and officers. Insurance claims resulting from lawsuits that may arise may be denied. Businesses could face lawsuits should their businesses be interrupted and unable to fulfill contracts.

The Y2K bug is more invincible that an organization's hardware and software. It has potential to breed within four other distinct categories: applications and data, communications systems, building infrastructure and embedded date-sensitive found in production and process systems; and manufactured products. This pest has impact on an organization's critical business and financial systems, operations, infrastructure and readiness affected by suppliers, customers and third parties.

The millennium bug has enough potency to cause a chill throughout a network - servers, desktop computers, operating systems, building automatic devices (i.e. elevators, air conditioning), databases, telecommunications (switches and protocols) and office automation tools (spreadsheets, wordprocessing, etc.) There is considerable potential for disaster with corrupt databases, inaccurate calculations, inaccurate electronic data transfer, incorrect sorting, errors with budgeting, projection and forecasting systems and failure to adhere to scheduled housekeeping routines. Further fiascoes may arise from problems with electronic data exchange, security systems, fax machines, PBX switchboards and delays with time-based activities.

Once an organization is aware of the millennium bug, there's a tendency to assume that the solution is something that the information technology department can readily straighten out before the end of the year. Still, this task is not as easy as it sounds. There are no established standards for Year 2000 compliance, vendor definitions of Year 2000 compliance may vary, testing techniques being used may vary and dating standards may differ. Then there's the question that the software actually being tested in a Year 2000 environment. The data issues are possibly the most important, but least understood, as altering programs does not cause significant database changes. Application software may be Year 2000 compliant, but actual databases may still be improperly designed. Then there's the concern about Y2K compliance of all the interfaces that the application may come in contact with. It is also important to assure that hardware vendors will be around to provide support after the year 2000, that systems are carefully documented prior to testing and further software modifications are to be determined after the hardware is modified. Furthermore, desktop and personal computers require assessment.

Beyond technology, management has to realize the gamut of business risk issues concerning governance, management, technology, accounting, auditing and reporting. Jennifer McNeill, president of Calgary-based Cipher Systems, says, "About 80% of the companies are looking at the Y2K issue as an IT problem, but it's really a business issue that should be initiated by senior management. The biggest thing companies need to do is to determine their business risk. They seem to think that their biggest risk is their IT system... They need to prioritize their biggest business risk."

Industry Canada estimates that 7 to 15 percent of businesses will not be operational after December 31, 1999. Really, no one is immune from the millennium bug.

"It doesn't matter what you do for Y2K compliance for your organization:" says McNeill, "You have outside reliance on your suppliers and your customers. In the oilpatch, they're assuming everybody's going to be ready, but they don't understand the risk. They have gas and oil wells that track flow, dates and equipment out there. You have to consider that customers might not be able to pay you. Oil companies are buying new companies without checking the compliance of these companies."

It is imperative that senior management be involved with the implications of Y2K, adds McNeill. The input of senior management is essential for risk management and risk management contingency planning. In order to conduct a contingency risk scenario, McNeill suggests that the worst case scenario would involve the preparation of a disaster recovery planning, in the event that there's a problem with electricity and power. Concedes McNeill, "Y2K has gone from a technical problem into a socio-economic problem, but people don't know that yet."

Y2K in the patch – Who's ready?

According to John Hoogerdijk, a Calgary-based Sun Microsystems systems engineer, most geophysical applications are IX-based and typically are not time-sensitive, except for the plotting. However, the geophysical databases with which these programs may interface with, could have some time-date stamping. Sun Microsystems' workstations have been Y2K compliant since 1997 and further information can be procured from Sun's website at www.sun.com.

When it comes to proprietary geophysical applications software, most vendors are Y2K ready. And vendors of such products are carefully examining their interdependent relationships for Y2K risk - industry supply links, suppliers, service providers, governments, customers and trading partners.

With 750 licensed customers around the world, John Townsley, Calgary-based vice-president of support for GMA International Ltd., notes that he receives about 10 calls weekly regarding Y2K compliance. In accordance with the Ontario Securities Commission, GMA has already fulfilled its Y2K regulatory requirements. To help its customers test their systems, GMA is offering free loaner copies of geophysical log modeling software to its licensees.

Since November 1998, Steve Fuller, president of Earth Signal Processing Ltd. in Calgary, has felt the sneeze from the millennium bug. "The Y2K issue was brought to our attention. The bank, in particular, has been sticky. They want to know that we will be around next year."

Earth Signal has checked out its proprietary software, upgraded its hardware and checked its accounting package. Fuller anticipates the possibility of stockpiling a bit of tape and paper, in the event that Earth Signal's major supplier has problems delivering. Should there be a power outage, a back-up generator for the computers would kick in until the building's back-up generator would turn on. But should the power go down for an extended period of time, the outcome would not be good. While Fuller is confident that Earth Signal has the Y2K bug at bay, he does realize that further compliance checks will have to be done on the customers.

Likewise, John Boyd, president of Boyd PetroSearch in Calgary, reports that his company has completed an extensive audit of all hardware and software in the company. As a result of the audit, many potential problems were noted with the Unix systems, PC systems, and peripheral devices, i.e. telephones, fax machines, photocopiers, etc. Once the audit was conducted, Boyd PetroSearch then started procedures to mitigate potential problems. Geophysical interpretation software vendors have been contacted for compliance schedules. The personal computers that cannot be made compliant through upgrades are being scheduled for replacement. Software, such as Windows operating systems and programs, like Word and Excel are being upgraded. Further review of peripheral devices are being examined, as vendors and suppliers report the results of their Y2K findings and an alternate (standalone) backup system is being investigated to achieve full backup of all vital data, prior to the changeover into the next millennium.

While the CSEG hasn't set up a committee to examine Y2K issues, other petroleum-industry-related groups have. In November 1997, the Canadian Association of Petroleum Producers formed a Year 2000 Committee to facilitate the sharing of knowledge amongst its 170 upstream industry members, which account for about 95 percent production of the country's natural gas, natural gas liquids and synthetic and conventional crude oil. This committee's mandate has several objectives including the promotion of Y2K awareness amongst member companies, business partners, suppliers, industry regulators, appropriate government departments; the sharing of educational resources and materials; and the collaborative approach to resolving some of the millennium bug's issues. CAPP's Y2K committee includes representatives from the upstream petroleum industry, pipeline and utility companies, and financial and legal communities. It is also working in conjunction with other industry associations, some of which have too, set up Y2K awareness programs, including the Canadian Energy Pipeline Association, Small Explorers and Producers Association of Canada, the Canadian Gas Association and the Petroleum Services Association of Canada.

This past February, CAPP released Status Report all Member Year 2000 Readiness, which is being up-dated quarterly. It was concluded that nearly all of its members are aware of the issue and the vast majority have formal action plans in place and have made substantial progress in preparing for the potential disruptions associated with Y2K. The CAPP's contingency planning working group is defining and evaluating their interdependencies with business partners and key service providers, i.e. electrical utilities, telecommunications, pipeline companies, financial institutions and governments. TransAlta Utilities, for example, has been working on the millennium bug since 1997 with a budget of $25 to $30 million. CAPP hopes to release a generic contingency planning model to help members address this aspect of Y2K readiness.

Amongst CAPP members, industry working groups have been formed to address software, hardware and embedded chip testing issues. "Companies are truly working hard on Y2K," says Rhonda Boorman, CAPP's Y2K committee co-ordinator in Calgary. "Companies who have finished Y2K testing and have shared their results with CAPP report a failure rate amongst process control systems of less than one percent. And in most cases, there's less than three percent on problems that are annoying, but not enough to shut down the system. In the day to day operations of this industry, contingency plans and emergency shut down are a given, when there is a power outage, so Y2K is just another factor." Boorman reports that a lot of the major oil producers finished their Y2K testing by the end of 1998 and ate presently continuing with the risk assessment analysis and change management.

The American Petroleum Institute has also been a crusader for Y2K compliance with a Year 2000 Task Force, representing 40 member companies. Some of these companies have been working on Y2K readiness, for years. Schlumberger began tackling Y2K in 1994 and expects to spend $40 to $60 million. Kerr-McGee Corp. of Oklahoma City initiated its Y2K program in 1996 and had two-thirds of its affected systems compliant by the end of 1997. Unocal Corp. of EI Segundo, California have set up numerous internal task forces to address their business units, and what could happen in their offices and field environments.

Since January 1, 1997, following initiatives led by its parent company, Union Pacific Resources (formerly Norcen) began conducting an inventory of its systems to determine Y2K compliance. Prior to 1997, this company has been replacing legacy systems. From the beginning of this process, an internal committee was set up to address the Y2K issues and was comprised of information technology personnel, field representatives, senior management, legal, financial and accounting advisors. Union Pacific has also had to work with vendors, suppliers and the banks and hired an external Y2K consultant. After the inventory was conducted, business risk analysis was required to identify the areas of risk for personal injury, safety, health, environmental, legal, financial and public relations concerns. The information technology department has been evaluating and testing hardware and software, and then ensuring that the systems are compatible with suppliers, service provides, customers and other business partners. Further ongoing efforts have been directed towards creating contingency plans, to address the financial, legal, operational and other pending issues. The bottom line for Y2K, says Robert Austin, Calgary-based information systems leader for Union Pacific Resources, "It's going to require a significant amount of effort to make sure everything is going to be okay."

Help for the Little Guys

Small and medium sized businesses can be relieved to hear of the federal government's Y2K tax relief. In June 1998, Finance Minister Paul Martin announced that accelerated capital cost allowance (CCA) deduction of up to $50,000 will be provided to small and medium-sized firms for computer hardware and software acquired to replace systems not year 2000 compliant. These tax breaks are available for any Y2K compliant software or equipment bought between January 1, 1998 and June 30, 1999 and used to replace non-compliant items acquired prior to 1998. For further details, please contact: Revenue Canada Tax Services Offices, Ed Short, Tax Legislation Division, Department of Finance (613) 996-0599 or Bob Morrison, Business Income Tax Division, Department of Finance (613) 995-9920 or www.fin.gc.ca/newse98%2D057e.html.

The Business Development Bank is offering Year 2000 Ready loan to help small businesses with the Y2K problem. Their specially designed terms include flexible repayment and the possibility of a moratorium on principal payments until the year 2000. Further information can be obtained by calling 1-888-463-6232 or visit their web site at www.bdc.ca.

Then, there's a program through Industry Canada's Student Connection Program and CIBC called "Year 2000 First Step". For $195 plus tax, someone will conduct a Year 2000 awareness assessment, inventory of computer systems, simple software and hardware diagnosis, review of business risks, detailed report and suggested action plan. For more information, call 1-888-807-777 or visit www.scp-ebb.com.

Still, for financial or security reasons that you prefer to test your own equipment, National Software Testing Laboratory at www.nstl.com offers free YMark 2000 test program. Some words of caution is please remember to make back ups of all data and test your back ups, and disconnect each unit from the network prior to testing.

Get a Grip – Y2K Bug At Home

If you're on the internet, you can take at peek at ABC News' Y2K site that calmly puts the next millennium bug in place. On the home front, televisions are expected to work, although broadcasting stations may have to sort out the details to keep their communication channels open. Home appliances are not expected to fail, even though embedded microprocessors have invaded every nook and cranny over the past 25 years - washer and dryer, stove, fax machine, stereo, toaster, coffee maker, breadmaker, digital bathroom scale, clock radio, cordless telephone, CD player, microwave, VCR, etc. According to The Gartner Group, only one in 100,000 microprocessors are expected to have problems on January 1, 2000. on-compliant fax machines are expected to be functional, even if outgoing faxes report the year to be 1900, instead of 2000. And so what if your television or VCR fails, you can always pull out a book to read. Phone companies are spending millions of loonies on Y2K, but should a glitch occur, those home security systems may not work.

When it comes to cars, you can relax, as on-board computers are not date-sensitive, although it is suggested that you fill your tank up prior to December 31, 1999. However, vehicles over 3/4 ton may be at risk and you're advised to contact the manufacturer to ensure that you will be mobile after January 1, 2000. Buses and Light Rail Transit could experience some difficulties, although the City of Calgary has its Y2K assessment program in order to-date. But air travel is not recommended around the New Year. It's a good thing that January 1 is normally a holiday because most building systems have time sensitive chips for heating, security, telephone and elevators, which must be replaced or re-coded for 2000.

Internet users can rest their weary souls as the internet systems are compliant until February 18, 2038. But when the real-time clock fails to calculate time properly after January 1, 2000, your computer could possibly suffer fatal damage. There are five tiers across which software in your PC operates and would require checking out. First is the hardware which drives the PC's BIOS (Basic Input/Output System) including the keyboard and monitor. The rule of the thumb is that any hardware procured prior to 1998 is suspect, but you should contact the manufacturer of your computer directly. Apple computers have been Y2K compliant since 1983, although applications software systems could be susceptible to bugs. (Visit www.calfeature/y2k).

But for other systems, you need to check out the operating system. If you're still using Windows '95, Microsoft's technical support has a CD available that will check whether the version you have is compliant or not. Microsoft's Office '97 is not Y2K compliant and service patches can be downloaded from Microsoft. In the event that the two service patches which Microsoft has for Office '97 doesn't work, a Y2K compliant version of Office '97 needs to be re-installed. Even though Microsoft's Y2K compliant software can pass the testing, one computer consultant who wishes to remain anonymous, says, "No consultant can guarantee their work 100% because with the service-patched software, we won't know for sure until after 2000, what other bugs may have been created."

Application software for word processing and spreadsheets may also be affected, along with data and data transferred to and from other computer by disk, E-mail or the Internet. When it comes to money, the Canadian banks will have spent nearly $1 billion to get their systems ready. The Bank of Canada is increasing its inventory of bank notes, in the event that greater amounts of cash may be required, considering the possibility that credit card transactions may foul up. It makes sense to keep careful records of your banking statements.