Year 2000 causes double trouble for feds

No one knows how much it is really going to cost to fix the year 2000 in millions of lines of government software. Pentagon estimates exceed $1 billion.

Mitre Corp.'s report to the Defense Department on the problem said DOD may have to spend up to $8.52 per line of code checked. DOD may also have to remanufacture chips used in embedded computing and scrap some of its legacy systems.

The report, portions of which were obtained by FCW, states that "the problem with the year 2000 is real, and if it is not addressed, it will become catastrophic." The report noted that DOD's interdependent web of command, control, communications and intelligence systems will "make the problem difficult to solve."

The Mitre report is the latest warning that the government—civilian agencies as well as DOD—is facing an expensive and complex systems overhaul over the next four years. The problem stems from the two-digit-year date fields found in software, hardware and firmware. Those systems will not be able to deal with the "00" that will suddenly appear with the dawn of 2000. The two-digit fields will muddle date-based calculations, comparisons and sorting. The problem can cause systems to fail or introduce corrupt data into other systems.

The solution to the 2000 problem lies in converting date fields to accommodate four digits or developing `work-arounds" to deal with two-digit fields. But the challenge of detecting and fixing affected lines of code will cost the federal government $30 billion, according to The Gartner Group Inc., a Stamford, Conn., market research firm. Almost every software application contains date-related code, which can represent as much as 5 percent of a program's code, industry executives said.

Those kinds of estimates have grabbed the attention of federal agencies and policy makers. The Senate Permanent Subcommittee on Investigations and the House Subcommittee on Government Management, Information and Technology later this month will conduct hearings on the 2000 problem and its costs. The Information Technology Association of America and IDC Government Market Services will sponsor a call-to-action conference for government users and vendors later this month. Next month the Social Security Administration, the Armed Forces Communications and Electronics Association and other federal departments will host a conference titled "Millennium Time Bomb." And this week's FOSE conference will hold a panel discussion on 2000.

`Serious Problem'

Within DOD, the 2000 problem is widespread. "We do think it's a serious problem," said Bob Molter, chairman of DOD's Year 2000 Work Group and a computer scientist on the staff of Emmett Paige Jr., assistant secretary of Defense for C3I. "It impacts weapons systems as well as automated information systems."

Molter said date-related code is pervasive in DOD. Mitre studied a sample of 11 DOD applications and found all contained date-related applications code, which ranged from 1 to 5 percent of the programs' code. An Army analysis conducted at Fort Monmouth, N.J., and cited in the Mitre report determined that 24 out of 110 weapons systems required modification in light of 2000.

The cost of fixing errant code will range from $1.02 per line for a logistics application to $8.52 per line for radar systems, according to the Mitre study. "The cost varies by the complexity and functionality of the code," Molter said.

Firmware, the embedded processors found in many weapons systems, could provide DOD with a special problem. Chips containing errant date information may have to be replaced.

Finally, 2000 may accomplish for DOD what years of standard systems initiatives could not: the winnowing of legacy systems. Molter said there will not be enough time to fix all affected systems by the turn of the century. As a consequence, some will be allowed to die.

Civilian Reaction

In the civilian sector, 2000 preparations vary, as do perceptions of the problem.

SSA is among a handful of agencies that are the most prepared. In 1989 SSA began studying how much of its software would be affected by the double "0" in 2000 and found that as many as 40 million lines of code needed to be analyzed and as many as 500 worker-years would need to be invested in analyzing, fixing and implementing the changes.

The agency put together a competitive procurement, won by Viasoft Inc., to develop an analysis tool. The agency is now making changes to all its software. Testing and implementation of the re-engineered software will happen in 1998.

"I can't think of any other time when, across the industry, we have had to change all our systems at one time," said Kathleen Adams, SSA's associate commissioner of the Office of Systems Design and Development and chairwoman of the Year 2000 Interagency Committee. "This is doable, but we have to hunker down and do it."

SSA's early action led the Health Care Financing Administration to examine its systems. HCFA works with SAA on Medicare, and the agencies' systems exchange data. This month HCFA plans to complete a report on the scope of the problem and what analytical tools and services can be purchased to re-engineer the agency's systems. A plan that will map out HCFA's approach is scheduled to be completed this summer.

The IRS started work on the 2000 problem two years ago. The agency is in the midst of taking inventory of its lines of code—40 million of them, according to an IRS source. That analysis will be completed by the end of this year. The IRS will then start fixing the affected code and plans to have the job finished by 1998-99.

At the Department of Housing and Urban Development, management last year assigned six technicians to begin looking into the problem. The team is studying what off-the-shelf software products HUD uses can be replaced with those that are 2000-compliant, how many of the 250 in-house systems are vulnerable and how these systems will comply with what other federal, state and local agencies and private companies are doing about the problem.

Other agencies are still trying to inform management and technicians that a problem exists. The Census Bureau, which has been working on the 2000 census for the past five years, just started looking into the problem six months ago, according to a government source.

At the Justice Department, the Information Resources Management Office is still "educating" management and other employees about the severity of the problem, said Mary Ellen Condon, director of DOJ's information management and security staff. "It would be hard to argue that it would not have been better to start this much earlier."

But Neil Stillman, deputy assistant secretary for information management at HHS, is not convinced that software vendors' and some agencies' warnings of catastrophic failures are accurate. "The-sky-is-falling attitude isn't going to convince anyone," he said. "What is needed are case studies to show the scope of the problem and what can be done."