Today PA Consulting Group announces the results from its latest Millennium Bomb survey which looks at the potential threat from embedded software in products, industrial processes and building infrastructures.
Involving over 300 UK manufacturing and process companies, the survey reveals that levels of awareness and understanding of the effects of the Year 2000 problem on embedded software are much lower than for business systems and that work is much less advanced in addressing the problems.
Time is running out for many companies to take corrective action and their organisations are at risk. Comments from organisations that took part in interviews as part of the survey demonstrate the seriousness of the problem
- "…we would be amazed if there is not a major chemical disaster somewhere caused by Year 2000 problems with embedded software" (Multinational Chemical Company)
- "The embedded software issue is critical to our reputation in the marketplace" (Multinational Aviation Systems Manufacturer)
- "We don’t know how much faith to put in compliance statements from our component suppliers" (Electronics Manufacturer)
- "Failure of one or two small programmable controllers could poison the water supply to a major international airport in our area; that got top management’s attention" (Water Company).
This report and previous PA surveys show that a major factor is senior management’s unwillingness to take the Millennium threat seriously enough. While less than two thirds (60%) are fully aware of the consequences of the problem on their business systems, only a minority (33%) are fully aware of the situation regarding embedded software.
Because of this low level of awareness, work is much less advanced in addressing embedded software problems:
- Less than a quarter (21%) of all participating organisations have undertaken a full audit of their embedded software exposure and 30% have not audited their embedded software at all. Over 20% of respondents are still not sure what this issue will mean to them
- Only 37% have a budget to conduct an audit
- 20% were unable to assess the embedded software impact on their organisation
- Over 30% have no idea how much it will cost to fix embedded software problems.
In PA’s opinion, senior managers who are not planning seriously and acting now to achieve Millennium-readiness for embedded software in their products, processes and infrastructures are failing in their duty to their shareholders, their customers and their employees. In addition, some of the problems caused by embedded software could be harmful to public safety.
Not surprisingly, given the nature of the embedded software issue, nearly 60% stated that the difficulty of detecting affected products and processes is the biggest hurdle to achieving compliance, followed by the scale of testing (36%) and insufficient information (26%).
Current expectations for the cost to fix embedded software issues are much lower than for business systems, with 50% of respondents anticipating that it will cost them less than £500,000. However, experience with business systems shows that early estimates generally and seriously understate the problem and that the estimated cost to fix grows substantially as understanding increases.
Different organisations are reacting in different ways to achieve compliance:
- 60% are replacing some of their non-compliant products/processes
- 53% expect external suppliers to fix their problems
- 32% plan to rewrite affected code themselves while 27% will use contractors.
While most organisations felt that they had either the technical or project management skills required, under half (46%) believed they had the necessary budget in place to succeed.
The evidence is that time is running out and that action is needed now. 10% of organisations are already affected by the embedded software problems. A further 11% predict they will be affected this year, with a further 32% in 1999. 25% expect that unless they act now they will feel the effects of the Millennium issue in the year 2000 itself - when it will already be too late.
John Buckley, Head of PA’s Global Technology Group, which conducted the survey said, "The impact of the Year 2000 problem on business systems is becoming better recognised but only after considerable exposure over the last two years. This survey shows that manufacturing organisations have yet to wake up to the severity of the embedded software problem, with less than two years to go. Companies must act now or they may not be around long enough to enjoy the new Millennium."
