Although the purpose of this website does NOT include a discussion of purely technical issues, in order to evaluate the seriousness of the y2k problem, it would be extremely useful to guesstimate the percentage of embedded chips in industrial processes which have a date-related function. If the real-time clock (RTC)in an embedded chip does NOT have a date function, it CAN'T disrupt an industrial process.

Anyone out there have the expertize to guesstimate: 1) the prevalence of embedded chips with date functions? 2) the prevalence of embedded date functions which are non-compliant?

-- Edward H. Greenberg (edward.h.greenberg@jpl.nasa.gov), January 17, 1998

Answers

Ed,

The figures that I've seen from several surveys are as follows: approx 5% of all embedded systems are date-aware or date-sensitive. And the failure rate seems to be on the order of a few per thousand.

Given that there are 25-50 billion chips out there (no one is quite sure how many there are), that still amounts to some very big numbers

-- Ed Yourdon (yourdon@worldnet.att.net), January 17, 1998.

One perhaps can twist this question around as per the following: (1) Is there a list of manufacturers of clock chips? (2) Have the manufactures tested their various clock chips for compilance? (3) Have they announced the results of the testing? (4) Will the circuit board manufactures indicate which of their products utilize the non-compliant chips? (5) Can you identify the presence of a non-compliant product in a tool or product which you use or manufacture?

For product manufactures I think it can be done. For the casual user this is doubtful, I have seen to many circuit boards which lack adequate identification (ie a manufacture name and part number)

-- David Lightstone (david.lightstone@internetMCI.COM), January 18, 1998.

Oh, yes I forgot to add probability that you have a bad clock can be estimated very poorly as the ratio of number of bad clock chips products divided by number of clock chip products.

Knowing market share of the various clock chips will give a better estimate

With the additional product specific information you can decide to repair or replace

-- David Lightstone (david.lightstone@internetMCI.COM), January 18, 1998.

OK, let's say the embedded chip failure rate is a few per thousand. Any idea where these bad chips are resident? If in toasters mainly, nothing to worry about, but maybe they preferentially populate oil platforms and refineries. A few failures per thousand may be trivial or devastating, depending on the processes they control.

-- Edward H. Greenberg (edward.h.greenberg@jpl.nasa.gov), January 18, 1998.

Roleigh Martin in his "The Year 2000 Embedded Systems Threat to Core Infrastructures Services http://www.msa.org/Year2f000.html quotes Anthony Parish, director-general of the federation of Electronic Industries, "For every 1,000 embedded chips you look at, you'l find 2 or 3 that need correction..." In the following paragraphs on Smith Kline Beecham, Martin says, "...We sometimes have to deal with devices that use embedded timing devices that have no visual display of date/time, nor any means of input to see that a date/time has been inputted at factory-creation time..." Wow, how does one find these?

-- Art Scott (Art.Scott@marist.edu), January 19, 1998.

I am confused by your termonology

Usually when I hear failure rate I think manufacturing defects.

The year 2000 clock related problems are not manufacturing problems, they are product design problems.

There are only so many commercially produced clock chip designs I don't know how many distinct clock chip designs there are, but the market place probably can not support more than 1000 such products.

The hidden issue is the circuit board design engineer who choose not to use such a clock chip and designed his/her own circuit. For those products you need the circuit schematic to know a priori whether there is a problem

-- David Lightstone (david.lightstone@internetMCI.COM), January 19, 1998.

David,

By embedded chip I'm referring to a chip which controls an industrial process, which has application firmware (software "burned" into RAM) and is not attached to an I/O device like a keyboard. Such chips can exchange data with the external world, but unlike a PC, has no easy external access or methodology for changing its memory. Each chip has a Real-Time Clock (RTC), which is in hardware, or maybe partly firmware if it has a date function. The RTC may reside on a separate timing chip associated with the controller it services.

Although I'm a software engineer, RTCs/Embedded Processors are not in my area of expertize. Hence, my definition could perhaps be improved by a better qualified geek like Ed Yourdon. (GGG)

-- Edward H. Greenberg (edward.h.greenberg@jpl.nasa.gov), January 19, 1998.

In order to have a date function which would be vulnerable to the Y2K problem, an embedded system must have constant power, either in the form of a battery or an electrical connection. Clocks take power, as anyone who has ever had to wind up an old grandfather clock knows. The same principle applies to embedded clock chips.

Your PC has a clock chip in it which is powered by a small battery. That's how it knows what time it is even after the power has been off. Once that battery goes dead, in a few years, your PC will no longer keep time properly when it is turned off. It may also lose some BIOS configuration settings like the kind of disk, if the battery also powers the memory chips which record this. Read your PC's owners manual and it will tell you how to change the battery.

The point is, any embedded device which could have a date vulnerability must be one for which you have to enter the time if the power gets disconnected (like your VCR), or one where there is a battery in it and the device will stop working after a few years (like your PC).

Now, consider an industrial controller device with an embedded chip. It's controlling a set of valves somewhere. For that device to have a Y2K vulnerability it must either have a battery in it (making it more expensive) meaning that the gadget will automatically stop working properly in a few years (a maintenance nightmare) or else it must require constant power and to have the date re-entered manually if the power goes out (another maintenance nightmare). In short, such a device would have huge disadvantages in any system where there wasn't an inherent need to know the date, like most industrial applications. Imagine a chip manufacturer trying to sell a device, saying "This is a great little device. Of course, you're going to have to go around and replace the batteries every few years or your plant goes haywire," or, "Of course, you've got to make sure the power NEVER goes out or else you have to go around and re-enter the date in each system." It's just not going to happen.

These estimates that 1% or 5% or whatever of embedded chips have potential Y2K vulnerabilities don't take these issues into consideration. Generally, any embedded device which could have a Y2K vulnerability has such special requirements that it will only be used in applications where it is pretty obvious that date issues exist. Toasters, most consumer devices, and most industrial control applications simply don't apply. The extra costs associated with making the kind of chip that can be sensitive to Y2K issues mean that such chips won't be used unless they absolutely need to be.

Pat

-- Pat Smith (pattsmith@hotmail.com), April 08, 1998.