Stalking the Y2K Phantom Menace

Companies may have repaired and remediated their systems for Year 2000 may still get surprises when the code goes back into production. For example, in many newly refurbished programs, "a surprising number of missed leap years are coming up," says Capers Jones, noted software researcher and president of Software Productivity Research Inc. (SPR, Burlington, Mass.). He also notes that calculation formulas that use indirect dates are also proving to be troublesome.

Add to that difficulties international companies are having meshing U.S. date formats with those of Europeans and the International Standards Organization, and the mess continues. "The combination of possible formats, coupled with the fact that there are 600 programming languages, all of which have date problems--continue to make the problem messy," says Jones. "At least 15 percent of all software applications will not be fixed in time," predicts Jones, who has published numerous studies on application development metrics.

To help catch Y2K bugs that persist in AS/400 and other platforms, and provide a method of verification for top managers and business partners, SPR has been offering a Year 2000 verification service that helps companies ascertain the readiness of mission-critical applications. SPR employs a proprietary software estimation and assessment tool to help determine readiness, as well as action plans.

Even among proactive companies that started Y2K work back in 1994 or 1995 are having last-minute problems as they put code back into production, says Jones. "Many of the applications they thought had been fixed when they were put back into service turned out to have latent problems. The combination of missed dates, plus bad fixes, is opening up a second wave of Year 2000 repairs."

As a result, the number of applications that organizations deem "mission critical"--and thus being repaired--is actually declining, Jones observes. "Right now, we only have half as many applications in the industry identified as mission-critical as this time last year. Companies realized they weren't going to have time to fix everything." Unfortunately, even after Year 2000 has passed, these missed applications "are going to come back to bite organizations as well," he warns.

SPR's focus is to concentrate on individual applications that have undergone the remediation process, Caper states. SPR's toolset employs industry averages to help determine the Y2K exposures in individual applications. Trying to eradicate lingering Y2K bugs is analogous to "trying to get rid of carpenter ants or termites in your house," Capers relates. "The first attempt is usually not successful, you have to come back for another spray after about a month. I hope we're more successful with Year 2000 than we have been with carpenter ants."