A Safety Basis for Y2K

1999-05-11

So, the Channel Tunnel is going to shut on New Years Eve, 1999. This has been decided following concerns about the interfaces between Eurotunnel systems and those of the National Grid and their equivalent in France.

Developers of Safety Critical Systems are a breed apart, and they have to be. These are the people that build the systems which run our trains and control nuclear power stations. The underlying rule seems to be “avoid grounds for litigation,” which is a rather crude way of summarising what is a complex systems development field. There is very little room for error – the blasé, “bugs are inevitable” attitude which appears to pervade the rest of the IT industry is replaced by huge attention to detail at every stage of the development process. During design, systems are considered not just in terms of when things go right, but also in terms of effects when things go wrong. An interesting fact, often overlooked, is that many systems have a safety critical element and would benefit from adopting some of these considerations.

If the Eurotunnel systems experts have decided that the tunnel should close, they will have done so following a detailed safety assessment of the risks and their knock-on effects. Most Y2K work is now complete or is being completed but much of this work is based on the risk to the systems involved. Managers of systems which are not considered “safety critical” would do well, even at this late stage, to consider the ramifications of their systems going wrong before they blithely let them run over into the new millennium.

(First published 11 May 1999)