Y2K Site Map | Terms of Use | Problem | Steps | Certification | Briefings | Compliance | Solutions | BIOS | Test & Evaluation | Cost

The following Y2K material has been kept available by MITRE for historical purposes only and has not been updated unless noted.

Proposed Criteria for "Century Compliance"

For the most recent version of this document dated 1996-09-24 (in PDF format only), please see GTE's website.

This working technical document was prepared solely for the internal use of GTE Corporation and affiliated GTE companies (GTE). GTE EXPRESSLY DISCLAIMS ANY RESPONSIBILITY FOR THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS DOCUMENT WHICH IS PUBLISHED "AS IS." GTE FURTHER DISCLAIMS ALL EXPRESS OR IMPLIED WARRANTIES OF ANY KIND, INCLUDING WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE OR WARRANTY OF MERCHANTABILITY. Reliance on or use of the information contained herein shall be at the user's sole risk. GTE shall not be held liable for any damages of any kind including direct, consequential or special damages which may arise out of or result from reliance on or use of the information in this document. This document is copyrighted by GTE Government Systems Corporation.

Summary

This paper presents proposed criteria for "century compliance." It first provides information regarding the scope of the Year 2000 (Y2K) challenge and then identifies and discusses four suggested criteria for consideration in assessing century compliance.

A term commonly used in industry is "year 2000 compliant." Inherent in this term is an important but narrow focus on the year 2000 deadline and the problems associated with that single event. In contrast, this paper uses the term, "century compliant," to emphasize the broader character of the Y2K challenge.

The philosophy underlying this paper considers that compliance involves business and technical considerations. Accordingly, century compliance requires a balance between cost and minimizing the technical risks in the solution.

This paper replaces all previous versions.

Background of the Y2K Challenge

Widespread understanding of the Year 2000 (Y2K) challenge is an emerging phenomenon. While technologists understand the many intricacies in how computer software handles dates, explanations in the media and elsewhere tend to simplify the problem for brevity.

Descriptions of the Y2K phenomenon are typically straightforward. Software commonly carries only the lower two digits for each year and, as a result, ignores century when manipulating dates. Once software begins mixing dates in both the 19xx and 20xx ranges, errors of varying degrees can result. In some cases, the software may fail immediately without completing its operation. In others, the software may continue to produce erroneous output, which can remain unnoticed.

Essence of the Challenge

There has been extensive examination of the Y2K challenge and ways to address it. These include but are not limited to:

• Essential Y2K program activities (inventory, impact assessment, etc.)
• Prioritizing, scheduling, and coordinating conversion projects
• Vendor management
• Sizing the Y2K effort
• Options for representing and manipulating date data
• Methods for converting existing applications
• Inventory and conversion tools

While examining various aspects of this subject is vital, the considerations discussed above are actually elements of the solution--not the problem. Technical experts tend to talk about what changes are needed in how software handles and stores date data. Program managers tend to talk about planning, estimation, and inventory. Higher-level managers tend to talk about the cost and the diversion of resources. Each person struggling with the Y2K challenge tends to focus on that part of the solution uppermost in his or her mind.

The first step in addressing the Y2K challenge is to identify the business considerations which include:

1. Eliminating century risk. In reality, this risk can only be eliminated for a period of time--the longer the period, the greater the cost.
2. Preserving current operations. Changes to achieve compliance should have minimal affect on the cost and efficiencies of current operations.
3. Minimizing conversion burden. The company must minimize resources diverted to the Y2K effort.

Compliance is a balance between lower cost and lower risk. Table 1 lists seven measurements that more fully characterize the business and technical needs that should be considered in developing a Y2K program.

The challenge in defining compliance is to enable implementation plans that address the business needs while satisfying the following considerations:

• Assure that all aspects of the Y2K challenge are adequately covered
• Encompass a full spectrum of cost-benefit-risk trade-offs
• Permit wide latitude in adopting technical and programmatic solutions

This paper attempts to encourage solutions that minimize Y2K risk while minimizing the cost of Y2K conversion.

Technical Elements of the Y2K Challenge

The technical component of the Y2K challenge revolves around accurately accepting, creating, manipulating, and outputting calendar-related data. The largest concern is whether software can handle the date roll-over to the year 2000. This date change constitutes a high-risk event that conversion efforts should mitigate.

Measurement	Description
Time to Next Y2K Event (TNYE)	Also called the "event horizon." Numerous events associated the Y2K challenge can occur at any time. Y2K conversions cannot eliminate these events for all time but can keep the next one from occurring until many decades into the future. In general, Y2K conversions will increase this margin in some rough proportion to the cost of the conversion. The balancing of cost and technical approach should maximize the value for TNYE.
Incremental Complexity	Software complexity can be measured using several methods. Some approaches in Y2K conversion will increase this complexity and consequently reduce maintainability and reliability. Trade-off should minimize software complexity.
Delta Cost Performance	Each system has a predictable cost for operation and maintenance. Some approaches to Y2K conversion tend to increase these costs (for permanent storage for example). The balancing of cost and technical approach should minimize the average cost per month.
Delta Technical Performance	Technical performance measures such as throughput and turnaround may suffer with some approaches to Y2K conversion. Trade-off should minimize (e.g., turnaround) or maximize (e.g., throughput) each performance measure as appropriate.
Delta Conversion Cost	Approaches to the Y2K challenge vary in cost. Regardless of incremental benefit, there are limits to affordability. The balancing of cost and technical approach should minimize this cost to the extent feasible.
Delta Conversion Schedule	Approaches to the Y2K challenge vary in duration. Regardless of incremental benefit, some approaches may not be completed before the first Y2K event. Trade-off should minimize this schedule.
Delta Conversion Risk	The risk of slipping schedule or overrunning cost for an organization's entire Y2K program is a measure of the organization's probability of survival. Each approach to Y2K conversion includes risks. The level of testing is one critical consideration in analyzing the risks of each approach. Trade-off should minimize the value for risk exposure. (Risk exposure is risk probability times potential cost.)

Criteria for Century Compliance

This proposal for century compliance requires that software satisfy four, date-related criteria. Software meeting all four can be considered "century-compliant." These criteria are listed in Table 3.

Element	Description	Example event	Probable timing
Extended semantics	In general, specific values for a date field are reserved for special interpretation. The most common example is interpreting "99" in a 2-digit year field as an indefinite end date, i.e., "does not expire." Another is embedding a date value in a non-date data element.	Some software may erroneously process a transaction with a valid end date in 1999-such as not terminating an expired software license or failing to age back-up tapes for recycling as scratch tapes.	Will occur on various days after Dec. 31, 1998.
Calendar errors	Errors typically include failing to treat 2000 as a leap year and converting incorrectly between date representations.	Logic sensitive to day-of-week will be one day off after February 28, 2000. Calculating day of week for all dates following this will be incorrect.	Will occur the first time input data contains Feb. 29, 2000. Will occur on this leap day.
Date overflow	Many software products represent dates internally as a base date/time plus an offset in days, seconds, or microseconds since that base date/time. Hardware integers holding the offset value can overflow past the maximum corresponding date-an event which may lead to undefined behaviors.	Value for date can revert to a date near the base date/time, to a negative value, or crash the software because of an illegal operation.	Happened in the 1980s on certain Tandem hosts. Could happen again at any time to any product depending on how product stores dates.
Inconsistent semantics	At interface between systems, software on each side assumes semantics of data passed. Software must make same century assumptions about 2-digit years.	Software on one side assumes all dates in 19xx. Software on other side assumes years 51-99 are 19xx, and 00-50 are 20xx.	Could happen in 1996 for software that stores date values 5 or more years into the future.

• General integrity. As a system date advances normally on a host processor, each date roll-over must not lead either the host process nor any software executing there to erroneous processing. The best recognized, high-risk, date change is the roll-over to 2000. The term, "desired operation," in Table 3 is intentionally broad and must be interpreted for specific technologies and applications.

Criterion	Description
General integrity	No value for current date will cause interruptions in normal operation.
Date integrity	All manipulations of calendar-related data (dates, durations, days of week, etc.) will produce desired results for all valid date values within the application domain.
Explicit century	Date elements in interfaces and data storage permit specifying century to eliminate date ambiguity.
Implicit century	For any date element represented without century, the correct century is unambiguous for all manipulations involving that element.

• Date integrity. This criterion primarily covers the correctness of manipulations of date data as enumerated in Table 4. These manipulations need to be reliable only over the range of dates that an application is expected to handle. For example, sales-order processing may handle dates from 5 years in the past to one year in the future. In contrast, an employee database may store dates of birth from early in the 20th century to planned retirement dates well into the 21st century.
• Explicit century. This criterion essentially requires the capability to store explicit values for century. For example, third-party products that can use a 4-digit year in all date data elements stored and passed across each interface (including the user interface) would satisfy this criterion. A base-and-offset representation of dates that covers all centuries of interest would also satisfy this criterion. Whether this capability should be used to eliminate century ambiguity is part of the last criterion.
• Implicit century. This last criterion requires that, if the century is not explicitly provided, its value can be correctly inferred with 100% accuracy from the value of date provided. For example, the range of values for an "invoice date" would very rarely span more than 10 years. Because the century can always be guessed correctly for an invoice date with a 2-digit year, this date data element would satisfy this criterion. Note that his criterion permits cost-risk trade-offs that minimize changes to existing date formats.Interpretation of the Criteria

Although the four criteria fully define century compliance, compliance represents a balance between cost and risk rather than an absolute "yardstick." Such a balance will vary with each organization according to its business needs and its technological base. Consequently, an organization will require a greater level of detail to interpret how these criteria apply to the organization. An interpretation documented and distributed can assure that "century compliance" is interpreted consistently across the organization.

Category	Examples of manipulation
Arithmetic	Calculate the duration between two dates Calculate date based on starting date and duration Calculate day of week, day within year, week within year
Branching	Compare two dates
Format	Convert between date representation (YMD, Julian, etc.) Reference same data address with different variables
Data storage	Storing and retrieving Sorting and merging Searching Indexing on disk file or database table Moving data within primary memory
Extended semantics	"99" as special value for year "99.365" as special value for Julian date "00" as special value for year

Standardizing the format for date data is an important part of century compliance. The example in Table 5 uses the ANSI X3.30 standard for date representation. For systems with interfaces to foreign entities or U.S. government agencies, the equivalent ISO and FIPS standards may be used instead. There are two very important considerations with requiring conformance to an industry standard:

1. Limitations in standards. None of the three standards (ANSI, ISO, and FIPS) for date representation mandates a 4-digit year for all calendar data. For example, conformance to ANSI X3.30 does not eliminate century ambiguity from all date variables and interfaces. Instead, conformance simply reduces the variety of formats occurring within software and data.
2. Accommodating conflicts. While trying to conform to ANSI X3.30, some applications may need to satisfy other standards or conventions for date representation. Table 6 lists examples of standards with date representations that may supersede ANSI X3.30 in specific applications.

Applying the Criteria

The detail in Tables 5 and 6 can be applied throughout an organization. Century compliance should become both a standard in normal business operations and a fundamental specification for Y2K programs.

The following activities should adopt these criteria as a standards in day-to-day business:

• Software development. Development of new software, both in-process and planned, should immediately adopt a standard for century compliance.
• Third-party product selection. Selection of third-party software and intelligent hardware products should be governed by the compliance criteria.
• Service-vendor selection. Selection of vendors for data processing, marketing data, and other services should demonstrate compliance with these or equivalent criteria.

Compliance criteria are the most important concept in a Y2K program. All other goals, decisions, and plans must revolve around a common understanding of compliance. The compliance criteria in this paper are relevant in the following tasks of a Y2K program:

• Designing inventory. When inventorying software assets, the compliance criteria can help ensure that the appropriate data is collected. For example, if third-party products are used in custom application software, then knowledge of non-compliant third-party products will help identify non-compliant applications.
• Impact analysis. As each computing asset is examined for compliance, a clear statement of century compliance is essential to ensure that all elements of the Y2K issue are identified. For example, third-party products should be evaluated against certification testing based on Tables 5 and 6. Table 7 suggests guidelines for developing test cases for each criterion.
• Software conversion. When deciding how best to convert an application to achieve century compliance, the compliance criteria should guide those decisions. For example, each date field in permanent storage must be examined to determine what modifications to the data and/or program logic are needed to achieve century compliance. Figure 1 is an example of the decision process for that field-level analysis.
• Software testing. During Y2K conversion projects, converted software must be tested to verify that it is now century-compliant and that none of the functionality has been impaired during the conversion. The compliance criteria should guide the design of these tests.

Application to Impact Analysis and Testing

Testing against the century-compliance criteria falls into the following three categories:

1. General. Some aspects of century compliance are independent of technology and application domain. For example, Jan. 1, 2000 follows Dec. 31, 1999 for all hardware and software.
2. Technology-specific. Some aspects of century compliance depend on the technology and the behaviors and features of that technology. For example, not all software performs all the date manipulations listed in Table 4.
3. Domain-specific. Some aspects of century compliance depend on the requirements of a specific application. For example, the valid ranges for dates to be tested can vary with each application.

Table 7 is a high-level guide for test cases to consider in each category. Testing should be organized by category to permit reusing test procedures among different applications.

Category	Sub-category	Guidelines
General	Current date	Direct set, power-up roll-over Re-initialize from cold start Full date ranges
	Calendar accuracy	Days of week in 2000 and 2001 Leap year in 2000 366 days in 2000
	Century ambiguity	High-risk values (1999-12-31, 1900-01-01, 2000-01-01, 2000-02-29) Ambiguous century in user interface Electronic interfaces (API such as O/S call for system date, etc.)
Technology-specific	Current date	Power-down continuity "System date" versus "current date"
	Date representation	Overflow of base-and-offset representation Standards for Gregorian formats Century capability in storage and interfaces
	Date manipulation	Date arithmetic Conversion between representations Sorting, searching, indexing Century designation available in storage and interfaces
Domain-specific	Century ambiguity	Accuracy in inferring century for each field in storage, user interface, and other interfaces.
	Date representation	Industry standards and contract requirements Human-factors requirements Design and coding standards
	Date manipulation	Access to archived data Manipulation of archived data Extended semantics

Recommendations

Century compliance as specified in Tables 3, 5, and 6 is based on the philosophy that the Y2K challenge must be viewed as not only a technical but a business issue. The spirit of compliance is to eliminate technical risks in computing assets through cost-effective solutions.

Therefore, if there are several conversion options with acceptable cost and schedule, it is recommended not simply to select the least-cost among them but the one option that most closely attains all the following objectives.

• Explicit century. All custom and third-party software and data explicitly represent century in all date data elements external at software interfaces, internal to the software logic, and stored both on-line and off-line.
• Variations in representation. The number of variations in syntax for date data elements is less than five. This includes all internal representation (except representation internal to third-party products), representation at all interfaces (not counting applicable industry standards), and representation in archived data.
• Variations in user interface. The number of variations in date syntax in the visual user interface of any application is no more than four. The term, user interface, includes screens, windows, character-oriented dialogues, LED read-outs, paper reports, on-line reports, generated consumer mailings, user-accessible logs, etc.
• Event horizon. For century-compliant software, the next Y2K event is at least 50 years away.
• Common routines. All applications in the same source language share the same date routines for all date manipulations.
• Semantic extensions. All extensions to date semantics are eliminated.

Summary

The Y2K challenge is a very urgent matter. Responding to the challenge without some analytical discipline in the front-end work could impede achieving timely and cost-effective century compliance. Each organization should begin its Y2K program with clearly articulated criteria for century compliance and then use these criteria to guide the planning and execution of all activities.