August 25, 1999 Web posted at: 2:22 p.m. EDT (1822 GMT) by Bob Brewin

From...

ALSO     Message Board: "Year 2000 bug"    Sign up for the Computer Connection email service    For more computing stories

(IDG) -- The Defense Department, expected to be the federal agency to respond to potential crises brought about by the Year 2000 problem, this month said it does not plan to react to all requests for help from state and local civilian authorities.

DOD adopted the position in an Aug. 12 message sent to all the military services by the Army's Director of Military Support (DOMS) in the Pentagon. DOMS has been charged with providing military support to civilian authorities under the DOD Year 2000 Consequence Management Plan.

The message follows guidance issued by deputy secretary of Defense John Hamre last month, which emphasized that the first priority for military units engaged in Year 2000 crises management will be their basic mission of defending the nation. "As a basic principle, commanders will not compromise military readiness in providing support to civil authorities," Hamre wrote.

The DOMS message goes even further, making it clear that even if civilian authorities ask for help, they may not receive it. "It should be anticipated and publicized that not all requests from civil authorities will be filled," according to the message.

MORE COMPUTING INTELLIGENCE
	IDG.net home page
Federal Computer Week home page
Federal Computer Week's Y2K resource page
Year 2000 World
Reviews & in-depth info at IDG.net
IDG.net's personal news page
IDG.net's products pages
Questions about computers? Let IDG.net's editors help you
Subscribe to IDG.net's free daily newsletters
Search IDG.net in 12 languages
News Radio
	Fusion audio primers
	Computerworld Minute

The Pentagon, according to the message, also has tightened disclosure of its vast supply of resources, which includes food, engineering equipment, generators and water purification plants, that could help cities and counties that may be afflicted with Year 2000 snafus. "Any request for inventory levels of DOD resources from non-DOD activities will be denied," the DOMS message said.

Navy's Plans

The Navy, in its Year 2000 contingency planning and consequence management plan released this month, made it clear that it planned to centrally manage requests for help from communities outside its bases. The Federal Emergency Management Agency "will coordinate with [DOD] to prioritize such needs, and [DOMS] will task specific services to respond as required," the Navy plan said.

Local commanders can only engage in "unilateral emergency actions that involve the saving of lives, prevent great human suffering or mitigate great property damage, only when time does not permit approval by higher authorities," according to the Navy contingency plan. Pentagon officials could not be reached for comment.

Year 2000 problem researcher Jim Kerrigan, president of market research firm Colmar Corp. and a former director of information resources at the Treasury Department, said he doubted that Defense bases would ignore the Year 2000 problems of nearby communities.

"When it comes right down to it, I suspect bases will be able to help local communities," he said. "They can't do their own jobs if the local community is up in arms."

Kerrigan said the potential for municipalities to experience Year 2000 problems remains a reality, even though some portions of industry, such as the financial services sector, have done a thorough job of fixing its systems. He said local governments could face Year 2000-related problems with gas, water and electricity. "All these sorts of things are likely to happen. Maybe I'm too much of a pessimist," he said. "Obviously, I hope I'm wrong."

But he said the public in many cases has not understood the importance of finding and fixing Year 2000 bugs in unlikely places, such as in computers and computer chips that control elevators and pacemakers. "The perception that people have - I think some people still don't have a clue," he said.

Software Bugs

With DOD now heavily focused on Year 2000 consequence management, the Navy plans to pay close attention to the possibility that software programmers who have fixed date code could have introduced malicious code into DOD computer systems as a result of the Year 2000 remediation process. Fixing computers for the Year 2000 bug "provided the opportunity for many individuals to have access to DOD source computer code...[which] provided the opportunity for unscrupulous programmers to compromise system integrity and/or introduce programs into Navy computers that can degrade or interrupt Navy operations," the Navy said.

The plan added that "given the quantity of commercial off-the-shelf Y2K patches written by unknown [citizens] and possibly non-U.S. citizens, there is increased risk that malicious code could be embedded in these patches."

Lee Freeman, a Year 2000 expert at Source Recovery Co., called this a legitimate concern, considering the large number people who worked to fix and patch DOD systems. He said the chances of such code not being discovered is low.