Subject: Re: PC Testing: ROI on BIOS tests
Date: Mon, 04 Jan 1999 19:59:04 -0500
To: year2000-discuss@year2000.com

Gentlemen,

Here is the short answer:

What difference does BIOS testing make? It is cheeper. It imporves reliability. It improves data integrity for all interconnected computer systems. It allows you to know which PCs to check out more thoroughly after the turn of the century.

And if you have time, here is the details:

Having been where you both are (though I abondoned that position long ago), I can tell you there are some valid circumstances to test every BIOS (not RTC). (Side note: Unless you are the Nuclear Regulatory Commission or someone who requires such a high standard, testing RTC rollover is a waste of time - virtually everyone is guaranteed to fail and in the vast majority of the computer usages (extremely close to 100%), it does not matter.) My prefered solution is a manual setting of
the date both BEFORE and AFTER the turn of the century.

Reason #1: Economics - you could hire a college student for $10 per hour to go around and test your PCs - I would expect the testing time to be closer to five minutes (probably less) per PC rather then fifteen. I am unaware of any valid BIOS testing software that requires booting the PC other than twice - once to activate the testing software in a clean environment (ie. a boot floppy), the second time to check how the PC reacts to the turn of the century.

That said, there is a valid way to identify and classify PC BIOSs over a network to reduce the quantity of PCs that have to be manually tested (you only need to test one PC of each type if you know for sure that the BIOSs are truly identical). This forum has known for a long time that manufacturers tweak BIOS code without changing the identifying information, so you need to do more than just retrieve the information that manufacturers intentionally placed there.  One of our tools does collect that additional information and is licensed as a company wide license for up to identify several thousand PCs for a couple hundred dollars.

You can also reduce the time required by doing the testing after hours, then only one individuals time is required, not two (as you assumed)

So (using Randy's outlandish numbers for testing times), 250 hours times $10/hour is $2,500. I believe Randy's assumption was 50% of the PCs actually need a TSR (or some other help to cross the century boundary).  I will give you a hint - to license 500 copies of a valid BIOS fixing TSR will run much more than $2,500. Actually, the cost of checking will be much smaller (because it does not take 15 minutes each PC to test a bunch of PC located in adjacent cubicals - if it did, one student could test several simultaneously, and still cut down the total testing time).

Reason #2: New PCs: One situation you need to test every one manually is if you are replacing your PCs with new ones. If you just purchased a PC which had a partially or non-compliant BIOS, you should be returning that PC and let the vendor take care of providing you a compliant PC.  At a client site I am at, they are replacing all the PCs for security and other other non-Y2K related issues, every individual PC is being
tested for BIOS compliancy before being installed on the network.

Reason #3: Economics & Reliability: If you wish to handle any hardware compliancy problems manually and avoid the cost/problems of installing a TSR, you need to know which PCs are fully compliant and which ones need help to cross the century boundaries.

The solution you are suggesting is a TSR. How do you know that your TSR will still be in the startup files come the turn of the century?  Anything installed between now and the turn of the century can accidentally remove the TSR (for example, by a poorly designed install program for a non-related program). Many TSRs can be removed from memory during execution of a rogue program. Most knowledgable users can remove files from startup when they (perhaps falsely) believe is slowing
down their PC execution or boot. (You probably need a plan to hire a college student to go around to every PC and boot it just before the turn of the century to see the it loads the TSR. There goes all your savings by not checking the compliancy.<G>)

Reason #4: Data integrity. There is no linear relationship between the quantity of PCs with BIOS problems and the integrity of your production data. If you have one PC that fails, that is not 1/10 of the data integrity problems you have if 10 identical PCs fail. The first PC that fails will cause an order of magnitude more problems than the other identical PCs which fail.

The scariest thing about Y2K is for everything to "appear" to work correctly. I personally do not expect to see massive failures on the change of the mellinium - that would make me feel more comfortable - to detect problems when they actually happen. I expect silent errors to creap into our data from a wide variety of sources. If you have one PC out of a group which fails to make it into the next century due to a BIOS problem, it would be very easy not to detect that in your initial cycles after the turn of the century. You could sign off that everything is OK, stand down your contengency plans and fill your files with Y2K contaminated data from this non-compliant PC. A non-complaint PC is not going to refuse to boot after the turn of the century - it is going to silently boot to some date in 19xx and proceed to act as a source of Y2K infection to other machines it interacts with.

It is not as simple as taking a PC which fails to make it into the next century out of service and use the next machine, unless you have every user manually check the date after the turn of the century. (BTW, I recommed that as a contingency plan - every PC should be checked after the turn of the century, reguardless of how compliancy was accomplished. It only takes a few seconds and can avoid massive problems.) Now, consider this - if you every user is required to manually check the date, what is the use of the TSR for machines which are turned off over the turn of the century? One PC with BIOS problems can corrupt your data, perhaps in ways harder to detect than if many failed.

All this said, I do agree with Randy that this is not something that should take priority over fixing the more complex, severe problems on the PC, such as the user applications. This is something to be done in parallel, perhaps by some less experienced personnel (even a student).

Date: Mon, 4 Jan 1999 10:43:58 -0400
Subject: Re: PC Testing: ROI on RTC tests

From: "Joe"
I agree with the author, we use a tool that is just set to fix the
unit instead of testing to know if it is bad.......
- -----Original Message-----
From: "Randy"
Can anyone show REAL R.O.I. on the testing of all PC's for BIOS issues.

<Snip>