Comment Re:Fearmongering bastards. (Score 5) 156
My job for over 10 years was computerizing fresh and waste-water treatment plants. Based upon my experience, I'm not terribly worried. I am certain there will be problems, but I think they will be little noticed by the public.
A computer-controlled water plant generally has 3 tiers: (1) the master control computer, (2) remote controllers, (3) manual controls. The master control computer communicates with the remote controllers, which do the actual work of monitoring and controlling the plant. The signals from the remote controllers are routed through manual controls (switches) to the various pumps and valves.
The master control computer (could be computers, in the case of a redundant system) is usually some kind of microcomputer. We put a fair number of Gateways, Dells, and other name-brand PC's in plants.
The remote controllers are usually some form of embedded system. The most common remote controllers are purpose-built for the task and are called PLC's (Programmable Logic Controllers).
The manual controls usually (I'll get to the exceptions) exist as regular old mechanical switches in the electrical path between the remote controllers and the pumps and valves. A typical manual control is a switch with three positions: "auto" leaves the remote controller in command, "man" forces the device to be on/open, no matter what the controller says, and "off" forces the device to be off/closed, no matter what the controller says.
Also, the remote control computers are usually programmed to operate independently of the master control station. Whenever the master control station goes down (a fairly routine occurance in most plants), the remote controllers keep the plant running based upon their pre-programmed control algorithms and upon the last instructions ("Keep the tank level between 12 and 15 feet") that they received from the master control station.
Every water plant I computerized in my career had this 3-tier architecture: master, remote, manual-overrides.
Because the remote controllers can carry on for some time (hours, at least), in the absense of the master computer, failure of the master -- say, to reboot it after a Y2K-induced freeze -- is not a big deal. And because of the manual-overrides, the plant can be run manually even if the remote controllers fail or start issuing goofy commands.
The real risk for a computerized plant experiencing y2k problems is not that you won't receive fresh water or have your sewage treated -- it's that the city will be paying large amounts of overtime for the extra staffing it takes to run the plant manually. If a city is dumb enough to not have the staff on call during that critical period, then it IS possible for y2k problems to become visible to the public in some way more dramatic than an increased personnel budget. Also, I worked on a few plants where the engineers were so insanely stupid that they allowed the manual overrides to be built into the remote controllers, not independent of them. I always lobbied hard to have such insanities corrected and was usually successful. Those plants without independent manual overrides are the ones in true danger. But I gotta tell you, the plant designed by such intellectual giants are in serious trouble *without* y2k.
All in all, I'm not worried -- I expect to get water and flush the toilet on the 1st without causing the collapse of civilization.
Wayne Conrad
A computer-controlled water plant generally has 3 tiers: (1) the master control computer, (2) remote controllers, (3) manual controls. The master control computer communicates with the remote controllers, which do the actual work of monitoring and controlling the plant. The signals from the remote controllers are routed through manual controls (switches) to the various pumps and valves.
The master control computer (could be computers, in the case of a redundant system) is usually some kind of microcomputer. We put a fair number of Gateways, Dells, and other name-brand PC's in plants.
The remote controllers are usually some form of embedded system. The most common remote controllers are purpose-built for the task and are called PLC's (Programmable Logic Controllers).
The manual controls usually (I'll get to the exceptions) exist as regular old mechanical switches in the electrical path between the remote controllers and the pumps and valves. A typical manual control is a switch with three positions: "auto" leaves the remote controller in command, "man" forces the device to be on/open, no matter what the controller says, and "off" forces the device to be off/closed, no matter what the controller says.
Also, the remote control computers are usually programmed to operate independently of the master control station. Whenever the master control station goes down (a fairly routine occurance in most plants), the remote controllers keep the plant running based upon their pre-programmed control algorithms and upon the last instructions ("Keep the tank level between 12 and 15 feet") that they received from the master control station.
Every water plant I computerized in my career had this 3-tier architecture: master, remote, manual-overrides.
Because the remote controllers can carry on for some time (hours, at least), in the absense of the master computer, failure of the master -- say, to reboot it after a Y2K-induced freeze -- is not a big deal. And because of the manual-overrides, the plant can be run manually even if the remote controllers fail or start issuing goofy commands.
The real risk for a computerized plant experiencing y2k problems is not that you won't receive fresh water or have your sewage treated -- it's that the city will be paying large amounts of overtime for the extra staffing it takes to run the plant manually. If a city is dumb enough to not have the staff on call during that critical period, then it IS possible for y2k problems to become visible to the public in some way more dramatic than an increased personnel budget. Also, I worked on a few plants where the engineers were so insanely stupid that they allowed the manual overrides to be built into the remote controllers, not independent of them. I always lobbied hard to have such insanities corrected and was usually successful. Those plants without independent manual overrides are the ones in true danger. But I gotta tell you, the plant designed by such intellectual giants are in serious trouble *without* y2k.
All in all, I'm not worried -- I expect to get water and flush the toilet on the 1st without causing the collapse of civilization.
Wayne Conrad
