Millennium Compliance (Defence)

§ Mr. David Atkinson (Bournemouth, East)

There are now 284 days to go until the new millennium. Unfortunately, even as the champagne corks are popping at midnight on the eve of the new century, events will begin to unfold over which we will have little control, to which we can only respond as best we can and which no one can guarantee will be avoided.

I am, of course, referring to the effect of the so-called millennium bug on those computer systems upon which all of us today rely to sustain our standard of life but which, some experts predict, will cause chaos, confusion and even catastrophe that will be world wide: commencing in New Zealand—the first to enter the new century—and, like a tidal wave, moving at the speed of time westwards across the planet, wrecking whole societies in its wake.

I should emphasise that that is a domesday scenario suggested by some. Others predict that we will instead experience a slower breakdown of essential services and critical infrastructure as the computer services which deliver them come up against a date that they do not recognise—the year 2000.

I was the first to raise the issue in the House, as long ago as 7 December 1995, in a question to the then Prime Minister. Today, because of the ever-wider coverage given to the issue—and thanks to the Government's quarterly reports to Parliament—there is no excuse for any politician not to be aware of the issue and not to be ensuring that everything possible is being done to respond to it, both nationally and locally.

One of the most important aspects upon which we should be certain that our computer systems are millennium-safe concerns our national defence and security. In 1996, alarming reports began to appear in our national press. Sunday Business, on 17 November, warned that the UK may be defenceless in the Year 2000. Rachel Oldroyd reported: Technology experts are warning that the country's entire defence infrastructure will fail at the end of the century unless immediate action is taken to rectify a serious flaw inherent in many of the Ministry of Defence's computer systems, space satellite communication systems, logistic systems and weaponry. The systems will fail, according to experts employed by the Government, because many computer programmes and computer chips embedded within machinery including nuclear weapons are unable to recognise the Year 2000.

§ Mr. Brian White (Milton Keynes, North-East)

The hon. Gentleman will be well aware that the UK systems are now millennium compliant. Will he comment on European systems and, in particular, the ex-Soviet fleet in the Arctic, which is not millennium compliant and may pose a danger to this country?

§ Mr. Atkinson

I was not going to comment on the issue, but no doubt the Minister will have heard the hon. Gentleman and may wish to reply if he has time.

298 The Daily Telegraph of 31 August 1996 reported that particular problems were predicted on 22 August 1999, when the global positioning satellite system used to direct cruise missiles to their targets, supertankers into harbours and aircraft to airports will reset its date to 6 January 1980 because of a year 2000-related fault.

In his letter to me of 1 December 1995, the then Prime Minister, my right hon. Friend the Member for Huntingdon (Mr. Major), had assured me that appropriate measures are already in hand". That was subsequently confirmed in a detailed reply by the then Defence Minister, my right hon. Friend the Member for North-East Hampshire (Mr. Arbuthnot). That early work by the previous Government in response to the problems posed to our national defence by the millennium bug was acknowledged in the letter that Lord Gilbert, a current Defence Minister, sent to the hon. Member for Leicester, South (Mr. Marshall) on 1 June 1997, which concluded: I hope this gives you confidence that we are taking vigorous steps to ensure that UK defence systems are not at risk. I applaud the present Government's continuation of the previous Government's work to address the threat posed to our defence by the millennium bug. I note that I am not alone in looking forward to learning from the Minister the latest position regarding the millennium preparedness of the critical computer systems of all three armed services, especially in view of last week's quarterly report from the Leader of the House suggesting that key Ministry of Defence agencies are not likely to be millennium compliant until late December.

I am sure that the Minister realises that it will not be enough to assure the House that the computer, information, satellite communication and logistics systems and weaponry concerned with the defence of this United Kingdom will be millennium ready, because we are in alliance with 19 other countries in NATO, and 10 in the Western European Union. Our computer systems are linked to and interdependent with theirs.

Just as Action 2000 is currently emphasising in its newspaper advertising campaign that If a business you rely on isn't ready, you aren't ready", the same logic applies to the computer links with our allies. It is essential for the maintenance of the entire defence of Europe that all the systems of all our allies continue to function without interruption. I seek an assurance on that from the Minister, but from the evidence that I will now share with the House, he will not be able to give it.

Two years ago, I proposed to the technological and aerospace committee of the Western European Union that we should investigate the alarming reports that this country, and therefore all member states, might be rendered defenceless by the bug. I had hoped that the WEU assembly might debate the outcome of that investigation in December 1997, but that debate did not take place until the most recent session, last December.

The committee agreed that its chairman, the hon. Member for Leicester, South should approach the Defence Ministers of the 10 WEU states to find out how they were responding to the millennium bug, so that we could take a considered view on whether the WEU as a whole was responding adequately to the threat. My report, 299 document 1622, records the responses that he received, together with those from the WEU council, the satellite centre and the assembly.

From those responses we were able to conclude that Belgium, France, Germany, Luxembourg, the Netherlands and the United Kingdom are fully aware of the problem and are taking the action necessary, as, it would seem, are the WEU council, the satellite centre and the assembly, although, as I pointed out in presenting my report to the assembly last December, it should be aware that we now know that any assurance Microsoft gave that its most recent systems will not be affected must now be disregarded. Even Windows 98 will not be compliant without action being taken and tested.

We could not conclude that the computer systems involved in the defence and security of Europe, as provided for under the Brussels treaty, would be millennium compliant, because the hon. Member for Leicester, South has received no replies from four member states—Spain, Greece, Italy and Portugal—even after a second approach.

Moreover, as and when members of the assembly press their Governments in their own Parliaments, such as ours, on whether they can guarantee that the computer systems of the public services and infrastructures on which their armed services rely—including electricity supplies, rail or air traffic control systems—will be safe from the bug, they will not be given such an assurance.

In view of that, the assembly unanimously endorsed my recommendation—No. 6362—on the millennium bug and its consequences for European defence. In seeking an assurance that European defence would not be at risk, it urged the WEU council to report to the assembly on its response to the problem and on any contingency plans that had been drawn up.

Earlier this month, the council replied to that recommendation, but the reply is totally inadequate. It ignored our principal conclusion that, because four member states had ignored our request for information, we could not be assured that European defence would not be at risk. The council has not told us whether WEU is or will be millennium ready as a defence alliance. Nor has it said whether contingency plans have been or are being drawn up. I look forward to hearing from the Minister whether the collective defence of WEU member states will be at risk at the end of the year.

Let me turn to the NATO alliance. When the technological and aerospace committee visited the United States of America in 1997, it was briefed on the Department of Defense's Year 2000 management plan, dated April 1997. In his introduction, the then Under-Secretary of State, Emmett Paige, emphasised that that Department relies heavily on computers in the deployment of weapons. When the computer fails, the weapons systems fail.

However, in the British-American security information council's report, "The Bug in the Bomb: the impact of the Year 2000 problem on nuclear weapons", which was published last November, it appears that the Pentagon's efforts to meet the fast approaching deadline are "a mess", with what the report calls severe and recurring problems across the spectrum". 300 The report says that initial research findings by a number of agencies and teams of experts inside and outside the USA's Department of Defense have resulted in no confidence that the Department's programme will meet the challenge. The Deputy Secretary of Defence, John Homre, is quoted as admitting that everything is so interconnected, it's very hard to know with any precision that we've got it fixed". This worrying situation appears to be confirmed in Connected, a supplement of The Daily Telegraph, which, on 31 December, contained an article headlined, "The bug bang". Simon Davies reported that at a meeting on 25 September a group of high level officials met at Mr. Homre's office to review the potential impact of the millennium bug. Admiral Richard Mies, the commander-in-chief of US Strategic Command—STRATCOM—bluntly told the meeting that the nuclear defence system was not millennium compliant. He warned that 11 crucial STRATCOM nuclear systems would not be fixed in time. He added that 12 new systems currently in development would also not be compliant.

In other words, says The Daily Telegraph, at least 23 control systems at the heart of the USA nuclear arsenal might fall victim to the millennium bug. If the computers fail to recognise the rollover, they might react in 100 different ways, from creating a false attack alert to blacking radar systems.

If what I have said is remotely accurate, it would appear that with only 284 days to go, we cannot conclude that the member states of the WEU and of NATO will not be rendered defenceless by the millennium bug. Nor can we guarantee that we will not be at risk from accidental nuclear attack, as the Federation of American Scientists has warned. As the report "The Bug in the Bomb" concludes: the only prudent course may be to de-alert or even de-activate those nuclear missile systems where date-related malfunctioning in associated command, control and communications systems poses even a remote possibility of accidental launch. We know that a similar risk of accidental launch of missiles exists from other countries with a nuclear capability, such as Libya, Syria, Iran, China, Russia and North Korea, because so much of their computer software has been pirated that they lack the source code to correct it, unless the Americans are prepared to share information to guard against a launch based on faulty data.

Nor can we rule out a calculated launch, as suggested in the Sunday Telegraph on 6 December, which quoted an American defence official as saying: If Saddam Hussein wanted to launch an attack, 1 January 2000 would be the day to do it. I look forward to hearing from the Minister on the current state of preparedness of UK defence, about the collective defence of western Europe in our alliance with the WEU and NATO, and about the risk of accidental launch of ballistic missiles and nuclear weapons from unfriendly countries unable to cope with the millennium bug.

In particular, will the Minister respond to the key question posed in The Daily Telegraph in an article on 31 December, on which his Department declined to comment? If Britain and the US are partners in an integrated nuclear defence system, then how will the possible failure of 23 critical American systems affect our own systems? 301 Will he support the endorsement given by the WEU assembly to resolution 1167, passed last September by the Council of Europe, calling for an internationally agreed standard of millennium conformity; and will he say how far that has progressed? An internationally agreed test day should be held as soon as possible to put right the problems that will, inevitably, be exposed. Finally, will the Minister tell the House of the proposed involvement of the British Army in providing back-up to the police from new year's eve to deal with any civil emergency arising from any breakdown of public services due to the millennium bug, as suggested in the memo by the Secretary of State for Scotland last November?

§ The Minister for the Armed Forces (Mr. Doug Henderson)

I congratulate the hon. Member for Bournemouth, East (Mr. Atkinson) on securing this debate on such a crucial issue. I am sure that he is as pleased as the rest of us that he was able to address the House at this time instead of somewhat later, as was threatened earlier in our proceedings. I recognise the hon. Gentleman's important work on raising awareness of the issue, which he has undertaken as Deputy Chairman of the Select Committee on Science and Technology, and as rapporteur on the year 2000 computer date change problem—or, as it is otherwise known, the millennium bug. I thank him for his remarks about the Government's work on the problem.

The hon. Gentleman covered a lot of ground. I propose to try to cover the points he raised in connection with our response as a nation, and the responses of our allies, our friends and NATO. I shall also try to refer to the point raised by my hon. Friend the Member for Milton Keynes, North-East (Mr. White) in relation to Russia. If I have the time, I shall also refer to the point made about support for civil authorities. The question of the minutiae of various manoeuvres in the WEU would be better raised in that forum rather than here, but if the hon. Member for Bournemouth, East wishes to write to me on specific points, I would be happy to try to deal with them.

The first question raised was about the preparedness of the Ministry of Defence and the armed forces. I wish to amplify the remarks made by my right hon. Friend the Leader of the House in her statement last Tuesday on progress by the Government and key parts of the national infrastructure in tacking the millennium bug. She said that the Ministry of Defence was making good progress in dealing with the bug, but that it was a large and complex programme and there was no room for slippage. I agree with that point.

The Ministry of Defence year 2000 programme is, indeed, the largest and most complex in central Government, and accounts for about half of the total central Government expenditure of some £400 million. The programme receives the highest priority in the Ministry of Defence, with the exception only of meeting key operational commitments.

So far, many more than 30,000 systems employing computer-based technology have been assessed within the Ministry of Defence and its associated agencies. Work on many of them is already complete. For example, the Ministry of Defence centre and the armed forces have so far completed work on around 65 per cent. of all systems. It is expected that work on 95 per cent. of those systems determined to be critical to defence will be completed by 302 the autumn, with the remainder finished before the end of the year. I can say that for the three services, we are confident that by August this year, all Royal Navy ships and submarines will be year 2000 compliant, that all Army front-line systems will be compliant by September and that all Royal Air Force aircraft will be mission capable through the millennium by the end of May.

Year 2000 rectification work is time consuming and has to be carried out to the highest standards. Within the Ministry of Defence, our progress is reviewed monthly by Ministers, including myself, and senior staff, and is a standing item on the defence council agenda. We are certainly not complacent about progress and we have put in place an independent audit programme to provide additional assurance that the work is carried out correctly.

Even so, there may be unforeseen failures, as the hon. Member for Bournemouth, East pointed out. For that reason, we are developing contingency plans to cope with the unexpected, which might arise. In any year 2000 programme, individual systems must be made compliant, but the interconnections between systems must also be checked. During this year, our overall readiness will be validated in a number of exercises. These will show that the checks and rectification work have been successfully carried out, and that our contingency plans and fallbacks really do work. For example, we are well aware of our dependency on the communications infrastructure of NATO and other nations. I will describe our co-operation with those nations later. In our own programme, we are demonstrating our ability to maintain the command and control of our forces deployed overseas using our wholly owned, year 2000 compliant communications systems. Almost all the work will be complete by late summer this year.

I turn now to the work that is taking place with allied nations. The Ministry of Defence and the United States Department of Defense have been proactive in raising this issue in NATO and with our NATO allies. An international group on defence has been formed to address the impact that the millennium bug could have on allied and coalition operations. Currently, participants include the United States, the UK, Australia, Canada, New Zealand, the Netherlands, France and Germany. NATO is also represented, providing liaison between the group, the work within NATO and other nations. The next meeting to review progress will be held in July.

The role of the group is to exchange information on the progress each country is making in dealing with the problem. The group deals with common issues, such as ensuring that electronic data exchanges between defence forces will not be affected, and co-ordinating operational planning and priorities over the millennium period. It also seeks to raise awareness in the defence forces of other nations with which we co-operate.

NATO has established a team, under the auspices of the NATO command and control and communications board, to deal with the millennium problem in NATO-owned systems and in those that cross NATO-national boundaries. The UK works closely with the NATO team to ensure that NATO-UK issues are promptly addressed. To address the points made by my hon. Friend the Member for Milton Keynes, North-East and the hon. Member for Bournemouth, East, a working group met in January, under the auspices of the 303 NATO-Russia permanent joint council, to exchange year 2000 programme information; that meeting was well attended by NATO nations.

We have made it clear that we are prepared to share our expertise—we think that we have a lot—and experience, and to contribute our resources to ensure safety and security in military and linked operations throughout the world, including the former Soviet Union—especially Russia. We want to give help where we can and in establishing links with those countries, we can be assured that systems in those countries are safe. The initiative is important and I hope that we shall make progress, although I realise that time is short.

In addition to playing a leading role in NATO and the wider international year 2000 defence group, the UK has also been to the fore in raising awareness and exchanging information with other nations bilaterally—for example, we introduced initiatives to Russia on that basis. Last year, my right hon. Friend the Secretary of State signed a letter of intent with France covering exchanges of information on a range of topics, including the year 2000.

The question of nuclear safety has been raised. I want to reassure the hon. Gentleman and the House that the Trident system has been checked very carefully as part of our overall programme. There are no computer failures, whether induced by the year 2000 problem or by any other cause, that could result in the accidental launch of a Trident missile. There has been some speculation in the 304 press about the operation of the Trident system, especially about the compliance of some American nuclear systems. We enjoy a close relationship with the US Department of Defense on year 2000 issues; we were notified by that Department in December 1998 that the mission-critical subsystems of the Trident II, or D5, strategic weapons systems as operated by the Royal Navy had been certified as Y2K compliant.

The hon. Gentleman raised the question of support for civilian authorities, and others have raised that matter with my noble Friend Lord Gilbert, the Minister for Defence Procurement—who has specific responsibility for such matters—and with me. I can assure the House that our armed forces will, as usual, be ready to provide assistance to civil authorities, within the constraints of resources and other operational commitments.

As I have said, my right hon. Friend the Secretary of State for Defence regards tackling the millennium bug as one of his highest priorities, second only to operations. The Ministry of Defence has the largest remedial programme in Government and I know that we are on track to complete it. We are at the forefront of work with our NATO allies and partners to ensure that the international dimension is properly dealt with. We are satisfied about the security of our nuclear deterrent, and we have put in place sensible plans to deal with international risk and any domestic civil emergency in respect of the millennium change.