It's not the winning. It's not even the taking part. The most important issue is: will this summer's Olympic Games be ready on time?

Athens was awarded the Olympics in 1997 and the Athens Organising Committee (ATHOC) has been busy over the last seven years formalising the Games' supporting venue, transport and technology infrastructure.

Time is tight - the Games start on August 13 - and there's still plenty of work to be done.

Walking around the venues can be an eye-opening experience and construction on some of the main sporting arenas is still to be completed.

'We are not supposed to make comments about the preparedness of the Games - only ATHOC can comment on that,' says Jean Chevallier, executive vice president, Olympics and Atos Origin.

Still, the locals are hopeful. My taxi driver from the airport to the hotel was convinced the city would be ready for next August's influx of international athletes and tourists.

The level of construction particularly impressed him. A new metro and 210km of upgraded roads will help relieve pressure on the city's clogged up, internal arteries.

Slowly but surely, Athens is getting itself ready for the party. And what the taxi driver couldn't see was the work being completed behind the scenes - particularly the work on the Athens Games' underlying IT systems.

Atos Origin is providing and managing the technology for next year's Athens Games, as part of the world's largest sports-related IT contract.

The deal, awarded in 1999, covers last year's winter Games in Salt Lake City, Athens 2004, the 2006 Winter Olympics in Turin and the Beijing Games in 2008. Each event has an IT budget of $300m - a combined budget of $1.2bn.

IBM previously handled technology for the Games, but Olympic officials decided to use a different supplier following problems at the Atlanta Games in 1996.

'We're not re-inventing technology for the Games. It's low-risk because we have to be ready on time,' says Chevallier. 'We cannot postpone the opening ceremony. We have to make it work.'

He dreads timing failure at a 100m semi-final, where no-one knows who has qualified for the final and the face has to be re-run.

Chevallier and his 2,000 strong team of IT professionals and volunteers plan for a number of worst-case scenarios. Atos Origin has planned for earthquakes and system breakdowns and all data and systems are backed up in secure locations.

'We plan for thousands of scenarios where someone has the intent of breaking the systems,' he said.

The IT professionals and volunteers manage all IT systems and services in the Technology Operations Centre (TOC), which is the hub of Atos Origin's technology organisation.

'This is the war room of the games,' says Chevallier. 'It's where the key people are and where everything is monitored, including crisis management and interfaces with our partners.'

Atos Origin is working with a consortium of other technology suppliers, including Swatch, Xerox and Kodak, in its attempt to provide applications, accreditation, integration and support services.

'It would be a mistake to believe all these processes are technology based,' says Chevallier. 'Humans are vital and all these people working together is an orchestra,' says Chevallier.

And technology, he says, should hum away tunefully and effectively in the background.

'It's not innovative technology. The risk-taking is disproportionate to the amount of time spent testing,' Chevallier says.

He estimates that Atos Origin has spent just 10 per cent of its time delivering and 90 per cent testing.

Good security at a major sporting event, then, is about going that extra yard. Atos Origin runs in-depth tests and live technical rehearsals in an attempt to check the solidity of its network.

'We're testing end-to-end. A shadow team is being proposed that will invent dirty tricks to hack the system from the inside,' says Chevallier.

'This is the most interesting part - if that goes well, the degree of comfort will be very high. We need to check no-one, or nothing, is getting into the system that isn't recognised.'

Dayle Wheeler, security risk manager for Atos Origin and the Olympic Games, says his biggest fear is missing something important.

'The whole reason for us doing the role playing is that we try and think of everything,' he says.

'It's the same as going into an exam. I do my preparation and I do my homework. But I fear that when I do the exam, something will come up that I haven't prepared for.'

Wheeler says he bases his security designs and philosophies on the basics: 'the bits and the bytes'. And security starts, he says, with understanding how the application works.

'You need to have a look at what the server looks like, what's installed on it, how many ports are open and who it communicates with,' Wheeler says.

Once he has full documentation of what a system is and how it works, Wheeler creates his security rules.

Essentially these rules tell Olympic employees what to expect - and he expects staff to tell him if a system does anything out of the ordinary.

'Security is not about making magic - the controls that are in place in the routers, switches, applications and servers. I need to make sure that the defaults are understood or secured,' Wheeler says.

'You can't test for four days before the Olympics. Testing of PC equipment finished in January - that's eight months before the Games.'

A PC Factory ensures all equipment is properly configured and secured prior to placement at the Olympic venues.

The factory is also where everything gets built and is being stored as a dead, safe system.

If, in the intervening period, something comes out that needs to be changed, such as a port that shouldn't have access to the network, Wheeler has to decide how critical it is to push the issue.

'Business management are not going to say it's OK to change something just because you want it,' says Wheeler.

'Changing something means that the entire testing team have to re-test this entire structure - and there are at least five levels of tests. It would cost tens of thousands to re-test a system after my decision,' he says.

'If I say I want a hot fix, management are thinking dollars and staff have moved on to a different function.'

So, instead, Wheeler has a coping strategy.

'Between freeze date and go-live date, I need to evaluate everything that goes on and put a risk value to it,' he says.

'The only area that I spend money on is monitoring. The controls are built into existing devices.'

He estimates that he spends more than 90 per cent of his budget on monitoring software, such as network intrusion detection and host-space intrusion detection software.

Most companies, says Wheeler, spend between 4 and 5 per cent of their infrastructure budget on security products.

Atos Origin are spending well in excess of 5 per cent to protect the Olympics.

'We monitor every part of the network. From an event point of view, it's a question of ensuring every event is 100 per cent secure and safe.'

Team hopes security will keep out the hackers

Dayle Wheeler, security risk manager for the Athens Games and Atos Origin, knows that internal and external hacking will provide the biggest test to IT security at the Olympics.

'I can do something about trying not to forget all the elements of our security strategy,' he says. 'But the biggest fear I don't have some control over is the personnel.'

As part of the technical rehearsal timetable, white hat hackers are going to attempt to come in and cause havoc with the Olympic IT systems for two weeks in July.

'The counter measures will be in place to try and stop them. Everybody likes to use the example of a virus as an example of how an organisation like the Olympics could be affected. But there's huge difficulties involved in getting to a point like that,' Wheeler says.

Anyone attempting to break security during the event itself will have to successfully hurdle a number of barriers.

An individual will have to get past the Olympics' physical security presence, including scanners and the Police.

They will also have to be wearing an appropriate identity badge that provides access to specific areas of the site.

'Even if you manage to get past that level, and on to the technology, the systems are locked down to the extent that you can't do anything other than the function than they were built to do,' says Wheeler.

Unauthorised individuals will find that Atos Origin has reduced most Olympic systems to the most basic possible level, to reduce the risk of hacking and virus uploading.

'I don't load any extraneous software, I don't even put it on the notepad,' Wheeler says.

Effectively, an unauthorised individual will only have access to a simple tool that is wired up to complete one task.

'Now he or she's inside, what will they do? The machine has been stripped down to the bare bones,' says Wheeler.

A hacker can't plug in a wireless card to communicate with external systems.

And they can't plug in additional USB devices, which could be used to provide further connectivity, because Wheeler has removed control of the BIOS, the system that helps an individual manage a PC's attached devices.

Wheeler says that any hacker that attempts to remove the machine in an attempt to get on the network will also be in for a surprise.

Port-level security states communication is supposed to be at a certain level and that each terminal should only uses a certain number of ports.

If an individual tries to use any other ports to communicate, an alert goes up.

'When you get to this level of role play, it's likely to be a volunteer or a member of staff that's wanting to be malicious,' says Wheeler.

'I have controls and mechanisms that are in place that say you shouldn't be communicating at this higher level from this machine.'

Inevitably, he sets accepted traffic levels for every system.

Hacking operations, like buffer overflow - where individuals store more data in a temporary data storage area than was originally intended - are bound to sound the alarm.

'If you have one of these malicious applications to generate random packets, that type of traffic will create an alert which will go over the gauge - and the networking guys will recognise that this machine is very busy, when every other PC is quieter,' Wheeler says.

'There are so many controls that you can put in place if you know exactly how everything works. The mental exercise is to make sure I can think of all of these scenarios.'

Crunching the numbers

When the Games go live in August, a team of about 2,000 IT professionals and volunteers will manage all IT systems and services.

Spread across 60 competition and non-competition venues, the 2004 Games will boast 28 sports that are organised into 37 disciplines and 300 events.

In all, the 2004 Olympic Summer Games will also require two to three times the IT power of the 2002 Winter Games, in Salt Lake City.

But IT budget needed to support this power requirement is not increasing proportionately.

This is because Atos Origin is transferring many of the same technologies used at Salt Lake Games to Athens.

'We don't re-invent the wheel,' says Jean Chevallier, executive vice president, Olympics and Atos Origin.

'The core systems and procedures for people to operate will be the same.'

The demand for technology at a major sporting event is immense.

An expected 200,000 attendees will require accreditation.

The Games will require about 10,000 computers and 450 Intel servers.

Atos Origin is wiring up around 23,00 desktop phones and 13,000 cellular devices.

And the IT company is also providing 9,000 two-way radios, 2,500 Internet terminals, 2,000 fax machines and 2,000 printers.