Cybersecurity in the government has certainly come into focus recently as we have witnessed sensitive document troves exposed on WikiLeaks along access to government information from transaction systems. Perhaps the most serious of the latter was the 2015 incident in which the Federal Human Resources database was hacked for more than 22 million records containing sensitive personal information such as Social Security numbers. In this incident the source of the problem was 30-year-old mainframe software written in COBOL that was too technically obsolete to encrypt personal information. This raised the discussion of legacy system security to a new level.
When it becomes apparent that legacy code must be replaced, modernization is often the best possible strategy. With code modernization it is possible to refine the original code and bring it up to modern practices, as well as integrating it with existing software. One of the problems with modernization, however, is that critical applications tend to have thousands of lines of code and a manual rewrite is often impossible. To re-create the software requires a project of similar magnitude to the original development; to leave most of the code intact as a “black box” and build around it results in numerous security issues and inefficiencies, as well as inability to leverage emerging technologies.
If you've ever seen the MUMPS language (used by many healthcare applications in the federal government), it's not the easiest language to understand. One of my colleagues describes it as looking like "a cat walked across the keyboard". Modules are represented by numbers, so "laboratory" might be 332 and "x-ray" might be 497. That's only the beginning.
Modernization of code demands a high degree of precision. It is absolutely critical that the reengineered software performs in the same manner as the original. This requires two things: a rigorous approach to code refactoring based upon tried principles which retain the underlying logic; and a well-planned and consistent program of testing to ensure that logic is preserved and improvements do not in any way alter the function of the code. Testing is vital. Companies need to be certain that their modernized critical software will perform according to exact the same rules as the original.
Enormous amounts of COBOL code have been created and relied upon for decades. It really is the bedrock of early computing. But now, ancient COBOL systems are challenged because the original assumptions under which the code was written are no longer valid. COBOL was designed as a robust business language to handle batch oriented database operations in an ACID environment. Today, these vital systems, including financial, security, transportation, and healthcare solutions continue to run. But access is changed, processing requirements have changed, and the availability of coders to understand, maintain, and augment the systems diminishes year-by-year.
The recent successful and attempted attacks on critical government legacy information systems at the Office of Personal Management and the IRS have provided a stark reminder of just how vulnerable these older systems are. Commercial systems are not immune to criminal and foreign agencies either, and in fact, may have more to lose in the near term in lost revenue, IP theft, negative branding, and the scandals lingering often for years. Sony, Anthem, Banner Health, Home Depot and many others can testify to this fact.
You have a mandate to move to a modern architecture, but have a strong development/maintenance team based around your existing languages. The solution? TSRI continuous automation using our 100% automated transformation, documentation, and refactoring engine, JANUS Studio®.
After TSRI transforms your existing application into its modernized functional equivalent, your team can continue to develop in COBOL, RPG, PowerBuilder, JCL, or any other legacy language. On a weekly, monthly or other regular basis, TSRI will take a new baseline of your application and transform any deltas in minutes, update your code documentation, and fully apply any refactoring or other code improvements already used on the application. Technically, the process takes only minutes, and functionally, your team can continue to use agile code development to maintain and enhance your modernized applications, using the same original source language they are familiar with.
This process, in combination with full “bridge documentation”, allows you to retain valuable subject matter experts while also migrating your legacy application to a modernized functional equivalent. As a result, migrating your vital legacy applications no longer means the elimination of your well established development team.
For more information about past projects where TSRI has deployed our Continuous Automation solution, or about our transformation capability, please contact us.
The Software Revolution, Inc. (TSRI) is a privately held small business based just east of Seattle in Kirkland, WA. TSRI’s founder and CEO, Philip Newcomb, began his research in artificial intelligence based software re-engineering tools at the Air Force's Rome Labs in the 1980s and early 1990s. Mr. Newcomb harvested that work and established TSRI in 1995 to commercialize this technology. TSRI grew in the late 1990’s as this technology was used for Y2K inspection and validation.
Since 2000, Mr. Newcomb has led a team of experienced IT engineers in developing a software re-engineering toolset called JANUS Studio®. This technology has grown and matured with each of its more than 85 software modernization successes.
The processes and technology developed by Mr. Newcomb and TSRI were done so with one guiding focus; provide the highest level of automation in the industry. The reason for this focus is simple, manual code re-writes are error prone, time consuming, and the difficulty of a manual code translation increases exponentially with a system’s size. For a manual translation of a system over a hundred thousand lines, success is nearly impossible. This is well known. As a result, nearly all companies performing legacy modernization today are using software tools. But none, save TSRI, claims a level of automation approaching 100%.
One TSRI competitor even suggests that, “…100% automation is not the answer.” TSRI asks, “why not?” Any code transformation that can be done manually can be replicated within JANUS Studio® using the TSRI rules engine. Once this is done, the transformation can be propagated throughout the system uniformly, error free, and with improved maintainability.
Code quality is assured with coding standards customizable to each customer’s needs.
Recently this business model was tested by a particularly large system consisting of over 5.1 million lines of code and TSRI achieved a 99.98% level of automation. That still left a manageable 1,000 code lines for manual re-write. At our competitor’s level of automation, the remaining code left for manual rewrite would have been near impossible.
TSRI offers the best solution for smaller systems as well. Their litany of previous successful modernization projects provides economy of scale and lessons learned that can be applied to any legacy system.