United States Air Force SBSS ILS-S COBOL to Java on AWS Modernization
A major component of the system is 54 years old, written in COBOL, and provides retail-level business logic. The component runs on mainframes that have proven to be extremely difficult to change and manage, and the DoD needed to modernize the component to drive down operating costs and move to an open platform, while retaining all functionality....
When that stalwart of facile enterprise development, Visual Basic 6, was retired by Microsoft, it left companies with a variety of problems. While many were able to immediately upgrade to Visual Basic .NET, Java, C++ and other platforms, cases remain in which VB6 was so embedded in the software infrastructure that it could not be easily changed or extricated. TSRI has been working on code transformation of numerous languages for many years, and now includes VB6 transformation.
During the past two months Federal government modernization has gained steam--first with the Administration’s modernization plan, released for comment at the end of August, followed by final movement on the critical Modernizing Government Technology (MGT) Act which gained Senate approval on September 18.
PowerBuilder, with its ever-popular DataWindow IDE feature, and strong client-server orientation, is still an important coding mechanism. It has fallen out of favor in recent years, however, and its codebase has been neglected and moved to Sybase, then to SAP, and now to Appeon. Due to a few missteps along the way, and a late.NET capability addition, many companies are choosing to discontinue their use of PB and move to newer platforms.
Cybersecurity in the government has certainly come into focus recently as we have witnessed sensitive document troves exposed on WikiLeaks along access to government information from transaction systems. Perhaps the most serious of the latter was the 2015 incident in which the Federal Human Resources database was hacked for more than 22 million records containing sensitive personal information such as Social Security numbers. In this incident the source of the problem was 30-year-old mainframe software written in COBOL that was too technically obsolete to encrypt personal information. This raised the discussion of legacy system security to a new level.
Code modernization has become increasingly important as we move toward integrated cloud-based and virtualized software environments. Modernization of code permits legacy applications to continue functioning efficiently and securely without a complete rewrite. This makes it possible to meet the demands of today's infrastructure requirements without high cost or compromises in security or functionality. Companies need to expand services, access improved processes and use resources more efficiently. This demands architectural changes. Bringing these trends together, containerization under Docker has created a new model for application deployment that provides numerous advantages to program operation and interoperability, but requires special accommodation.
When it becomes apparent that legacy code must be replaced, modernization is often the best possible strategy. With code modernization it is possible to refine the original code and bring it up to modern practices, as well as integrating it with existing software. One of the problems with modernization, however, is that critical applications tend to have thousands of lines of code and a manual rewrite is often impossible. To re-create the software requires a project of similar magnitude to the original development; to leave most of the code intact as a “black box” and build around it results in numerous security issues and inefficiencies, as well as inability to leverage emerging technologies.
In addition to performing documentation, transformation, and refactoring tasks all in-house, TSRI offers the ability for partner organizations to tap into TSRI's ability to parse legacy applications into an intermediate model stage--what we call Common Model Exchange. This provides you with the ability to use your technology against applications written in any of the 32+ legacy languages that TSRI supports, at any stage during a code documentation, transformation, or refactoring project.
If you've ever seen the MUMPS language (used by many healthcare applications in the federal government), it's not the easiest language to understand. One of my colleagues describes it as looking like "a cat walked across the keyboard". Modules are represented by numbers, so "laboratory" might be 332 and "x-ray" might be 497. That's only the beginning.
Modernization of code demands a high degree of precision. It is absolutely critical that the reengineered software performs in the same manner as the original. This requires two things: a rigorous approach to code refactoring based upon tried principles which retain the underlying logic; and a well-planned and consistent program of testing to ensure that logic is preserved and improvements do not in any way alter the function of the code. Testing is vital. Companies need to be certain that their modernized critical software will perform according to exact the same rules as the original.
Code modernization can create some interesting problems these days as business and government attempt to upgrade legacy systems. The route ahead is not always clear. Legacy systems may be in a variety of different languages installed for different purposes to meet the needs of the time. Even the transformation target itself can be problematic. Whether code is better translated into Java, a C variant, Python or something else demands consideration of the environment in which the code will reside, its interconnections, as well as the characteristics of the output language and its suitability. Economics rises as an important issue with older or obscure languages that do not have a breadth of available talent.
Enormous amounts of COBOL code have been created and relied upon for decades. It really is the bedrock of early computing. But now, ancient COBOL systems are challenged because the original assumptions under which the code was written are no longer valid. COBOL was designed as a robust business language to handle batch oriented database operations in an ACID environment. Today, these vital systems, including financial, security, transportation, and healthcare solutions continue to run. But access is changed, processing requirements have changed, and the availability of coders to understand, maintain, and augment the systems diminishes year-by-year.
The recent successful and attempted attacks on critical government legacy information systems at the Office of Personal Management and the IRS have provided a stark reminder of just how vulnerable these older systems are. Commercial systems are not immune to criminal and foreign agencies either, and in fact, may have more to lose in the near term in lost revenue, IP theft, negative branding, and the scandals lingering often for years. Sony, Anthem, Banner Health, Home Depot and many others can testify to this fact.