Legacy Modernization: How to Scale Your Approach and Reduce Delays

by

There is no question that application modernization has become a top priority for IT leaders.  According to Gartner, for every dollar spent on digital innovation, three dollars are spent on application modernization.  However, how to best control the cost and set a reasonable pace for application modernization eludes even the most hands-on CIOs.  Plagued with never-ending project extensions and failed migrations, the movement to modernize legacy applications is off to a rocky start for most organizations.

Legacy Modernization: A Lift and Shift in Mindset

There are many paths to a modern IT landscape, among them the lift and shift to the cloud, light refactoring, and shifting an entire business process to a SaaS solution.  Legacy applications need to maintain their current business functionality very closely, because of their proprietary internal processes or intellectual property (IP), making them more difficult to migrate to a modern cloud platform without significant restructuring.

Working at CAST, I engage with  IT leaders from a wide variety of sectors.  Occasionally, I get questions about translating code from legacy to modern languages, mostly from COBOL to JEE or C#.  These IT leaders are on the right path by bringing their legacy software into more modern languages, but having modern code is only part of a successful modernization strategy.  

Legacy modernization requires a shift in mindset.  It requires looking at the same business process, problem, inputs, and outputs, and solving it with today’s technologies and capabilities.  For example, when transforming a COBOL application (a procedural technology) to C# (an object-oriented technology), a direct translation will not provide the same functionality.  Further, the need to transform legacy monolithic applications into loosely-coupled service-oriented systems requires a transformation not only in code, but in the design of system architecture.  The infrastructure technologies now available, such as scalable cloud and serverless cloud, should encourage all IT leaders to think about completely recreating the same features and functions, not just replicating them.

While the idea of shifting the design of a legacy application may seem daunting, there are some great tools and frameworks that can help your team make a large scale modernization project more efficient and successful.

Improve Planning and Analysis with a Software MRI

As you know, legacy applications often contain millions or tens of millions of lines of code written over its lifetime - sometimes up to half a decade.  While that’s only half of what qualifies as a true antique in the physical world, in the digital world, legacy code is positively ancient.   It’s an impossible task for humans (who may not be familiar with the code) to truly understand and document how a piece of an legacy code works within a web of interrelated programs, files and transactions.

To expedite the discovery and analysis phase, modernization teams need to be able to rapidly and thoroughly assess their legacy software.  I’m not talking about dependency mapping, though that’s not far off.  I’m talking about a way to automatically document every procedure and how they interact with other procedures, files, transactions, databases, and batch processes.  A deep analysis and visualization of software structure that captures every line of code is the only way to truly understand the software at hand.  

The risk of misunderstanding a piece of code is detrimental.  I recently worked with a customer who was documenting their legacy system.  While they were not explicit about what they were looking for, I witnessed an aha! moment.  CAST was helping them analyze a large legacy application using the visualization solution, CAST Imaging.  CAST Imaging allows customers to deeply analyze the intricacies of their custom software and present it visually.  As we explored the application with the customer, one of their senior engineers discovered that a program was leveraging a supposedly deprecated VSAM file.  “That VSAM file was not supposed to be used,” he said, surprised by the finding. “We wrote out that dependency in the 80s!  That’s why we could not figure out how that transaction was getting the calculation value.”

Figure 1 - CAST Imaging Visualization of a Complex Legacy Application

Of course, automated visualization is not enough.  But the ability to understand complex software structures and understand business requirements is critical to legacy modernization.  Combined with CAST's MRI-like software visualization, modernization teams can confirm their functional knowledge of what was implemented years ago, and zoom through the discovery phase with confidence.

Minimize Project Delays by Scaling Your Best Engineers

The best legacy modernization teams are those that can identify patterns and industrialize the modernization of similar patterns.  One particular team was able to identify all updates (writes) to a data file in a mainframe program that originated from the same batch job and used two or three of the same data variables.  Then, they would deliberate and try to rebuild two or three of the procedures that fit this pattern in a more modern language and architecture. After, they would round up a team of developers and explain what they’ve done.  They would provide the pattern, ask the team to find the rest of them, and ask them to transform those procedures in the same way they did.

While this is a reasonably successful process, it took far too much time.  First, the initial identification of the patterns was a mostly manual read through the code which took a long time even with the application's original developers. Now, imagine tasking developers who were not familiar with the legacy language to find the same patterns. Rewriting the code was the easy part for the team, but explaining how to rewrite from a procedural language into an object oriented language sitting on a service architecture was not so simple.  Mistakes were made, and the original team often had to jump in to fix what was done.  This created repeated delays of the project.

Scaling your best engineers is the right idea, but you have to provide the right help and guidance.  With CAST Imaging, which rapidly detects patterns that leverage the same software components, the teams can fly through the discovery and analysis phase, and get down to redesigning within days. They no longer have to delegate the search for additional similar patterns to developers.  They can simply create a report via CAST Imaging that lists all the patterns they want the developers to work on transforming.  Often, with well-planned lists and transformation roadmaps, the work can even be automated.

Once the target architecture and environment is identified, the team could use a solution such as CAST’s Architecture Studio to define it clearly and visually for the development team.  Here, developers can submit their code to Architecture Studio to see if their transformed procedure complies with the new service-oriented design before the team needs to get involved.  This boosts the autonomy of the development team, along with their confidence. 

Figure 2 - Define Target Architecture and Check for Compliance in Architecture Studio

With these helpful solutions, the modernization team can eliminate delays and quickly scale up their workload.

No matter the size and experience of your team, modernizing legacy applications is no small task. To learn more about how organisations are leveraging CAST's 'MRI for Software' to help expedite and succeed in their application modernization, read our guide below:

New call-to-action


Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
Making sense of cloud transitions for financial and telecoms firms Cloud  migration 2.0: shifting priorities for application modernization in 2019  Research Report
Jerome Chiampi
Jerome Chiampi Product Owner
Jerome Chiampi is a Product Owner at CAST and is responsible for helping clients leverage Software Intelligence products to reduce software risk. He has 20 years of experience working in the software industry and is a trained software development engineer with expertise in assessing software and application security.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|