Feeds

Making pigs from sausages

Need to port a system but think it's too complicated?

  • alert
  • submit to reddit

3 Big data security analytics techniques

Comment Imagine the following situation. Many years ago, your company commissioned a computer system. It is all working perfectly but you want to upgrade it in ways that could not be conceived when it was designed. You may, for example, want management reports or data input via the internet. Then again, perhaps you would like to interface to a new database. Often it is necessary to bite the bullet and port your system onto a new platform.

Now let us add an extra problem and imagine that the original program was written in assembler. No matter how good the quality of the code, one thing you can say about assembler is it is not portable.

Actually, there is a big problem with old assembler programs. Where do we get assembler programmers to maintain them? The young Turks who wrote the system are getting on and they may have retired or they may have been promoted and now they manage rather than do. Assembler is no longer being taught in computer science courses and, worse, someone who has grown up with modern languages, such as Java or C#, will not gain an understanding of essential concepts, such as pointers.

This is not such an uncommon problem as it may seem because a well-written program can go on for years. Over time it is modified until it fits the business perfectly and very often no-one knows exactly what is does. By now, all the people who ran the original manual system have retired and the original documentation has long since been lost. Businesses just cannot afford to commission a new program.

So, we have an assembler program that we cannot afford to replace and in the future we will not be able to maintain it. It is possible to convert the structures of assembler into a suitable higher language and I have done this by hand on several occasions. It is a dreadful business but at least you know that what you have is the same as what you started with and the final package is maintainable. This is fine when you distil 4000 words of assembler into 1000 lines of C but what about the case where you have 1,000,000 words of assembler?

Software Migrations Limited is a St Albans based company that specialises in converting assembler code into computer languages. Currently, it can convert to COBOL and C, but the company is looking to produce other languages in the future. The amazing thing about its process is it produces readable, good quality source code. This is the reverse of the usual process whereby we compile language code into unintelligible Hex machine code. Software Migrations call it "making pigs from sausages".

The process is fully automated after tool customisation. Software Migrations configures its conversion program with the customer's coding standards - both for the original assembler and for the desired output - and then convert the assembler. They will encounter problems, which must be solved and then the process is repeated until it all works.

As part of the analysis, the integrity of the assembler is checked. Very often, one might even say invariably, errors are detected. Often there is unreachable code. Sometimes this is deliberate where a modification has rendered a section obsolete and the programmers have just jumped round it. Occasionally this is the solution to some mysterious problem that has plagued the IT department for years. There have been times when a section of code is pure nonsense. In this case, it may not be possible to generate high-level language code that will compile. On investigation, it is invariably found that this code was never exercised by the test harness and the case it was supposed to action has never come up.

Eventually all the problems are solved and it is possible to do a clean run through. That is when the system is frozen. Up to this point, the system has been running in the usual way. Not only has the day-to-day processing been proceeding but also the programmers have been maintaining it and adding modifications as normal. A time is fixed, generally on a Friday evening, and all the programmers are sent home. The system is converted and all the previous couple of weeks work in adjusting and fixing comes down to a high powered computer throwing numbers around for a few hours.

Once the final checks are made, the new program can be installed. On Monday morning, the programmers come in to work and carry on as before. Now, however, they are working in C or COBOL instead of assembler.

I am very impressed by this product. There are two points in particular that hit me. As stated earlier, I have done this by hand on a small scale and one surprising problem is the comments. Originally, the comments may have been meaningful but many modifications later they can be plain wrong. It is so easy to be misled by them. The Software Migrations system, being fully automated, completely ignores the comments and works solely on the analysis of the code. By the way, the original comments are added to the new source code so that future programmers can be puzzled, amused or edified by them.

The other point is the time taken. Converting by hand takes a very long time and it not only ties up the programmer workforce, but during that time it is virtually impossible to do any maintenance work. The trouble is that any modifications made may render obsolete a whole load of conversion work. Further, once it is done, there must be a huge amount of testing to uncover the errors and let me assure you there will be many errors. With an automated system, the actual conversion is quite speedy so the maintenance work can proceed right up to the wire. Similarly, it is possible to do advanced testing on preliminary conversions and fix the problems ahead of time.

It is never painless to port a system, and porting from assembler to a high level language will always be difficult. However, I think that Software Migrations make about as easy as it can be.

Copyright © 2006, IT-Analysis.com

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.