Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices [Paperback]

Robert C. Seacord (Author), Daniel Plakosh (Author), Grace A. Lewis (Author)

Book Description

ISBN-10: 0321118847 | ISBN-13: 978-0321118844 | Publication Date: February 23, 2003 | Edition: 1

Most organizations rely on complex enterprise information systems (EISs) to codify their business practices and collect, process, and analyze business data. These EISs are large, heterogeneous, distributed, constantly evolving, dynamic, long-lived, and mission critical. In other words, they are a complicated system of systems. As features are added to an EIS, new technologies and components are selected and integrated. In many ways, these information systems are to an enterprise what a brain is to the higher species--a complex, poorly understood mass upon which the organism relies for its very existence. To optimize business value, these large, complex systems must be modernized--but where does one begin? This book uses an extensive real-world case study (based on the modernization of a thirty year old retail system) to show how modernizing legacy systems can deliver significant business value to any organization.

Editorial Reviews

From the Back Cover

"The potential impact of this book cannot be overstressed. Software systems that are not continually and adequately evolved and, in particular, legacy systems that have not been so maintained, can threaten an organization's very survival. I recommend the book as a must for people directly involved in such evolution, whether as customers, managers and resource providers, or as implementers."

--M. M. Lehman, Emeritus Professor, Middlesex University

Businesses inevitably face a critical choice in the design and maintenance of their software systems: Dismantle older systems and completely replace them, or incrementally modernize existing systems. Many businesses choose the latter course, seeking to maximize their existing investment and preserve valuable business knowledge, while adapting to rapidly evolving technologies. Modernizing Legacy Systems is a much-needed guide, showing how to implement a successful modernization strategy and describing specifically a risk-managed, incremental approach--one that encompasses changes in software technologies, engineering processes, and business practices.

Key topics include:

• Making a case for modernization
• Understanding requirements and constraints
• Maintaining performance, data integrity, and security
• Designing and deploying the target architecture
• Migrating code and data
• Estimating costs
• Planning the modernization effort

For every topic, this book presents current standards and available products that support legacy system modernization. In addition, a large retail-supply-system case study--a system written in COBOL being modernized to one based on the J2EE architecture--runs throughout this book to demonstrate a real-world legacy system modernization effort.

0321118847B01232003

About the Author

Robert Seacord began programming (professionally) for IBM in 1982 and has been programming in C since 1985, and in C++ since 1992. Robert is currently a Senior Vulnerability Analyst with the CERT/Coordination Center at the Software Engineering Institute (SEI). He is coauthor of Building Systems from Commercial Components (Addison-Wesley, 2002) and Modernizing Legacy Systems (Addison-Wesley, 2003). The CERT/CC, among other security-related activities, regularly analyzes software vulnerability reports and assesses the risk to the Internet and other critical infrastructure.

Daniel Plakosh is a senior member of the technical staff in the COTS-Based Systems initiative at the SEI. Prior to joining the SEI, he was the lead software engineer for the Systems Engineering Department at the Naval Surface Warfare Center (NSWCDD).

Grace A. Lewis is a member of the technical staff at the SEI. Before joining the SEI, she was Chief of Systems Development for Icesi University in Cali, Colombia.

See all Editorial Reviews

Product Details

• Paperback: 352 pages
• Publisher: Addison-Wesley Professional; 1 edition (February 23, 2003)
• Language: English
• ISBN-10: 0321118847
• ISBN-13: 978-0321118844
• Product Dimensions: 9.3 x 6.3 x 0.6 inches
• Shipping Weight: 1.1 pounds (View shipping rates and policies)
• Average Customer Review: 4.7 out of 5 stars  See all reviews (3 customer reviews)
• Amazon Best Sellers Rank: #484,585 in Books (See Top 100 in Books)

More About the Author

Robert C. Seacord is a computer scientist, computer security specialist, and writer. He is the author of books on computer security, legacy system modernization, and component-based software engineering. He has a Bachelor in computer science from Rensselaer Polytechnic Institute.

Robert C. Seacord manages the Secure Coding Initiative at CERT, located in Carnegie Mellon's Software Engineering Institute (SEI) in Pittsburgh, PA. CERT, among other security related activities, regularly analyzes software vulnerability reports and assesses the risk to the Internet and other critical infrastructure. Robert is an adjunct professor in the Carnegie Mellon University School of Computer Science and in the Information Networking Institute.

Robert started programming professionally for IBM in 1982, working in communications and operating system software, processor development, and software engineering. Robert also has worked at the X Consortium, where he developed and maintained code for the Common Desktop Environment and the X Window System.

Customer Reviews

Most Helpful Customer Reviews

11 of 11 people found the following review helpful:

5.0 out of 5 stars A Legacy Migration Classic, July 22, 2003

By 

Susan Siegler (Columbia, MD) - See all my reviews

This review is from: Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices (Paperback)

If you have ever had the task of migrating legacy code and data to a new system you know how complex that task can be. "Modernizing Legacy Systems" covers all the bases of migrating a legacy system in wonderful detail without being overly wordy or obscure. System and software engineers will recognize and appreciate the fact that this book bases its advice on real world experience - the kind you get only from working on complex projects.

A well-defined plan of migration is presented early on for a complex retail supply system migration. Each phase of the plan is presented and explained in detail - covering both management and development perspectives equally well. For those of us who spend our days in a developer's world, the additional information on managing the migration effort contributes the right mix of information for what we are tasked to accomplish. I appreciated the technical specifics that were included throughout (i.e., utilizing Enterprise Java Beans) so that I didn't need to use my imagination as to how this plan would fit into my current project. Everything you need to know about legacy migration and then some is covered in this book. I knew that when I started to agree with what I was reading (aka Been There Done That) and could relate what was in the book to my own experience that I had found a winner.

This book is a good read and a great reference guide to help you get through a large, complex legacy migration. When you finally finish the book, take another look to capture all the detail you missed on your first read-through.

7 of 7 people found the following review helpful:

4.0 out of 5 stars Excellent Overview, February 18, 2004

By 

Eric J Naiburg (Westford, MA) - See all my reviews

This review is from: Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices (Paperback)

This book describes the process and technologies involved in updating a legacy system. Chapters 1 through 4 do a very good job of describing the problems inherent in working with legacy systems, which the authors define simply as having "code that was written yesterday." I couldn't agree more with their perspective. Once code is written, it needs to be maintained, updated, and managed, whether it is COBOL, Fortran, PowerBuilder or Java; all code becomes legacy code once it is written.

Early in the book, the authors present a Unified Modeling Language (UML) activity diagram to describe their proposed process for updating legacy systems. They then open each chapter by depicting where they are in the process -- from Portfolio analysis completed (modernization candidates selected) to Modernization plan defined. The book defines ten main steps and two checkpoints for completing this process, including decision points to determine whether modernization is the correct choice.

To describe the process in detail, the authors follow a legacy system modernization project over the course of the book. As process experts from the Software Engineering Institute (SEI), they consulted on this project, which was to update and Web-enable a primarily COBOL retail supply system. The case study helps readers understand the flow of the process the authors recommend and brings reality to their suggestions, although at times they abandon the "story" and go into overly minute detail, discussing every process option they could have chosen. I would have liked them to focus more deeply on the option they did choose, and to discuss at greater length how to be successful with that option (or any other). A good example of this is the discussion in Chapter 4 around requirements. The authors do a good job of describing where to get requirements from, but never discuss good processes and techniques for gathering those requirements. In most situations I have been involved in around requirements, knowing where to go wasn't much of a challenge, but knowing how to elicit them was.

The book does a good job of describing the different technologies the project used as well as others available for modernization efforts -- Java/J2EE, Web Services, wrapper code, and different packaged systems -- providing an overview of each technology as well as customized ways to write integrations from the legacy systems to modern ones. They discuss screen scrape technologies as well as screen rewrites, but focus mainly on modernizing the software. This was a little disappointing: Based on the title, I expected to see discussions of all the hardware, software, development processes and additional technologies involved in modernizing systems.

Overall, however, I learned a lot from the book, and it confirmed many of my beliefs about the importance of modernizing legacy systems and the best approaches to use. The authors provided good strategies for understanding systems that are already in place starting with the workflow they follow throughout the book. They then go into examples which include modeling, requirements management and the process they followed. What was a bit lacking is the actual process for implementation. The book focuses primarily on understanding what you have, designing for change, and planning how to get where you want to go, but it doesn't go far enough into what you actually have to do to get there. I would recommend this book for people who need a better understanding of the processes and technology decisions you must make made when building software systems. For most of us in the industry, no matter what we are working on, there's probably a legacy system involved in some way.

7 of 7 people found the following review helpful:

5.0 out of 5 stars Methodical Resolution of Pivotal Issues, April 22, 2003

By 

Dennis B. Mulcare (Ellijay, GA United States) - See all my reviews

This review is from: Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices (Paperback)

Addressing a timely and vital topic, 'Modernizing Legacy Systems' is an excellent book from the standpoints of both content and presentation. The advocated approach, which is termed the Risk-Managed Modernization (RMM) Approach, is synopsized on page 28 in UML activity diagram form. The exposition in the subsequent chapters is keyed to corresponding activities in this diagram. This key makes it quite easy to situate and interrelate the coverage of the respective chapters in the context of the RMM Approach. I found this recurring orientation feature to be very helpful in understanding and integrating the book's content.

The book describes, rationalizes, and selectively illustrates the RMM Approach, where the continued availability of the legacy system capabilities is necessary over the sequence of modernization increments. While the approach is illustrated through an incremental transformation of a legacy COBOL-based system to a Java-based derivative, the RMM Approach is nevertheless applicable to other modernization problems or technologies. Moreover, the book does an exceptionally good job of interweaving explanations with examples. These examples are modest but salient and revealing, thereby avoiding unwarranted detail or distractions.

The advocated approach is at once both architecture-centric and component-centric. Architecture centricity captures and sustains a rather specific vision of the as-desired system, and the associated target architecture provides a stable reference over the various modernization activities. Component centricity enables the identification, analysis, grouping, and ultimate realization of system elements that are allocated to the respective modernization increments. Overall then, the target architecture establishes the initial and termination points of a modernization project, and the componentization installments determine the actual redevelopment trajectory connecting the project end points.

For me, the most intriguing, innovative, and vital parts of the approach appear under the RMM activities labeled Define Modernization Strategy and Reconcile Strategy with Stakeholder Needs (Chapters 13-15 and Chapter 16, respectively). Basically, the modernization strategy provides a systematic approach to delineating, analyzing, and grouping modernization elements through an examination of the legacy system implementation, subject to project constraints and certain prior higher-level technical decisions. Then, the finalization of element groupings into sequential increments is determined using programmatic preferences of the various stakeholders. This two-stage definition of modernization increments is driven prominently by cost and risk considerations, as well as by programmatic and technical factors. Ultimately, the designated increments establish waypoints on the aforementioned redevelopment trajectory, thereby identifying interim architectural configurations that facilitate closure on the target architecture, while simultaneously maintaining user capabilities during the modernization effort.

In all, 'Modernizing Legacy Systems' is a readable, coherent, illuminating, and surprisingly broad treatment of a vital topic. Hopefully, the RMM Approach or variants thereof will see widespread use in industry, thereby exploiting "a systematic and fact-based method that avoids arbitrary, intuitive decision making..."