Corporate Vision May 2017

14 CORPORATE VISION / May 2017 , respectful and intellectually stimulating environment for the entire TSRI team. “The people with whom I work are the engine driving the TSRI mission. The value and excellence TSRI can provide to the companies and people we work with, and the never- ending stream of challenges this provides are a powerful source of motivation Philip also offered more thoughts on his own role at TSRI. “At this point, my key role, which is largely defined by my greatest challenge and the opportunities it provides, is chaperoning a seamless transition of TSRI from its roots as a small innovative technical organisation, to the process-driven medium-sized technical products and services organisation it has become. In support of that role, I continue to communicate the company and technology vision of leading the software transformation industry and enabling migration of legacy applications to modernised software implementation on the application platforms of the future.” “I’ve been CEO of TSRI off and on since founding the firm in 1995. I enjoy creative computer science more than executive management, but I found the leadership needs of a company with as highly complex an IP portfolio as TSRI has are too demanding to outsource on a sustained basis. Fewer than 30% of small businesses survive more than 10 years and less than 1% of small businesses with more than $5M in revenues exceed 40% growth on a sustained basis. I aspire to ensure that TSRI beats the survival statistics and thrives - and to do so, it’s my opinion the chief executive must have a solid understanding of the company’s core technology - and a sound business model.” Industry trends In terms of keeping up with industry trends, it is worth pointing out that TSRI’s core business involves taking the technologies from 10, 20, 30, or 40 years ago, and bringing them into modern technologies, or even future state technologies. TSRI hears from customers on a regular basis as pertains to their desired languages and architectures. Some of the specific industry trends that TSRI sees are the increasing need for capabilities in cybersecurity, and the increasing interest in microservices-based architectures. Philip offered us his thoughts on cybersecurity. “The recent successful and attempted attacks on critical government legacy information systems at the Office of Personal Management and the IRS have provided a stark reminder of just how vulnerable older systems are. Commercial systems are not immune to criminal agencies either, and in fact, may have more to lose in the near term in lost revenue, IP theft, negative branding, and lingering scandal than government entities may. Sony, Anthem, Banner Health, Home Depot and many others can testify to this fact.” “Cybersecurity advances try to keep pace with prevention of these attacks. However, while there are many security benefits and cybersecurity tools for applications written in modern languages like Java and C#, legacy systems (COBOL, Assembly, PowerBuilder, Ada, Fortran, etc.) suffer from many vulnerabilities inherent to the limitations of the languages they are written in. And this isn’t just a logical conclusion – the relative vulnerability of legacy languages operating in modern environments is a severe enough problem that it’s actually already been pretty well documented in independent academic research. TSRI’s model-based transform- ation approach offers a unique and effective solution for many of the common security flaws present in legacy systems. Here are a few ways in which TSRI have used automated modernisation to enhance cyber-security for their clients and partners. • Moving to modern languages protects TSRI’s clients by removing the ability for cyber-criminals to leverage decades of experience and tools-development designed to exploit older languages; • Automated modernisation can move systems from weakly-typed to strongly- typed languages. This removes vulnerabilities associated with non-explicitly called data types; • Using information from code scanners like Fortify, SONAR, CAST, or other tools, model-based refactoring uses automation to remediate defects and flaws detected in the application code; • Modernised applications take advantage of the newest security and authentication procedures, e.g. LDAP; • When code-level defects are identified in new attacks, automated refactoring can be used to enact rapid, pattern-based, systematic modification in modern languages like Java and C# to eliminate vulnerabilities; • Detailed system docum- entation, produced auto- matically, allows developers to quickly identify flaws; • Many legacy systems fail to document changes made over time, leaving them vulnerable to systemic weaknesses, gaps for malware, and Advanced Persistent Threats. Automated modernisation exposes those gaps and removes dead code; • Many malware attacks and APTs rely on inactive code to hide from antivirus scans, e.g. the malware discovered in US power systems across the east coast. Automated removal of this code eliminates these hiding spots; • Many legacy systems are irreplaceable mission-critical systems with highly sensitive data—and represent a large risk and tempting target. Legacy transformation facilitating modern securitisation better protects these mission-critical systems and; • In addition to code modernisation, automated refactoring can be used to alter the architecture to avoid design flaws that attackers may exploit. TSRI’s model- based transformation tools support this. Philip then went on to say, “Microservices architectures are also a major new area of interest for TSRI’s current customers. TSRI’s automated refactoring capabilities allow us to make pattern based changes to applications allowing our customers to completely re- architect their systems to take advantage of new advances in computing trends and technologies.” In terms of Philip’s future aspirations for TSRI, he underlined that automated legacy system modernisation is finally starting to take off as an industry, yet it is still only a very small one. “There are fewer than 10 suppliers of automated IT modernisation services and most have fewer than 20 employees and revenues of less than $5 million a year. But, we are seeing an explosion of opportunities. TSRI’s business pipeline and market demand is very strong and we are positioning ourselves to achieve sustained 100% revenue growth per year for the next five years” Philip concluded by sharing his thoughts on US federal government IT spending in the US with us, including how TSRI is taking steps to reduce these costs. “Today the US federal government spends more than $90 billion/year on IT. At least 80% of this expenditure, and in fact 80% of all IT expenditures go to sustain and maintain legacy systems. Independent studies have shown that 60% to 80% of the O&M costs of legacy software can be reduced per annum.” “TSRI strives to bring the cost of modernising legacy systems to a tiny fraction of this IT spending. We’re actually confident enough in our ability to deliver value, that for the vast majority of projects we involve ourselves in, we estimate the ROI to modernise will be recaptured by our partners