A recent report on the National Public Radio program “All Things Considered” aired a report entitled, “U.S. Chief Information Officer Seeks To Upgrade Government’s Computers,” by Brian Naylor. This was another “get rid of the mainframe” report that contains numerous biases and factual errors. You can listen to the report or read the transcript here.
Talk of “modernization” of mainframe systems is often code for redesigning mainframe-based applications and implementing them to run on Windows, or less frequently, on Unix or Linux. None of these systems can match the security capabilities of modern mainframe operating systems. Furthermore, mainframes are simpler to administer, use less power, require less floor space and cooling, and have a lower total cost of ownership than these other systems.
But there is also another perspective of modernizing the mainframe, taken up by progressive mainframe software companies that understand the power, reliability and securabilty of the platform. This call to mainstream the mainframe entails bringing the mainframe, its culture, tools and processes, up to speed with the rest of IT. If we look at the history of the mainframe and the position it holds today in global enterprises as well as governments, it’s clear this modernization has already been proven feasible and is indeed underway.
What Makes the Mainframe Modern?
The suggestion that mainframes are old technology is simply inaccurate. Since the System/360 was introduced in 1964, there have been no less than 18 generations, each with major advances over the previous generation. Over the last couple of decades, a new generation has been introduced about every two years.
Every new generation is fully compatible with the previous generations, allowing applications to continue to run unmodified. Because of this, applications only need to be modified or rewritten to meet new business requirements, not because of processor upgrades. Having old applications running on the mainframe is proof of its ingenuity, but detractors often cite this as a disadvantage of the platform!
The modern IBM z13 processor has unparalleled reliability, serviceability, scalability and throughput. It can support thousands of concurrent users, process thousands of transactions per second and simultaneously access thousands of disk drives for instant access to huge data bases. When connected in an industry-leading geographically dispersed Parallel Sysplex, it can provide continuous operation and survive major disasters.
The hardware constantly monitors itself, checking for errors. In the rare event that an error occurs, the hardware uses built-in redundancy to correct the error without losing any data, and notifies IBM that a repair is needed. That repair can usually be accomplished with no downtime.
A z13 mainframe can be configured with up to 10 terabytes of main memory, with the most sophisticated error detection and correction of any computer. It uses the second fastest processor chips in the industry, with a slightly lower clock rate than the previous generation zEC12. Despite the lower clock rate the z13 processor is faster than the zEC12 processor, due to its more sophisticated design, with nearly four billion transistors on a chip that contains eight processors.
The z13 has up to 141 processors, which are free to perform computing and data processing operations. When the processors initiate Input/Output operations, all the work of transferring data to or from main memory is performed by the channels. There are up to 320 channels, each of which can transfer up to 16 gigabytes per second and has two PowerPC processors dedicated to it to do its work.
These are all state-of-the-art capabilities, exceeding those of any other platform. IBM has created an excellent 16-minute video describing the advanced technology in the z13.
Don’t Mischaracterize Mainframe Security
In the radio report, mainframes are characterized as old, inflexible and difficult to secure. In fact, modern mainframes are cutting-edge machines with outstanding reliability and security features. IBM first introduced their System Integrity Statement in 1973, and has continued to maintain it.
Characterizing mainframe security as being done through obscurity is simply inaccurate. More than 25 years ago, the MVS operating system coupled with the Resource Access Control Facility (RACF) was the first computing platform to achieve the B1 level of security certification, and the security capabilities have continued to evolve. Security of mainframes is done through capabilities that have been built into the hardware and operating systems for decades, and that have been enhanced as needed. The capability of mainframes to secure applications and data is second to no other system.
Far from the characterization of mainframes as lacking security capability, when the ancestor of today’s modern mainframe was introduced in 1964, the design included privileged instructions, supervisor state, and storage protection keys to isolate workloads and protect the system. Some, but not all, of these facilities are now available on other platforms. Modern mainframes have additional capabilities, including advanced high-speed cryptographic coprocessors.
In sharp contrast to this long history of designing security into mainframe systems, Microsoft has a long history of having very poor security, requiring third-party add-ons. Furthermore, products like Microsoft Word and Excel were designed to allow documents to include code in them. That code then has the ability to take over the computer on which the document is opened. Using this design flaw has been a common method of compromising the security of Windows applications and data.
The fact that many applications were programmed using COBOL is given far more attention than it is due. COBOL is just a programming language, and though it may not be as “sexy” as newer languages like Java, Python and others, it has stood the test of time, and that is an advantage, not a flaw. To characterize COBOL as having been “developed in the ’50s and ’60s” is misleading. The language continues to grow, and today’s COBOL bears no more similarity to the COBOL of the ’50s and ’60s than today’s mainframes do to their ancestor that was introduced in 1964.
Characterizing today’s mainframes as being decades old is a little like characterizing the car that you drive as being over a century old. Sure, their ancestors are, but they have not stood still. There have been continuous advancements over all those years, the same is true of mainframes.
Photo: Flickr:Thomas Hawk