|
|
|
It is difficult to determine what a program is doing by looking at the load module. A source program is processed by a compiler or assembler and a linkage editor to put it in a form that the hardware can work with. This machine language version of the program is difficult to read and follow. An expert systems programmer sometimes can recreate the source for a load module, but it requires a tremendous amount of time and effort.
If you do not have the source for a program, you cannot know for certain what the program is doing. Unauthorized code could be hidden in it. However, more often than not, if source code is lost, it is due to inadequate controls rather than any improper intent. The loss is usually discovered when the program abends in production and the programmer tries to find it so he can fix the bug. Even if the lack of source code is discovered while trying to enhance the program, stopping and rewriting the original program generally requires a good deal of programmer time and effort.
You can detect these problems by periodically using the Program Correlation function to detect any load modules without source. Any missing source can be noted and time can be scheduled to recreate the program later in an orderly fashion.
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |