Strangler-fig migration
Extract bounded contexts one at a time, cut over gradually behind a routing layer, and keep rollback available at every step. The legacy system stays live throughout the programme.
Services
Modernise legacy applications without the rip-and-replace risk. YuSMP Group migrates business-critical systems through the strangler-fig pattern — incremental microservice extraction, framework upgrades, and cloud migration that keep production running throughout. Typical wins: COBOL and Delphi to Java or .NET, PHP to Node, monoliths to microservices, on-prem to AWS, Azure, or GCP, and .NET Framework to .NET 8. Compliance is baked in: GDPR-aligned, ISO 27001 ready, SOC 2 Type II in progress, HIPAA-capable.
GDPR-aligned · ISO 27001 ready · SOC 2 Type II in progress · HIPAA-capable · PCI DSS scope on request · CET workday with 9 AM–1 PM ET overlap
Most modernisation projects fail when teams attempt full rewrites — scope balloons, the roadmap freezes, and the business loses patience long before the new system is ready. We default to strangler-fig refactoring instead: extracting bounded contexts into microservices, then migrating capabilities one by one behind a routing layer. The legacy system stays in production the whole way through. Our approach is architecture-first: a read-only discovery phase maps the existing system and its dependencies, a migration plan quantifies risk and sequences phases, and incremental cutover includes rollback at every step. Reference modernisations span manufacturing (REHAU), industrial systems (CheckList), and operational platforms (xRouten). See it in practice in our Refactoring xRouten case study. When the brief is broader strategic change rather than codebase work, our digital transformation consulting leads that engagement.
Extract bounded contexts one at a time, cut over gradually behind a routing layer, and keep rollback available at every step. The legacy system stays live throughout the programme.
.NET Framework 4.x to .NET 8, Java 8 to Java 21 on Spring Boot, PHP 5/7 to PHP 8, AngularJS and Knockout to React or Vue. In-place upgrades when ROI beats refactoring.
Only where ROI justifies it. We will tell you when a tidy modular monolith is the better answer — microservices add operational cost and only pay back at real scale.
Lift-and-shift, replatform, or refactor on AWS, Azure, or GCP. We pick the right pattern per workload — not a one-size-fits-all blanket migration that wastes the cloud bill.
Oracle to PostgreSQL, on-prem SQL Server to managed Azure SQL or RDS, mainframe DB2 to cloud-native stores. Change data capture, dual-run, and reconciliation built in.
jQuery, Knockout, and AngularJS to React, Vue, or Next.js. Design system extraction, micro-frontend boundaries, and SSR where it earns its keep on Core Web Vitals.
Legacy modernisation earns its budget when the cost of standing still starts to outweigh the cost of change. These are the triggers we see most often before a programme starts.
The runtime, framework, or database is out of vendor support and no longer receiving security patches — every unpatched CVE is now an audit finding and a breach waiting to happen.
Hiring for COBOL, Delphi, VB6, classic ASP, or a decade-old .NET Framework build has become slow and expensive, and institutional knowledge walks out the door with each retirement.
The monolith buckles under peak load, cannot scale horizontally, and the on-prem hardware or oversized always-on cloud bill keeps climbing while throughput does not.
Shipping any new feature takes months because the codebase is too fragile to touch, and GDPR, SOC 2, HIPAA, or PCI DSS obligations are hard to satisfy on the legacy architecture.
Architecture mapping, dependency graph, hot-path tracing, and risk scoring across modules and data flows. No code changes — we only read, profile, and document the system as it actually runs.
A strangler-fig roadmap with quantified migration phases, dependency sequencing, rollback strategy, and budget envelopes per phase. You approve the plan before a single line of new code is written.
Incremental cutover by bounded context with weekly demos, dual-run validation, and reconciliation jobs. Each phase ships a real capability to production behind feature flags, not a slideware milestone.
SRE practices, observability with OpenTelemetry and Datadog, error-budget policies, and orderly deprecation of legacy paths once the new system has proven itself in production for at least one quarter.
4–6 weeks. Architecture audit, dependency graph, risk scoring, and a phased modernisation plan with quantified budgets. Deliverable you can take to any vendor — not just us.
Default model for the migration itself. Monthly invoicing per role and seniority, full visibility on hours and capacity, scope flexes as bounded contexts reveal their true shape.
For long-running multi-year programmes. A persistent squad — backend, frontend, DBA, DevOps, delivery lead — owns the modernisation roadmap alongside your in-house engineers.
We do not quote a legacy modernisation off a template, because the number is driven by system size, data risk, and compliance scope. What we can publish up front is the shape of the engagement and the schedule, so you can budget before the first call. Discovery is a fixed-price phase; the migration runs on time-and-materials against an approved, phased plan.
Four-to-six week fixed-price phase. Read-only architecture mapping, dependency graph, risk register and a strangler-fig roadmap with phase-level budget envelopes. A deliverable you can take to any vendor — not just us.
Typically 9–18 months for a 200–400 KLOC monolith, billed time-and-materials. Bounded contexts cut over one at a time in 2–3 month phases, each ending in a demoable production release — not a big-bang cutover.
For multi-year mainframe and COBOL programmes. A persistent squad — backend, frontend, DBA, DevOps, delivery lead — owns the roadmap alongside your in-house engineers on transparent monthly invoicing.
What moves the number: the system size and coupling (KLOC, number of bounded contexts, how tangled the dependency graph is); the data-migration risk (change data capture, dual-run parity windows and reconciliation are the highest-risk workstream); the compliance scope (GDPR data residency, SOC 2, HIPAA or PCI DSS controls carried through the cutover); the target platform (in-place framework upgrade versus microservices on AWS, Azure or GCP); and the engagement model (fixed-price discovery, time-and-materials migration, or a long-running dedicated squad).
Android + iOS refactor and rebuild for a German last-mile logistics operator — multi-point route planning, real-time driver tracking and in-app invoicing live in the EU.
Offline-first ecosystem replacing paper journals for reactor process control — Android, admin, controller dashboard.
B2B e-commerce and product configurator for a global polymer manufacturer with multi-region pricing, stock and dealer workflows.
The hard part of a modernisation lives in a sector's regulatory and integration detail, not in a generic playbook. We modernise where compliance risk and legacy complexity are the real constraint.
Core banking, payments and lending platforms modernised inside PCI DSS scope, with dual-run reconciliation so no transaction is lost during cutover.
HIPAA-capable modernisation with a BAA in place, EU data residency and audit-ready logging for regulated clinical and patient systems.
Process-control and B2B commerce systems replatformed for a global manufacturer — see our REHAU and offline-first CheckList builds.
Route planning, tracking and invoicing platforms refactored without stopping operations, as in our EU last-mile xRouten rebuild.
GDPR-aligned · ISO 27001 ready · SOC 2 Type II in progress · HIPAA-capable · PCI DSS scope-ready · CCPA-acknowledged
We do not pitch big-bang rewrites. The default is incremental strangler-fig migration with the legacy system live throughout — lower risk, faster ROI, no roadmap freeze.
Discovery deliverable includes a risk register, dependency graph, and phase-level budget envelopes. You approve the plan with numbers, not vibes, before migration starts.
GDPR, SOC 2, HIPAA, and PCI DSS scope considered from day one. EU data residency, US options on request, audit-ready logs, encrypted endpoints, and DPAs available.
For payments, lending, and healthcare modernisations we work inside your existing compliance scope — PCI DSS QSA, HIPAA Business Associate, or HITRUST — without disrupting certification.
The legacy Android app had years of accumulated debt and no iOS counterpart. YuSMP refactored the existing code, shipped the iOS version, and added live driver tracking and in-app invoicing — all without stopping daily operations for our drivers.
Our iOS and Android apps had diverged over years of separate development. YuSMP rebuilt a single unified solution with live camera feeds, smart-home device control, and role-based multi-user access. Zero critical defects in the first six months post-launch.
In most cases, modernise. Full rewrites fail at a rate well above 50% because they freeze the roadmap, multiply scope, and force a single high-risk cutover. We default to the strangler-fig pattern: keep the legacy system running, route new traffic to extracted microservices one bounded context at a time, and retire legacy code only after the new path is proven in production. A rewrite is justified only when the legacy stack is unmaintainable, no engineers remain, or compliance forces it — and even then we phase it.
Strangler-fig is an incremental refactoring pattern: a routing layer sits in front of the legacy system and gradually redirects requests for specific capabilities to new microservices. The legacy code keeps running for everything not yet migrated. Each bounded context — orders, billing, identity — is extracted, deployed, dual-run for validation, then cut over. Rollback is a routing change, not a redeploy. Over months the new system “strangles” the old one until the legacy app can be safely deprecated.
Discovery and migration plan run 4–6 weeks. The migration itself depends on system size and risk appetite: a mid-size .NET Framework or PHP monolith with 200–400 KLOC typically lands in 9–18 months of incremental cutover. Mainframe and COBOL programmes run multi-year by design. We work in 2–3 month phases with a demoable cutover at the end of each phase, so business value lands continuously instead of waiting for a big-bang release.
Yes, that is the point of strangler-fig. The legacy system stays in production throughout. Traffic shifts behind a routing layer (API gateway, reverse proxy, or feature flag) as each bounded context comes online. We dual-run the old and new paths, compare outputs, and only flip the canonical write once parity is confirmed. Maintenance windows are limited to database cutovers and are usually under one hour, scheduled with your operations team.
Yes. We have shipped modernisations across .NET Framework 4.x to .NET 8, Java 8 to Java 21 on Spring Boot, PHP 5/7 to PHP 8 and Node.js, Delphi/Pascal to C# and TypeScript, Oracle Forms and PL/SQL to PostgreSQL with Node or Java services, classic ASP and VB6 to modern web stacks, and AngularJS/Knockout/jQuery to React, Vue, or Next.js. COBOL and mainframe workloads are handled in partnership with specialist re-hosting vendors when needed.
Data is the highest-risk part of any modernisation, so we treat it as a first-class workstream. We start with change data capture (Debezium, native log shipping, or vendor CDC) to keep new and old stores in sync. During dual-run, writes go to both systems and a reconciliation job flags divergence inside one hour. We freeze the legacy write path only after a parity window — typically 2–4 weeks — and keep the legacy database as a read-only fallback for 90 days after cutover.
Practical guides on legacy modernization, microservices migration, and enterprise strategy.
Share a few details and a senior consultant will reply within one business day.