NASA uses AI to guide rovers on Mars, but federal agencies still run key operations on COBOL, a programming language older than the moon landing.
Critical U.S. agencies like the Department of Health and Human Services, Social Security Administration, and Centers for Medicare and Medicaid Services depend on systems built with COBOL and other legacy languages. However, fewer and fewer programmers know how to work with this outdated code.
That means each year brings higher chances of major system breakdowns that could stop benefit payments, expose private citizen data, or create processing delays affecting millions of citizens.
However, because modernizing legacy code can be such a daunting process, many agencies have delayed major upgrade projects, choosing instead to patch problems as they appear. This strategy has created technical debt that grows exponentially over time.
With mounting pressure to improve efficiency, the public sector has a chance to use AI for a critical purpose: system modernization. Agencies can use AI to expedite the modernization of legacy applications with memory-safe code, which was once a slow and challenging process.
The time to start modernization projects is now. AI-powered tools can turn what once took years into a faster path for agencies to eliminate their dependence on COBOL and other outdated languages.
Understanding code refactoring basics
Moving away from COBOL begins with code refactoring — a method that enhances the design and stability of existing code, enabling the secure modernization of legacy code without altering its functionality.
Traditional refactoring methods include inline refactoring, which restructures outdated elements of code, and abstraction, which eliminates repeated code. However, these methods require a significant amount of time, skilled developers who understand legacy languages, and thorough testing to function properly.
While federal agencies recognize that modernization is necessary in the long term, it's challenging to justify spending resources now when the benefits may not be realized for years.
Using AI for code modernization
AI makes the refactoring process achievable. Developers across all industries are adopting this approach: GitLab research found that 34% of organizations already use AI in their software development lifecycle, including for code modernization.
AI tools handle the heavy lifting in refactoring, such as understanding complex legacy code and creating modern code that works the same way. For developers with limited COBOL knowledge, these tools work like translators between old and new programming methods.
After modernizing the code, AI can further improve it by identifying security vulnerabilities, recommending optimizations, and automatically running comprehensive testing. For government agencies with stringent security and compliance requirements, this automated hardening of codebases eliminates a major modernization barrier, reducing the modernization timeline from years to months.
Building software for tomorrow
While addressing the challenges associated with legacy code is important, forward-thinking government agencies must also adopt modern development practices that avoid creating future technical debt. A DevSecOps platform lets developers quickly build software with AI help and security built into every line of code.
With a comprehensive platform, AI works as both a speed booster and protector. Tools like AI-powered code suggestions can incorporate federal compliance rules and generate secure, optimized code that meets government standards from day one. Meanwhile, vulnerability scanning finds and fixes potential security issues before deployment. This shift allows developers to focus on high-value work that requires human skills instead of routine coding tasks.
The collaborative aspects of AI go beyond code creation to improve team collaboration. By summarizing code review comments, identifying potential integration problems, and tracking compliance requirements, AI tools streamline communication between distributed development teams.
In addition, security becomes an ongoing, integrated process instead of a checkpoint at project completion. AI-powered vulnerability detection doesn't just find risks faster — it explains them in the context of federal security requirements, suggests specific fixes, and learns from each project to improve future development.
The federal government has made real progress using technology to serve citizens and protect national security. By embracing AI-powered modernization for both legacy systems and new development, agencies can break free from the expensive cycle of managing old technical debt while building more responsive, secure, and adaptable digital infrastructure.
Next steps
AI-powered efficiency: Modernizing government in 2025
Learn how AI accelerates workflows and maximizes productivity, enabling government agencies to maintain service delivery despite reduced headcount.
Read the guideLearn how AI accelerates workflows and maximizes productivity, enabling government agencies to maintain service delivery despite reduced headcount.
Frequently asked questions
Key takeaways
- Federal agencies spend hundreds of millions of dollars annually maintaining legacy systems, creating security risks and operational inefficiencies.
- AI-powered refactoring tools can modernize legacy government code in months instead of years, translating outdated code into secure, compliant modern applications.
- Modern AI-native DevSecOps platforms prevent future technical debt by building security and compliance into new code from day one, breaking the expensive maintenance cycle.