When Legacy Has No Source Code: How AI and Human Engineering Recover Black-Box Applications

They run critical operations, yet no one can fully explain how they work. Source code is missing. Documentation is gone or never existed. The people who built the application have moved on. What remains is a black-box system that the business still depends on.

These are the highest-anxiety modernization scenarios because the risk is not theoretical. An undocumented application tied to plant operations, claims processing, payments or core back-office workflows can become a business continuity issue long before it becomes a transformation program. Leaders are left with an uncomfortable choice: keep relying on a system no one understands, or attempt a rewrite without a dependable picture of what must be preserved.

This is exactly where AI-assisted modernization can create outsized value—if it is used the right way.

At Publicis Sapient, we use Sapient Slingshot to help enterprises recover, explain and modernize opaque applications with speed and transparency. The objective is not black-box automation. It is to make the legacy system visible again, generate usable engineering artifacts quickly and keep humans in control at every critical step.

The real problem with black-box legacy applications

When legacy systems are undocumented, the challenge goes beyond old technology. The real issue is lost understanding.

Business logic is buried in binaries or aging code. Dependencies are hidden. Data relationships are unclear. Changes become dangerous because teams cannot reliably predict downstream effects. Even small updates can introduce operational risk, especially in environments where the application supports physical operations, regulated processes or customer-facing services.

Traditional modernization approaches struggle here because so much time is spent reconstructing intent before any meaningful transformation can begin. That is why black-box applications often remain untouched for years, accumulating more risk with every delay.

What changes the equation is a faster, more explainable path from unknown system to understood asset.

A proof point: recovering a 24-year-old application in two days

RWE Generation Ltd faced exactly this kind of challenge. A number of aging, undocumented applications were running on outdated technology stacks and supporting power plant operations. One of them, Tube Tracker, was more than 24 years old. It was written in Java, but there was no accessible source code, no documentation and no experts left to maintain it. In that state, the application was not just old. It represented a serious operational risk.

To prove what AI-assisted modernization could do in a real-world rescue scenario, Publicis Sapient and RWE selected Tube Tracker as a test case. The goal was not to produce a flashy demo. It was to show that a critical legacy application with almost no usable engineering context could be revived quickly, transparently and safely.

Using Sapient Slingshot and human engineering oversight, the team modernized the application in two days.

The recovery sequence: from binary artifact to maintainable application

1. Decompile what still exists

When source code is missing, modernization cannot begin with design workshops alone. First, teams need something workable.

In this case, binary files were converted into readable Java source code using open-source AI tools. That decompilation step created the technical starting point for everything that followed. Without it, the application would have remained effectively sealed.

2. Rebuild the application on a modern foundation

The team established a modern development environment using Java 17 and PostgreSQL 16 so the application could run on current systems again. This matters because modernization is not just about reading old logic. It is about restoring the ability to work on the software as a living asset.

3. Refactor for readability and maintainability

Recovered code is rarely clean. It may compile, but it is often hard to follow, inconsistent and costly to extend.

Sapient Slingshot was used to clean up and restructure the legacy codebase. More than 7,000 lines were reduced to roughly 5,000 lines, with improved syntax, clearer naming conventions and unit tests added. The point was not cosmetic improvement. It was to make the application understandable and maintainable by today’s engineers.

4. Extract the business logic

This is where many modernization efforts stall. Converting code is not the same as understanding what the application actually does.

Slingshot analyzed the recovered code to generate entity relationship diagrams and data flow sequences that exposed the application’s core functionality. For RWE, this meant the logic behind Tube Tracker could finally be reviewed in a form humans could validate. A black box started becoming an explainable system.

5. Generate documentation for the next team, not just the current one

AI assistance was used to generate inline documentation and external README files so future developers could understand and extend the codebase more easily. That step turned a fragile rescue into a maintainable foundation.

Why this approach matters

The significance of this work is not simply that one legacy application moved faster. It is that the modernization process remained visible throughout.

At nearly every step, AI was paired with human oversight to ensure quality, clarity and correctness. Engineers validated outputs, refined code, confirmed the logic being extracted and shaped the final artifacts into something the organization could actually trust. That is a fundamentally different model from treating AI as an opaque conversion engine.

For enterprises facing undocumented systems, that distinction matters. Leaders do not just need acceleration. They need evidence. They need to see how logic was recovered, how artifacts were generated and where human judgment was applied. Transparency is what makes speed usable.

What black-box rescue looks like at enterprise scale

The RWE case is a compelling example because it addresses one of the hardest edge cases in modernization: no source code, no documentation, no subject matter experts. But the underlying model extends beyond one application.

Sapient Slingshot supports a broader modernization flow that starts with code-to-spec, moves through spec-to-design and continues into modern code generation, automated testing, deployment readiness and long-term support. In practical terms, that means teams can:

This connected lifecycle is especially valuable when organizations are dealing with multiple inherited systems, scarce SMEs and growing resilience concerns. It creates a repeatable path from opaque application to governed modernization pipeline.

Faster rescue, with humans still in control

The business outcomes in the Tube Tracker effort help explain why this matters. One engineer completed the work in two days versus roughly two weeks of manual effort. Automated code generation delivered 35% to 45% time savings. Test creation and unit test setup saw 30% to 40% efficiency gains. The revived application became deployable, maintainable and suitable for rollout across additional sites.

Just as important, the application was no longer trapped in a fragile state. What had been an inaccessible operational dependency became a living, annotated asset.

That is the real promise of AI-assisted modernization in black-box scenarios. Not automation for its own sake. Not a leap of faith. A faster, more transparent way to recover business-critical systems and return them to engineering control.

For leaders responsible for operational resilience, inherited platforms or undocumented applications that cannot simply be rewritten from scratch, the path forward does not have to begin with guesswork. With the right combination of AI and human engineering, even the most opaque systems can be recovered, explained and modernized with confidence.