Application Understanding for Java (AU4J)
Modernizing JEE applications
Brownfield investment in community development means the reuse of pre-existing abandoned industrial, commercial or agricultural facilities.
In IT, brownfield investment aims to maintain and further develop an old code basis.
The problem here is not the complexity of new functions or that of the environment. It is rather the lack of a thorough understanding of the operating system from both business and IT point-of-view. Both the experts in this field and the authors of the genuine code would be required. However, they are hardly or not at all availabe.
Application Understanding for Java (AU4J) is an application designed for the solution of the above problem.
Nowadays, numerous excellent tools are at the disposal of developers to support the mapping and recovering of the code. They are built from top to bottom to follow the control structure of the programme. However, the control structure is hard to follow and can become complicated and cofused in a short time.
As a contrast, the Allication Understanding for Java (AU4J) applies a completely different and new approach.
Here the focus is not on the control, it is rather on the data with changing the direction of the analysis:
This code extract opens up the way to a comprehensive refactor that relies on a new system shell and new architecture.
- It identifies the output endpoint where persistant data are created, e.g. a new record in a database table of file.
Then, proceeding from behind to back, it finds those frangments of codes that lead to the output endcode and participate or can participate in producing persistant data. In the meantime, the complexity of system shell and architecture is terminated, and the resulting code called flow comprises the busines logic only.
Fuctions of Application Understanding for Java (AU4J)
Scanning, comprehensive examination and analysis of the application on the basis of the source code.
Following the analysis, the hierarchy of the modules of the application is shown in a tree format.
All the codes to the methods of the examined application is listed in a way to triger the given method.
Code elements not used in the application are identified. The recursive algorithm also filters out codes called not used code elements.
The list of application entities are displayed. The structure of the relating entities can be opened on the list next to each other.
All the named and in-line query of the application is listed. Both the JPQL and the SQL generated from it is displayed.
It is often reqired by operators to find the source of SQL command read from the diary. Based on the SQL, this function identifies and returns the command of query, and with a click it displays the entire code of the method.
The name of the function stems from a medical diagnostic procedure called angiography. It shows by endpoints the relating code elements. In case of output endpoint, it paints the codes (selected colour) participating in producing them, whereas, in case of input endpoint, the codes that participate in the processing are painted.
AU4J is connected to the version handling software storing the source code. In case of source code modification, the sofware indicates to the commit identifier, wich user functions (user cases) are to be tested, insteaf of the entire regressional testing of the modifies application. Applying this function will save meaningful resources for both operators and developers.
AU4J provides important answers in security related questions. Security experts and decent hackers point to the vulnerable points of the system, if any. In other words, they signal the PRICE of a potential break-in. However, they have no information either on the VALUE that can be gained from a break-in or the demage to suffer. Only the specialists of this field can tell. In case the value is attached to the database by the relevant specialty, AU4J will display such entry points. In other words, it will show quantitatively to wthat extent the individual entry points are critical from security point of view.
Whos is this application developed for
Application Understanding for Java is a useful tool for
- system operator IT experts,
- software developers and system analysts responsible for system support,
- experts planning to further develope or modify systems and
- business and professional system users.
It is designed to uniquely demonstrate that an integral application
- how can be devided into independent modules or micro services;
- what kind of dead codes contains;
- examines the impact of a modification (correction or new development) on security, and instead of a full regressional test, which use cases are sufficient to examine;
- significantly expedites the identification of errors in the course of operation;
- can grade the application entry points in respect of the potential size of demage that can be caused through them, and can indicate to what extend the entry points are critical from security point of view.
Development of Application Understanding for Java
The methods and algorithms of AU4J rely on similar applications developed earlier for COBOL, RPG and Natural programme laguages. The AU4J project aims to incorporate the accumulated knowledge in Java programme language as well.
The project will be implemented in the frame of Funding to Micro and Small Enterprises for Innovation Activities under No. 2018-1.1.1-MKI-2018-00148. The completion date of the project is November 30, 2019. However, we are planning to further develop the product on a continuous basis.