Page tree
Skip to end of metadata
Go to start of metadata
Problem Description

This page will help you to solve problems related to performance issues that may occur during the Run Data Flow, Run J2EE/.NET Data Flow sub steps.

For references on the expected performance of Security Analysis please refer to  Enable User Input Security checks

Applicable in CAST Version
Observed on RDBMS



Action Plan

Perform below action plan

  1. Open the SecurityAnalyzer log and understand where performance issue occurs. After initial configuration and verification of castil files, the actual QR process is launched in different steps.
    1. Search for Process Flow and Tested information messages to get the step and number of entry points for each step. You will get something simillar to:
       Line 149969: 2020-06-03 17:17:21,999 [1] INFO    !!!Process flaw 7 of 23: SQL injection & Second order SQL injection
       Line 155283: 2020-06-04 14:52:55,399 [1] INFO    !!!Tested= 5276/5276 entrypoints, Found= 0+0 flaws, Distinct=0+0
    2. Checking the timestep differences for each step in comparison to the previous one you can understand which search(es) is/are problematic and cause performance degradation
    3. Focusing on the specific search/step check the delta  timestamp of specific targets like in example:
      2020-06-03 19:48:45,947 [1] DEBUG Analyzed target: 824/5276. Found=0+0, Distinct=0+0. Steps=15001 (>Limit). Arg 0 of line 04: callstatic v73<v47.Remove(v48)  // [System.Data]System.Data.DataColumnCollection.Remove([mscorlib]System.String)  // C:\Program Files\Cast\AipNode\data\deploy\Sample_Project_Cast_Analysis_2\main_sources\AppModule\ExcelMigration(Latest)\IOServiceCost ModelTemplate\BusinessLayer\CommonMethodsBL.cs (1632,21)->(1632,47)
      line 863 : 
      2020-06-04 08:48:19,433 [1] DEBUG Analyzed target: 825/5276. Found=0+0, Distinct=0+0. Steps=15001 (>Limit). Arg 0 of line 05: callstatic v74<v38.Remove(v39)  // [System.Data]System.Data.DataColumnCollection.Remove([mscorlib]System.String)  // C:\Program Files\Cast\AipNode\data\deploy\Sample_Project_Cast_Analysis_2\main_sources\AppModule\ExcelMigration(Latest)\IOServiceCost ModelTemplate\BusinessLayer\CommonMethodsBL.cs (1588,25)→(1588,57
      1. Any search that takes >2entrypoints/second is not normal and you should go to last step
      2. Else the performance is expected and huge due to number of Java files and/or Entry points for the specific Search. In that case if the performance is not acceptable follow guidelines in User Input Security - Advanced configuration to improve performance
  2. If the snapshot performance is not expected contact CAST Technical Support  with the following Relevant input.

Relevant input



  • No labels