Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

By default, only Business Criteria that are categorised as Health Measures will be displayed in the dashboard. All other Business Criteria that are NOT Health Measures will not be displayed. You can override this behaviour, to display ALL top-level Business Criteria if required - see Engineering Dashboard wide json configuration options in json from the CAST AIP documentation.

...

Info

Note that when there are many violations to display, a "Show More" button will be available:

By default, only 10 violations are displayed to improve performance. You can choose to display more using the various options (+10, +100 etc.). By default an upper maximum of 5000 violations is set when the "All" option is clicked. You can change the upper maximum if required (see the violationsCount option in Dashboard wide configuration options in json from the CAST AIP documentation).

...

Select an object in the list of violations to view its source code. In order to focus investigation, source code displayed presents either:

...

  • the object in violation
  • or the violation details when available (e.g. bookmarks, paths).
  • Whenever a piece of code is made available, the View File button (seen in the example below) provides the ability to open the entire source code file to get the entire context. The file is opened in a separate browser window. The entire source code is presented plus some context (application name, snapshot reference, file name).

    The Rule name is also highlighted using colour (yellow for a standard Rule (as shown below), and red for critical):

    ...

    If a "copy/pasted" Rule has been selected (for example Avoid Too Many Copy/Pasted Artifacts), a list of objects that have a high level of similarity with the selected objects will be listed:

    ...

    ColumnExplanation

    Option to add/remove the violation from the Action Plan or the Scheduled Exclusion List (see Security Dashboard - Action Plan for more information). Note that to interact with the Action Plan/Scheduled List, your user login must have the role QUALITY_MANAGER/EXCLUSION_MANAGER roles. These can be assigned at user level (when using Default Authentication mode) or via user or group (when using Standard LDAP authentication). Please see Configuring user User authentication for more information.
    Action / Exclusions

    Indicates whether the violation has been added to the Action Plan or the Scheduled Exclusion List (see Security Dashboard - Action Plan for more information):

    Item has been added to the Action Plan.
    Item has been added to the Scheduled Exclusion List.


    Object Name Location

    Displays the object name, and in the case of file based objects (as oppose to Database objects), the location on disk of the object.

    When there are many violations, search button Image Added helps to search for a specific violation (based on the object name location field).

    Image Added

    Risk

    This value was previously known as Propagated Risk Index (PRI): it identifies the violations that can impact the largest number of components, involving objects with the largest number of violations pertaining to the Health Measure involved. The formula used to calculate this value is as follows:

    No Format
    PRI = (RPF + 1) x VI

    Where RPF and VI equal:

    RPF

    Risk Propagation Factor (RPF): identifies violations that can impact the largest number of components in the Application. The impact area is computed as follows:

    • Risk Propagation Factor for a Robustness, Performance, or Security Violation is the size of its call path
    • Risk Propagation Factor for a Changeability Violation is its Fan-In
    • Risk Propagation Factor for a Transferability Violation is zero (0).

    VI

    Violation Index (VI): identifies objects with the largest number of violations, taking into account the weight of the Rules and of the Technical Criteria, for the Health Measure involved. The formula used to calculate this value is as follows

    For each object, identify Rules it violates that contribute to a given Health Measure through Technical Criteria. Multiply aggregate weight of the Rule within the Technical Criterion by the aggregate weight of the Technical Criterion within the Health Factor. In other words:

    No Format
    VI = Sum_of_all_rules_violated_by_the_object (Quality_rule_weight * technical_criteria_weight)


    Status

    Displays the status of the object in comparison to the previous snapshot - e.g.:

    • Added
    • Updated
    • Deleted
    • Unchanged

    You can also filter on a status by selecting the column header and choosing the status you want to view:

    Clicking this icon will take you direct to the object in the Application Investigation view.

    ...