Page frame name:

FRAME_PORTAL_TRANSACTION_VIEW

This view is designed to:

In effect, this view will:

  1. Compute Transactions using CAST's OMG Automated Function Point estimation algorithm:
    1. Objects on the call path (between the Transaction entry point and the data) and that have violations relating to the selected Health Factor are displayed in the view
    2. Objects outside of the call path are not displayed in the view, however they can impact ranking
  2. For each object in the transaction/call path, the VI (Violation Index) is calculated, taking into account the Rule weight and the Health Factor (Robustness, Efficiency, or Security)
  3. The TwRI is equal to the sum of all VI values for all objects in the call path/transaction
Note that a transaction/call path is determined using all link types from the entry point to the end point/data function (these are all the links that are available in the Acc table in the CAST Analysis Service). The only exception to this rule is that some {Ae} (Internally Escalated Access Execute) links are not taken into account (these are links with inftyp = 110 and infsubtyp = 20 in the Objinf table in the CAST Analysis Service).

This is then translated into the Transaction View that lists transactions sorted by Transaction Risk Index (TRI) in descending order:

You can then drill-down on a transaction, listing all objects with violations:

This view requires access to at least one Application.

Layout

Left hand panel

Please see the section Left hand panel in Using the CAST Engineering Dashboard for more information about this.

Computation principles

Compound Violation Index values along the transactions:

Computation - advanced

Compound Violation Index values along call graphs

Filter call graphs that are true end-to-end transactions:

Explanation:

In this screen capture, objects are visible in the call graph yet outside of the direct path towards the data entities that will contribute to the TRI as their violations can also impact the Security, Efficiency, and Robustness risk levels.

Sample use case

  1. Identify transactions with highest cumulated risk using the Transaction-wide Risk Index
  2. Generate an Action Plan to reduce the risk of selected transactions

Benefits

More specifically: