Automated Reverse Engineering of UML Sequence Diagrams for Dynamic Web Applications

Abstract: This paper presents an approach and tool to automatically instrument dynamic web applications using source transformation technology, and to reverse engineer a UML 2.1 sequence diagram from the execution traces generated by the resulting instrumentation. The result can be directly imported and visualized in a UML toolset such as Rational Software Architect. Our approach dynamically filters traces to reduce redundant information that may complicate program understanding. While our current implementation works o… Show more

“…Paper [21] proposes reverse engineering sequence diagrams from enterprise Java beans with interceptors. In the paper [2] authors present an approach and tool to automatically instrument dynamic web applications using source transformation technology and to reverse engineer an UML sequence diagram from the execution traces generated by the resulting instrumentation. Th e authors of the paper [24] propose combination of the three relations in such way that enables a comprehensive measure of complexity of class diagrams in reverse engineering.…”

Object-Oriented Analysis and Design for one Algorithm of Computational Geometry: Forward, Reverse and Round-Trip Engineering

“…Paper [21] proposes reverse engineering sequence diagrams from enterprise Java beans with interceptors. In the paper [2] authors present an approach and tool to automatically instrument dynamic web applications using source transformation technology and to reverse engineer an UML sequence diagram from the execution traces generated by the resulting instrumentation. Th e authors of the paper [24] propose combination of the three relations in such way that enables a comprehensive measure of complexity of class diagrams in reverse engineering.…”

Object-Oriented Analysis and Design for one Algorithm of Computational Geometry: Forward, Reverse and Round-Trip Engineering

“…Figure 1 shows the general framework of our technique to convert the structural and behavioral models into a SecureUML security model. The work described in this paper is part of a larger toolset to analyze role-based access control which begins with automated recovery of structural and behavioral models described in detail elsewhere [5,6,7,8]. The lower left (SQL2XMI) represents our automated recovery of the structural model (represented by an ER Data Model) from the application's schema source, while the upper left (PHP2XMI, WAFA, DWASTIC) represents the automated recovery of the application's behavioral model (represented by a sequence diagram) using a combination of static and dynamic analysis.…”

“…A set of three tools, PHP2XMI [5], WAFA [8] and DWASTIC [7] is used to recover this model. First, PHP2XMI uses source transformation to instrument the This sequence diagram is then extended by WAFA, which recovers a finegrained interaction model from the application.…”

“…In this paper we use TXL [4], a source transformation tool, to transform previously recovered structural and behavioral models [5,6,7,8] to a role-based access control (RBAC) [9] model. The target model, a SecureUML [10] model expressed in XMI 2.1, can then be used to check that the desired access control properties are correctly implemented in the code.…”

Recovering Role-Based Access Control Security Models from Dynamic Web Applications

“…Providing the context of the database interactions allows us to better analyze these interactions and recover the details of user roles and permissions. In previous work [2] we recovered sequence diagrams for test sessions at the page level. We have used the work described in this paper to extend the recovered sequence diagrams to include interactions with the database.…”

WAFA: Fine-grained dynamic analysis of web applications