I build software engineering tools for different reasons. Most times as an initial prototype to validate a research idea, in other cases for teaching and to help my students reinforce their understanding of concepts introduced during software engineering workshops... or just for fun!
I built this platform to help technology-based organisations and software engineers to minimise risk related to regulatory compliance through (privacy and security)-by-design. It achieves this by delivering innovative solutions on methodology, tools and reporting to demonstrate regulatory compliance in the building and evaluation of software-based systems and processes. Industry validation has been supported by the Innovate UK supported CyberASAP program.
download
I built this tool because I needed a simple way to quantatively compare two similar jar files for their complexity, re-usability and modularity. It includes the original Chidamber and Kemerer metrics. All you need to do is to load the jar file and press compute button. You may decide to include stable jdk files or only analyse public class files.
download
This tool detects vulnerability patterns in program code. It takes as input a java source code and reports the quality of the code based on detected vulnerabilities.
To provide FMCR with the source code to analyse, you can either load an existing source file by pressing the Load Source Code button or type the code directly into the textarea provided. You can then analyse the code by double-clicking on the textarea or by pressing the Analyse button.
download
Now and then I find the need to analyse abstract representations of program code. Visualising the abstract syntax tree of the program makes this a lot easier. One thing you will observe is that syntax trees can get complex rather quickly.
The tool is easy to use. You can either load an existing source file by pressing the Load Source code button or type the code directly into the textarea provided. To generate the Abstract Syntax Tree, either double-clicking on the textarea or by pressing the generate AST button.
download
I often wonder about the general quality of code in open source and public repositories. So here is my first attempt to satisfy my curiosity. RepoAnalyser crawls a repository based on a search term, then analyses the quality of identified projects that matches the term. You need to create a personal access token from your registered GitHub account. Note there is a limit placed on GitHub API calls per hour... So sometimes you will need some patience with RepoAnalyser as it tries to pace API calls so that the limit is not reached. Alternatively, you can direct RepoAnalyser to the local repository on your computer.
download