Home // SECURWARE 2025, The Nineteenth International Conference on Emerging Security Information, Systems and Technologies // View article
Secure Software Brownfield Engineering – Sequence Diagram Identification
Authors:
Aspen Olmsted
Keywords: cyber-security; software engineering; secure software development.
Abstract:
The process of securing existing "brownfield" software systems becomes challenging when trying to identify and mitigate vulnerabilities in complex and often undocumented codebases. The paper investigates the essential requirement for improved program execution flow comprehension in legacy PHP applications to support secure software development. The proposed solution utilizes the trace functionality of program execution tracing through the PHP extension to obtain detailed execution paths dynamically. The methodology generates complete UML Sequence Diagrams through automated processing of program execution trace logs. These diagrams present object and function interactions through visual representations, which developers and security analysts use as essential tools. The sequence diagrams provide a straightforward, high-level view of runtime operations, which enhances code understanding and reveals concealed dependencies and security-critical control paths. The automated visualization system helps security professionals detect potential attack vectors, verify the implementation of security controls, and identify insecure data handling practices. The research demonstrates how a debugging tool can be leveraged as a security enhancement tool for brownfield environments, enabling developers to identify vulnerabilities more efficiently without relying on manual code reviews or architectural documentation. This method offers a practical solution to enhance the security posture of legacy PHP applications.
Pages: 14 to 19
Copyright: Copyright (c) IARIA, 2025
Publication date: October 26, 2025
Published in: conference
ISSN: 2162-2116
ISBN: 978-1-68558-306-4
Location: Barcelona, Spain
Dates: from October 26, 2025 to October 30, 2025