Understanding Change Impact Analyzer
Change Impact Analyzer is a tool installed separately from PeopleSoft PeopleTools that helps you determine the impact of specific changes you plan to make during an application upgrade. It's an interactive program where you can see the relationships of PeopleSoft definitions in a hierarchical view.
Change Impact Analyzer displays several views of analyses in tabular and text views. It's delivered with a set of rules that are used to determine the relationships between definitions. Typically, these rules are written in SQL.
Note: Change Impact Analyzer includes some rules written in Java, however, the interface to write custom Java rules is not generally available.
You can add custom rules to the rules files, if needed, to assess the impact of additional relationships.
Rules define the impact or effect on definition(s) when another definition changes. For example, if a database field changes, it would impact the record containing that field.
Oracle provides three rule sets, which are related groups of rules, in Change Impact Analyzer. The rule sets are:
Basic Impact Analysis, which includes the most frequently used rules.
Impact Analysis, which includes more rules for more in-depth analysis.
References Only, which includes all rules.
You can add or remove rules from these rule sets, or you can create new rule sets.
Types of Impact
When you consider the tasks involved in upgrading software or applying change packages, you want to know about the impact to your existing system. There are various types of impacts, for example:
These could be impacts such as how a change to a field type or its properties could affect the structure of a record. Making changes to a field without considering its affect on the related record may cause runtime errors. Therefore, a developer analyzing the impact of a field change can prevent unforeseen errors during an upgrade.
These could be impacts such as changing a common library PeopleCode program called by other PeopleCode programs may affect the behavior of the calling program. In this case, Change Impact Analyzer would note that the calling PeopleCode is affected by the change to the library PeopleCode.
Likewise, if a PeopleCode program writes to a field, the PeopleCode program impacts the field. Knowing this kind of relationship can help developers determine what other changes need to be made and help create a test strategy for the changes.
In typical PeopleSoft applications, there are a large number of relationships between definitions. Therefore, when Change Impact Analyzer performs an impact analysis, it generates a huge amount of data—more than what may be useful to work with. Consequently, it's important for you to determine the relevance of the relationships you want to analyze.
Change Impact Analyzer provides various features to make the impact searches more relevant. For example,
Selecting the rule set(s) to be used, which determines specific rules.
You can specify search paths, which cause a selective recursive analysis to be performed.
Executing an analysis for the impact of one definition on another allows you to manually explore specific relationships.
Using directed analysis, Change Impact Analyzer executes multiple search path analyses. When finished, it automatically produces a report, which can be filtered to allow further relevance.
Securing Change Impact Analyzer
Change Impact Analyzer uses rules files to perform analysis. Rules can be coded in SQL or Java and reside in a local directory. A potential vulnerability exists if the rules files are replaced by files that could have a negative impact on the system or database.
This situation is not unlike any batch file or script that can be run against a database. If these scripts are manipulated, unintended results could occur. Therefore, the Change Impact Analyzer rules files should be secured as you would secure any other potential database-modifying script file.
Change Impact Analyzer does require that the user enter a password to logon to the database. The passwords are not persisted, and are encrypted while they are in memory. However, there is an exception to this in the option to override a default JDBC connection string. A user could specify their own connection string that may contain a hardcoded user ID or password or both.
To alleviate this possible security weakness:
Placeholders such as <<user ID>> and <<password>> can be used. At runtime, Change Impact Analyzer substitutes the actual logon user ID and password.
The connection string is encrypted when the system saves it to the cia.properties file.
Oracle recommends that database administrators assign user IDs and passwords that grant read-only access to the database. However in all cases, database administrators need to assign create and write access to the File preprocessor tables and the PeopleCode preprocessor tables.
Analyzing Change Packages
Change Impact Analyzer can open a change package, read the definition names within it, and analyze these definitions in the selected database. Oracle recommends that you do this for a quick estimate only, because applying a change package may alter relationships.
The best method is to apply a change package to a copy of your database, then select definitions from either a project or the change package, and run the analysis.