Blame

217a36 Melisha Dsouza 2025-11-10 14:30:48 1
**<center><h1>High Level Design</h1></center>**
2
3
> ## **Introduction**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 4
5
This project builds an AI-powered system to check CMMI compliance. It analyzes business documents, cross-checks development work in Jira and GitLab, and generates clear reports to ensure all tasks meet CMMI standards.
6
217a36 Melisha Dsouza 2025-11-10 14:30:48 7
> ## **Solution Overview**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 8
217a36 Melisha Dsouza 2025-11-10 14:30:48 9
#### **Problem Statement**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 10
11
Organizations often face challenges in ensuring CMMI compliance and identifying document loopholes during audits or project evaluations. Manual review processes are time-consuming, error-prone, and lack traceability. There’s a need for an intelligent system that automates document analysis, detects non-compliance, and integrates seamlessly with JIRA for issue tracking.
12
217a36 Melisha Dsouza 2025-11-10 14:30:48 13
#### **Solution Summary **
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 14
* Accepts document uploads (Audit, BRD, HLD, LLD, Analysis docs)
15
* Runs automated AI/NLP analysis to extract requirements, identify gaps/loopholes, and suggest fixes
16
* Integrates with JIRA to fetch, map, and update tickets
17
* Provides an interactive review UI (checklists, assign-to-JIRA, status updates)
18
* Exposes dashboards for audit scores, trends, and compliance metrics
19
217a36 Melisha Dsouza 2025-11-10 14:30:48 20
#### **Project Goals and Objectives**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 21
22
* Automate document analysis using AI/ML for compliance detection.
23
* Ensure CMMI standard compliance through structured audit reports.
24
* Provide a seamless JIRA integration for ticket and project management.
25
* Offer real-time dashboards for compliance trends and project insights.
26
* Maintain 97%+ accuracy through model fallback and feedback learning.
27
217a36 Melisha Dsouza 2025-11-10 14:30:48 28
#### **Target Users & Roles**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 29
217a36 Melisha Dsouza 2025-11-10 14:30:48 30
* **Organization Owner / Admin:** Create org, configure JIRA, invite users
31
* **Project Manager: **Review analyses, verify tickets, assign tasks
32
* **Quality/Audit Lead (QA/Auditor):** Run audits, validate loopholes.
33
* **Developer / Assignee:** Receive JIRA-linked tasks, update status
34
* **Viewer / Stakeholder:** Read-only access to dashboards and reports
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 35
217a36 Melisha Dsouza 2025-11-10 14:30:48 36
#### **Scope**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 37
38
* User authentication and organization creation.
39
* Role-based access control (Admin, Owner, Auditor, User).
40
* Document upload (PDF, DOCX, TXT) and classification.
41
* AI-based analysis of documents for loopholes and compliance.
42
* Integration with multiple AI models (GPT-4o, Gemini, Hugging Face).
43
* JIRA API integration for project tracking.
44
* Real-time dashboard and visual analytics.
45
* Firebase integration for crash tracking and remote config.
46
217a36 Melisha Dsouza 2025-11-10 14:30:48 47
#### **Critical Success Factors**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 48
49
* Achieve ≥97% accuracy in document classification and analysis.
50
* Seamless integration between backend and AI model services.
51
* Low-latency data processing and scalable architecture.
52
* User-friendly and responsive UI/UX.
53
217a36 Melisha Dsouza 2025-11-10 14:30:48 54
#### **Assumptions**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 55
56
* Organizations will provide the required JIRA credentials and permissions
57
* The primary language of the documents is English
58
* Users have access to modern web browsers
59
* Reasonable network bandwidth for uploads/downloads
60
217a36 Melisha Dsouza 2025-11-10 14:30:48 61
#### **Constraints**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 62
63
* Dependent on internet connectivity for AI and JIRA integrations.
64
* Processing large documents may take longer based on file size.
65
* API rate limits for AI models (e.g., OpenAI API limits).
66
217a36 Melisha Dsouza 2025-11-10 14:30:48 67
> ## **System architecture**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 68
217a36 Melisha Dsouza 2025-11-10 14:30:48 69
#### **Architectural design**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 70
217a36 Melisha Dsouza 2025-11-10 14:30:48 71
#### **Web app backend endpoints interactions**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 72
217a36 Melisha Dsouza 2025-11-10 14:30:48 73
#### **Authorization/authentication**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 74
217a36 Melisha Dsouza 2025-11-10 14:30:48 75
#### **Technology Stack:**
76
* **Frontend:** React.js
77
* **Backend:** Express.js
78
* **Database:**
79
* **Caching: **
80
* **Deployment:** Gitlab CICD
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 81
217a36 Melisha Dsouza 2025-11-10 14:30:48 82
#### **Authorization/authentication**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 83
* JWT Tokens for backend route protection.
84
* Role-based Access Control (RBAC) for organization-level roles.
85
217a36 Melisha Dsouza 2025-11-10 14:30:48 86
> ## **Data Design**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 87
217a36 Melisha Dsouza 2025-11-10 14:30:48 88
> ## **Entity-Relationship Diagram (ERD)**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 89
90
![](./image-1762779857811.png)
91
217a36 Melisha Dsouza 2025-11-10 14:30:48 92
> ## **Architecture Diagram**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 93
94
![](./image-1762779905513.png)
95
217a36 Melisha Dsouza 2025-11-10 14:30:48 96
> ## **Component & Module Design**
97
#### **Component Breakdown**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 98
* Integration
99
217a36 Melisha Dsouza 2025-11-10 14:30:48 100
#### **Component Responsibilities**
101
* **Frontend:** User input, visualization, and interaction.
102
* **Backend:** Logic control, routing, and model orchestration.
103
* **AI Layer:** Processing, model selection, and confidence computation.
104
105
#### **Interaction Model**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 106
* Components communicate via secure REST APIs
107
217a36 Melisha Dsouza 2025-11-10 14:30:48 108
> ## **API Design & Integrations**
109
#### **Public API Design**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 110
* RESTful JSON-based API responses.
111
* Secured with JWT tokens
112
217a36 Melisha Dsouza 2025-11-10 14:30:48 113
#### **Authentication & Authorization**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 114
* Token validation middleware for all secured routes.
115
* Role-based endpoint access is defined via backend decorators.
116
217a36 Melisha Dsouza 2025-11-10 14:30:48 117
#### **Third-Party Integrations**
118
* **GitLab** – Fetch commits and track code changes.
119
* **JIRA API** – Ticket fetch, update, and audit validation.
120
* **AI** - Public models or APIs
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 121
217a36 Melisha Dsouza 2025-11-10 14:30:48 122
> ## **Security Considerations **
123
#### **Authentication & Authorization Flow**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 124
* Role-based access per organization and user.
217a36 Melisha Dsouza 2025-11-10 14:30:48 125
126
#### **Data Security**
cd81c1 Melisha Dsouza 2025-11-10 13:11:19 127
* HTTPS/TLS for data in transit.
128
* Role-based data visibility.