Blame
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 1 | **<center><h1>High Level Design</h1></center>** |
| 2 | ||||
| 3 | > ## **Introduction** |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 4 | |
| 5 | This project builds an AI-powered system to check CMMI compliance. It analyzes business documents, cross-checks development work in Jira and GitLab, and generates clear reports to ensure all tasks meet CMMI standards. |
|||
| 6 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 7 | > ## **Solution Overview** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 8 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 9 | #### **Problem Statement** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 10 | |
| 11 | Organizations often face challenges in ensuring CMMI compliance and identifying document loopholes during audits or project evaluations. Manual review processes are time-consuming, error-prone, and lack traceability. There’s a need for an intelligent system that automates document analysis, detects non-compliance, and integrates seamlessly with JIRA for issue tracking. |
|||
| 12 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 13 | #### **Solution Summary ** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 14 | * Accepts document uploads (Audit, BRD, HLD, LLD, Analysis docs) |
| 15 | * Runs automated AI/NLP analysis to extract requirements, identify gaps/loopholes, and suggest fixes |
|||
| 16 | * Integrates with JIRA to fetch, map, and update tickets |
|||
| 17 | * Provides an interactive review UI (checklists, assign-to-JIRA, status updates) |
|||
| 18 | * Exposes dashboards for audit scores, trends, and compliance metrics |
|||
| 19 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 20 | #### **Project Goals and Objectives** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 21 | |
| 22 | * Automate document analysis using AI/ML for compliance detection. |
|||
| 23 | * Ensure CMMI standard compliance through structured audit reports. |
|||
| 24 | * Provide a seamless JIRA integration for ticket and project management. |
|||
| 25 | * Offer real-time dashboards for compliance trends and project insights. |
|||
| 26 | * Maintain 97%+ accuracy through model fallback and feedback learning. |
|||
| 27 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 28 | #### **Target Users & Roles** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 29 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 30 | * **Organization Owner / Admin:** Create org, configure JIRA, invite users |
| 31 | * **Project Manager: **Review analyses, verify tickets, assign tasks |
|||
| 32 | * **Quality/Audit Lead (QA/Auditor):** Run audits, validate loopholes. |
|||
| 33 | * **Developer / Assignee:** Receive JIRA-linked tasks, update status |
|||
| 34 | * **Viewer / Stakeholder:** Read-only access to dashboards and reports |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 35 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 36 | #### **Scope** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 37 | |
| 38 | * User authentication and organization creation. |
|||
| 39 | * Role-based access control (Admin, Owner, Auditor, User). |
|||
| 40 | * Document upload (PDF, DOCX, TXT) and classification. |
|||
| 41 | * AI-based analysis of documents for loopholes and compliance. |
|||
| 42 | * Integration with multiple AI models (GPT-4o, Gemini, Hugging Face). |
|||
| 43 | * JIRA API integration for project tracking. |
|||
| 44 | * Real-time dashboard and visual analytics. |
|||
| 45 | * Firebase integration for crash tracking and remote config. |
|||
| 46 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 47 | #### **Critical Success Factors** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 48 | |
| 49 | * Achieve ≥97% accuracy in document classification and analysis. |
|||
| 50 | * Seamless integration between backend and AI model services. |
|||
| 51 | * Low-latency data processing and scalable architecture. |
|||
| 52 | * User-friendly and responsive UI/UX. |
|||
| 53 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 54 | #### **Assumptions** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 55 | |
| 56 | * Organizations will provide the required JIRA credentials and permissions |
|||
| 57 | * The primary language of the documents is English |
|||
| 58 | * Users have access to modern web browsers |
|||
| 59 | * Reasonable network bandwidth for uploads/downloads |
|||
| 60 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 61 | #### **Constraints** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 62 | |
| 63 | * Dependent on internet connectivity for AI and JIRA integrations. |
|||
| 64 | * Processing large documents may take longer based on file size. |
|||
| 65 | * API rate limits for AI models (e.g., OpenAI API limits). |
|||
| 66 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 67 | > ## **System architecture** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 68 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 69 | #### **Architectural design** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 70 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 71 | #### **Web app backend endpoints interactions** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 72 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 73 | #### **Authorization/authentication** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 74 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 75 | #### **Technology Stack:** |
| 76 | * **Frontend:** React.js |
|||
| 77 | * **Backend:** Express.js |
|||
| 78 | * **Database:** |
|||
| 79 | * **Caching: ** |
|||
| 80 | * **Deployment:** Gitlab CICD |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 81 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 82 | #### **Authorization/authentication** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 83 | * JWT Tokens for backend route protection. |
| 84 | * Role-based Access Control (RBAC) for organization-level roles. |
|||
| 85 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 86 | > ## **Data Design** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 87 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 88 | > ## **Entity-Relationship Diagram (ERD)** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 89 | |
| 90 |  |
|||
| 91 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 92 | > ## **Architecture Diagram** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 93 | |
| 94 |  |
|||
| 95 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 96 | > ## **Component & Module Design** |
| 97 | #### **Component Breakdown** |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 98 | * Integration |
| 99 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 100 | #### **Component Responsibilities** |
| 101 | * **Frontend:** User input, visualization, and interaction. |
|||
| 102 | * **Backend:** Logic control, routing, and model orchestration. |
|||
| 103 | * **AI Layer:** Processing, model selection, and confidence computation. |
|||
| 104 | ||||
| 105 | #### **Interaction Model** |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 106 | * Components communicate via secure REST APIs |
| 107 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 108 | > ## **API Design & Integrations** |
| 109 | #### **Public API Design** |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 110 | * RESTful JSON-based API responses. |
| 111 | * Secured with JWT tokens |
|||
| 112 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 113 | #### **Authentication & Authorization** |
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 114 | * Token validation middleware for all secured routes. |
| 115 | * Role-based endpoint access is defined via backend decorators. |
|||
| 116 | ||||
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 117 | #### **Third-Party Integrations** |
| 118 | * **GitLab** – Fetch commits and track code changes. |
|||
| 119 | * **JIRA API** – Ticket fetch, update, and audit validation. |
|||
| 120 | * **AI** - Public models or APIs |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 121 | |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 122 | > ## **Security Considerations ** |
| 123 | #### **Authentication & Authorization Flow** |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 124 | * Role-based access per organization and user. |
| 217a36 | Melisha Dsouza | 2025-11-10 14:30:48 | 125 | |
| 126 | #### **Data Security** |
|||
| cd81c1 | Melisha Dsouza | 2025-11-10 13:11:19 | 127 | * HTTPS/TLS for data in transit. |
| 128 | * Role-based data visibility. |