Usage Scenario and Technical Requirements

In general, the ABAP Test Cockpit (ATC), the Code Inspector, and the quality checks are installed as part of the ABAP development infrastructure, together with your business applications.

Developers can start developing custom code, including quality analysis, right away. Both the development infrastructure and the checks always have the same version and provide a shared view of the quality of your custom code – without any extra effort.

In the case of older releases, however, a number of quality checks might not be available in your systems. For such scenarios, the ATC allows the execution of the latest checks in other systems. SAP customers and partners can perform a remote code analysis in ATC to analyze custom code, even in older releases. For example, you can analyze an SAP_BASIS 7.00 system with the latest version of ATC checks.

If you are using the ATC framework, the process for code analysis and correction benefits from the standard ATC functions. ATC offers a workflow for:

  • Running checks for static code analysis
  • Reporting and viewing check results (including documentation)
  • Implementing code corrections
  • Requesting and approving exemptions
Usage Scenario

Let’s imagine that you as an SAP customer or partner are faced with the following situation:

You are using SAP systems with SAP NetWeaver releases older than 7.51, some of them maybe as old as 7.00, probably containing custom code your applications depend on. An upgrade of these systems is not planned so far. However, you would like to execute the latest ATC checks for your custom code and thus benefit from recent check variants that are integrated in the ATC framework. For this type of scenario, the remote static checks might be the best solution for you.

An integral part of this solution is the Central Check System. This system is a 7.51 pure SAP Basis System (SAP_BASIS 7.51) and must be installed and configured within your SAP system landscape. The Central Check System takes on the role of the ATC master system.

For remote access, the Central Check System provides RFC destinations for each relevant system to be checked by the ATC. The analysis of the custom code in the Checked Systems is performed by the Central Check System. During execution, the Central Check System accesses the Checked Systems by means of Remote Stubs (RFC stubs) using the RFC connection. These Remote Stubs serve as an interface between the Central Check System and the Checked Systems. The Remote Stubs return a model from the custom code, which is used by the calling ATC check in the Central Check System to detect, for example, possible security risks in source code of the Checked Systems. Remote Stubs are provided by SAP Note 2190113 Information published on SAP site and must be implemented in all systems to be checked in the system landscape.

Central Check System with remote access
Figure 1: Central Check System with remote access
The analysis of the custom code in the Checked Systems is performed by
  • Execution of central check runs.

    A quality expert checks the code in the system to be checked by scheduling check runs in the central check system.

  • Ad-hoc check runs by developers

    A developer wants to analyze his coding in his development system. He triggers the analysis as he is used to do it in ATC, but the analysis will be performed by the central check system.

ATC check runs can be triggered either from the central check system itself or from one of the connected checked systems: It is possible to perform an ATC analysis from the central check system in order to perform central check runs for the whole code basis. This is typically done by quality experts. However, developers usually do not access the central check system. They want to trigger the ATC run from their development systems. When a developer runs ATC checks in a development system, analysis can be also performed from the connected Central Check System. Developers typically perform checks either for a small object set explicitly (for example, a single object or a package) or when releasing transport requests implicitly.

As result of the check execution:
  • All the ATC findings are stored in the Central Check System. Using the ATC Result Browser in the Central Check System, you can therefore display the findings, navigate to the relevant source code and manage exemptions for ATC findings. For the navigation, the mapping from source code to development systems is used from the system group definition.

  • If the checks were executed by developers from a connected development system, the results are also displayed in this system.

If developers have to exempt findings, they can request exemption from their development systems. Quality experts browse, approve, or reject exemptions in the Central Check System.

Using a Central Check System for Multiple Checked Systems

The Central Check System can be used for multiple Checked Systems. In this case, it does not matter whether the Checked Systems are on the same release level or whether the code basis is identical.

You group systems if they relate to each other in order to align some data between these systems. For example, an exemption should be simultaneously valid in the Test System and the Development System.

ATC supports grouping of systems to combine systems that relate to each other, for example, the Test System to its corresponding Development System. Exemptions that are defined for one system of a system group are considered for all systems of this system group.

The figure below shows three system groups that are defined within a system landscape. Each system group in this example includes multiple SAP systems (a Test System and a Development System), which all represent part of a system landscape of one and the same SAP release (for example, 7.02).

Keep in mind that this is only one possible option for grouping systems. Another option for subsuming systems in system groups might be, for example, each system group represents the custom code of a subsidiary of your company.

Example for grouping a customer’s SAP system landscape
Figure 2: Example for grouping a customer’s SAP system landscape
Technical Requirements

Supported SAP NetWeaver Releases

SAP System SAP NetWeaver Release

Central Check System

>= 7.51

Checked Systems

7.00, 7.01, 7.02, 7.31, 740, and 7.50

For information on prerequisites for using remote ATC checks, see SAP Note 2338111 Information published on SAP site

Authorizations for Remote ATC Analysis

Remote ATC analysis uses the existing authorizations for the ABAP Test Cockpit, based on the following authorization objects:

  • S_Q_ADM : General adminstrative activities
  • S_Q_GOVERN: Activities concerning ATC quality assurance (for example: handling exemptions)

More on this: Authorizations for the ABAP Test Cockpit

Check Variant Examples for Remote Code Analysis

For the execution of remote ATC checks, you may use the predefined Code Inspector variants:

  • SLIN_SEC: Consists of checks for security analysis in Extended Program Check (SLIN)
  • S4HANA_READINESS: Provides checks for SAP S/4HANA readiness (search for DB operations, field length extensions, and so on)
  • FUNCTIONAL_DB: Provides functional checks for optimizing database accesses