Technical Articles & Insights

Legacy systems, GAMP 5 compliance, and enterprise architecture from a Chemical Engineer's perspective

About This Collection

This page provides access to my legacy technical articles written over 15+ years of enterprise software development. While the original articles are in Portuguese (available in the legacy site), this page introduces each article with compliance-focused summaries using terminology relevant to pharmaceutical and industrial sectors.

Key Focus Areas: GAMP 5 compliance, OAuth 2.1/OIDC security architecture, legacy system modernization, and technical debt management—all viewed through the lens of Chemical Engineering precision and enterprise Java expertise.

GAMP 5 Compliance & Validation

GAMP 5

Legacy System Validation for Pharmaceutical Manufacturing

Compliance Focus: This article discusses software validation principles aligned with GAMP 5 Category 4 (Configured Software Products) and Category 5 (Custom Applications). Covers validation documentation, risk-based approach, and traceability requirements for legacy Java enterprise systems.

Key Topics: Validation Master Plan (VMP), User Requirements Specification (URS), Functional Requirements Specification (FRS), Design Qualification (DQ), Installation Qualification (IQ), Operational Qualification (OQ), Performance Qualification (PQ).

Read Original Article
GAMP 5

Change Control and Configuration Management in Legacy Systems

Compliance Focus: Explores change management processes for validated systems, emphasizing the importance of documented change control procedures, impact assessments, and regression testing—critical for maintaining GAMP 5 compliance during system modernization.

Key Topics: Change Request (CR), Impact Assessment, Risk Analysis, Test Strategy, Validation Documentation Updates, Regulatory Notification Requirements.

Read Original Article

OAuth 2.1 / OIDC Security Architecture

OAuth 2.1

Enterprise Authentication Architecture with PKCE

Security Focus: Comprehensive guide to implementing OAuth 2.1 Authorization Code Flow with PKCE (Proof Key for Code Exchange) for enterprise applications. Covers security best practices, multi-provider support (Google, Microsoft), and compliance with OWASP security standards.

Key Topics: PKCE Implementation, Token Validation, JWT Security, Refresh Token Management, Session Security, Multi-Factor Authentication (MFA) Integration.

Read Article
OIDC

OpenID Connect for Pharmaceutical Systems

Compliance Focus: OIDC implementation strategies for validated systems, ensuring audit trails, user identity verification, and access control meet FDA 21 CFR Part 11 and EU Annex 11 requirements for electronic records and signatures.

Key Topics: Identity Provider (IdP) Selection, User Authentication Logging, Role-Based Access Control (RBAC), Audit Trail Requirements, Electronic Signature Compliance.

Read Article

Java Enterprise & Legacy Modernization

Jakarta EE

Migrating from Java EE to Jakarta EE: A Practical Guide

Technical Focus: Step-by-step migration strategy for enterprise Java applications, covering namespace changes, dependency updates, and compatibility considerations. Essential reading for organizations planning legacy system modernization.

Key Topics: Package Migration (javax.* to jakarta.*), Build Tool Updates (Maven/Gradle), Application Server Compatibility, Testing Strategy, Rollback Planning.

Read Original Article
Legacy Systems

Technical Debt Assessment and Prioritization

Strategic Focus: Framework for quantifying and prioritizing technical debt in legacy Java enterprise systems. Includes ROI analysis, risk assessment, and modernization roadmap development—critical for pharmaceutical and industrial sectors.

Key Topics: Debt Inventory, Impact Analysis, Cost-Benefit Analysis, Risk Matrix, Phased Modernization Strategy, Business Case Development.

Read Original Article

Process Automation & AI

Python

AI-Driven Quality Control in Pharmaceutical Manufacturing

Innovation Focus: Machine learning applications for real-time quality control in pharmaceutical production. Covers anomaly detection, predictive maintenance, and integration with legacy SCADA systems—all while maintaining GAMP 5 compliance.

Key Topics: ML Model Validation, Data Integrity (ALCOA+), Real-Time Monitoring, Integration with Legacy Systems, Regulatory Documentation.

Read Original Article
Automation

Chemical Engineering Principles in Software Architecture

Philosophy Focus: How Chemical Engineering rigor (process control, safety margins, reproducibility) applies to enterprise software architecture. Essential reading for understanding the "Engineer-Programmer" approach to legacy system modernization.

Key Topics: Process Control Mindset, Safety-First Design, Reproducibility in Software, Documentation Standards, Quality Assurance Principles.

Read Original Article

Personal Technical Blog

Explore 78+ technical articles covering Java Enterprise, Jakarta EE, Spring Boot, Docker, Microservices, APIs, DevOps, AI, and Software Architecture.

Articles span from March 2024 to January 2026, documenting real-world experiences in legacy system modernization, enterprise architecture, and technology transitions. Topics include: Java & Spring, Jakarta EE, APIs & Microservices, DevOps & Containers, Architecture Patterns, AI & Technology, Modernization Strategies, Career & Market Insights.

Visit Personal Blog

Articles are in Portuguese (PT-BR) and cover technical topics relevant to enterprise Java development and software architecture.

Complete Article Archive

Access the full collection of technical articles, tutorials, and case studies from 15+ years of enterprise software development.

Browse Legacy Articles (Portuguese)

Note: Original articles are in Portuguese. This page provides compliance-focused English introductions.

🛡️
Data Protection (GDPR)
This website uses localStorage to save your preferences and improve your experience. By continuing to browse, you agree to the processing of your data in accordance with our Privacy Policy and the General Data Protection Regulation (GDPR).