-
Notifications
You must be signed in to change notification settings - Fork 0
Decadal Strategic & Technical Plan 2026–2035 (Sentinel v2.4 / Omni-Sentinel Mesh v4.0 / SCP v3.0) #139
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
OneFineStarstuff
wants to merge
8
commits into
main
Choose a base branch
from
genspark_ai_developer
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Decadal Strategic & Technical Plan 2026–2035 (Sentinel v2.4 / Omni-Sentinel Mesh v4.0 / SCP v3.0) #139
Changes from all commits
Commits
Show all changes
8 commits
Select commit
Hold shift + click to select a range
2cc8652
docs(governance): consolidated Decadal Strategic & Technical Plan 202…
OneFineStarstuff 6e90a06
feat(governance): roadmap phases 5-8 first-class, runnable 2028 pilot…
OneFineStarstuff 15d6734
feat(dashboard+ci): close DASH-04/06/07, add login route, wire CI for…
OneFineStarstuff 13eb322
feat(oscal): runnable OSCAL 1.1.2 catalog conformance validator (12th…
OneFineStarstuff 816e120
feat(oscal): OSCAL-native Annex IV dossier generator (13th assurance …
OneFineStarstuff 58c87d8
feat(oscal): multi-framework regulator deliverables — DORA ICT-risk r…
OneFineStarstuff 3f9e4d0
feat(packaging): verified distribution-bundle packager — finalize, pa…
OneFineStarstuff 2bcc568
fix(packaging): make distribution bundle deterministically reproducib…
OneFineStarstuff File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| # Sentinel OSCAL tooling | ||
|
|
||
| Machine-readable control catalogs (OSCAL 1.1.2) plus the tools that keep them | ||
| honest and turn them into regulator deliverables. | ||
|
|
||
| ## Files | ||
|
|
||
| | File | Purpose | | ||
| |------|---------| | ||
| | `catalog_sentinel_v24_excerpt.json` | OSCAL 1.1.2 catalog — Containment (CON) + Cryptographic-evidence (CRY) controls, with regime back-matter. | | ||
| | `catalog_sentinel_v24_env_rte.json` | OSCAL 1.1.2 catalog — Confidential-computing (ENV) + MoE-routing (RTE) controls, with regime back-matter. | | ||
| | `sentinel_control_catalog_v1.yaml` | Higher-level control families + regulatory mapping (legacy/companion view). | | ||
| | `oscal_conformance.py` | **Conformance validator** — verifies every control's `tla-spec` / `rego-policy` / `circuit` / `simulator` prop resolves to a real in-repo artifact, every regime `#href` resolves to a back-matter anchor, `feasibility-tier ∈ {A,B,C,D}`, and `freshness-sla` is a valid ISO-8601 duration. | | ||
| | `crosswalk_common.py` | **Shared crosswalk engine** — one source of truth for catalog loading, the control→live-evidence map, the conformance gate, and the evidence-status rule. Reused by all three generators. | | ||
| | `annex_iv_section_map.yaml` | Auditable map: each EU AI Act Annex IV section (A–H) → the OSCAL control ids that evidence it, plus a provider narrative. | | ||
| | `dora_framework_map.yaml` | Auditable map: each DORA pillar (P1–P5) → controls + register narrative. | | ||
| | `nist_ai_rmf_map.yaml` | Auditable map: each NIST AI RMF function (GOVERN/MAP/MEASURE/MANAGE) → controls + crosswalk narrative. | | ||
| | `generate_annex_iv_dossier.py` | **Dossier generator** — auto-assembles an OSCAL-native Annex IV technical-documentation dossier from the catalogs + live assurance evidence. | | ||
| | `generate_dora_ict_register.py` | **DORA register generator** — auto-assembles a scoped DORA ICT-risk register; reports P4/P5 as coverage gaps. | | ||
| | `generate_nist_rmf_crosswalk.py` | **NIST RMF crosswalk generator** — auto-assembles a NIST AI RMF coverage crosswalk with per-function coverage analysis. | | ||
| | `generated/annex_iv_dossier.{json,md}` | Sample auto-assembled Annex IV dossier (regenerate any time; `generated_at` changes per run). | | ||
| | `generated/dora_ict_register.{json,md}` | Sample auto-assembled DORA ICT-risk register. | | ||
| | `generated/nist_ai_rmf_crosswalk.{json,md}` | Sample auto-assembled NIST AI RMF crosswalk. | | ||
|
|
||
| ## Run it | ||
|
|
||
| ```bash | ||
| # 1. Verify catalog cross-reference integrity (43 checks; falsifiable) | ||
| python3 governance_artifacts/oscal/oscal_conformance.py # human | ||
| python3 governance_artifacts/oscal/oscal_conformance.py --json # machine | ||
|
|
||
| # 2. Assemble the Annex IV dossier with LIVE evidence (re-runs backing checks) | ||
| python3 governance_artifacts/oscal/generate_annex_iv_dossier.py | ||
| # -> generated/annex_iv_dossier.json (machine-readable) | ||
| # -> generated/annex_iv_dossier.md (human-readable) | ||
|
|
||
| # 3. Assemble the multi-framework deliverables from the SAME verified catalog | ||
| python3 governance_artifacts/oscal/generate_dora_ict_register.py # DORA ICT-risk register (5 pillars) | ||
| python3 governance_artifacts/oscal/generate_nist_rmf_crosswalk.py # NIST AI RMF crosswalk (4 functions) | ||
|
|
||
| # Package all three deliverables into one tamper-evident distribution bundle | ||
| # (SHA-256 manifest; refuses to package a non-conformant deliverable): | ||
| python3 governance_artifacts/package_distribution_bundle.py --with-suite | ||
|
|
||
| # Faster, assembly-only (does NOT run backing checks; nothing reported SATISFIED) | ||
| python3 governance_artifacts/oscal/generate_annex_iv_dossier.py --no-verify | ||
| ``` | ||
|
|
||
| All four tools are wired into `governance_artifacts/run_runnable_assurance.sh` | ||
| (steps 12–15) and into CI. One verified source of truth (the OSCAL catalog) | ||
| produces three regulator deliverables — Annex IV, DORA, NIST AI RMF — that can | ||
| never drift from each other because they share `crosswalk_common.py`. | ||
|
|
||
| ## Evidence-status semantics (honesty model) | ||
|
|
||
| The dossier never marks a section satisfied on prose alone: | ||
|
|
||
| | Status | Meaning | | ||
| |--------|---------| | ||
| | `SATISFIED` | ≥1 mapped control whose **runnable** assurance check passed in this run. | | ||
| | `PARTIAL` | Has runnable-backed controls but none passed in this run. | | ||
| | `PENDING-EVIDENCE` | Mapped only to organisational / hardware-dependent evidence not yet attached (e.g. `env-02` enclave key custody), or no controls mapped. | | ||
|
|
||
| `generate_annex_iv_dossier.py` **refuses to run** if the catalog is not conformant | ||
| or if `annex_iv_section_map.yaml` references a control id that does not exist in | ||
| any catalog — so the dossier can only ever be built from real, resolvable controls. | ||
|
|
||
| ## Integrity statement | ||
|
|
||
| These artifacts verify **assembly integrity** — that the dossier is built only | ||
| from real controls and currently-passing checks. They are **not** a conformity | ||
| assessment and do **not** assert that the institution is compliant with the EU AI | ||
| Act. Feasibility tiers (A verified now / B needs hardware / C 2026–2030 standards / | ||
| D speculative 2030–2035) are carried through to the dossier verbatim. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,82 @@ | ||
| # EU AI Act Annex IV technical-documentation section -> Sentinel OSCAL control map. | ||
| # | ||
| # This file is the auditable bridge between the eight Annex IV technical- | ||
| # documentation sections (Regulation (EU) 2024/1689, Annex IV §1-9 condensed to | ||
| # A-H as used by annex_iv_technical_documentation_template.json) and the | ||
| # machine-readable controls in the Sentinel OSCAL catalogs. | ||
| # | ||
| # The dossier generator (generate_annex_iv_dossier.py) consumes this map. Each | ||
| # section lists: | ||
| # - controls : OSCAL control ids that provide evidence for the section. | ||
| # - narrative: a short provider statement (the generator inserts it verbatim). | ||
| # A section with no resolved control evidence is reported PENDING-EVIDENCE by the | ||
| # generator rather than being silently marked complete. | ||
| # | ||
| # Control ids must exist in one of the catalogs under governance_artifacts/oscal/; | ||
| # the generator fails if a referenced control id is unknown (no dangling refs). | ||
| annex_iv_version: "Regulation (EU) 2024/1689, Annex IV" | ||
| catalogs: | ||
| - catalog_sentinel_v24_excerpt.json | ||
| - catalog_sentinel_v24_env_rte.json | ||
| sections: | ||
| - id: A | ||
| name: "General system description" | ||
| narrative: > | ||
| The system is the Sentinel AI Governance Stack v2.4 supervisory control | ||
| plane mediating high-risk (T0/T1) foundation-model decisions for a G-SIFI. | ||
| Intended purpose, deployers and risk classification are taken from the | ||
| model registry; the catalog ENV/RTE/CON/CRY control groups scope the | ||
| governed surface. | ||
| controls: [env-01, rte-01] | ||
| - id: B | ||
| name: "Design and development specifications" | ||
| narrative: > | ||
| Routing stability (SARA/ACR) and attested admission are specified as | ||
| machine-checkable invariants with named TLA+ models and a runnable | ||
| simulator; design decisions are evidenced by the verified artifacts. | ||
| controls: [rte-01, env-01] | ||
| - id: C | ||
| name: "Data requirements and governance" | ||
| narrative: > | ||
| Evidence envelopes and consent/lineage records are cryptographically | ||
| signed and hash-chained; PQC dual-signature (cry-02) protects the | ||
| governance data plane. Dataset lineage itself is an organisational record | ||
| (PENDING-EVIDENCE here until the lineage export is attached). | ||
| controls: [cry-02] | ||
| - id: D | ||
| name: "Risk management system" | ||
| narrative: > | ||
| Systemic-risk concentration (HHI) is bounded by a zk attestation (cry-05) | ||
| and the global containment ratchet (con-04/con-07) provides the terminal | ||
| risk control. The G-SRI index drives continuous risk posture. | ||
| controls: [cry-05, con-04, con-07] | ||
| - id: E | ||
| name: "Post-market monitoring" | ||
| narrative: > | ||
| Continuous monitoring is provided by the 24h G-SRI monitor and the | ||
| tamper-evident PQC WORM audit log (cry-02), giving an append-only, | ||
| verifiable post-market record. | ||
| controls: [cry-02] | ||
| - id: F | ||
| name: "Human oversight measures" | ||
| narrative: > | ||
| Containment de-escalation and terminal actuation require human dual-control | ||
| quorum; Autonomous Supervisory Agents can only raise containment, never | ||
| lower it (con-07 one-way ratchet), with kill-switch reachability verified | ||
| (con-04). | ||
| controls: [con-07, con-04] | ||
| - id: G | ||
| name: "Performance and limitations" | ||
| narrative: > | ||
| Routing-stability thresholds (entropy/load/drop) are explicit and enforced | ||
| (rte-01); breaches block model-revision promotion. Known limitations and | ||
| feasibility tiers are carried on each control as OSCAL props. | ||
| controls: [rte-01] | ||
| - id: H | ||
| name: "Cybersecurity and resilience" | ||
| narrative: > | ||
| Hardware-attested execution (SEV-SNP/TDX + vTPM PCR_MATCH, env-01), | ||
| enclave-bound PQC key custody (env-02) and post-quantum signed evidence | ||
| (cry-02) provide the cybersecurity and operational-resilience posture | ||
| (aligned to DORA ICT-risk and EU AI Act Art. 15). | ||
| controls: [env-01, env-02, cry-02] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.