fix(iace): set-based measure-category filter + 235 pattern-author fixes

Two-part nachhaltiger fix replacing the previous "fill to 5 mitigations
no matter what" behavior that the GT-Bremse benchmark proved
unfaithful (e.g. HP1625 "scharfe Kanten" returning M005 "Rotations-
bewegung vermeiden" via category fallback; HP1651 "Wiederanlauf
Roboter" returning M054 "Sichere thermische Auslegung" via
mismatched pattern reference).

PART A — Set-based category filter (handlers package):
- acceptableMeasureCategories: replaces 1:1 patternCatToMeasureCat
  with a curated set per pattern category, so e.g.
  safety_function_failure now accepts software_control measures
  (watchdogs, plausibility checks) and emc_hazard accepts both
  electrical and software_control measures
- isCategoryCompatible: gate every measure id against the accepted
  set before creating a mitigation; mismatches log MEASURE-SKIP
- The old category fallback is REMOVED. A hazard whose pattern has
  no category-compatible measure is now created with zero mitigations
  and logged as COVERAGE-GAP — the operator must consult an expert.
  No more silent invention of generic defaults.

PART B — 235 pattern author-error fixes across 26 files:
- HP040-HP044 (AI): M101/M102/M103 (Auffangwanne/Absauganlage) ->
  M133 Anomalieerkennung + M214 Plausibilitaet + M213 Sensor-Redundanz
  + M044 Zweikanalige Steuerung + others
- HP011-HP015, HP104-HP109, HP1085-HP1095, HP1281-HP1334 (electrical):
  M001-M005/M054/M061 placeholders -> M481/M482 Isolation +
  M511-M522 PE/Schutzleiter/RCD/Hauptschalter
- HP110-HP1331 (material_environmental): M101-M103 -> M384-M395
  Brandschutz/Laserschutz + M533/M408 SDB/PSA
- HP800-HP858, HP1178-HP1264 (software/sensor/hmi):
  M101/M104 -> M105/M106/M107/M214 SPS/Watchdog/Plausibilitaet
- HP026, HP611-HP1690 (ergonomic): M001/M082 -> M353-M360 +
  M530-M532 Hebehilfe/ergonomische Hoehe
- HP201-HP1697 (mechanical): M054/M051 -> M002/M008/M061/M141 +
  M487/M488 Tueroeffnung-Stillsetzung/Wiederanlauf
- Plus EMF/Strahlung/Brand/Lärm/Vibration/Kommunikation/Cyber

Coverage shift (Pattern-Author-Fehler bei aktiviertem Set-Filter):
   start:         237 patterns with zero category-compatible measures
   after Stufe 1A:   5 (AI)
   after Stufe 1B:  20 (mechanical Bestand)
   after Stufe 1C:  35 (electrical Bestand)
   after Stufe 1D:  29 (material_environmental)
   after Stufe 1E:  29 (software/sensor/hmi)
   after Stufe 1F:  20 (ergonomic)
   after Stufe 1G:  80 (thermal/comm/radiation/fire/safety)
   final:           0  (28 extended.go/extended2.go duplicates fixed)

New regression tests:
- TestEveryPattern_HasCategoryCompatibleMeasure: every pattern in
  collectAllPatterns() must reference at least one category-compatible
  measure; gaps must be explicitly listed in AllowlistKnownGaps
  (currently empty). Fails CI for any new pattern that drifts.
- TestAcceptableMeasureCategories: pins the set-mapping for the
  7 most-bug-prone pattern categories.
- TestIsCategoryCompatible_EmptyMeasureCat: protects legacy entries.

A separate task #11 tracks 58 HP-ID duplicates between
extended.go/extended2.go and cobot.go/press.go/operational.go —
patterns are semantically different and TestGetBuiltinHazardPatterns_-
UniqueIDs misses them because it only checks HP001-HP044.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

ai-compliance-sdk/internal/iace/hazard_patterns_cyber_extended2.go

@@ -27,7 +27,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"unintended_bias", "false_classification"},
-			SuggestedMeasureIDs:   []string{"M101"},
+			SuggestedMeasureIDs:   []string{"M133", "M227", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              80,
 			ScenarioDE:      "Einseitige Trainingsdaten fuehren dazu, dass das KI-Modell bestimmte Varianten systematisch falsch klassifiziert.",
@@ -42,7 +42,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai", "sensor_part"},
 			RequiredEnergyTags:    []string{"ai_model", "cyber"},
 			GeneratedHazardCats:   []string{"data_poisoning", "sensor_spoofing"},
-			SuggestedMeasureIDs:   []string{"M101", "M116"},
+			SuggestedMeasureIDs:   []string{"M133", "M214", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15", "E16"},
 			Priority:              85,
 			ScenarioDE:      "Gezielt veraenderte Eingabedaten (Adversarial Patches) taeuschen das Bilderkennungssystem und erzwingen Fehlklassifikation.",
@@ -57,7 +57,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"model_drift"},
-			SuggestedMeasureIDs:   []string{"M103"},
+			SuggestedMeasureIDs:   []string{"M133", "M227", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              75,
 			ScenarioDE:      "KI-Modell verliert durch veraenderte Prozessbedingungen ueber Wochen schleichend an Genauigkeit.",
@@ -72,7 +72,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai", "programmable"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"software_fault", "safety_function_failure"},
-			SuggestedMeasureIDs:   []string{"M101", "M104"},
+			SuggestedMeasureIDs:   []string{"M044", "M227", "M105", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E07", "E15"},
 			Priority:              95,
 			RequiresExpertCalculation: true,
@@ -89,7 +89,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai", "user_interface"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"false_classification"},
-			SuggestedMeasureIDs:   []string{"M101"},
+			SuggestedMeasureIDs:   []string{"M133", "M204", "M227", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              70,
 			ScenarioDE:      "KI-System gibt Empfehlung ohne Begruendung; Bediener folgt blindlings einer fehlerhaften Empfehlung.",
@@ -104,7 +104,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"false_classification"},
-			SuggestedMeasureIDs:   []string{"M101", "M102"},
+			SuggestedMeasureIDs:   []string{"M133", "M227", "M214", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              80,
 			ScenarioDE:      "KI trifft bei Eingabedaten nahe der Entscheidungsgrenze unzuverlaessige Entscheidungen mit schwankender Konfidenz.",
@@ -119,7 +119,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai", "programmable"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"software_fault"},
-			SuggestedMeasureIDs:   []string{"M101", "M102", "M103"},
+			SuggestedMeasureIDs:   []string{"M133", "M227", "M105", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              85,
 			ScenarioDE:      "RL-Agent entdeckt unbeabsichtigte Strategie zur Reward-Maximierung, die gefaehrliches Verhalten einschliesst.",
@@ -134,7 +134,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"unintended_bias"},
-			SuggestedMeasureIDs:   []string{"M101"},
+			SuggestedMeasureIDs:   []string{"M186", "M187", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              70,
 			ScenarioDE:      "KI-System verarbeitet Kamerabilder mit erkennbaren Personen ohne Einwilligung oder Rechtsgrundlage.",
@@ -149,7 +149,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai", "safety_device"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"safety_function_failure"},
-			SuggestedMeasureIDs:   []string{"M101", "M104"},
+			SuggestedMeasureIDs:   []string{"M105", "M227", "M044", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E07", "E15"},
 			Priority:              95,
 			RequiresExpertCalculation: true,
@@ -166,7 +166,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"model_drift"},
-			SuggestedMeasureIDs:   []string{"M103"},
+			SuggestedMeasureIDs:   []string{"M133", "M227", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              75,
 			ScenarioDE:      "Grundlegende Aenderung des Produktionsprozesses macht das KI-Modell ungueltig, da es auf alten Zusammenhaengen basiert.",
@@ -181,7 +181,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai", "user_interface"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"false_classification"},
-			SuggestedMeasureIDs:   []string{"M101", "M102"},
+			SuggestedMeasureIDs:   []string{"M133", "M214", "M227", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              80,
 			ScenarioDE:      "KI-System meldet einen Zustand mit hoher Konfidenz, der in Wirklichkeit nicht vorliegt (Halluzination).",
@@ -196,7 +196,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai", "networked"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"communication_failure", "safety_function_failure"},
-			SuggestedMeasureIDs:   []string{"M101", "M104", "M115"},
+			SuggestedMeasureIDs:   []string{"M109", "M113", "M106", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15", "E17"},
 			Priority:              90,
 			ScenarioDE:      "Sicherheitsrelevante KI-Funktion benoetigt Cloud-Verbindung; bei Netzwerkausfall ist die Sicherheit nicht gewaehrleistet.",
@@ -211,7 +211,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"false_classification"},
-			SuggestedMeasureIDs:   []string{"M101", "M102"},
+			SuggestedMeasureIDs:   []string{"M044", "M119", "M133", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15"},
 			Priority:              75,
 			ScenarioDE:      "KI-System ist alleiniger Qualitaetsgate ohne Backup-Pruefung; bei KI-Ausfall passieren alle Teile unkontrolliert.",
@@ -226,7 +226,7 @@ func GetCyberExtendedPatterns2() []HazardPattern {
 			RequiredComponentTags: []string{"has_ai"},
 			RequiredEnergyTags:    []string{"ai_model"},
 			GeneratedHazardCats:   []string{"model_drift"},
-			SuggestedMeasureIDs:   []string{"M103"},
+			SuggestedMeasureIDs:   []string{"M133", "M227", "M141"},
 			SuggestedEvidenceIDs:  []string{"E01", "E15", "E21"},
 			Priority:              80,
 			ScenarioDE:      "KI-basierte Wartungsvorhersage unterschaetzt Verschleiss und empfiehlt Wartung zu spaet.",