Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(iace): Sprint 4A — Residual Risk Modeling (Suppression Engine)

Browse Source 
RiskReduction Struct + automatische Risk Trajectory:
- RiskReduction{SeverityDelta, ExposureDelta, ProbabilityDelta} auf ProtectiveMeasureEntry
- CalculateRiskTrajectory() in engine.go: berechnet schrittweise Risikoreduktion
  entlang ISO 12100 Hierarchie (design → protection → information)
- Kumulative Deltas pro Stufe, Clamp auf Minimum 1
- RiskTrajectoryStep mit Stage, S/E/P, Score, Level, IsAcceptable

101 Massnahmen mit RiskReduction-Profilen versehen:
- Design/Geometry (M001-M010): S-1, E-1 (Gefahrstelle eliminiert)
- Design/Force (M011-M022): S-2 (Energie/Kraft reduziert)
- Design/Control (M039-M050): P-2 (sichere Steuerung)
- Protection/Guards (M061-M072): E-2 (Zugang verhindert)
- Protection/Electro (M073-M079): E-1, P-1 (Erkennung)
- Protection/Safety (M105-M113): P-2 (sichere SPS)
- Protection/Monitoring (M114-M120): P-1 (Frueerkennung)
- Protection/Cyber (M121-M130): P-1
- Information/Training (M161-M168): P-1
- Information/PPE (M169-M175): S-1

8 neue Tests: NoMeasures, DesignReduce, FullHierarchy, ClampMin1,
  OnlyProtection, WithoutReduction, MandatoryAsProtective, LibraryCount

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-05-10 09:15:43 +02:00
parent 05d98ea95f
commit 6d2616cad7
5 changed files with 348 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ai-compliance-sdk/internal/iace/models_api.go
+19 -2
View File
@@ -184,8 +184,25 @@ type ProtectiveMeasureEntry struct {
// When true, the measure must be implemented if the referenced norm is applied.
// The norm creates a "presumption of conformity" — deviating requires the
// manufacturer to independently prove equivalent safety.
Mandatory bool `json:"mandatory,omitempty"`
MandatoryNorm string `json:"mandatory_norm,omitempty"` // e.g. "EN 1726-1 Kap. 5.3"
Mandatory bool `json:"mandatory,omitempty"`
MandatoryNorm string `json:"mandatory_norm,omitempty"`
// RiskReduction describes the typical risk reduction effect of this measure.
// Used by the Suppression Engine to automatically calculate residual risk
// when measures are assigned to hazards.
RiskReduction *RiskReduction `json:"risk_reduction,omitempty"`
}
// RiskReduction describes how a protective measure reduces risk parameters.
// Deltas are negative integers (e.g. -2 means "reduces by 2 levels").
// The Suppression Engine cumulates deltas across all assigned measures
// and clamps each parameter to a minimum of 1.
type RiskReduction struct {
// SeverityDelta reduces the severity rating (e.g. -1 for PPE, -2 for inherent safe design).
SeverityDelta int `json:"severity_delta,omitempty"`
// ExposureDelta reduces the exposure/frequency rating (e.g. -2 for fixed guard, -1 for interlock).
ExposureDelta int `json:"exposure_delta,omitempty"`
// ProbabilityDelta reduces the probability rating (e.g. -2 for interlock, -1 for training).
ProbabilityDelta int `json:"probability_delta,omitempty"`
}
// ValidateMitigationHierarchyRequest is the request for hierarchy validation