From b0ceae43500586851887712e678716f03835f13d Mon Sep 17 00:00:00 2001
From: Benjamin Admin <benjaminadmin@MacBook-Pro.local>
Date: Thu, 11 Jun 2026 19:46:57 +0200
Subject: [PATCH] feat(iace): open-source safety KB sources + bp_iace_safety_kb
 (Thema 2)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Versioned, license-tagged source docs for the multi-layer GT knowledge base,
ingested into the new core RAG collection bp_iace_safety_kb (whitelisted in
the RAG search handler):
- prism_risk_methodology.md — OPSS PRISM v2 (OGL v3): full severity(4)×
  probability(8) → risk-level matrix (Serious/High/Medium/Low), RAPEX-aligned.
- cobot_biomech_limits.md — CC BY 4.0 papers (Behrens 2022 / Park 2019):
  force (N) & pressure (N/cm²) pain thresholds by body region (the data behind
  ISO/TS 15066, cited from the open papers — standard tables NOT reproduced).
- hse_example_risk_assessments.md — HSE (OGL v3): qualitative hazard→control.
- osha_robot_safety.md — OSHA OTM (public domain): 250 mm/s teach anchor,
  robot hazard taxonomy, safeguarding hierarchy.

No DIN/EN/ISO/IEC/DGUV content reproduced; each doc states its license + attribution.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---
 .../internal/api/handlers/rag_handlers.go     |   1 +
 .../iace/datasources/cobot_biomech_limits.md  |  93 +++++++++++++++
 .../hse_example_risk_assessments.md           |  83 ++++++++++++++
 .../iace/datasources/osha_robot_safety.md     |  49 ++++++++
 .../datasources/prism_risk_methodology.md     | 107 ++++++++++++++++++
 5 files changed, 333 insertions(+)
 create mode 100644 ai-compliance-sdk/internal/iace/datasources/cobot_biomech_limits.md
 create mode 100644 ai-compliance-sdk/internal/iace/datasources/hse_example_risk_assessments.md
 create mode 100644 ai-compliance-sdk/internal/iace/datasources/osha_robot_safety.md
 create mode 100644 ai-compliance-sdk/internal/iace/datasources/prism_risk_methodology.md

diff --git a/ai-compliance-sdk/internal/api/handlers/rag_handlers.go b/ai-compliance-sdk/internal/api/handlers/rag_handlers.go
index 2d8ddde3..11f9e5bf 100644
--- a/ai-compliance-sdk/internal/api/handlers/rag_handlers.go
+++ b/ai-compliance-sdk/internal/api/handlers/rag_handlers.go
@@ -34,6 +34,7 @@ var AllowedCollections = map[string]bool{
 	"bp_legal_templates":        true,
 	"bp_iace_libraries":         true,
 	"bp_iace_accident_stats":    true,
+	"bp_iace_safety_kb":         true,
 }
 
 // SearchRequest represents a RAG search request.
diff --git a/ai-compliance-sdk/internal/iace/datasources/cobot_biomech_limits.md b/ai-compliance-sdk/internal/iace/datasources/cobot_biomech_limits.md
new file mode 100644
index 00000000..362d382b
--- /dev/null
+++ b/ai-compliance-sdk/internal/iace/datasources/cobot_biomech_limits.md
@@ -0,0 +1,93 @@
+# Collaborative-robot biomechanical pain limits (force & pressure by body region)
+
+Canonical, citable source document for the IACE cobot / power-and-force-limiting
+(PFL) severity anchors. The figures below are the **experimental biomechanical
+pain-threshold data** that underlie the ISO/TS 15066 collaborative-robot limits,
+taken **only from open-access CC BY papers** — not from the (copyrighted) ISO/TS
+15066 tables themselves.
+
+## Source A — Force thresholds (Behrens et al. 2022, Frontiers, CC BY 4.0)
+
+- **Source:** Behrens R, Pliske G, Umbreit M, Piatek S, Walcher F, Elkmann N
+- **Doc:** *A Statistical Model to Determine Biomechanical Limits for Physically Safe Interactions With Collaborative Robots*
+- **Journal:** Frontiers in Robotics and AI, vol. 8, art. 667818 (2022)
+- **License:** CC BY 4.0 (Frontiers open access — reuse with attribution)
+- **Attribution:** `Behrens et al. (2022), Front. Robot. AI 8:667818, CC BY 4.0`
+- **Retrieved:** 2026-06 · **DOI:** https://doi.org/10.3389/frobt.2021.667818
+- **Study:** 112 subjects, emulated impact (transient) and pinching (quasi-static)
+  loads at 28 body locations; force raised until slightly painful.
+
+### Force pain thresholds by body region (N)
+
+Values are the 75th-percentile limits for a mixed-gender group (≈70% male),
+blunt contact, from the paper's results. **Pinching ≈ quasi-static contact;
+Impact ≈ transient contact** — transient limits are higher (≈1.5–2×).
+
+| Body region | Pinching / quasi-static (N) | Impact / transient (N) |
+|---|---|---|
+| Forehead | 110 | 150 |
+| Temple | 60 | 90 |
+| Masticatory muscle | 40 | 70 |
+| Neck muscle | 70 | 110 |
+| C7 vertebra | 50 | 70 |
+| Shoulder joint | 60 | 100 |
+| L5 vertebra | 110 | 180 |
+| Sternum | 80 | 110 |
+| Pectoral muscle | 60 | 110 |
+| Abdominal muscle | 60 | 90 |
+| Pelvic bone | 90 | 140 |
+| Deltoid muscle | 100 | 110 |
+| Humerus | 70 | 150 |
+| Radial bone | 100 | 180 |
+| Forearm muscle | 100 | 170 |
+| Arm nerve | 80 | 140 |
+| Forefinger pad | 150 | 390 |
+| Forefinger DIP joint | 160 | 370 |
+| Thenar eminence | 120 | 260 |
+| Palm | 150 | 330 |
+| Back of hand | 150 | 250 |
+| Thigh muscle | 140 | 200 |
+| Kneecap | 160 | 270 |
+| Middle of shin | 150 | 260 |
+| Calf muscle | 130 | 260 |
+
+Lowest-tolerance regions: face (masticatory muscle, temple) and neck (C7,
+shoulder joint) — these dominate worst-case severity for a head/neck contact.
+
+## Source B — Pressure thresholds (Park et al. 2019, PLOS ONE, CC BY 4.0)
+
+- **Source:** Park MY, Han D, Lim JH, Shin MK, Han YR, Kim DH, Rhim S, Kim KS
+- **Doc:** *Assessment of pressure pain thresholds in collisions with collaborative robots*
+- **Journal:** PLOS ONE 14(5): e0215890 (2019)
+- **License:** CC BY 4.0 (PLOS open access — reuse with attribution)
+- **Attribution:** `Park et al. (2019), PLOS ONE 14(5):e0215890, CC BY 4.0`
+- **Retrieved:** 2026-06 · **DOI:** https://doi.org/10.1371/journal.pone.0215890
+
+### Pressure pain thresholds by body region (N/cm²)
+
+Overall measured range across body sites: **65.1 ± 22.6 to 196.1 ± 85.8 N/cm²**.
+Younger subjects showed 3–33% lower thresholds; BMI effect minimal at most sites.
+
+| Body region | Pressure pain threshold (N/cm²) |
+|---|---|
+| Arm nerve | 65.1 ± 22.6 (lowest) |
+| Shoulder joint | ≈ 87 |
+| Neck muscle / forehead / ball of thumb / shin | ≈ 100–120 |
+| Index finger pad / palm of hand | > 160 |
+| Back of hand | 196.1 ± 85.8 (highest) |
+
+## How these are used in IACE
+
+1. **Severity anchor for cobot/PFL hazards:** force (N) and pressure (N/cm²)
+   thresholds per body region set the IACE **S** (severity) tier for a
+   power-and-force-limited contact — a contact below the regional limit is
+   tolerable, above it is an injury-relevant exposure.
+2. **Transient vs quasi-static:** the two force columns let IACE distinguish
+   transient (impact) from quasi-static (clamping/pinching) contact, matching the
+   two ISO/TS 15066 contact regimes without reproducing the standard's tables.
+3. **Worst-case body region:** the lowest-threshold regions (face, neck) drive the
+   conservative default when the contact body region is unknown.
+
+Licensing note: the ISO/TS 15066 limit tables are **not** reproduced. All numeric
+values above are taken from the two CC BY 4.0 academic papers cited and are
+attributed to those papers. No DGUV/IFA or Beuth/ISO table is used.
diff --git a/ai-compliance-sdk/internal/iace/datasources/hse_example_risk_assessments.md b/ai-compliance-sdk/internal/iace/datasources/hse_example_risk_assessments.md
new file mode 100644
index 00000000..684f07b2
--- /dev/null
+++ b/ai-compliance-sdk/internal/iace/datasources/hse_example_risk_assessments.md
@@ -0,0 +1,83 @@
+# HSE example risk assessments (qualitative hazard → control structure)
+
+Canonical, citable source document for the IACE qualitative hazard→control
+pattern. The UK HSE risk-assessment template and worked examples give an
+openly-licensed, **non-numeric** model of how a hazard is paired with existing
+controls and further actions — used by IACE to validate that each identified
+hazard has at least one mapped control/measure.
+
+## Source
+
+- **Source:** UK Health and Safety Executive (HSE)
+- **Doc:** *Risk assessment: Template and examples*, plus worked-example PDFs
+  (maintenance work in a factory; a warehouse)
+- **License:** Open Government Licence v3.0 (OGL v3) — reuse with attribution
+- **Attribution:** `Source: HSE risk-assessment template & examples, © Crown copyright, licensed under the Open Government Licence v3.0`
+- **Retrieved:** 2026-06
+- **URLs:**
+  - https://www.hse.gov.uk/simple-health-safety/risk/risk-assessment-template-and-examples.htm
+  - https://www.hse.gov.uk/simple-health-safety/assets/docs/factory.pdf
+  - https://www.hse.gov.uk/simple-health-safety/assets/docs/warehouse.pdf
+
+**Qualitative only:** the HSE method is deliberately **non-numeric** — it does not
+assign severity/probability scores or a risk matrix. It identifies hazards,
+records existing controls, and plans further action. (Numeric severity×probability
+comes from PRISM, see `prism_risk_methodology.md`.)
+
+## Assessment structure (7 fields)
+
+The HSE blank template is a single table with seven columns:
+
+| # | Column |
+|---|---|
+| 1 | What are the hazards? |
+| 2 | Who might be harmed and how? |
+| 3 | What are you already doing to control the risks? |
+| 4 | What further action do you need to take to control the risks? |
+| 5 | Who needs to carry out the action? |
+| 6 | When is the action needed by? |
+| 7 | Done (date completed) |
+
+Method: walk the workplace, note hazards, talk to workers/safety reps, record
+who could be harmed, list existing controls, then decide what more is needed.
+HSE stresses the examples are illustrative — "do not just copy an example."
+
+Named worked examples published: office-based business, local shop/newsagent,
+food preparation and service, motor vehicle repair shop, factory maintenance,
+warehouse.
+
+## Worked example — maintenance work in a factory (hazard → controls)
+
+| Hazard | Existing controls / further action (summary) |
+|---|---|
+| Machinery / equipment | Guards and emergency-stop buttons fitted; add operator training on lockout/isolation procedures. |
+| Slips, trips, falls | Housekeeping protocols in place; improve drainage and floor markings in work areas. |
+| Chemical exposure | Safety data sheets held; upgrade ventilation, provide respiratory protection where needed. |
+| Noise | Hearing protection supplied; assess noise levels, consider engineering controls at source. |
+| Manual handling | Mechanical lifting aids available; refresh safe-lifting training. |
+| Electrical | Maintenance staff qualified; set a formal inspection schedule and document lockout/tagout. |
+
+## Worked example — warehouse (hazard → controls)
+
+| Hazard | Existing controls / further action (summary) |
+|---|---|
+| Manual handling | Proper lifting techniques, mechanical aids, ergonomics training, weight limits. |
+| Storage & stacking | Appropriate racking, stable stacks, regular inspection, clear aisles / emergency routes. |
+| Falls from height | Guardrails on elevated platforms, fall-protection equipment, working-at-height training. |
+| Moving / powered equipment (FLTs) | Speed limits, segregated pedestrian zones, operator licensing, scheduled maintenance, visible warnings. |
+| Slips, trips & falls | Floors clean/dry, walkways clear, lighting, suitable footwear, prompt spill clean-up. |
+| Noise | Hearing protection where needed, noise barriers, equipment maintenance, sound-level monitoring. |
+
+## How these are used in IACE
+
+1. **Hazard → control completeness check:** the 7-field structure backs the IACE
+   rule that every identified hazard must carry at least one existing control and,
+   where residual risk remains, a further-action/measure entry.
+2. **Control vocabulary:** the worked-example hazard→control pairs seed IACE's
+   library of typical machinery/warehouse measures (guarding, LOTO, segregation,
+   manual-handling aids, PPE) for suggesting measures against a detected hazard.
+3. **Qualitative complement:** HSE supplies the *narrative* control side; PRISM
+   supplies the *numeric* severity×probability side — IACE combines both.
+
+No copyrighted standard text or table is reproduced; all content here is
+OGL-v3 Crown-copyright HSE material.
diff --git a/ai-compliance-sdk/internal/iace/datasources/osha_robot_safety.md b/ai-compliance-sdk/internal/iace/datasources/osha_robot_safety.md
new file mode 100644
index 00000000..c440e1ca
--- /dev/null
+++ b/ai-compliance-sdk/internal/iace/datasources/osha_robot_safety.md
@@ -0,0 +1,49 @@
+# Industrial & collaborative robot safety (OSHA, US public domain)
+
+Citable source document for the IACE robot/cobot hazard taxonomy and the
+reduced-speed anchor. US Government work — free to reuse verbatim.
+
+## Source
+
+- **Source:** US OSHA — Technical Manual (OTM), Section IV, Chapter 4: Industrial Robots & Robot System Safety; and OSHA Guidelines for Robotics Safety (STD 01-12-002)
+- **License:** US Government work — **public domain** (17 U.S.C. §105)
+- **Attribution:** `Source: US OSHA Technical Manual §IV ch.4 / STD 01-12-002, public domain`
+- **Retrieved:** 2026-06
+- **URLs:** https://www.osha.gov/otm/section-4-safety-hazards/chapter-4 · https://www.osha.gov/enforcement/directives/std-01-12-002
+
+## Reduced / teach-mode speed limit
+
+OSHA states (quoting the ANSI/RIA basis): during teach/manual mode, robot speed
+should be at a **reduced speed of 10 inches per second (250 mm/s) or less** at the
+tool center point. This is the public, citable basis for the IACE 250 mm/s teach
+anchor (matches the GT Bremse session and engine measure M340/M492).
+
+## Robot hazard taxonomy
+
+| Hazard | Description |
+|---|---|
+| Impact / collision | Unpredicted movement, component malfunction, unexpected program changes |
+| Crushing / trapping | Operator trapped between robot arm and fixed structure; pinch points |
+| Struck-by (mechanical part) | Failure of gripper/end-effector; ejected workpiece, tool or debris |
+| Electrical / hydraulic / pneumatic | Stored energy, high-pressure fluid injection, energized parts |
+| Slip / trip / fall | Around the cell, cabling, fluids |
+| Environmental | Arc flash, fumes, noise, radiation depending on process |
+
+## Safeguarding hierarchy (OSHA / ANSI basis)
+
+Fixed barriers → interlocked guards → presence-sensing (light curtains, area
+scanners, safety mats) → enabling/hold-to-run devices in teach mode → speed-and-
+separation monitoring (collaborative) → power-and-force limiting (collaborative)
+→ awareness barriers/signs. Energy isolation (lockout/tagout) for maintenance.
+
+## How these are used in IACE
+
+1. **Reduced-speed anchor:** the 250 mm/s teach limit is a public-domain anchor
+   for robot/cobot speed-limiting measures (no copyrighted standard needed).
+2. **Hazard taxonomy:** seeds the robot/cobot hazard categories (impact, crush,
+   struck-by, energy) for pattern coverage checks.
+3. **Safeguarding hierarchy:** orders the protective-measure suggestions for
+   robot cells (barriers → sensing → enabling → SSM/PFL → LOTO).
+
+For the collaborative force/pressure LIMITS see `cobot_biomech_limits.md`
+(CC BY 4.0 papers); ISO/TS 15066 tables are not reproduced.
diff --git a/ai-compliance-sdk/internal/iace/datasources/prism_risk_methodology.md b/ai-compliance-sdk/internal/iace/datasources/prism_risk_methodology.md
new file mode 100644
index 00000000..5d76ec89
--- /dev/null
+++ b/ai-compliance-sdk/internal/iace/datasources/prism_risk_methodology.md
@@ -0,0 +1,107 @@
+# PRISM — Product Safety Risk Assessment Methodology (severity × probability matrix)
+
+Canonical, citable source document for the IACE severity/probability risk-matrix
+anchors. PRISM gives a complete, openly-licensed severity-of-harm × probability
+risk-rating method that maps directly onto the IACE S (severity) and W
+(frequency/probability) tiers and the four-level risk output.
+
+## Source
+
+- **Source:** UK Office for Product Safety & Standards (OPSS), Dept. for Business & Trade
+- **Doc:** Product Safety Risk Assessment Methodology (PRISM), *A Guide for GB Market Surveillance Authorities*, Version 2.0, October 2024 (52 pp.)
+- **License:** Open Government Licence v3.0 (OGL v3) — reuse permitted with attribution
+- **Attribution:** `Source: OPSS, PRISM v2.0 (Oct 2024), © Crown copyright, licensed under the Open Government Licence v3.0`
+- **Retrieved:** 2026-06
+- **URL (guidance):** https://www.gov.uk/guidance/product-safety-risk-assessment-methodology-prism
+- **URL (PDF):** https://assets.publishing.service.gov.uk/media/66fd385ae84ae1fd8592ec93/prism-guidance-v02.pdf
+
+**Safety Gate / RAPEX alignment:** PRISM is the GB revision of the EU Safety Gate
+(RAPEX) risk-assessment guidance (Commission Implementing Decision (EU) 2019/417).
+It retains the same severity×probability structure and the same four resulting
+risk levels (Serious / High / Medium / Low), so the matrix below is broadly
+interoperable with the EU Safety Gate methodology.
+
+## Risk-assessment model
+
+Risk = f(severity of harm, probability of harm). The assessor builds one or more
+**harm scenarios** (3–5 steps: hazard exists → exposure occurs → exposure causes
+harm), then determines (v) severity and (vi) probability and reads off the risk
+level. The four output risk levels are **Serious, High, Medium, Low**.
+
+### Severity-of-harm levels (PRISM Table 2)
+
+Four levels, by reversibility and treatment required. (Descriptions distilled; the
+standard's full clinical example lists are not reproduced.)
+
+| Level | Description (severity of harm) |
+|---|---|
+| 1 | Minor: after basic first aid does not substantially hamper functioning or cause excessive pain; consequences usually fully reversible. |
+| 2 | Moderate: A&E visit may be needed, hospitalisation generally not; functioning affected for a limited period (≤ ~6 months), recovery more or less complete. |
+| 3 | Serious: normally requires hospitalisation; affects functioning for > 6 months or causes permanent loss of function. |
+| 4 | Critical/fatal: is or could be fatal (incl. brain death); reproductive harm; severe loss of limbs/function (> ~10% disability). |
+
+Each level also carries a "potential for multiple casualties?" (Yes/No) flag.
+
+### Probability-of-harm bands (PRISM Table 3, row axis)
+
+Probability that the harm scenario materialises over the product lifetime, in
+eight bands. Per-step probabilities are multiplied to give the overall figure.
+
+| Band | Probability over product lifetime |
+|---|---|
+| 1 | > 50 % |
+| 2 | > 1 in 10 |
+| 3 | > 1 in 100 |
+| 4 | > 1 in 1,000 |
+| 5 | > 1 in 10,000 |
+| 6 | > 1 in 100,000 |
+| 7 | > 1 in 1,000,000 |
+| 8 | < 1 in 1,000,000 |
+
+### Risk matrix — single item (PRISM Table 3)
+
+Severity (column) × probability (row) → risk level.
+
+| Probability ↓ \ Severity → | Level 1 | Level 2 | Level 3 | Level 4 |
+|---|---|---|---|---|
+| > 50 %        | High   | Serious | Serious | Serious |
+| > 1 in 10     | Medium | Serious | Serious | Serious |
+| > 1 in 100    | Medium | Serious | Serious | Serious |
+| > 1 in 1,000  | Low    | High    | Serious | Serious |
+| > 1 in 10,000 | Low    | Medium  | High    | Serious |
+| > 1 in 100,000| Low    | Low     | Medium  | High    |
+| > 1 in 1,000,000 | Low | Low     | Low     | Medium  |
+| < 1 in 1,000,000 | Low | Low     | Low     | Low     |
+
+### Population escalation — all items in use (PRISM Table 4)
+
+Single-item risk can escalate by the number of items in the field (population risk).
+
+| Items in use ↓ \ single-item risk → | Low | Medium | High | Serious |
+|---|---|---|---|---|
+| > 1m   | High   | Serious | Serious | Serious |
+| > 500k | Medium | High    | Serious | Serious |
+| > 100k | Medium | High    | High    | Serious |
+| ≤ 100k | Low    | Medium  | High    | Serious |
+
+(For ≤ 100k the mapping is constant: Low→Low, Medium→Medium, High→High, Serious→Serious.)
+
+After rating, the assessor records an **uncertainty level** (low/medium/high) and
+may run a sensitivity analysis by varying severity, probability or item count.
+
+## How these are used in IACE
+
+1. **Tier definition (S × W):** the four severity levels map to the IACE **S**
+   (severity) tiers and the eight probability bands map to the IACE **W**
+   (frequency/probability) tiers, giving a defensible, openly-licensed scale.
+2. **Risk lookup:** Table 3 anchors the severity×probability → risk-level lookup
+   in `risk_estimation.go`; the four outputs (Serious/High/Medium/Low) align the
+   IACE risk categories with the EU Safety Gate scale.
+3. **Population escalation:** Table 4 provides the pattern for scaling
+   single-instance risk by exposure/population where IACE has fleet/installed-base
+   counts.
+4. **Uncertainty:** PRISM's low/medium/high uncertainty + sensitivity-analysis
+   step backs the IACE confidence flag on each estimate.
+
+No DIN/EN/ISO/IEC risk-graph, decision tree or SIL/PL table is reproduced; the
+matrix above is the OGL-v3 PRISM/Safety-Gate matrix only.