Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(cra): readiness derives obligations from Machinery Reg 2023/1230 too

Browse Source 
Machine/plant builders are hit by BOTH the CRA and the new Machinery Regulation.
New machinery_reg_cyber.py models its two well-corroborated Annex III cyber-with-
safety essential requirements (1.1.9 protection against corruption, 1.2.1 control-
system safety incl. foreseeable manipulation) in our own words; EU legal text is
freely reusable (Commission Decision 2011/833/EU, source acknowledged), harmonised
standards referenced by identifier only. The readiness check asks "is it
machinery?" and, if so, adds these obligations tagged "Maschinen-VO" alongside the
CRA ones — the combination is visible (regulations list + per-item source badge).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-06-14 14:26:08 +02:00
parent 2da3e5fdbb
commit b0f78ae9a3
4 changed files with 89 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend-compliance/tests/test_cra_readiness.py
+10
View File
@@ -29,3 +29,13 @@ def test_no_digital_element_not_in_scope():
assert d["in_scope"] is False
assert d["classification"] == "NOT_IN_SCOPE"
assert d["counts"]["code"] == 0
def test_machinery_adds_tagged_machinery_reg_obligations():
d = client.post("/api/v1/cra/readiness", json={
"intended_use": "App fuer Industrieanlagen", "connected_to_internet": True, "is_machinery": True}).json()
assert "Maschinen-VO 2023/1230" in d["regulations"]
items = d["guideline"]["code"] + d["guideline"]["process"] + d["guideline"]["document"]
assert any(it["source"] == "Maschinen-VO" for it in items)
assert any(it["req_id"] == "MR-1.1.9" for it in items)
assert any(it["source"] == "CRA" for it in items)