feat(iace): integrate ISO 12100 machine risk model with 4-factor assessment

Add dual-mode risk engine: legacy S×E×P (avoidance=0) and ISO mode S×F×P×A (avoidance>=1) with new thresholds (low/medium/high/very_high/not_acceptable). - 150+ hazard library entries across 28 categories incl. physical hazards (mechanical, electrical, thermal, pneumatic/hydraulic, noise/vibration, ergonomic, material/environmental) - 160-entry protective measures library with 3-step hierarchy validation (design → protective → information) - 25 lifecycle phases, 20 affected person roles, 50 evidence types - 10 verification methods (expanded from 7) - New API endpoints: lifecycle-phases, roles, evidence-types, protective-measures-library, validate-mitigation-hierarchy - DB migrations 018+019 for extended schema - Frontend: 4-slider risk assessment, hierarchy warnings, measures library modal - MkDocs wiki updated with ISO mode docs and legal notice (no norm text) All content uses original wording — norms referenced as methodology only. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-15 23:13:41 +01:00
parent c8fd9cc780
commit c7651796c9
15 changed files with 3708 additions and 479 deletions
--- a/ai-compliance-sdk/cmd/server/main.go
+++ b/ai-compliance-sdk/cmd/server/main.go
@@ -524,6 +524,11 @@ func main() {
 			iaceRoutes.GET("/hazard-library", iaceHandler.ListHazardLibrary)
 			// Controls Library (project-independent)
 			iaceRoutes.GET("/controls-library", iaceHandler.ListControlsLibrary)
+			// ISO 12100 reference data (project-independent)
+			iaceRoutes.GET("/lifecycle-phases", iaceHandler.ListLifecyclePhases)
+			iaceRoutes.GET("/roles", iaceHandler.ListRoles)
+			iaceRoutes.GET("/evidence-types", iaceHandler.ListEvidenceTypes)
+			iaceRoutes.GET("/protective-measures-library", iaceHandler.ListProtectiveMeasures)

 			// Project Management
 			iaceRoutes.POST("/projects", iaceHandler.CreateProject)
@@ -562,6 +567,7 @@ func main() {
 			iaceRoutes.POST("/projects/:id/hazards/:hid/mitigations", iaceHandler.CreateMitigation)
 			iaceRoutes.PUT("/mitigations/:mid", iaceHandler.UpdateMitigation)
 			iaceRoutes.POST("/mitigations/:mid/verify", iaceHandler.VerifyMitigation)
+			iaceRoutes.POST("/projects/:id/validate-mitigation-hierarchy", iaceHandler.ValidateMitigationHierarchy)

 			// Evidence
 			iaceRoutes.POST("/projects/:id/evidence", iaceHandler.UploadEvidence)