feat(iace): integrate ISO 12100 machine risk model with 4-factor assessment

Add dual-mode risk engine: legacy S×E×P (avoidance=0) and ISO mode S×F×P×A
(avoidance>=1) with new thresholds (low/medium/high/very_high/not_acceptable).

- 150+ hazard library entries across 28 categories incl. physical hazards
  (mechanical, electrical, thermal, pneumatic/hydraulic, noise/vibration,
  ergonomic, material/environmental)
- 160-entry protective measures library with 3-step hierarchy validation
  (design → protective → information)
- 25 lifecycle phases, 20 affected person roles, 50 evidence types
- 10 verification methods (expanded from 7)
- New API endpoints: lifecycle-phases, roles, evidence-types,
  protective-measures-library, validate-mitigation-hierarchy
- DB migrations 018+019 for extended schema
- Frontend: 4-slider risk assessment, hierarchy warnings, measures library modal
- MkDocs wiki updated with ISO mode docs and legal notice (no norm text)

All content uses original wording — norms referenced as methodology only.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

ai-compliance-sdk/migrations/018_iace_iso12100.sql

@@ -0,0 +1,58 @@
+-- Migration 018: ISO 12100 Machine Risk Model Extension for IACE
+-- Adds lifecycle phases, extended hazard fields, and protective measures metadata.
+
+-- ============================================================================
+-- 1. Extend iace_hazards with ISO 12100 fields
+-- ============================================================================
+
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS machine_module TEXT DEFAULT '';
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS function TEXT DEFAULT '';
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS lifecycle_phase TEXT DEFAULT '';
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS hazardous_zone TEXT DEFAULT '';
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS trigger_event TEXT DEFAULT '';
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS affected_person TEXT DEFAULT '';
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS possible_harm TEXT DEFAULT '';
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS sub_category TEXT DEFAULT '';
+ALTER TABLE iace_hazards ADD COLUMN IF NOT EXISTS review_status TEXT DEFAULT 'draft';
+
+-- ============================================================================
+-- 2. Extend iace_hazard_library with ISO 12100 metadata
+-- ============================================================================
+
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS sub_category TEXT DEFAULT '';
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS default_exposure INT DEFAULT 3;
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS default_avoidance INT DEFAULT 3;
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS typical_causes JSONB DEFAULT '[]';
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS typical_harm TEXT DEFAULT '';
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS relevant_lifecycle_phases JSONB DEFAULT '[]';
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS recommended_measures_design JSONB DEFAULT '[]';
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS recommended_measures_technical JSONB DEFAULT '[]';
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS recommended_measures_information JSONB DEFAULT '[]';
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS suggested_evidence JSONB DEFAULT '[]';
+ALTER TABLE iace_hazard_library ADD COLUMN IF NOT EXISTS related_keywords JSONB DEFAULT '[]';
+
+-- ============================================================================
+-- 3. Reference table: Lifecycle phases (DE/EN labels)
+-- ============================================================================
+
+CREATE TABLE IF NOT EXISTS iace_lifecycle_phases (
+    id TEXT PRIMARY KEY,
+    label_de TEXT NOT NULL,
+    label_en TEXT NOT NULL,
+    sort_order INT NOT NULL DEFAULT 0
+);
+
+INSERT INTO iace_lifecycle_phases (id, label_de, label_en, sort_order) VALUES
+    ('transport', 'Transport', 'Transport', 1),
+    ('assembly', 'Montage', 'Assembly', 2),
+    ('commissioning', 'Inbetriebnahme', 'Commissioning', 3),
+    ('setup_teach', 'Einrichten / Teach', 'Setup / Teach', 4),
+    ('normal_operation', 'Normalbetrieb', 'Normal Operation', 5),
+    ('special_operation', 'Sonderbetrieb', 'Special Operation', 6),
+    ('cleaning', 'Reinigung', 'Cleaning', 7),
+    ('maintenance', 'Wartung', 'Maintenance', 8),
+    ('fault_clearing', 'Stoerungsbeseitigung', 'Fault Clearing', 9),
+    ('changeover', 'Umruestung', 'Changeover', 10),
+    ('decommissioning', 'Ausserbetriebnahme', 'Decommissioning', 11),
+    ('disposal', 'Demontage / Entsorgung', 'Dismantling / Disposal', 12)
+ON CONFLICT (id) DO NOTHING;

ai-compliance-sdk/migrations/019_iace_extended_libraries.sql

@@ -0,0 +1,149 @@
+-- Migration 019: Extended IACE reference libraries
+-- Adds 25 lifecycle phases, 20 roles, 50 evidence types.
+-- All content is original (not derived from normative text).
+
+-- ============================================================================
+-- 1. Expand lifecycle phases from 12 to 25
+-- ============================================================================
+
+INSERT INTO iace_lifecycle_phases (id, label_de, label_en, sort_order) VALUES
+    ('storage', 'Lagerung', 'Storage', 2),
+    ('installation', 'Installation', 'Installation', 4),
+    ('parameterization', 'Parametrierung', 'Parameterization', 6),
+    ('setup', 'Einrichten / Setup', 'Setup', 7),
+    ('automatic_operation', 'Automatikbetrieb', 'Automatic Operation', 9),
+    ('manual_operation', 'Handbetrieb', 'Manual Operation', 10),
+    ('teach_mode', 'Teach-Modus', 'Teach Mode', 11),
+    ('production_start', 'Produktionsstart', 'Production Start', 12),
+    ('production_stop', 'Produktionsstopp', 'Production Stop', 13),
+    ('process_monitoring', 'Prozessueberwachung', 'Process Monitoring', 14),
+    ('inspection', 'Inspektion', 'Inspection', 17),
+    ('calibration', 'Kalibrierung', 'Calibration', 18),
+    ('repair', 'Reparatur', 'Repair', 20),
+    ('software_update', 'Software-Update', 'Software Update', 22),
+    ('remote_maintenance', 'Fernwartung', 'Remote Maintenance', 23)
+ON CONFLICT (id) DO NOTHING;
+
+-- Update sort_order for existing phases to interleave correctly
+UPDATE iace_lifecycle_phases SET sort_order = 1 WHERE id = 'transport';
+UPDATE iace_lifecycle_phases SET sort_order = 3 WHERE id = 'assembly';
+UPDATE iace_lifecycle_phases SET sort_order = 5 WHERE id = 'commissioning';
+UPDATE iace_lifecycle_phases SET sort_order = 8 WHERE id = 'normal_operation';
+UPDATE iace_lifecycle_phases SET sort_order = 15 WHERE id = 'cleaning';
+UPDATE iace_lifecycle_phases SET sort_order = 16 WHERE id = 'maintenance';
+UPDATE iace_lifecycle_phases SET sort_order = 19 WHERE id = 'fault_clearing';
+UPDATE iace_lifecycle_phases SET sort_order = 21 WHERE id = 'changeover';
+UPDATE iace_lifecycle_phases SET sort_order = 24 WHERE id = 'decommissioning';
+UPDATE iace_lifecycle_phases SET sort_order = 25 WHERE id = 'disposal';
+-- Remove old phases that are now replaced by more granular ones
+-- setup_teach is split into 'setup' and 'teach_mode'
+-- special_operation is covered by manual_operation + teach_mode
+DELETE FROM iace_lifecycle_phases WHERE id = 'setup_teach';
+DELETE FROM iace_lifecycle_phases WHERE id = 'special_operation';
+
+-- ============================================================================
+-- 2. Roles / affected person groups (20)
+-- ============================================================================
+
+CREATE TABLE IF NOT EXISTS iace_roles (
+    id TEXT PRIMARY KEY,
+    label_de TEXT NOT NULL,
+    label_en TEXT NOT NULL,
+    sort_order INT NOT NULL DEFAULT 0
+);
+
+INSERT INTO iace_roles (id, label_de, label_en, sort_order) VALUES
+    ('operator', 'Maschinenbediener', 'Machine Operator', 1),
+    ('setter', 'Einrichter', 'Setter', 2),
+    ('maintenance_tech', 'Wartungstechniker', 'Maintenance Technician', 3),
+    ('service_tech', 'Servicetechniker', 'Service Technician', 4),
+    ('cleaning_staff', 'Reinigungspersonal', 'Cleaning Staff', 5),
+    ('production_manager', 'Produktionsleiter', 'Production Manager', 6),
+    ('safety_officer', 'Sicherheitsbeauftragter', 'Safety Officer', 7),
+    ('electrician', 'Elektriker', 'Electrician', 8),
+    ('software_engineer', 'Softwareingenieur', 'Software Engineer', 9),
+    ('maintenance_manager', 'Instandhaltungsleiter', 'Maintenance Manager', 10),
+    ('plant_operator', 'Anlagenfahrer', 'Plant Operator', 11),
+    ('qa_inspector', 'Qualitaetssicherung', 'Quality Assurance', 12),
+    ('logistics_staff', 'Logistikpersonal', 'Logistics Staff', 13),
+    ('subcontractor', 'Fremdfirma / Subunternehmer', 'Subcontractor', 14),
+    ('visitor', 'Besucher', 'Visitor', 15),
+    ('auditor', 'Auditor', 'Auditor', 16),
+    ('it_admin', 'IT-Administrator', 'IT Administrator', 17),
+    ('remote_service', 'Fernwartungsdienst', 'Remote Service', 18),
+    ('plant_owner', 'Betreiber', 'Plant Owner / Operator', 19),
+    ('emergency_responder', 'Notfallpersonal', 'Emergency Responder', 20)
+ON CONFLICT (id) DO NOTHING;
+
+-- ============================================================================
+-- 3. Evidence types (50)
+-- ============================================================================
+
+CREATE TABLE IF NOT EXISTS iace_evidence_types (
+    id TEXT PRIMARY KEY,
+    category TEXT NOT NULL,
+    label_de TEXT NOT NULL,
+    label_en TEXT NOT NULL,
+    sort_order INT NOT NULL DEFAULT 0
+);
+
+INSERT INTO iace_evidence_types (id, category, label_de, label_en, sort_order) VALUES
+    -- Engineering evidence
+    ('E01', 'engineering', 'Konstruktionsreview', 'Design Review', 1),
+    ('E02', 'engineering', 'Sicherheitskonzept', 'Safety Concept', 2),
+    ('E03', 'engineering', 'Gefaehrdungsanalyse', 'Hazard Analysis', 3),
+    ('E04', 'engineering', 'Berechnung Sicherheitsabstand', 'Safety Distance Calculation', 4),
+    ('E05', 'engineering', 'Festigkeitsnachweis', 'Strength Verification', 5),
+    ('E06', 'engineering', 'Risikoanalysebericht', 'Risk Analysis Report', 6),
+    ('E07', 'engineering', 'Architekturdiagramm', 'Architecture Diagram', 7),
+    ('E08', 'engineering', 'Software-Designreview', 'Software Design Review', 8),
+    ('E09', 'engineering', 'Code Review', 'Code Review', 9),
+    ('E10', 'engineering', 'Sicherheitsanforderungsdokument', 'Safety Requirements Document', 10),
+    -- Test evidence
+    ('E11', 'test', 'Funktionstest', 'Functional Test', 11),
+    ('E12', 'test', 'Integrationstest', 'Integration Test', 12),
+    ('E13', 'test', 'Systemtest', 'System Test', 13),
+    ('E14', 'test', 'Sicherheitsfunktionstest', 'Safety Function Test', 14),
+    ('E15', 'test', 'Not-Halt Test', 'Emergency Stop Test', 15),
+    ('E16', 'test', 'Verriegelungstest', 'Interlock Test', 16),
+    ('E17', 'test', 'Fault Injection Test', 'Fault Injection Test', 17),
+    ('E18', 'test', 'Simulationstest', 'Simulation Test', 18),
+    ('E19', 'test', 'Lasttest', 'Load Test', 19),
+    ('E20', 'test', 'Stresstest', 'Stress Test', 20),
+    -- Electrical testing
+    ('E21', 'electrical', 'Schutzleiterpruefung', 'Protective Conductor Test', 21),
+    ('E22', 'electrical', 'Isolationsmessung', 'Insulation Measurement', 22),
+    ('E23', 'electrical', 'Hochspannungspruefung', 'High Voltage Test', 23),
+    ('E24', 'electrical', 'Kurzschlusspruefung', 'Short Circuit Test', 24),
+    ('E25', 'electrical', 'Erdungsmessung', 'Grounding Measurement', 25),
+    -- Cyber / Software
+    ('E26', 'cyber', 'Penetration Test', 'Penetration Test', 26),
+    ('E27', 'cyber', 'Vulnerability Scan', 'Vulnerability Scan', 27),
+    ('E28', 'cyber', 'SBOM Pruefung', 'SBOM Review', 28),
+    ('E29', 'cyber', 'Dependency Scan', 'Dependency Scan', 29),
+    ('E30', 'cyber', 'Update-Signaturpruefung', 'Update Signature Verification', 30),
+    -- Documentation evidence
+    ('E31', 'documentation', 'Betriebsanleitung', 'Operating Manual', 31),
+    ('E32', 'documentation', 'Wartungsanleitung', 'Maintenance Manual', 32),
+    ('E33', 'documentation', 'Sicherheitsanweisung', 'Safety Instruction', 33),
+    ('E34', 'documentation', 'Schulungsnachweis', 'Training Record', 34),
+    ('E35', 'documentation', 'Risikoabnahmeprotokoll', 'Risk Acceptance Protocol', 35),
+    -- Process evidence
+    ('E36', 'process', 'Freigabedokument', 'Release Document', 36),
+    ('E37', 'process', 'Aenderungsprotokoll', 'Change Protocol', 37),
+    ('E38', 'process', 'Auditbericht', 'Audit Report', 38),
+    ('E39', 'process', 'Abnahmeprotokoll', 'Acceptance Protocol', 39),
+    ('E40', 'process', 'Pruefprotokoll', 'Test Protocol', 40),
+    -- Operational evidence
+    ('E41', 'operational', 'Monitoring-Logs', 'Monitoring Logs', 41),
+    ('E42', 'operational', 'Ereignisprotokolle', 'Event Logs', 42),
+    ('E43', 'operational', 'Alarmberichte', 'Alarm Reports', 43),
+    ('E44', 'operational', 'Incident-Report', 'Incident Report', 44),
+    ('E45', 'operational', 'Wartungsbericht', 'Maintenance Report', 45),
+    -- Extended evidence
+    ('E46', 'extended', 'Redundanzpruefung', 'Redundancy Verification', 46),
+    ('E47', 'extended', 'Sicherheitsvalidierung', 'Safety Validation', 47),
+    ('E48', 'extended', 'Cyber-Security-Audit', 'Cyber Security Audit', 48),
+    ('E49', 'extended', 'Konfigurationspruefung', 'Configuration Review', 49),
+    ('E50', 'extended', 'Endabnahmebericht', 'Final Acceptance Report', 50)
+ON CONFLICT (id) DO NOTHING;