16fd406c1a203980c75c8ba644753b5230438b0e
6 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Benjamin Admin
|
16fd406c1a |
feat(iace): secondary-harm chain model + AllPatterns drift fix
Task #17 — Folgegefahren-Modell as Vorbereitungs-Commit (no DB schema change yet; persistence via separate [migration-approved] commit). New: - secondary_harms.go: SecondaryHarm struct + six canonical categories (consumer_safety, product_liability, food_safety, environmental, reputation, financial) with DE labels. - hazard_pattern_types.go: HazardPattern extended with optional SecondaryHarms field — pattern library can now attach consequential- damage chains. - hazard_patterns_secondary_demo.go: two worked examples - HP2000 Glasbruch carbonated bottling (the "Cola splitter" scenario from the IACE strategy discussion) with consumer_safety + food_safety + reputation chains - HP2001 Pharma fill-finish cross-contamination with consumer_safety + product_liability under AMG §84 Bonus fix: - compliance_crossover.go AllPatterns() was a duplicate enumeration that silently drifted from collectAllPatterns() in pattern_registry.go. Pre-fix: 1058 patterns visible. Post-fix: 1213 patterns. The 155 invisible patterns included CRA, ISO12100 gaps, robot-cell, CNC extended, VDMA, textile-agri, GT-bremse — anything added after the original AllPatterns was authored. Audit-Suite (cmd/iace-audit) now sees the full set. Next steps for full secondary-harm rollout: - DB migration: hazards table + secondary_harms array column - API: surface secondary_harms in /projects/:id/hazards response - Frontend: collapsible Folgegefahren-Panel in HazardTable |
||
|
Benjamin Admin
|
4a5924b8c4 |
feat(iace): CRA / DIN EN 40000-1-2 cyber-resilience spur
[guardrail-change]
Phase 18 adds an EU Cyber Resilience Act compliance track to IACE:
the engine now fires patterns that surface the manufacturer-side CRA
obligations whenever a project's components carry digital elements.
Patterns (HP1910-HP1918, hazard_patterns_cra.go):
HP1910 Missing SBOM
HP1911 Unsigned firmware/software updates
HP1912 Factory-default credentials still active
HP1913 No coordinated vulnerability disclosure (CVD) policy
HP1914 No documented security patch SLA
HP1915 Missing user-facing hardening guide
HP1916 No incident-notification process to ENISA / CSIRT
HP1917 No security assessment prior to placing on market
HP1918 AI component without cybersecurity risk assessment
Each pattern carries ClarificationQuestionsDE so the operator gets
auditor-grade questions to take back to the Anlagenbauer instead of
the engine inventing prose. PatternMatch carries DefaultAvoidability
(P=1 for all CRA patterns), feeding the PLr graph from Phase 17.
Measures (M540-M548, measures_library_cra.go):
M540 SBOM (SPDX or CycloneDX) with each machine release
M541 Signed updates with rollback protection
M542 Forced default-password change at first boot
M543 Published CVD policy (security.txt / PSIRT)
M544 Documented patch SLA with CVSS-tier response times
M545 User-facing hardening guide in the machine docs
M546 ENISA incident-notification process (24h/72h/14d)
M547 Authenticated update channel + integrity check
M548 Pre-market security assessment / pen-test
The library is urheberrechtlich neutral: identifiers only
(Verordnung (EU) 2024/2847, DIN EN 40000-1-2 Entwurf, IEC 62443,
ETSI EN 303 645, ISO/IEC 5962, ISO/IEC 29147). No normative text
is reproduced — DIN/Beuth proprietary content is referenced by
section number only.
Category-compatibility:
cyber_resilience pattern category accepts measures with
HazardCategory cyber_resilience, cyber_network, or
software_control. Updated in both the runtime helper
(iace_handler_init_helpers.go) and its test-mirror
(pattern_coverage_test.go) — both must move in lockstep.
Frontend (clarifications page):
When at least one clarification references "2024/2847" or
"40000-1-2" in its norm_references, a blue info-banner is
rendered at the top of the page:
"Cyber Resilience Act (CRA) — Hinweis zur Geltung
Diese Klärungsliste enthält Fragen zur Verordnung (EU)
2024/2847 (CRA). Die CRA gilt für Produkte mit digitalen
Elementen, die ab dem 11.12.2027 auf dem EU-Markt bereit-
gestellt werden. ..."
Reminds the user that the CRA pflichten are forward-looking
while still allowing the manufacturer to bake them in now.
LOC exceptions:
Added three pre-existing files to .claude/rules/loc-exceptions.txt
(manufacturer_safety_features.go, iace_handler_clarifications.go,
routes.go). All three grew across Phases 16-17 and are tagged as
Phase 5+ refactor backlog. [guardrail-change] marker required.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
71d31c914b |
feat(iace): ISO 12100 Anhang B mapping — split noise/vibration + section identifier
Phase 16 of the Klaerungen / risk-assessment polish. Sources from
EN ISO 12100 Anhang B Tabelle B.1 are now first-class:
A) HazardPattern.ISO12100Section identifier (string), persisted only as
the section number (e.g. "6.3.5.5") — not the norm text. Keeps the
library urheberrechtlich neutral (DIN/Beuth license). 57 patterns
labeled today; rest will follow on touch.
B) Category split per ISO 12100 Nr. 4 vs Nr. 5:
- 16 patterns reclassified noise_vibration -> noise_hazard
- 7 patterns reclassified noise_vibration -> vibration_hazard
- 1 pattern (HP228 UV-/Laermexposition) kept multi-cat
acceptableMeasureCategories now accepts both new aliases plus the
legacy noise_vibration. Coverage test recognises both as valid.
C) 5 new ISO-12100-Annex-B gap patterns (HP1900-HP1904):
- HP1900 Vakuum-Verletzung (6.3.5.5)
- HP1901 Federenergie / elastische Elemente (6.2.10)
- HP1902 Rutschen/Stolpern auf rauer Oberflaeche (6.3.5.6)
- HP1903 Hochdruckinjektion (6.3.5.4) — includes clarifying
"no hand-locating of leaks" question
- HP1904 Ersticken durch Brustkorbquetschung (6.3.5.2)
The library now mirrors the ISO 12100 Annex B structure for the gaps
the Bremse benchmark surfaced.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
4d1e0a7f8e |
feat(iace): GT-Bremse coverage — 59 expert measures + 7 hazard patterns
Systematic gap analysis of the Bremse ground-truth file (60 entries,
100 unique expert measures) revealed only ~5% library coverage. This
commit closes the documented gaps with concrete, norm-anchored
mitigations.
Library additions (M481-M539, 59 entries):
- M481-M482 Low-voltage isolation (>= 2,0 / 2x1,0 / 1,0 MOhm +
IP2X/IPXXB per EN 60204-1 Ziff. 6.2/8.2.3) — primary
trigger of this work
- M483-M485 Pneumatic safety (component pressure rating, hose
retention, depressurization per EN ISO 4414)
- M486-M490 Robot-cell access (tool-secured fence, dual-channel
door monitor, intentional restart, anti-trap inside
opening, HMI sight line per ISO 10218-2)
- M491-M493 Teach mode (key/password mode selector, safe reduced
speed <= 250 mm/s, hold-to-run with 3-stage enabler
per ISO 10218-1)
- M494-M500 Geometry constants (Safe Limited Position, reach-over
250 mm @ 2250 mm fence, conveyor opening >= 850 mm,
25 mm finger gap, band speed <= 100 mm/s per
EN ISO 13857 / EN 619)
- M501-M507 Enclosure load rating, gripper fail-safe, centring
gripper stop on door, MWF nozzle integration, floor
load capacity per DIN 1055-3
- M508-M517 Electrical cabling + PE protection (environment-rated,
drag chain, strain relief, 10 mm² Cu PE, dual PE,
monitoring, continuity check, class-II equipment,
SELV/PELV per EN 60204-1)
- M518-M522 RCD, cable cross-section, overcurrent in each active
conductor, IP22 water ingress, lockable main switch
- M523-M539 Teach-locked door, WZM door interlock, dual-channel
door switch, machining-doors-closed for aerosol
retention, post-NOTHALT release, >25 kg lifting aid
(DGUV 208-016), 95-120 cm control height, ergonomic
conveyor height, SDS/PSA reference, BA instructions
for depressurization/clamp release/max weight/pinch
warning/slip warning/dead-state cleaning
New hazard patterns (HP1710-HP1717):
floor overload, gripper failure throw, compressed-air injury in
machining cell, manual handling load + awkward posture, MWF skin
contact, live-cabinet cleaning short, pneumatic stored-energy.
Existing patterns rewired to the new measures: HP1600, HP1602-1606,
HP1610-1612, HP1620-1622, HP1630/1631/1633, HP1640/1641, HP1660/1661,
HP1675, HP1685, HP1688, HP1689, HP1698-1704.
Tooling:
- scripts/gt_measure_gap_analysis.py: 4-signal fuzzy matcher
(Jaccard, token recall, substring containment, norm-reference
overlap). Outputs markdown + JSON.
- gt_coverage_test.go: 23 expert-validated (GT-Nr, pattern, measure)
triples + a norm-reference presence test for every new expert
measure (no generic 'do X safely' entries allowed).
- .gitea/workflows/ci.yaml: new iace-gt-coverage job enforces
MIN_COVERAGE_PCT (70%) on Strong+Weak GT coverage; never lower
without explicit decision.
Coverage shift: 5% Strong -> 30% Strong, 0% -> 72% Strong+Weak.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|
Benjamin Admin
|
935c9205b9 |
feat(iace): 25 new robot cell patterns (HP1650-HP1697) + matcher fix
New patterns from GT benchmark gap analysis: - HP1650-1655: Robot arm motion limit, restart safety, tool/workpiece crushing, workpiece penetrates fence, reaching over fence - HP1660-1661: Centering gripper crushing (outside/inside cell) - HP1665-1666: Machine tool loading door, machining workspace - HP1670-1671: Coolant splash eyes, compressed air injury - HP1675: Coolant hose burst/detachment - HP1680: Workpiece/tunnel crushing at conveyor - HP1685-1689: Indirect contact, cabinet contact, liquid ingress fire, potential differences, RCD socket protection - HP1690-1691: Ergonomic loading/control position - HP1695: Burns from hot workpieces - HP1697: Machine collapse through floor Matcher: keyword overlap penalty — matches without shared hazard-type keywords AND low zone score get 0.5x penalty to prevent false matches. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Benjamin Admin
|
eac42d4154 |
feat(iace): robot cell hazard patterns HP1600-HP1649 + engine split
Build + Deploy / build-admin-compliance (push) Successful in 1m59s
Build + Deploy / build-backend-compliance (push) Successful in 3m19s
Build + Deploy / build-ai-sdk (push) Successful in 52s
Build + Deploy / build-developer-portal (push) Successful in 1m11s
Build + Deploy / build-tts (push) Successful in 1m32s
Build + Deploy / build-document-crawler (push) Successful in 40s
Build + Deploy / build-dsms-gateway (push) Successful in 25s
Build + Deploy / build-dsms-node (push) Successful in 15s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 17s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m43s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Failing after 51s
CI / test-python-backend (push) Successful in 37s
CI / test-python-document-crawler (push) Successful in 24s
CI / test-python-dsms-gateway (push) Successful in 21s
CI / validate-canonical-controls (push) Successful in 13s
Build + Deploy / trigger-orca (push) Successful in 3m25s
20 new patterns for robot cells (ISO 10218-2): arm crushing, teach mode, fence reach-through, gripper crush, workpiece drop/ejection, conveyor hazards, pneumatic pressure, KSS contact/aerosol, electrical contact. Split pattern_registry.go from pattern_engine.go (507->474 lines). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |