825e070ed9
Some checks failed
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been skipped
CI/CD / test-go-ai-compliance (push) Failing after 47s
CI/CD / test-python-backend-compliance (push) Successful in 33s
CI/CD / test-python-document-crawler (push) Successful in 24s
CI/CD / test-python-dsms-gateway (push) Successful in 18s
CI/CD / validate-canonical-controls (push) Successful in 11s
CI/CD / Deploy (push) Has been skipped
Implements the full Multi-Layer Control Architecture for migrating ~25,000 Rich Controls into atomic, deduplicated Master Controls with full traceability. Architecture: Legal Source → Obligation → Control Pattern → Master Control → Customer Instance New services: - ObligationExtractor: 3-tier extraction (exact → embedding → LLM) - PatternMatcher: 2-tier matching (keyword + embedding + domain-bonus) - ControlComposer: Pattern + Obligation → Master Control - PipelineAdapter: Pipeline integration + Migration Passes 1-5 - DecompositionPass: Pass 0a/0b — Rich Control → atomic Controls - CrosswalkRoutes: 15 API endpoints under /v1/canonical/ New DB schema: - Migration 060: obligation_extractions, control_patterns, crosswalk_matrix - Migration 061: obligation_candidates, parent_control_uuid tracking Pattern Library: 50 YAML patterns (30 core + 20 IT-security) Go SDK: Pattern loader with YAML validation and indexing Documentation: MkDocs updated with full architecture overview 500 Python tests passing across all components. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
129 lines
4.0 KiB
JSON
129 lines
4.0 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "https://breakpilot.ai/schemas/control-pattern-v1",
|
|
"title": "Control Pattern Schema",
|
|
"description": "Schema for YAML control pattern definitions. Pattern ID format: CP-{DOMAIN}-{NNN}",
|
|
"type": "object",
|
|
"required": ["version", "patterns"],
|
|
"properties": {
|
|
"version": {
|
|
"type": "string",
|
|
"pattern": "^[0-9]+\\.[0-9]+$"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"patterns": {
|
|
"type": "array",
|
|
"items": { "$ref": "#/$defs/ControlPattern" },
|
|
"minItems": 1
|
|
}
|
|
},
|
|
"$defs": {
|
|
"ControlPattern": {
|
|
"type": "object",
|
|
"required": [
|
|
"id", "name", "name_de", "domain", "category", "description",
|
|
"objective_template", "rationale_template", "requirements_template",
|
|
"test_procedure_template", "evidence_template", "severity_default",
|
|
"obligation_match_keywords", "tags"
|
|
],
|
|
"properties": {
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^CP-[A-Z]+-[0-9]{3}$",
|
|
"description": "Unique pattern ID. Format: CP-{DOMAIN}-{NNN}"
|
|
},
|
|
"name": {
|
|
"type": "string",
|
|
"pattern": "^[a-z][a-z0-9_]*$",
|
|
"description": "Machine-readable name (snake_case)"
|
|
},
|
|
"name_de": {
|
|
"type": "string",
|
|
"description": "Human-readable German name"
|
|
},
|
|
"domain": {
|
|
"type": "string",
|
|
"enum": ["AUTH", "CRYP", "NET", "DATA", "LOG", "ACC", "SEC", "INC", "AI", "COMP", "GOV", "LAB", "FIN", "TRD", "ENV", "HLT"],
|
|
"description": "Domain code matching DOMAIN_KEYWORDS in control_generator.py"
|
|
},
|
|
"category": {
|
|
"type": "string",
|
|
"description": "Functional category (e.g. authentication, encryption, incident)"
|
|
},
|
|
"description": {
|
|
"type": "string",
|
|
"minLength": 20,
|
|
"description": "Brief description of what this pattern covers"
|
|
},
|
|
"objective_template": {
|
|
"type": "string",
|
|
"minLength": 20,
|
|
"description": "Template for the control objective. May contain {placeholders}."
|
|
},
|
|
"rationale_template": {
|
|
"type": "string",
|
|
"minLength": 20,
|
|
"description": "Template explaining why this control matters."
|
|
},
|
|
"requirements_template": {
|
|
"type": "array",
|
|
"items": { "type": "string" },
|
|
"minItems": 2,
|
|
"description": "Template requirements. May contain {placeholder:default} syntax."
|
|
},
|
|
"test_procedure_template": {
|
|
"type": "array",
|
|
"items": { "type": "string" },
|
|
"minItems": 1
|
|
},
|
|
"evidence_template": {
|
|
"type": "array",
|
|
"items": { "type": "string" },
|
|
"minItems": 1
|
|
},
|
|
"severity_default": {
|
|
"type": "string",
|
|
"enum": ["low", "medium", "high", "critical"]
|
|
},
|
|
"implementation_effort_default": {
|
|
"type": "string",
|
|
"enum": ["s", "m", "l", "xl"]
|
|
},
|
|
"open_anchor_refs": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"required": ["framework", "ref"],
|
|
"properties": {
|
|
"framework": { "type": "string" },
|
|
"ref": { "type": "string" }
|
|
}
|
|
}
|
|
},
|
|
"obligation_match_keywords": {
|
|
"type": "array",
|
|
"items": { "type": "string" },
|
|
"minItems": 3,
|
|
"description": "Keywords for matching obligations to this pattern (de + en)"
|
|
},
|
|
"tags": {
|
|
"type": "array",
|
|
"items": { "type": "string" },
|
|
"minItems": 1
|
|
},
|
|
"composable_with": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^CP-[A-Z]+-[0-9]{3}$"
|
|
},
|
|
"description": "Pattern IDs that combine well with this one"
|
|
}
|
|
},
|
|
"additionalProperties": false
|
|
}
|
|
}
|
|
}
|