Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b5b6cdddb36004323af78d223de2f5725ace027c
breakpilot-compliance/backend-compliance/knowledge/programs/automotive.yaml
T
Benjamin Admin 1a9439d013 feat(programs): open Domain Knowledge Program v1 — 7-stage production line + per-domain KPI 
The real bottleneck is domain MODELLING. Phase B is organized as one program with sub-programs per
domain, each run through the SAME 7-stage production line. No new runtime framework, no new module
(ADR-009, Freeze v1.0) — only program data + a derived reporting view.

- Customer enters by INDUSTRY, not regulation: Industry -> Domain Model -> Requirement Sources ->
  Requirements -> Capabilities -> ... -> Completeness.
- 7-stage checklist identical for every domain (Domain Model / Requirement Sources / Capability
  Registry / Transition Patterns / Playbooks / Reference Scenarios / Completeness) with per-stage
  ownership. README generalized to the framework.
- Each domain lists typical_requirement_sources + typical_certifications -> pre-onboarding capability
  HYPOTHESIS (the ETO insight; feeds Company 2A as inferred, never confirmed).
- Backlog v1 (by customer value): 1 Industrial Automation, 2 Environmental, 3 Automotive, 4 Medical,
  5 Energy. Five domain-definition shells (environmental restructured to the unified shape, law-first
  preserved).
- Per-domain KPI is DERIVED from the real corpus (computed-not-stored; sources modelled / transition
  patterns / playbooks / reference scenarios), NOT a curated number. Reference suite renders maturity
  bars: Industrial Automation 43% (3/7 sources) leads, Environmental 0% (work ahead). Backlog (value)
  and KPI (corpus state) are deliberately separated.
- ADR-009: Domain Knowledge Program framework. Honest known refinement: regulation-ID normalization
  (CRA vs Cyber Resilience Act) aliased in the KPI.

7 program-contract tests (backlog order + industry-first + derived-not-stored), check-loc 0.
Knowledge data + ADR + reference harness = non-runtime -> no deploy (ADR-001).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-27 18:49:06 +02:00

20 lines
985 B
YAML
Raw Blame History

# Domain Knowledge Program — Automotive (backlog rank 3). A domain DEFINITION, not corpus content.
# 7-stage progress is DERIVED from the corpus (computed-not-stored). See programs/README.md.
id: PROG-automotive
name: "Automotive Domain"
industry: "Automobilzulieferer, OEM-Zulieferkette"
customer_entry: "Ich bin Automobilzulieferer."
backlog_rank: 3
rationale: "großer Markt; OEM-Lastenhefte = früher Business-Requirement-Anwendungsfall."
status: planned
typical_requirement_sources: [IATF16949, TISAX, "UNECE R155", "UNECE R156", ASPICE, OEM_Lastenheft]
typical_certifications: [ISO9001, IATF16949, TISAX, ISO27001]
ownership: "Stufe 1 Reasoning · 2 Legal-KG · 3 Execution · 4-7 Reasoning"
note: >
ISMS→TISAX-Transition-Pattern existiert bereits (Vorarbeit). UNECE R155 (Cybersecurity Management
System) ↔ CRA = quellenübergreifender Convergence-Kandidat. OEM-Lastenheft = erster Business
Requirement (siehe Vision V2 / Requirements Verification, NICHT jetzt).
Reference in New Issue View Git Blame Copy Permalink