Benjamin Admin
fbbd0957bd
First NON-cyber stress test. Every prior journey was cyber (infosec/software/product security).
Environmental brings a completely different mental model (substance flows, emissions, water,
chemicals, energy, circularity). The claim under test: RS-005 carries it UNCHANGED — only new DATA,
zero runtime code.
ISO 14001 (an EMS) is modelled as a Company Profile and run through the SAME engines as ISO 27001 ->
CRA (new pattern transition_pattern_iso14001_to_environmental_v1.yaml, capabilities as VERBS):
- ISO 14001 yields 5 environmental MANAGEMENT capabilities (Welt-1, probably present)
- the concrete substance/emission/water/material EVIDENCE is the 11-capability delta
- rejected_assumptions state what ISO 14001 does NOT produce (substance lists, REACH, emissions,
battery passports, water analyses) — preserving the Welt-1/Welt-2 separation
- the Journey Matcher stays domain-agnostic: ISO14001->Environmental 100%, cyber journeys 0%
Result: a non-cyber domain ran through Reality -> ... -> Journey with 0 new runtime classes and 0
new pipeline — a stronger generality proof than ten more cyber regulations.
Also extends the Architecture Stability ledger with the third KPI column the user requested — "new
capability types" — as a granularity Frühindikator (a domain needing ~80 new types at 0 runtime would
flag a too-coarse/too-fine capability model). Environmental = 16 types (5 mgmt + 11 evidence), in
range. Ledger now flags cyber vs non_cyber family. Non-runtime -> no deploy. 19 tests pass, check-loc 0.
65 lines
2.3 KiB
Python
65 lines
2.3 KiB
Python
"""Environmental stress test — does the architecture work OUTSIDE cyber? (Phase Ω)
|
|
|
|
Pins the first NON-cyber generality proof: ISO 14001 (an EMS, as a Company Profile) runs through the
|
|
SAME RS-005 engine + Journey Matcher used for ISO 27001 -> CRA, with only new DATA (a pattern YAML +
|
|
injected Required caps) and zero runtime code. ISO 14001 yields environmental MANAGEMENT capabilities
|
|
(Welt-1); the concrete substance/emission/water/material evidence is the delta; rejected_assumptions
|
|
state what ISO 14001 does NOT produce; and the Journey Matcher stays domain-agnostic (cyber journeys 0%).
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
import os
|
|
import subprocess
|
|
import sys
|
|
|
|
|
|
def _run():
|
|
root = os.path.join(os.path.dirname(__file__), "..")
|
|
r = subprocess.run(
|
|
[sys.executable, "reference_scenarios/environmental_stress_test.py"],
|
|
cwd=root, env={**os.environ, "PYTHONPATH": "."}, capture_output=True, text=True,
|
|
)
|
|
assert r.returncode == 0, r.stderr
|
|
return r.stdout
|
|
|
|
|
|
def test_runs_end_to_end_outside_cyber():
|
|
out = _run()
|
|
assert "AUSSERHALB von Cyber" in out
|
|
assert "keine Zeile neuer Runtime-Code" in out
|
|
|
|
|
|
def test_iso14001_is_management_not_evidence():
|
|
out = _run()
|
|
# 5 management capabilities probably present, 11 concrete-evidence capabilities missing
|
|
assert "5 vermutlich vorhanden, 11 fehlt" in out
|
|
assert "manage_chemical_substances" in out # a verb capability
|
|
|
|
|
|
def test_rejected_assumptions_preserve_welt1_welt2():
|
|
out = _run()
|
|
assert "rejected_assumptions" in out
|
|
assert "ISO 14001 does NOT produce concrete substance lists or REACH registrations." in out
|
|
assert "Welt-1/Welt-2-Trennung bleibt erhalten" in out
|
|
|
|
|
|
def test_journey_matcher_stays_domain_agnostic():
|
|
out = _run()
|
|
# the environmental journey explains the delta; cyber journeys explain 0%
|
|
assert "| ISO14001 -> Environmental | 100% |" in out
|
|
assert "| ISMS -> TISAX | 0% |" in out
|
|
assert "| ISO27001 -> CRA + MaschinenVO | 0% |" in out
|
|
|
|
|
|
def test_zero_runtime_change_verdict():
|
|
out = _run()
|
|
assert "0 neue Runtime-Klassen, 0 neue Pipeline" in out
|
|
assert "16 neue Capability-Typen" in out
|
|
|
|
|
|
def test_no_real_company_names():
|
|
out = _run().lower()
|
|
for name in ["eto", "owis", "winterhalter"]:
|
|
assert name not in out
|