stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
docs/features/unchecked/attestor/remediation-planner.md Normal file
View File

@@ -0,0 +1,32 @@
# Remediation Planner
## Module
Attestor
## Status
IMPLEMENTED
## Description
Frontend has remediation plan preview, remediation panel, and AI-assisted remediation. Backend has structured remediation step models with risk assessment and verification status.
## Implementation Details
- **AI Remediation Plan Statement**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIRemediationPlanStatement.cs` -- in-toto statement wrapping an AI-generated remediation plan.
- **Remediation Step**: `Predicates/AI/RemediationStep.cs` -- individual remediation step with action, target component, and expected outcome.
- **Remediation Action Type**: `Predicates/AI/RemediationActionType.cs` -- enum of action types (Upgrade, Patch, Configure, Mitigate, Accept).
- **Remediation Step Status**: `Predicates/AI/RemediationStepStatus.cs` -- enum tracking step execution status (Pending, InProgress, Completed, Failed, Skipped).
- **Remediation Risk Assessment**: `Predicates/AI/RemediationRiskAssessment.cs` -- risk assessment for a remediation action (breaking change risk, compatibility impact, rollback plan).
- **Remediation Verification Status**: `Predicates/AI/RemediationVerificationStatus.cs` -- verification of whether the remediation was successful.
- **AI Authority Classifier**: `Predicates/AI/AIAuthorityClassifier.cs` (with `.Remediation`, `.RemediationScore`) -- classifies AI-generated remediation plans by authority level.
- **AI Model Identifier**: `Predicates/AI/AIModelIdentifier.cs` -- identifies the AI model that generated the plan.
- **DSSE Signing**: `Signing/ProofChainSigner.cs` -- signs remediation plan attestations.
- **Tests**: `__Tests/StellaOps.Attestor.ProofChain.Tests/AIRemediationPlanTests.cs`
## E2E Test Plan
- [ ] Create an `AIRemediationPlanStatement` with 3 `RemediationStep` entries (Upgrade openssl, Patch libcurl, Configure nginx) and verify the statement structure
- [ ] Verify each step has a `RemediationActionType` and appropriate target component
- [ ] Create a `RemediationRiskAssessment` for an upgrade step and verify breaking change risk and rollback plan are captured
- [ ] Track step execution via `RemediationStepStatus`: move a step from Pending -> InProgress -> Completed and verify status transitions
- [ ] Verify `RemediationVerificationStatus` confirms whether the remediation was successful (e.g., CVE no longer detected after upgrade)
- [ ] Classify the remediation plan via `AIAuthorityClassifier.Remediation` and verify authority level based on evidence quality
- [ ] Sign the remediation plan into a DSSE envelope and verify the signature
- [ ] Create plans with different `RemediationActionType` values and verify type-specific metadata