stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

docs consolidation work

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-25 18:48:11 +02:00
parent 2a06f780cf
commit 82a49f6743
102 changed files with 3550 additions and 1679 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
docs/modules/signals/README.md Normal file
View File

@@ -0,0 +1,58 @@
# Signals
**Status:** Implemented
**Source:** `src/Signals/`
**Owner:** Policy Guild
## Purpose
Signals provides evidence-weighted scoring for vulnerability findings. Aggregates evidence from reachability analysis, runtime observations, backport detection, exploit intelligence, source trust, and mitigations into a deterministic 0-100 score for rapid triage.
## Components
**Services:**
- `StellaOps.Signals` - Main service with evidence aggregation and scoring engine
- `StellaOps.Signals.Scheduler` - Background scheduler for score recalculation
**Libraries:**
- `StellaOps.Signals.Storage.Postgres` - PostgreSQL storage for evidence and scores
- `StellaOps.Signals.Storage.Postgres.Tests` - Storage layer tests
**Evidence Normalizers:**
- Reachability (RCH) - Code path reachability to vulnerable sink
- Runtime (RTS) - Live observation strength (eBPF/dyld/ETW)
- Backport (BKP) - Patch evidence from distro/changelog/binary
- Exploit (XPL) - Exploit probability (EPSS + KEV)
- Source Trust (SRC) - VEX source trustworthiness
- Mitigation (MIT) - Active mitigation effectiveness
## Configuration
See `etc/signals.yaml.sample` for configuration options.
Key settings:
- PostgreSQL connection (schema: `signals`)
- Authority integration (audiences, scopes)
- Storage driver (filesystem or rustfs)
- Evidence weight policies
- Score guardrails and thresholds
## Dependencies
- PostgreSQL (schema: `signals`)
- Authority (authentication)
- Policy Engine (reachability data)
- Concelier (backport detection, exploit data)
- Excititor (VEX source trust)
- Scanner (vulnerability findings)
## Related Documentation
- Architecture: `./architecture.md`
- Policy Engine: `../policy/`
- VexLens: `../vex-lens/`
- High-Level Architecture: `../../07_HIGH_LEVEL_ARCHITECTURE.md`
## Current Status
Implemented with six evidence normalizers and deterministic scoring algorithm. Integrated with Policy Engine for reachability data and VexLens for source trust. Supports evidence decomposition and transparency.