save checkpoint
This commit is contained in:
master
39
docs/features/checked/policy/release-gate-levels.md
Normal file
39
docs/features/checked/policy/release-gate-levels.md
Normal file
@@ -0,0 +1,39 @@
|
||||
# Release Gate Levels (G0-G4)
|
||||
|
||||
## Module
|
||||
Policy
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Five gate levels (G0 through G4) with escalating requirements. GateSelector computes RRS, maps to gate level, and applies budget modifiers (Yellow/Red/Exhausted escalations). Each gate level has defined requirements matching the advisory specification.
|
||||
|
||||
## Implementation Details
|
||||
- **PolicyGateEvaluator**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs`
|
||||
- Multi-gate evaluation with escalating strictness per gate level
|
||||
- Gate levels mapped from Risk Readiness Score (RRS) and budget status
|
||||
- 5 sequential gates with configurable thresholds per level
|
||||
- Lattice states drive gate decisions: U, SR, SU, RO, RU, CR, CU, X
|
||||
- Uncertainty tiers: T1 (High) -> strictest, T4 (Negligible) -> most permissive
|
||||
- **PolicyGateOptions**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateOptions.cs` -- per-level gate configuration
|
||||
- **PolicyGateDecision**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateDecision.cs` -- decision model with per-gate results
|
||||
- **RiskSimulationService**: `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationService.cs`
|
||||
- Signal-based RRS computation with severity mapping
|
||||
- Severity: Critical>=90, High>=70, Medium>=40, Low>=10
|
||||
- Distribution and percentile calculation for gate level determination
|
||||
- **Budget integration**: Budget status (Yellow/Red/Exhausted) escalates gate level
|
||||
- `BudgetEndpoints.cs`: `src/Policy/StellaOps.Policy.Engine/Endpoints/BudgetEndpoints.cs`
|
||||
- `RiskBudgetEndpoints.cs`: `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskBudgetEndpoints.cs`
|
||||
- **Ledger**: `src/Policy/StellaOps.Policy.Engine/Ledger/` -- tracks gate decisions for compliance
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Evaluate artifact with low RRS (minimal risk); verify gate level maps to G0 (minimal requirements)
|
||||
- [ ] Evaluate artifact with high RRS (many critical findings); verify gate level escalates to G3 or G4
|
||||
- [ ] Evaluate with budget status Yellow; verify gate level escalates by one level
|
||||
- [ ] Evaluate with budget status Exhausted; verify gate level escalates to maximum (G4)
|
||||
- [ ] Evaluate at G0: verify only basic evidence completeness is checked
|
||||
- [ ] Evaluate at G4: verify all gates apply strictest thresholds (lattice state, VEX trust, uncertainty, confidence)
|
||||
- [ ] Verify each gate level (G0-G4) has progressively stricter thresholds
|
||||
- [ ] Verify gate decision includes per-gate Pass/Warn/Block results for audit trail
|
||||
- [ ] Verify ledger records gate level and decision for compliance
|
||||
Reference in New Issue
Block a user