stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
cf5b72974f923126944f4dcd47e85864ebb31a3b
git.stella-ops.org/docs/features/unchecked/scanner/explainable-triage-ux-with-evidence-linked-findings.md

2.4 KiB
Raw Blame History

Explainable triage UX with evidence-linked findings

Module

Scanner

Status

IMPLEMENTED

Description

Tabbed evidence panel with policy, binary diff, confidence meter, and SBOM evidence tabs provides expandable evidence views per finding.

Implementation Details

  • Explainability Library:
    • src/Scanner/__Libraries/StellaOps.Scanner.Explainability/ - Explainability services for evidence-linked findings
    • src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Dsse/ExplainabilityPredicateSerializer.cs - Serializes explainability predicates
    • src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Falsifiability/FalsifiabilityGenerator.cs - Generates falsification criteria
    • src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Falsifiability/FalsifiabilityCriteria.cs - Criteria model
  • Triage Services:
    • src/Scanner/__Libraries/StellaOps.Scanner.Triage/ - Triage domain services
    • src/Scanner/__Libraries/StellaOps.Scanner.Triage/Models/ExploitPath.cs - Exploit path model for evidence linking
  • Evidence Composition:
    • src/Scanner/StellaOps.Scanner.WebService/Services/EvidenceCompositionService.cs - Composes multi-source evidence per finding
    • src/Scanner/StellaOps.Scanner.WebService/Services/IEvidenceCompositionService.cs - Interface
  • Finding Rationale:
    • src/Scanner/StellaOps.Scanner.WebService/Services/FindingRationaleService.cs - Provides rationale explanations per finding
    • src/Scanner/StellaOps.Scanner.WebService/Services/IFindingRationaleService.cs - Interface
  • API:
    • src/Scanner/StellaOps.Scanner.WebService/Controllers/FindingsEvidenceController.cs - Evidence controller
    • src/Scanner/StellaOps.Scanner.WebService/Contracts/FindingEvidenceContracts.cs - Evidence API contracts
    • src/Scanner/StellaOps.Scanner.WebService/Contracts/RationaleContracts.cs - Rationale contracts

E2E Test Plan

  • Query finding evidence via the FindingsEvidenceController and verify tabbed evidence is returned
  • Verify policy evidence tab includes applicable policy rules and evaluation results
  • Verify binary diff evidence tab includes delta analysis when available
  • Verify confidence meter shows score breakdown with contributing factors
  • Verify SBOM evidence tab includes component provenance and version data
  • Verify finding rationale service provides human-readable explanations