2.0 KiB
2.0 KiB
Signal State Attachment for CVE Observations (Feedser/VexLens/Graph/Findings Integration)
Module
Signals
Status
IMPLEMENTED
Description
Backend integration wiring the Determinization subsystem: Feedser attaches SignalState with query status, VexLens emits SignalUpdatedEvent on VEX changes, Graph nodes carry ObservationState/UncertaintyScore/GuardRails, and Findings persists observation lifecycle with state transitions.
Implementation Details
- Modules:
src/Signals/StellaOps.Signals/Models/,src/Signals/StellaOps.Signals/Lattice/ - Key Classes:
ReachabilityFactDocument(src/Signals/StellaOps.Signals/Models/ReachabilityFactDocument.cs) - document carrying observation state and signal attachmentsReachabilityFactUpdatedEvent(src/Signals/StellaOps.Signals/Models/ReachabilityFactUpdatedEvent.cs) - event emitted when reachability facts changeRuntimeUpdatedEventFactory(src/Signals/StellaOps.Signals/Models/RuntimeUpdatedEvent.cs) - factory for runtime update events propagated to downstream modulesUncertaintyDocument(src/Signals/StellaOps.Signals/Models/UncertaintyDocument.cs) - document model for uncertainty scores attached to observationsReachabilityLattice(src/Signals/StellaOps.Signals/Lattice/ReachabilityLattice.cs) - lattice-based state merge for observation evidence
- Source: SPRINT_20260106_001_004_BE_determinization_integration.md
E2E Test Plan
- Attach a signal state to a CVE observation and verify the state is persisted with the finding
- Emit a
ReachabilityFactUpdatedEventand verify downstream modules (VexLens, Graph) receive the update - Verify observation state transitions: update a finding's signal state and confirm the lifecycle is tracked
- Verify uncertainty score attachment: assign an uncertainty score to an observation and confirm it propagates to graph nodes
- Verify guard rails: attach guard rail metadata and confirm it constrains observation scoring