safety(stpa): first-pass STPA + STPA-Sec hazard analysis (DRAFT for review)#46
Open
avrabe wants to merge 1 commit into
Open
safety(stpa): first-pass STPA + STPA-Sec hazard analysis (DRAFT for review)#46avrabe wants to merge 1 commit into
avrabe wants to merge 1 commit into
Conversation
…eview) Bootstraps STPA + STPA-Sec for wohl (previously ASPICE-only), via the bootstrap-verification + stpa-audit skills. Adds the rivet stpa/stpa-sec schemas + sources and a first-pass analysis grounded in wohl's six monitors, CCSDS streams, hub, and alert dispatcher: STPA: 4 losses, 5 hazards, control structure (monitors/dispatcher/hub + controlled processes), 6 UCAs (not-providing / providing / too-early-too-late), 4 controller-constraints closing every hazard + UCA, 4 loss scenarios. STPA-Sec: 3 sec-losses, 3 sec-hazards (CIA), 3 sec-constraints — covering stream authentication, presence-confidentiality, and credential protection. AI-assisted DRAFT for domain review — NOT authoritative safety content. Iterated to `rivet validate` PASS (0 errors); the only residual warnings are pre-existing wohl gaps (docs frontmatter, a SYSREQ verification gap, a schema coverage-rule note), not these artifacts. Run stpa-audit's soundness review before relying on the hazards/losses. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bootstraps STPA + STPA-Sec for wohl (previously ASPICE-only) — the consumer-repo pilot of the new
bootstrap-verification+stpa-auditskills. Adds the rivetstpa/stpa-secschemas + sources and a first-pass analysis grounded in wohl's six monitors, CCSDS streams, hub, and dispatcher.Contents
Validation: iterated to
rivet validatePASS (0 errors) — the oracle caught real gaps in the first draft (missing typed hazard links, undefined processes, UCA-type values, unclosed hazard→constraint loop) and I fixed each. Residual warnings are pre-existing wohl gaps (docs frontmatter, a SYSREQ verification gap, a schema coverage-rule note), not these artifacts.stpa-audit's soundness review (are these the real losses/hazards for wohl? attacker model adequate?) before relying on it. Left open for your review, not auto-merged.🤖 Generated with Claude Code