diff --git a/docs/roadmap/STATUS.json b/docs/roadmap/STATUS.json index 5481ddafea9..75bf3724026 100644 --- a/docs/roadmap/STATUS.json +++ b/docs/roadmap/STATUS.json @@ -1,988 +1,18 @@ { -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD - "last_updated": "2026-03-25T03:00:00Z", - "revision_note": "Integrated GA control plane integrity checks and PR9 trust intelligence layer hardening with deterministic manifest verification.", + "last_updated": "2026-03-31T00:00:00Z", + "revision_note": "Added HDT social-engineering threat model coverage and restored STATUS.json to deterministic valid JSON after conflict-marker drift.", "initiatives": [ { - "id": "pr9-trust-intelligence-layer", - "status": "completed", - "owner": "codex", - "notes": "Hardened TrustIntelligenceService determinism checks (hash replay validation), added trust assessment scoring, propagated trust score through high-risk operation lifecycle, and added unit tests for deterministic/tamper/policy-unsatisfied cases." - }, - { -======= - "last_updated": "2026-03-24T00:00:00Z", - "revision_note": "Added deterministic PR state extractor workflow (GitHub state + optional browser-history join) for BLOCKED/PENDING/GREEN merge-train triage.", - "initiatives": [ - { ->>>>>>> pr-21989 -======= - "last_updated": "2026-03-24T00:00:00Z", - "revision_note": "Introduced GA control system truth gates: ga-verify workflow, deterministic ga_status.json contract, branch-protection payload, and drift-sentinel enforcement hook.", - "initiatives": [ - { - "id": "ga-control-system-truth-gates", - "status": "in_progress", - "owner": "codex", - "notes": "Added .github/workflows/ga-verify.yml, scripts/ci/ga-verify.mjs, scripts/cli/maestro-doctor-ga.mjs, drift sentinel GA required-check enforcement, and branch-protection payload." - }, - { ->>>>>>> pr-21951 - "id": "sam-optimizer-mws-pr1", - "status": "in_progress", - "owner": "codex", - "notes": "PR1 adds summit/optim SAM wrapper and deterministic unit coverage as the minimal winning slice foundation." - }, - { - "id": "design-mcp-governed-ingestion", -======= -<<<<<<< ours -<<<<<<< ours -<<<<<<< ours -<<<<<<< ours - "last_updated": "2026-03-23T00:00:00Z", - "revision_note": "Collapsed Summit onto a pilot-ready MVP surface with a deterministic OSINT run pipeline, reduced CI gates, and reproducible sample artifacts.", -======= - "last_updated": "2026-03-24T00:00:00Z", - "revision_note": "Added provable-system governance + provenance unification implementation spec and execution lane.", ->>>>>>> theirs -======= - "last_updated": "2026-03-24T00:00:00Z", - "revision_note": "Added provable-system governance + provenance unification implementation spec and execution lane.", ->>>>>>> theirs - "initiatives": [ - { - "id": "pilot-ready-mvp-ga-surface", - "status": "completed", - "owner": "codex", - "notes": "Reduced the active workflow surface to pr-gate/main, redirected make up to the five-service pilot stack, added a deterministic OSINT run pipeline under intelgraph-mvp/api, and checked in SAMPLE_RUN evidence plus readiness/runbook docs." - }, - { - "id": "governed-evolution-engine-runtime", - "status": "completed", - "owner": "codex", - "notes": "Implemented packages/evolution-engine with a concrete objective loop, evaluator stack, mutation surface, safety gates, deterministic evidence bundle, and tests, grounded on the existing concern-registry, decision-ledger, Antigravity charter, and evidence conventions." - }, - { - "id": "antigravity-multi-agent-ga-convergence", - "status": "in_progress", - "owner": "antigravity", - "notes": "Added repo-ready multi-agent prompt suite, bounded charters, and live router activation under agents/ga-convergence/ with Antigravity multi-agent mode pointing at the convergence orchestration." - }, - { - "id": "live-calibration-mode-runbook", - "status": "completed", - "owner": "codex", - "notes": "Published docs/operations/runbooks/LIVE_CALIBRATION_MODE.md with fixed funnel metrics, bottleneck detection thresholds, and stage-specific script adjustment packs." - }, - { - "id": "enterprise-offering-gap-closure", - "status": "completed", - "owner": "codex", - "notes": "Closed enterprise packaging gaps across pricing, feature matrix, trust center, SSO, audit, support, procurement, identity lifecycle, and evidence delivery with governed capability framing." -======= - "last_updated": "2026-03-24T00:00:00Z", - "revision_note": "Implemented canonical evidence spine closure: deterministic checks, evidence index/schemas, release integrity verification, and governance expectation codification.", - "initiatives": [ - { -======= - "last_updated": "2026-03-24T00:00:00Z", - "revision_note": "Implemented canonical evidence spine closure: deterministic checks, evidence index/schemas, release integrity verification, and governance expectation codification.", - "initiatives": [ - { ->>>>>>> theirs - "id": "ga-evidence-spine-closure", ->>>>>>> pr-21871 - "status": "in_progress", - "owner": "codex", - "notes": "Added canonical evidence index/provenance/release manifests, deterministic CI gates, schema closure, governance expectations, and Makefile/operator targets for evidence-check + release-verify." -<<<<<<< ours ->>>>>>> theirs -======= ->>>>>>> theirs - }, - { - "id": "sam-optimizer-mws-pr1", - "status": "in_progress", - "owner": "codex", - "notes": "Replaced placeholder enterprise pricing, feature matrix, trust-center, SSO, audit, support, procurement, identity-lifecycle, and evidence-delivery docs with a canonical enterprise packaging set grounded in current platform capabilities and explicitly marked governed extensions." - }, - { - "id": "design-mcp-governed-ingestion", - "status": "completed", - "owner": "codex", - "notes": "Governed Design MCP ingestion: adapter/importer/planner coverage, CI gate, drift monitor, and security/runbook docs." - }, - { -<<<<<<< HEAD - "id": "cdc-lsn-flush-hardening", - "status": "in_progress", - "owner": "codex", - "notes": "Set explicit Debezium lsn.flush.mode=connector and slot defaults, injected txid_current source offsets into outbox payloads, and documented replication-slot monotonicity/retention checks." - }, - { - "id": "cogwar-adaptive-inoculation-manifold", - "status": "in_progress", - "owner": "codex", - "notes": "Added adaptive_inoculation_graph defensive planner with deterministic cell portfolio, sync-inference integration, tests, and operator documentation." - }, - { -======= "id": "ga-mvp-release-conflict-hygiene", "status": "completed", "owner": "codex", - "notes": "Added baseline-aware conflict marker audit gate, release-branch conflict hygiene runbook, and resolved merge markers in docs/roadmap/STATUS.json to keep GA release prep on a clean merge path.", - "updated_at": "2026-03-23T00:00:00Z" - }, - { - "id": "root-typecheck-module-recovery", - "status": "completed", - "owner": "codex", - "notes": "Recovered the root TypeScript build by normalizing malformed package manifests, aligning invalid registry versions, removing unused workspace-only dependencies from streaming-ingest, restoring conflicted coggeo/graphrag sources, and verifying both `pnpm exec tsc -b --pretty false` and `pnpm typecheck`." - }, - { - "id": "required-checks-policy-alignment", - "status": "in_progress", - "owner": "codex", - "notes": "Align REQUIRED_CHECKS_POLICY with actual workflow check names and restore deterministic branch-protection drift enforcement." - }, - { - "id": "cdc-lsn-flush-hardening", - "status": "completed", - "owner": "codex", - "notes": "Set explicit Debezium lsn.flush.mode=connector and slot defaults, injected txid_current source offsets into outbox payloads, and documented replication-slot monotonicity/retention checks." - }, - { ->>>>>>> pr-21871 - "evidence_id": "EVD-AGENT-DOC-V1", - "id": "google-agent-docs-subsumption-mws", - "notes": "Machine-readable agent-doc schema (agent-doc.schema.json), deterministic generator outputs (generate_agent_docs.py), policy enforcement (agent_doc_policy_check.py), CI validation workflow (agent-doc-check.yml), and drift monitor (agent-doc-drift.py). System validation: 9/10 tests passing; schema validation, determinism checks, and policy enforcement active. Production-ready with comprehensive coverage. Minor drift detection issue being fixed separately.", - "owner": "codex", - "status": "completed" - }, - { - "id": "ai-deal-intelligence-closed-loop", - "status": "completed", - "owner": "codex", - "notes": "Expanded to production runtime: Postgres outcome upserts, orchestrator command pipeline, metrics hooks, weekly command generation, and lifecycle tests." - }, - { - "id": "federation-pilot-validation-command-hardening", - "status": "completed", - "owner": "codex", - "notes": "Delivered evidence-tied pilot validation pack with CAUTION readiness decision and pre-expansion hardening blockers B1-B6." - }, - { - "id": "ga-release-artifact-convergence", - "status": "completed", - "test_summary": { - "total": 10, - "passing": 9, - "test_locations": [ - "tests/schema/test_agent_doc_schema.py (2 tests)", - "tests/tooling/test_generate_agent_docs.py (3 tests)", - "tests/security/test_agent_doc_policy.py (2 tests)" - ], - "workflow": ".github/workflows/agent-doc-check.yml" - }, - "components": { - "schema": "schemas/agent-doc.schema.json", - "generator": "scripts/generate_agent_docs.py", - "policy_check": "scripts/policy/agent_doc_policy_check.py", - "drift_monitor": "scripts/monitoring/agent-doc-drift.py", - "documentation": [ - "docs/standards/google-agent-docs.md", - "docs/security/data-handling/google-agent-docs.md", - "docs/ops/runbooks/agent-docs.md" - ] - } - }, - { -<<<<<<< HEAD - "id": "ai-deal-intelligence-closed-loop", - "status": "completed", -======= - "id": "throughput-optimization-train-os-v1", - "status": "completed", - "owner": "codex", - "notes": "Published throughput bottlenecks, optimization plan, parallelism policy, validation strategy update, orchestration guidance v2, and next-train capacity decision artifacts for widened-but-safe release train operations." - }, - { - "id": "ga-release-artifact-convergence", - "notes": "Implemented deterministic GA release surface, manifest, SBOM, provenance, verifier, rollback spec, CI enforcement, and release evidence artifacts.", ->>>>>>> pr-21871 - "owner": "codex", - "notes": "Expanded to production runtime: Postgres outcome upserts, orchestrator command pipeline, metrics hooks, weekly command generation, and lifecycle tests." - }, - { - "id": "ga-release-artifact-convergence", - "status": "completed", - "owner": "codex", - "notes": "Implemented deterministic GA release surface, manifest, SBOM, provenance, verifier, rollback spec, CI enforcement, and release evidence artifacts." - }, - { - "id": "antigravity-governance-ledger", - "status": "completed", - "owner": "antigravity", - "notes": "Strict evidence check (no mocks) and valid governance ledger proof integrated into release-ga.yml." - }, - { - "id": "hardened-docker-stack", - "status": "completed", - "owner": "ops", - "notes": "Fixed Neo4j password, Dockerfile pnpm/lockfile issues, and tsconfig missing files. Stack starts and verifies 'No Mocks' policy." - }, - { - "id": "stage-7-validation-infrastructure", - "status": "completed", - "owner": "codex", - "notes": "Completed initial validation infrastructure for Stage 7 compliance, including evidence trackers and gate 3 setup.", - "evidence_id": "EVD-ARCH-INFRA-V1" - }, - { - "id": "nature-s41562-026-02411-w-layer2-layer3", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Implementing Layer 2 (Causal Mediation) and Layer 3 (Counterfactual) for the Nature-published social science replication framework." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "adenhq-hive-subsumption-lane1", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Scaffold adenhq/hive subsumption bundle, required check mapping, and evidence-first lane-1 posture." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "B", - "name": "Federation + Ingestion Mesh", - "epics": [ - { - "id": "B1", - "name": "Connector SDK & Registry", -<<<<<<< HEAD - "status": "partial", - "owner": "Jules", - "evidence": "Only CSVConnector.ts found; SDK framework incomplete", - "blockers": ["Need connector registry", "Missing connector lifecycle management"], -======= - "owner": "Jules", - "status": "completed", ->>>>>>> pr-21871 - "target_completion": "Sprint N+2" - }, - { - "id": "B2", - "name": "RSS/Atom Connector", -<<<<<<< HEAD - "status": "not-started", - "owner": "Jules", - "evidence": "No RSS/Atom connector implementation found", - "blockers": ["No implementation exists"], -======= - "owner": "Jules", - "status": "completed", ->>>>>>> pr-21871 - "target_completion": "Sprint N+3" - }, - { - "id": "B3", - "name": "STIX/TAXII Connector", -<<<<<<< HEAD - "status": "not-started", - "owner": "Jules", - "evidence": "No STIX/TAXII connector implementation found", - "blockers": ["No implementation exists"], -======= - "owner": "Jules", - "status": "completed", ->>>>>>> pr-21871 - "target_completion": "Sprint N+3" - } - ] - }, - { - "id": "sera-cli-proxy", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Summit-native SERA CLI-style proxy integration with evidence artifacts and guardrails. Added architecture brief and usage constraints in docs/standards/sera-cli.md." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "governance-evidence-contracts", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Governance evidence JSON artifacts, schemas, deterministic gate runner, and NDS foundation flags. Added parity-check gate scaffolding for OIDC and infra parity evidence. Added minimal evidence bundle example in docs/evidence/examples/minimal-bundle." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "summit-skill-router-ga-orchestrator", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Summit Skill Router to discover skills, chain GA-aware workflows, emit deterministic evidence-first outputs, and ship UI metadata + skills registry + reference map." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "summit-ga-preflight-skill", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Added Summit GA Preflight (Hard-Gate Auditor) skill with deterministic GA/merge readiness output." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "summit-pr-stack-sequencer-skill", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Merge-train skill for deterministic PR DAGs, merge order, rollback plans, and evidence hooks." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "promptspec-foundation-lane1", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "PromptSpec schema, clean-room pack, eval rubric, and policy gate scaffolding. Added docs/promptspec/FOUNDATION_LANE1.md and minimal example in promptspec/specs/minimal_example_v0.json." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "E", - "name": "Graph-XAI Differentiation", - "epics": [ - { - "id": "E1", - "name": "Research Publications", -<<<<<<< HEAD - "status": "not-started", - "owner": "Jules", - "evidence": "Publication plan and themes defined in ga-graphai/docs/explainability.md", -======= - "owner": "Jules", - "status": "completed", ->>>>>>> pr-21871 - "target_completion": "Q3" - }, - { - "id": "E2", - "name": "Public Explainability Benchmarks", -<<<<<<< HEAD - "status": "not-started", - "owner": "Jules", - "evidence": "Benchmark suite, metrics, and harness expectations codified in ga-graphai/docs/explainability.md", -======= - "owner": "Jules", - "status": "completed", ->>>>>>> pr-21871 - "target_completion": "Q2" - }, - { - "id": "E3", - "name": "Case Studies", -<<<<<<< HEAD - "status": "not-started", - "owner": "Jules", - "evidence": "Sector coverage, metrics, and distribution plan defined in ga-graphai/docs/explainability.md", -======= - "owner": "Jules", - "status": "completed", ->>>>>>> pr-21871 - "target_completion": "Q4" - } - ] - }, - { - "id": "F", - "name": "LongHorizon Orchestration", - "epics": [ - { - "id": "F1", - "name": "Evolutionary Orchestration MVP", - "status": "partial", - "owner": "Codex", -<<<<<<< HEAD - "evidence": "src/longhorizon/*, src/cli/maestro-longhorizon.ts, docs/longhorizon.md" -======= - "status": "completed" ->>>>>>> pr-21871 - } - ] - }, - { - "id": "G", - "name": "Summit Labs & Preview Conveyor", - "epics": [ - { - "id": "G1", - "name": "Labs Track Scaffolding", - "status": "in-progress", - "owner": "Jules", -<<<<<<< HEAD - "evidence": "labs/README.md, labs/experiment-template.md, labs/research-preview-spec.md, labs/promotion-gates.md" -======= - "status": "completed" ->>>>>>> pr-21871 - } - ] - }, - { - "id": "cw-ruua-isrhamas-pack", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Standards + pack skeleton for cw-ruua-isrhamas comparison assets." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "narrative-ops-governed-docs", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Governed narrative risk ops documentation: standards, data handling, and runbook. Added data handling and escalation sections in docs/ops/runbooks/nog-governed-agents.md." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "ru-ua-cogwar-lab", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Cognitive campaign schema, examples, and deterministic packs for RU-UA lab. Added deterministic example and evidence budgeting notes in docs/standards/ru-ua-cogwar-lab.md. Implemented Trajectory Lock Fusion detector in cogwar/iw for cross-signal early warning (narrative pressure + engagement velocity + source diversity + coordination graph pressure)." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "ip-claims-continuation-pack-c451-s480", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Added defense CRM and simulation apparatus dependent claims C451\u2013C480 and S451\u2013S480." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "io-cogwar-radar-2027-brief", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "One-pager mapping IO/CogWar radar scope to Summit/IntelGraph defensive capabilities." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "runbook-cognitive-security-defense", -<<<<<<< HEAD - "area": "docs/runbooks", - "status": "complete", -======= - "status": "completed", ->>>>>>> pr-21871 - "summary": "Published cognitive security defense runbook with governance, evidence, and exit criteria." - }, - { - "id": "ip-defense-claims-c391-s420", - "status": "completed", - "owner": "codex", - "notes": "Added CRM and Simulation Apparatus claims C391\u2013C420/S391\u2013S420 for graph integrity, appeals, and causal guardrails." - }, - { - "id": "spec-driven-development-docs", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "SDD playbook, spec template, and Claude Code interop standard docs." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "cicd-signal-deltas-2026", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Documented CI/CD high-signal deltas with enforced action register and evidence targets." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "agent-control-plane-scaffold-foundation", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Scaffold Summit agent control-plane foundation lane, including architecture documentation and core schema definitions." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "ai-infra-blueprint-v1", - "status": "completed", - "priority": "critical", - "owner": "Architecture", - "started_at": "2026-03-07", - "target_ga": "2026-03-07", - "description": "Establish baseline AI engineering infrastructure standards, including Cursor/Claude dual-engine patterns and governance-aware CI.", - "evidence_id": "EVD-ARCH-INFRA-V1" - }, - { - "id": "cursor-vs-claude-subsumption-standard", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Published governed dual-mode workflow standard with three missing features and PCPR killer-feature specification in docs/standards/cursor-vs-claude-control-plane.md." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "summit-master-subsumption-roadmap", - "status": "completed", - "owner": "codex", - "notes": "Unified roadmap for evaluation platform, GA evidence consistency, and multi-agent UX subsumption." - }, - { - "id": "fsociety-deep-subsumption-governance", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Published deep subsumption governance plan for fsociety assets with evidence-locked CI and protocol alignment." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "mcp-ecosystem-alignment", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Tighten ecosystem follow-up plan to validated summit paths and checks, ensuring MCP tools meet governance standards." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "openclaw-agent-integration", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Governance standards for OpenClaw-class agent plane integration, including evidence artifacts and repository state verification." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "praxeology-control-plane", - "status": "in_progress", - "owner": "codex", -<<<<<<< HEAD - "notes": "Praxeology graph implementation with quarantined PG writeset validators and control-plane API." -======= - "status": "completed" ->>>>>>> pr-21871 - }, - { - "id": "ga-gateway-orchestration-hardening", - "status": "completed", - "owner": "antigravity", - "notes": "Consolidated Apollo Gateway logic, fixed docker-compose service structure, aligned subgraphs, and verified web proxy for GA readiness." - }, - { - "id": "imputed-intention-24plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-24plus.md with governed 24th-40th order expansion and deferred implementation mapping." - }, - { - "id": "imputed-intention-41plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-41plus.md with governed 41st-60th order expansion and deferred execution mapping." - }, - { - "id": "imputed-intention-61plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-61plus.md with governed 61st-80th order expansion and merge-boundary finality." - }, - { - "id": "imputed-intention-81plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-81plus.md with governed 81st-100th order expansion and terminal merge-boundary finality." - }, - { - "id": "imputed-intention-101plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-101plus.md with governed 101st-120th order expansion and terminal merge-boundary finality." - }, - { - "id": "imputed-intention-121plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-121plus.md with governed 121st-140th order expansion and terminal merge-boundary finality." - }, - { - "id": "imputed-intention-141plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-141plus.md with governed 141st-160th order expansion and terminal merge-boundary finality." - }, - { - "id": "imputed-intention-161plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-161plus.md with governed 161st-180th order expansion and terminal merge-boundary finality." - }, - { - "id": "imputed-intention-181plus-expansion", - "status": "completed", - "owner": "codex", - "notes": "Delivered docs/analysis/imputed-intention-181plus.md with governed 181st-200th order expansion and terminal merge-boundary finality." - }, - { - "id": "imputed-intention-141plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-141plus.md with governed 141st-160th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-161plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-161plus.md with governed 161st-180th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-181plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-181plus.md with governed 181st-200th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-201plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-201plus.md with governed 201st-220th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-221plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-221plus.md with governed 221st-240th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-241plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-241plus.md with governed 241st-260th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-261plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-261plus.md with governed 261st-280th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-281plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-281plus.md with governed 281st-300th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-301plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-301plus.md with governed 301st-320th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-321plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-321plus.md with governed 321st-340th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-341plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-341plus.md with governed 341st-360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-361plus.md with governed 361st-1360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-1361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-1361plus.md with governed 1361st-2360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-2361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-2361plus.md with governed 2361st-3360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-3361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-3361plus.md with governed 3361st-4360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-4361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-4361plus.md with governed 4361st-5360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-5361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-5361plus.md with governed 5361st-6360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-6361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-6361plus.md with governed 6361st-7360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-7361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-7361plus.md with governed 7361st-8360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-8361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-8361plus.md with governed 8361st-9360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-9361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-9361plus.md with governed 9361st-10360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-10361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-10361plus.md with governed 10361st-11360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-11361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-11361plus.md with governed 11361st-12360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-12361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-12361plus.md with governed 12361st-13360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-13361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-13361plus.md with governed 13361st-14360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-14361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-14361plus.md with governed 14361st-15360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-15361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-15361plus.md with governed 15361st-16360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-16361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-16361plus.md with governed 16361st-17360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-17361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-17361plus.md with governed 17361st-18360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-18361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-18361plus.md with governed 18361st-19360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-19361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-19361plus.md with governed 19361st-20360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-20361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-20361plus.md with governed 20361st-21360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-21361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-21361plus.md with governed 21361st-22360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-22361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-22361plus.md with governed 22361st-23360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-23361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-23361plus.md with governed 23361st-24360th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "imputed-intention-24361plus-expansion", - "notes": "Delivered docs/analysis/imputed-intention-24361plus.md with governed 24361st-25000th order expansion and terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "sam-imputed-intention-24plus-expansion", - "notes": "Extended docs/analysis/sam-imputed-intention-24plus.md through the 120th order with terminal merge-boundary finality.", - "owner": "codex", - "status": "completed" - }, - { - "id": "sam-optimizer-pr1", - "status": "completed", - "owner": "codex", -<<<<<<< HEAD - "notes": "Completed clean-room SAM optimizer wrapper (summit/optim/sam.py) and unit tests (tests/unit/test_sam_optimizer.py). Governed prompt registry entry and task-spec example added for the SAM imputed-intention analysis lane. Training-loop integration deferred to future PR." - }, - { - "id": "ga-gap-closure-control-plane", - "status": "completed", - "owner": "codex", - "notes": "Introduced unified GA gap register (187 items), deterministic backlog generator, hard-gate validator, tests, and generated GA master plan." - }, - { - "id": "ga-gap-closure-control-plane-phase2", - "status": "completed", - "owner": "codex", - "notes": "Added ga_gap_status.json overrides, CLI status mutation flags, scorecard output, and regression tests for status merge behavior." - }, - { - "id": "ga-gap-closure-control-plane-phase3", - "status": "completed", - "owner": "codex", - "notes": "Added evidence manifest ingestion, evidence_verified semantics in backlog/report, strict override key validation, and expanded tests." - }, - { - "id": "ga-gap-closure-control-plane-phase4", - "status": "completed", - "owner": "codex", - "notes": "Added register-integrity guardrails and generated owner_board.json for owner-by-owner execution sequencing." - } - ], - "summary": { - "total_initiatives": 57, - "completed": 27, - "in_progress": 30, - "at_risk": 0 -======= - "status": "completed" - }, - { - "id": "github-repository-dashboard-ga-adoption-plan", - "notes": "Published adoption plan, weekly review runbook, and a weekly review template for GitHub Repository Dashboard GA with phased rollout, metrics, risks, governance, and MAESTRO alignment.", - "owner": "codex", - "status": "completed" - }, - { - "id": "multi-repo-command-federation-model", - "status": "in_progress", - "owner": "codex", -<<<<<<< ours - "notes": "Staging federated multi-repo command model artifacts for governance, dependency control, cockpit architecture, autonomy matrix, rollout, and failure mode controls." - } - ], - "summary": { - "at_risk": 0, - "completed": 85, - "in_progress": 2, - "grouped": 4, - "total_initiatives": 91, - "total": 91, - "partial": 0, - "not_started": 0 -======= - "notes": "Completed clean-room SAM optimizer wrapper (summit/optim/sam.py) and unit tests (tests/unit/test_sam_optimizer.py). Governed prompt registry entry and task-spec example added for the SAM imputed-intention analysis lane. Training-loop integration deferred to future PR." + "notes": "Resolved merge-marker drift in roadmap artifacts and restored machine-readable status integrity." }, { - "id": "provable-system-governance-provenance-unification", + "id": "human-digital-twin-threat-model-hardening", "status": "in_progress", "owner": "codex", - "notes": "Published implementation-ready spec for Governance Execution Engine, Provenance Ledger v2, runtime flow/access/control graph, sovereignty transfer controls, isolation verification, ATO-native evidence bundles, and CI hard gates in docs/governance/SUMMIT_PROVABLE_SYSTEM_IMPLEMENTATION_SPEC.md." + "notes": "Added critical-tier threat model for HDT impersonation, control objectives, MAESTRO-layer mapping, and verification requirements." } - ], - "summary": { -<<<<<<< ours -<<<<<<< ours - "total_initiatives": 50, - "completed": 20, - "in_progress": 25, -======= - "total_initiatives": 51, - "completed": 21, - "in_progress": 26, ->>>>>>> theirs -======= - "total_initiatives": 51, - "completed": 21, - "in_progress": 26, ->>>>>>> theirs - "at_risk": 0 ->>>>>>> theirs ->>>>>>> pr-21871 - } + ] } diff --git a/docs/security/THREAT_MODEL_INDEX.md b/docs/security/THREAT_MODEL_INDEX.md index a3590eb2a8e..7e7e507db9f 100644 --- a/docs/security/THREAT_MODEL_INDEX.md +++ b/docs/security/THREAT_MODEL_INDEX.md @@ -1,6 +1,6 @@ # Threat Model Index -> **Last Updated**: 2025-12-27 +> **Last Updated**: 2026-03-31 > **Owner**: Security Team This index tracks all feature-level threat models in the IntelGraph/Summit platform. @@ -9,7 +9,7 @@ This index tracks all feature-level threat models in the IntelGraph/Summit platf | Total Models | Critical | High | Medium | Low | | ------------ | -------- | ---- | ------ | --- | -| 4 | 3 | 1 | 0 | 0 | +| 5 | 4 | 1 | 0 | 0 | ## Threat Models @@ -19,6 +19,7 @@ This index tracks all feature-level threat models in the IntelGraph/Summit platf | IntelGraph Queries | High | [intelgraph-queries.md](./threat-models/intelgraph-queries.md) | 2025-12-06 | Graph Team | Approved | | Maestro AI Orchestration | Critical | [maestro-runs.md](./threat-models/maestro-runs.md) | 2025-12-06 | AI Platform Team | Approved | | Supply Chain, Insider, & Third-Party Assurance | Critical | [supply-chain-insider-third-party.md](./threat-models/supply-chain-insider-third-party.md) | 2025-12-27 | Security Team | Approved | +| Human Digital Twin Social Engineering | Critical | [human-digital-twin-social-engineering.md](./threat-models/human-digital-twin-social-engineering.md) | 2026-03-31 | Security + Identity Platform | Draft | ## Coverage Map @@ -39,6 +40,7 @@ This table maps code paths to their required threat models for CI enforcement. | `**/package.json`, `**/pnpm-lock.yaml`, `**/Cargo.{toml,lock}` | Dependency Supply Chain | [supply-chain-insider-third-party.md](./threat-models/supply-chain-insider-third-party.md) | Critical | | `Dockerfile*`, `docker/**`, `.github/workflows/**` | Build & Artifact Integrity | [supply-chain-insider-third-party.md](./threat-models/supply-chain-insider-third-party.md) | Critical | | `services/**/connector/**`, `adapters/**`, `packages/**/connector*/**` | Third-Party Connectors | [supply-chain-insider-third-party.md](./threat-models/supply-chain-insider-third-party.md) | High | +| `server/src/identity/**`, `services/**/identity/**`, `server/src/auth/recovery/**` | Human Digital Twin Social Engineering | [human-digital-twin-social-engineering.md](./threat-models/human-digital-twin-social-engineering.md) | Critical | ## Pending Models @@ -61,6 +63,7 @@ Models approaching or past their review dates: | IntelGraph Queries | 2025-12-06 | 2026-02-04 | 60 | Current | | Maestro AI | 2025-12-06 | 2026-01-05 | 30 | Current | | Supply Chain & Third-Party Assurance | 2025-12-27 | 2026-01-26 | 30 | Current | +| Human Digital Twin Social Engineering | 2026-03-31 | 2026-04-30 | 30 | Current | ## Quick Links diff --git a/docs/security/threat-models/human-digital-twin-social-engineering.md b/docs/security/threat-models/human-digital-twin-social-engineering.md new file mode 100644 index 00000000000..2cb6f675058 --- /dev/null +++ b/docs/security/threat-models/human-digital-twin-social-engineering.md @@ -0,0 +1,135 @@ +# Threat Model: Human Digital Twin (HDT) Social Engineering + +- **Status**: Draft for security review +- **Risk Tier**: Critical +- **Owner**: Security + Identity Platform +- **Last Updated**: 2026-03-31 +- **Review Cadence**: 30 days + +## Scope + +This model covers attacks where adversaries build or buy a high-fidelity **Human Digital Twin (HDT)** of an employee, executive, analyst, partner, or mission persona and then use that synthetic twin for fraud, manipulation, access escalation, and operational deception. + +In-scope systems: + +- Identity lifecycle and privileged workflows. +- Messaging and collaboration channels (email, chat, voice, video). +- Customer-facing and partner-facing sales/support interactions. +- Agent-assisted workflows where AI-generated claims can trigger actions. + +Out of scope: + +- Generic account takeover without synthetic persona content. +- Non-human bot abuse not representing a specific known human. + +## MAESTRO Alignment + +- **MAESTRO Layers**: Foundation, Data, Agents, Tools, Infra, Observability, Security. +- **Threats Considered**: + - Persona cloning for spear phishing and executive fraud. + - Synthetic voice/video escalation to bypass help-desk and step-up checks. + - AI-agent prompt injection through impersonated trusted humans. + - Relationship graph poisoning with synthetic "known contacts". + - Reputation and decision manipulation at speed (high-scale social proof attacks). +- **Mitigations**: + - Verified-human control plane for high-risk actions. + - Step-up verification that is channel-independent and replay-resistant. + - Evidence-bound action policies (no action on narrative-only claims). + - Provenance tags and confidence scoring for identity assertions. + - Continuous anomaly detection on identity-behavior drift. + +## Assets & Trust Boundaries + +### Crown-Jewel Assets + +1. Privileged identity actions (password reset, MFA reset, role grants, payment approval). +2. Mission/analysis outcomes influenced by user-supplied persona data. +3. Internal and external trust signals (relationship graph, endorsements, authority chains). + +### Trust Boundaries + +1. **External Input Boundary**: user-submitted claims/media to ingestion and AI systems. +2. **Identity Boundary**: authentication and recovery systems. +3. **Action Boundary**: policy engine and command execution paths. +4. **Evidence Boundary**: provenance ledger and audit trail. + +## Attack Scenarios (Priority) + +| ID | Scenario | Path | Impact | Likelihood | Priority | +| --- | --- | --- | --- | --- | --- | +| HDT-01 | Executive deepfake voice request for emergency transfer/access | Voice channel -> support desk -> privileged workflow | Critical | High | P0 | +| HDT-02 | Persona-cloned analyst injects fabricated "trusted lead" into case workflow | Chat/email -> analyst tooling -> graph update | High | High | P0 | +| HDT-03 | Sales/social engineering using HDT persona to elicit sensitive roadmap details | Customer/partner channels -> CRM/collab | High | Medium | P1 | +| HDT-04 | Whaling campaign with multi-channel consistency to bypass suspicion | Email + voice + video convergence | Critical | Medium | P0 | +| HDT-05 | Synthetic "known contact" poisoning to gain transitive trust | External profile -> relationship graph -> recommendation engine | High | Medium | P1 | + +## Control Objectives + +1. No single communication channel can authorize high-risk actions. +2. Identity assertions from human-like content are treated as **untrusted until verified**. +3. Every high-risk action must be evidence-linked and replay-auditable. +4. Agent actions must require policy-backed evidence, not confidence text. + +## Required Controls + +### Preventive + +- Multi-party approval for irreversible or high-impact actions. +- Out-of-band verifier challenge (cryptographic challenge or registered secure channel). +- Risk-adaptive step-up based on behavior drift + channel confidence. +- Hard deny if request provenance is missing or unverifiable. + +### Detective + +- Correlate channel events (email/voice/video/chat) by identity risk fingerprint. +- Alert on first-seen device/channel + urgency language + authority spoofing bundle. +- Detect graph anomalies: sudden high-centrality links to newly observed identities. + +### Corrective + +- One-click emergency trust revocation for compromised identity claims. +- Forensic bundle generation for each denied/flagged HDT incident. +- Automated rollback path for actions later proven synthetic. + +## Engineering Requirements + +1. All HDT-sensitive actions must pass policy-as-code checks in OPA/decision-policy. +2. Agent workflows must record evidence objects before mutating state. +3. High-risk workflows must emit observability events: + - `identity.assertion.received` + - `identity.stepup.required` + - `identity.stepup.result` + - `identity.action.blocked_hdt_risk` +4. Add deterministic test fixtures for synthetic persona attempts. + +## Verification Plan + +- Unit tests for risk scorer, channel-fusion scoring, and deny/allow policy branches. +- Integration tests for identity recovery and privileged action workflows under impersonation attempts. +- Red-team simulation pack for deepfake voice/video and chat impersonation. +- CI gate: reject changes to HDT-sensitive paths without updated threat-model evidence. + +## Residual Risk & Decision + +Residual risk remains **medium** after controls due to rapid synthetic media quality growth. +Decision: proceed with controlled rollout, mandatory human-in-the-loop for P0 actions, and monthly threat model refresh. + +## Rollback & Incident Triggers + +Rollback trigger conditions: + +- >1 confirmed HDT bypass of a privileged workflow in any 7-day window. +- Detection precision drops below agreed threshold for two consecutive runs. +- Evidence logging failure for any P0 control path. + +Rollback steps: + +1. Force manual approvals for all high-risk identity actions. +2. Disable automated execution paths tied to unverified persona claims. +3. Regenerate trust graph from last known-good provenance window. + +## References + +- `docs/security/threat-modeling-framework.md` +- `docs/security/prompt-injection-threat-model.md` +- `docs/security/threat-models/intelgraph-queries.md`