From 6e20b5b2f1e500b34c19562ea2d46af3104eface Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=F0=9D=90=8E=F0=9D=90=A7=F0=9D=90=9E=20=F0=9D=90=85?= =?UTF-8?q?=F0=9D=90=A2=F0=9D=90=A7=F0=9D=90=9E=20=F0=9D=90=92=F0=9D=90=AD?= =?UTF-8?q?=F0=9D=90=9A=F0=9D=90=AB=F0=9D=90=AC=F0=9D=90=AD=F0=9D=90=AE?= =?UTF-8?q?=F0=9D=90=9F=F0=9D=90=9F?= Date: Mon, 27 Apr 2026 12:55:41 +0630 Subject: [PATCH 1/2] Add quiet mode for governance validator success output --- .../workflows/gsifi-governance-artifacts.yml | 63 ++ Makefile | 18 + .../gien_governance_event_sample.json | 16 + .../sr_dsl_fairness_regression_v1.txt | 6 + docs/policies/sentinel-tiered-autonomy.rego | 28 + docs/reports/.markdownlint.json | 7 + ..._AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md | 594 ++++++++++++++++++ .../GSIFI_GOVERNANCE_ARTIFACTS_RUNBOOK.md | 60 ++ .../schemas/gien-governance-event.schema.json | 83 +++ pyproject.toml | 7 + scripts/__init__.py | 1 + scripts/validate_gsifi_governance_assets.py | 224 +++++++ setup.py | 2 + tests/conftest.py | 6 + .../test_validate_gsifi_governance_assets.py | 275 ++++++++ tests/test_validate_gsifi_governance_cli.py | 40 ++ tests => tests_tree.txt | 0 17 files changed, 1430 insertions(+) create mode 100644 .github/workflows/gsifi-governance-artifacts.yml create mode 100644 Makefile create mode 100644 docs/examples/gien_governance_event_sample.json create mode 100644 docs/examples/sr_dsl_fairness_regression_v1.txt create mode 100644 docs/policies/sentinel-tiered-autonomy.rego create mode 100644 docs/reports/.markdownlint.json create mode 100644 docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md create mode 100644 docs/reports/GSIFI_GOVERNANCE_ARTIFACTS_RUNBOOK.md create mode 100644 docs/schemas/gien-governance-event.schema.json create mode 100644 scripts/__init__.py create mode 100755 scripts/validate_gsifi_governance_assets.py create mode 100644 tests/conftest.py create mode 100644 tests/test_validate_gsifi_governance_assets.py create mode 100644 tests/test_validate_gsifi_governance_cli.py rename tests => tests_tree.txt (100%) diff --git a/.github/workflows/gsifi-governance-artifacts.yml b/.github/workflows/gsifi-governance-artifacts.yml new file mode 100644 index 0000000..780b65d --- /dev/null +++ b/.github/workflows/gsifi-governance-artifacts.yml @@ -0,0 +1,63 @@ +name: GSIFI Governance Artifacts CI + +on: + workflow_dispatch: + + push: + paths: &governance_paths + - 'docs/schemas/gien-governance-event.schema.json' + - 'docs/examples/gien_governance_event_sample.json' + - 'docs/examples/sr_dsl_fairness_regression_v1.txt' + - 'docs/policies/sentinel-tiered-autonomy.rego' + - 'docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md' + - 'docs/reports/GSIFI_GOVERNANCE_ARTIFACTS_RUNBOOK.md' + - 'docs/reports/.markdownlint.json' + - 'scripts/validate_gsifi_governance_assets.py' + - 'scripts/__init__.py' + - 'tests/**/*.py' + - 'pyproject.toml' + - 'setup.py' + - '.github/workflows/gsifi-governance-artifacts.yml' + - 'Makefile' + pull_request: + paths: *governance_paths + +permissions: + contents: read + +concurrency: + group: gsifi-governance-artifacts-${{ github.ref }} + cancel-in-progress: true + +jobs: + validate-governance-artifacts: + runs-on: ubuntu-latest + timeout-minutes: 10 + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: '3.11' + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20' + + - name: Install Python test dependencies + run: | + python -m pip install --upgrade pip + pip install -e .[governance] pytest + + - name: Verify installed console entrypoint + run: validate-gsifi-governance-assets --help + + - name: Run installed console entrypoint against default artifacts + run: validate-gsifi-governance-assets + + - name: Run governance check suite + run: make check-gsifi-governance diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..183371c --- /dev/null +++ b/Makefile @@ -0,0 +1,18 @@ +.DEFAULT_GOAL := check-gsifi-governance + +.PHONY: validate-gsifi-governance validate-gsifi-governance-module test-gsifi-governance lint-gsifi-governance check-gsifi-governance + +validate-gsifi-governance: + python scripts/validate_gsifi_governance_assets.py + +validate-gsifi-governance-module: + python -m scripts.validate_gsifi_governance_assets + +test-gsifi-governance: + python -m py_compile scripts/validate_gsifi_governance_assets.py tests/conftest.py tests/test_validate_gsifi_governance_assets.py tests/test_validate_gsifi_governance_cli.py + pytest -q tests + +lint-gsifi-governance: + npx --yes markdownlint-cli@0.39.0 --config docs/reports/.markdownlint.json docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md docs/reports/GSIFI_GOVERNANCE_ARTIFACTS_RUNBOOK.md + +check-gsifi-governance: validate-gsifi-governance validate-gsifi-governance-module test-gsifi-governance lint-gsifi-governance diff --git a/docs/examples/gien_governance_event_sample.json b/docs/examples/gien_governance_event_sample.json new file mode 100644 index 0000000..c2094fd --- /dev/null +++ b/docs/examples/gien_governance_event_sample.json @@ -0,0 +1,16 @@ +{ + "crs_uuid": "CRS-UUID-2026-04-24-000001", + "event_type": "ai.decision", + "timestamp_utc": "2026-04-24T12:00:00Z", + "institution_id": "BANK_GSIFI_001", + "jurisdiction_code": "EU", + "risk_tier": "TIER_2", + "model_id": "credit-risk-llm", + "model_version": "2.4.7", + "prompt_hash": "sha256:abc123", + "context_hash": "sha256:def456", + "policy_bundle_digest": "sha256:ghi789", + "decision_outcome": "approve_with_conditions", + "human_override_flag": false, + "signature": "sig:pqc-hybrid:xyz" +} diff --git a/docs/examples/sr_dsl_fairness_regression_v1.txt b/docs/examples/sr_dsl_fairness_regression_v1.txt new file mode 100644 index 0000000..21b1377 --- /dev/null +++ b/docs/examples/sr_dsl_fairness_regression_v1.txt @@ -0,0 +1,6 @@ +TEST fairness_regression_credit_v1 +SCOPE jurisdiction=UK product=retail_credit +ASSERT disparity_ratio <= 1.25 +ASSERT adverse_action_explanation_coverage >= 0.99 +ASSERT evidence_completeness == 1.0 +ON_FAIL severity=high remediation_window_days=14 diff --git a/docs/policies/sentinel-tiered-autonomy.rego b/docs/policies/sentinel-tiered-autonomy.rego new file mode 100644 index 0000000..1c1131c --- /dev/null +++ b/docs/policies/sentinel-tiered-autonomy.rego @@ -0,0 +1,28 @@ +package sentinel.governance + +default allow = false + +allow if { + input.risk_tier != "TIER_3" + input.policy_checks.passed + not input.sanctions_block +} + +allow if { + input.risk_tier == "TIER_3" + input.policy_checks.passed + input.dual_authorization + input.human_override_available + not input.sanctions_block +} + +violation[msg] if { + input.risk_tier == "TIER_3" + not input.dual_authorization + msg := "tier_3_requires_dual_authorization" +} + +violation[msg] if { + not input.human_override_available + msg := "human_override_must_be_available" +} diff --git a/docs/reports/.markdownlint.json b/docs/reports/.markdownlint.json new file mode 100644 index 0000000..a89ec03 --- /dev/null +++ b/docs/reports/.markdownlint.json @@ -0,0 +1,7 @@ +{ + "default": true, + "MD013": false, + "MD022": false, + "MD032": false, + "MD060": false +} diff --git a/docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md b/docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md new file mode 100644 index 0000000..97f60b8 --- /dev/null +++ b/docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md @@ -0,0 +1,594 @@ +# Comprehensive 2026–2030 Enterprise and Civilizational AGI/ASI Governance Blueprint +## For G-SIFI Institutions, Global Financial Regulators, and Critical Infrastructure Supervisors + +**Version:** 1.1 (Operationalized Revision) +**Date:** April 24, 2026 +**Audience:** Board Risk Committees, CRO/CTO/CISO organizations, model risk functions, prudential and conduct supervisors. +**Primary outcome:** Transition from policy-only AI governance to **proof-bearing, regulator-verifiable, and containment-ready** operations. + +--- + +## 1) Executive Summary + +This blueprint provides an implementable 2026–2030 operating model for AGI/ASI governance in global financial services. It combines: + +- **Sentinel AI v2.4** institutional governance plane. +- **WorkflowAI Pro** orchestration and enterprise agent execution controls. +- **Kubernetes + Kafka + OPA** zero-trust control substrate. +- **Regulator-grade reporting and supervision** using query-driven, cryptographically verifiable evidence. + +### 1.1 What is new in this revision + +1. Concrete control objectives with machine-enforcement patterns. +2. Explicit evidence schema and audit event requirements. +3. Cross-framework compliance mappings at control-family level. +4. Delivery sequencing with quarterly milestones (2026–2030). +5. Target-state metrics, thresholds, and board-level KRIs. +6. Minimum viable Annex IV-style dossier template. + +--- + +## 2) Scope and Risk Classification + +### 2.1 In-scope domains (minimum) + +- Credit origination and pricing +- Treasury and balance sheet optimization +- Fraud/AML/sanctions decision support +- Claims/underwriting (for insurers) +- Consumer advice and conversational channels +- Autonomous operations and agentic workflows touching regulated outcomes + +### 2.2 Risk tiers (institutional standard) + +- **Tier 0 (Low):** internal productivity, no regulated decision impact. +- **Tier 1 (Moderate):** customer-adjacent support, human-reviewed outputs. +- **Tier 2 (High):** materially influences financial/consumer outcomes. +- **Tier 3 (Critical):** can autonomously execute irreversible or market-sensitive actions. + +**Policy rule:** Tier 2/3 requires pre-deployment independent validation, post-deployment continuous monitoring, and regulator-ready evidence retention. + +--- + +## 3) Sentinel AI v2.4 — Institutional Governance Plane + +### 3.1 Logical architecture + +1. **Experience plane** + - Prompt gateway + - Agent API gateway + - Human oversight and intervention UI + +2. **Policy and control plane** + - OPA policy decision points (PDP) + - Policy enforcement points (PEP) embedded in APIs, runners, and agents + - Risk scoring service with jurisdiction profile overlays + +3. **Execution plane** + - WorkflowAI Pro planner/executor + - EAIP interoperability layer for multi-vendor agents + - Tool sandbox and data entitlements layer + +4. **Assurance plane** + - Model inventory and lineage registry + - SR 11‑7 validation pipelines + - Adversarial, fairness, robustness, and fail-safe test harnesses + +5. **Evidence and supervision plane** + - Kafka event backbone + - WORM evidence vault + - AI Governance Hub + GQL/SGQL interfaces + ARRE submission service + +### 3.2 Control gates by lifecycle stage + +- **Intake gate:** purpose legality, data classification, and jurisdiction checks +- **Build gate:** model card completeness, bias/fairness pre-checks, red-team baseline +- **Release gate:** independent validation sign-off, rollback test, canary constraints +- **Runtime gate:** OPA allow/deny/action transform, anomaly triggers, kill-switch readiness +- **Retirement gate:** decommission evidence and legal retention confirmation + +### 3.3 Reference deployment pattern (Kubernetes/Kafka/OPA) + +- Kubernetes namespaces by trust zone: + - `ai-public`, `ai-internal`, `ai-regulated`, `ai-containment` +- Kafka clusters: + - `gov-events` (policy + runtime) + - `assurance-events` (evaluation + testing) + - `reg-events` (supervisory and reporting) +- OPA deployment modes: + - Admission controller for workloads + - Sidecar authorization for runtime calls + - Batch evaluation service for periodic compliance attestation + +### 3.4 WORM evidence baseline (minimum retention metadata) + +Each event must include: +- `crs_uuid` +- `model_id` and `model_version` +- `prompt_hash` and `context_hash` +- `policy_bundle_digest` +- `decision_outcome` +- `human_override_flag` +- `jurisdiction_code` +- `timestamp_utc` +- `signature` + +--- + +## 4) WorkflowAI Pro — Enterprise Orchestration for Agentic Systems + +### 4.1 Stage model (production) + +1. **Intent capture and legal framing** +2. **Control synthesis (policy compilation)** +3. **Plan generation with bounded autonomy budget** +4. **Tool/data binding with entitlement checks** +5. **Execution with streaming conformance checks** +6. **Mandatory holdpoints for Tier 2/3 actions** +7. **Evidence closure and reporting packaging** + +### 4.2 Bounded autonomy controls + +- Hard ceilings for: + - Number of actions per workflow + - External calls per minute + - Monetary/position exposure per execution +- Escalation required when any ceiling is approached +- Automatic conversion to “advisory mode” on repeated policy near-miss patterns + +### 4.3 EAIP interoperability minimum contract + +- Agent identity and provenance claims +- Capability declaration and prohibited-actions declaration +- Safety profile (known failure modes + mitigation claims) +- Observability and evidence emission contract +- Kill-switch and revocation compatibility + +--- + +## 5) Institutional Governance Platform Components + +### 5.1 Required platform services + +- **AI Governance Hub**: dashboards and supervisory views +- **Policy Studio**: legal text → control objective → executable policy traceability +- **Model Risk Workbench**: SR 11‑7-aligned validation and challenger testing +- **Prompt Governance Registry**: ownership, approval status, risk tier metadata +- **Control Evidence Ledger**: immutable timelines and signatures +- **Containment Operations Center**: emergency isolation and fail-safe execution + +### 5.2 RACI baseline + +- **Board Risk Committee:** risk appetite, autonomy boundaries, annual attestation +- **CRO/2LOD:** policy ownership and challenge +- **CTO/CISO:** implementation, reliability, and security controls +- **Model Risk/Validation:** independent testing and release recommendations +- **Internal Audit:** periodic control effectiveness assurance +- **Regulatory Affairs:** ARRE submissions and supervisory coordination + +--- + +## 6) Unified Multi-Framework Compliance Crosswalk + +### 6.1 Crosswalk structure + +Each control family contains: +1. Control objective +2. Enforcement mechanism (policy-as-code + process) +3. Required evidence objects +4. Test frequency +5. Framework mappings + +### 6.2 Control-family mapping (example) + +| Control family | Enforcement | Primary evidence | Key mappings | +|---|---|---|---| +| Risk management and governance | OPA policy bundles + governance approvals | policy digests, approvals, exceptions | EU AI Act, NIST AI RMF Govern, ISO 42001, OECD | +| Data governance and rights | minimization/lineage checks + consent policy | data lineage, consent logs, DPIA references | GDPR, EU AI Act, FEAT | +| Model validation and monitoring | SR 11‑7 validation + drift/fairness tests | validation packs, challenger results, drift alerts | SR 11‑7, Basel III/IV, NIST Measure/Manage | +| Consumer fairness and explainability | adverse action and fairness controls | explanation artifacts, disparity metrics | FCRA/ECOA, Consumer Duty, FEAT | +| Cyber and operational resilience | zero-trust + incident controls | access logs, incident timelines, recovery tests | NIS2, ISO 42001, prudential resilience expectations | + +### 6.3 Annex IV-style dossier minimum fields + +- System description and intended purpose +- Design and architecture documentation +- Data sources and governance measures +- Risk management process and residual risks +- Human oversight design +- Performance metrics and limitations +- Post-market monitoring and incident handling plan +- Conformity assessment and change-management records + +--- + +## 7) Sentinel Enterprise AGI Containment Stack + +### 7.1 Containment readiness levels + +- **CRL-1:** enterprise controls only, no autonomous critical actions +- **CRL-2:** isolated high-risk testing and controlled pilot autonomy +- **CRL-3:** production containment hooks, rehearsed emergency controls +- **CRL-4:** civilizational-risk integrated stress playbooks and cross-border coordination + +### 7.2 Containment lab operating model + +- Air-gapped and semi-gapped lanes +- Reproducible simulation datasets +- Mandatory red-team suites: + - deception resilience + - unauthorized tool use + - covert communication attempts + - self-replication pathways + - market manipulation scenario injection + +### 7.3 Formal governance kernels + +- **TLA+** for liveness/safety of escalation and override workflows +- **Coq** for machine-checkable core policy invariants +- **Q# track** for quantum-era threat and cryptography transition scenario modeling + +### 7.4 Unified Meta‑Invariant Framework (UMIF) + +1. Identity integrity cannot be bypassed. +2. Policy checks are mandatory before externalized actions. +3. All high-impact actions are attributable. +4. Human override remains available under degraded modes. +5. Autonomy remains bounded by pre-defined budgets. +6. Rights-preserving data governance is enforced. +7. Financial stability constraints supersede optimization goals. +8. Sanctions and legal obligations are non-optional constraints. +9. Contagion controls trigger on correlated anomaly patterns. +10. Safe-degrade behavior is testable and rehearsed. + +### 7.5 Cryptographic trust mechanisms + +- zk-SNARK proofs for selected compliance predicates +- CAS/CAS‑SPP exchanges for supervisor verification workflows +- Hybrid classical + PQC signatures with crypto-agility rollback strategy +- Timestamped, signed evidence chains anchored to immutable storage + +### 7.6 GIEN telemetry and CRS‑UUID lineage + +- **GIEN protocol** for standardized incident/evidence exchange +- **CRS‑UUID** for end-to-end traceability across prompt → model → tool → action → outcome +- Regulator-consumable event projections with legal-jurisdiction filtering + +### 7.7 Global sanctions propagation + +- Signed sanctions policy packs +- Jurisdiction precedence resolver +- Time-bounded emergency override with legal counsel co-approval +- Mandatory post-incident legal and compliance reconciliation log + +--- + +## 8) Regulator-Grade Supervision and Reporting Stack + +### 8.1 AI Governance Hub supervisory mode + +- Role-scoped regulator tenants +- Drill-down from aggregate risk to single-decision provenance +- Independent replay support for selected decisions + +### 8.2 Governance Query Language family + +- **GQL:** historical and ad hoc governance/evidence queries +- **SGQL:** streaming governance detection for near-real-time supervision +- **R-SGQL:** regulator-scoped subsets with legal controls and query audit logs + +### 8.3 Automated Regulator Reporting Engine (ARRE) + +- Scheduled and event-triggered reporting +- Annex IV-style dossier generation +- SR 11‑7 documentation packs +- Signed submission receipts and immutable archive pointers + +### 8.4 Verification-based supervisory protocol + +- Claim declaration by institution +- Machine-verifiable proof package attachment +- Supervisor replay/spot-check process +- Exception and remediation workflow with timer-based closure targets + +### 8.5 SR‑DSL supervisory test definitions + +Use SR‑DSL to encode: +- fairness regression checks +- sanctions compliance checks +- policy bypass attempts +- autonomy budget violations +- incident-reporting timeliness checks + +--- + +## 9) Enterprise Product Implementation Guidance + +### 9.1 Prompt governance implementation + +- Prompt IDs, versioning, ownership, and expiration policies +- Security scanning for injection/exfiltration signatures +- Jurisdiction-aware prompt templates with prohibited-content fragments + +### 9.2 Agent governance implementation + +- Capability passports and revocation lists +- Dual-control for Tier 3 delegated actions +- Agent behavior drift thresholds and automatic downgrade logic + +### 9.3 Model risk and validation integration + +- Independent validation before Tier 2/3 production release +- Mandatory challenger models for material decisions +- Drift-triggered retraining and re-approval gates + +--- + +## 10) Systemic-Risk Controls for G-SIFIs and Supervisors + +1. **Concentration limits:** cap dependency on single model/provider/control service. +2. **Correlation stress testing:** multi-entity failure propagation exercises. +3. **Autonomous market activity brakes:** hard exposure ceilings and latency-safe kill switches. +4. **Contagion breakers:** cross-business circuit breakers for coordinated anomalies. +5. **Liquidity/capital linkage analysis:** model error pathways to P&L and solvency metrics. +6. **Cross-market integrity monitoring:** coordinated detection of manipulation and misinformation. +7. **Third-party utility oversight:** critical provider control testing and failover requirements. +8. **Crisis coordination:** central bank/supervisor/market operator escalation playbook. + +--- + +## 11) Phased 2026–2030 Roadmap (Quarterly Milestones) + +### Phase 1: Foundation (Q2 2026–Q1 2027) + +- Q2 2026: establish control taxonomy and policy authoring standards +- Q3 2026: deploy OPA/Kafka evidence baseline in regulated workloads +- Q4 2026: onboard Tier 2 use cases to governance and evidence pipelines +- Q1 2027: first full internal Annex IV-style dossier dry run + +**Target thresholds by Q1 2027:** +- ≥90% Tier 2 workflows produce complete evidence records +- 100% Tier 3 workflows require dual authorization and override tests + +### Phase 2: Industrialization (Q2 2027–Q4 2028) + +- integrate WorkflowAI Pro orchestration and EAIP contracts +- deploy SGQL monitoring with real-time policy breach alerts +- automate ARRE filing packs for top supervisory jurisdictions +- run annual cross-border supervisory pilot using proof-bearing reports + +**Target thresholds by Q4 2028:** +- ≥95% high-risk decisions replayable within supervisory SLA +- ≥80% recurring supervisory reports auto-generated + +### Phase 3: Assurance at Scale (2029) + +- formalize TLA+/Coq proofs for critical escalation and override paths +- operationalize CAS/CAS‑SPP verification with selected supervisors +- run multi-firm systemic AI contagion simulations + +**Target thresholds by end-2029:** +- zero unresolved critical policy-bypass defects >30 days +- supervisory proof acceptance rate ≥90% in pilot scope + +### Phase 4: Civilizational Readiness (2030) + +- operational CRL-4 containment protocols and fail-safe drills +- enforce GIEN telemetry and CRS‑UUID lineage for critical workflows +- integrate civilizational stress scenarios into ICAAP/ORSA and recovery planning + +**Target thresholds by end-2030:** +- enterprise-wide annual containment rehearsal completion: 100% +- severe-incident regulator notification timeliness within jurisdictional requirements + +--- + +## 12) Metrics, KRIs, and Board Reporting + +### 12.1 Operational metrics + +- policy decision latency (p95/p99) +- deny/allow/override rates by tier +- evidence completeness ratio +- replay determinism success rate +- model/prompt/agent drift detection frequency + +### 12.2 Consumer and fairness metrics + +- disparity ratios by protected class proxy controls +- adverse action explanation coverage and quality score +- complaint correlation to AI-assisted decisions + +### 12.3 Systemic and resilience metrics + +- correlated anomaly index across entities +- containment activation time +- MTTD/MTTC/MTTR for AI incidents +- cross-jurisdiction reporting SLA compliance + +--- + +## 13) 180-Day Action Plan (Immediate) + +1. Approve AGI/ASI risk appetite and autonomy ceilings. +2. Mandate policy-as-code non-bypass architecture for all Tier 2/3 use cases. +3. Launch enterprise evidence schema (CRS‑UUID + signatures) in Kafka events. +4. Stand up ARRE MVP for one prudential and one conduct reporting lane. +5. Run first AGI containment tabletop and emergency kill-switch drill. +6. Establish supervisory engagement track for proof-based reporting pilots. + +--- + +## 14) Implementation Notes by Institution Type + +### 14.1 Global banks + +Prioritize treasury, trading controls, credit decisions, sanctions/AML, and consumer channels with high legal exposure and contagion risk. + +### 14.2 Insurers + +Prioritize underwriting fairness, claims fraud controls, catastrophe-model governance, and explainability in claims decisions. + +### 14.3 Supervisors and central banks + +Adopt standardized telemetry schemas, proof-bearing review methods, and common scenario libraries for system-wide testing. + +--- + +## 15) Minimum Viable Artifact Pack (for audits and supervision) + +- Enterprise AI risk policy and autonomy matrix +- Control catalog with executable policy references +- Model inventory and validation packs +- Prompt and agent registries with approvals +- Incident response and containment playbooks +- Annex IV-style dossier templates and completed exemplars +- Quarterly board pack (KRIs, incidents, exceptions, remediation) + +--- + +## 16) Concluding Position + +For global finance, AGI/ASI governance must function as critical infrastructure: continuously controlled, independently challengeable, cryptographically evidenced, and supervisor-verifiable. Sentinel AI v2.4 and WorkflowAI Pro should be implemented as interoperable governance and execution layers within a broader civilizational safety posture that protects consumers, markets, institutions, and systemic stability. + +--- + +## 17) Implementation-Ready Technical Annexes + +### 17.1 Example governance event schema (JSON) + +```json +{ + "crs_uuid": "CRS-UUID-2026-04-24-000001", + "event_type": "ai.decision", + "timestamp_utc": "2026-04-24T12:00:00Z", + "institution_id": "BANK_GSIFI_001", + "jurisdiction_code": "EU", + "risk_tier": "TIER_2", + "model_id": "credit-risk-llm", + "model_version": "2.4.7", + "prompt_hash": "sha256:...", + "context_hash": "sha256:...", + "policy_bundle_digest": "sha256:...", + "decision_outcome": "approve_with_conditions", + "human_override_flag": false, + "signature": "sig:pqc-hybrid:..." +} +``` + +### 17.2 Example OPA policy skeleton (Rego) + +```rego +package sentinel.governance + +default allow = false + +allow if { + input.risk_tier != "TIER_3" + input.policy_checks.passed == true + input.sanctions_block == false +} + +allow if { + input.risk_tier == "TIER_3" + input.policy_checks.passed == true + input.dual_authorization == true + input.human_override_available == true + input.sanctions_block == false +} +``` + +### 17.3 Example Kafka topic contract (minimum) + +- `ai.decision.v1` +- `ai.override.v1` +- `ai.incident.v1` +- `ai.attestation.v1` + +For each topic, enforce schema registry compatibility mode (`BACKWARD_TRANSITIVE`) and signed producer identity. + +### 17.4 Example SR‑DSL supervisory test case (illustrative) + +```text +TEST fairness_regression_credit_v1 +SCOPE jurisdiction=UK product=retail_credit +ASSERT disparity_ratio <= 1.25 +ASSERT adverse_action_explanation_coverage >= 0.99 +ASSERT evidence_completeness == 1.0 +ON_FAIL severity=high remediation_window_days=14 +``` + +--- + +### 17.5 Repository reference artifacts + +The examples above are also available as reusable files for implementation teams: + +- `docs/schemas/gien-governance-event.schema.json` +- `docs/examples/gien_governance_event_sample.json` +- `docs/policies/sentinel-tiered-autonomy.rego` +- `docs/examples/sr_dsl_fairness_regression_v1.txt` +- `scripts/validate_gsifi_governance_assets.py` +- `docs/reports/GSIFI_GOVERNANCE_ARTIFACTS_RUNBOOK.md` + +Run `python scripts/validate_gsifi_governance_assets.py` in CI to validate +these baseline artifacts before release sign-off. + +## 18) Control Acceptance Criteria (Definition of Done) + +A Tier 2/3 AI use case is not "production-ready" unless all criteria are met: + +1. Policy-as-code checks compile and pass with signed bundles. +2. Independent validation report is complete and approved. +3. Kill-switch drill completed in last 90 days. +4. Evidence completeness measured at 100% for critical fields. +5. Drift/fairness monitors configured with thresholds and alert routes. +6. ARRE reporting package generation tested for at least one jurisdiction. +7. Exception handling and remediation SLA owners assigned. + +--- + +## 19) Regulator Engagement Playbook (Practical) + +### 19.1 First 90 days of supervisory engagement + +- Week 1–2: submit architecture, control taxonomy, and evidence schema. +- Week 3–6: run joint walkthrough of one Tier 2 use case end-to-end. +- Week 7–10: provide proof-bearing sample report + replay demonstration. +- Week 11–13: close gaps, agree target supervisory cadence. + +### 19.2 Evidence package for pilot examinations + +- AI system inventory and risk-tier matrix +- One complete Annex IV-style dossier +- Two full decision lineages with replay outputs +- Incident simulation report with remediation evidence +- Policy exception register and closure status + +--- + +## 20) Common Failure Modes and Required Countermeasures + +1. **Policy drift in production** + Countermeasure: signed bundle verification + deployment admission checks + daily drift scans. + +2. **Silent evidence gaps** + Countermeasure: schema enforcement at ingest + non-null critical fields + daily completeness attestations. + +3. **Autonomy creep** + Countermeasure: immutable autonomy budget controls + monthly variance reviews by 2LOD. + +4. **Cross-border compliance conflicts** + Countermeasure: jurisdiction precedence matrix + legal override workflow + reconciliation log. + +5. **Third-party model opacity** + Countermeasure: contractual evidence rights + black-box stress tests + fallback model requirements. + +6. **Delayed supervisory reporting** + Countermeasure: ARRE timer-based alerts + escalation to named SMCR/Accountable Executive owners. + +--- + +### Final Operating Principle + +Any AI capability that can influence customer outcomes, market integrity, or systemic stability must be managed as a controlled function with mandatory policy enforcement, immutable evidence, independent challenge, and regulator-verifiable accountability. diff --git a/docs/reports/GSIFI_GOVERNANCE_ARTIFACTS_RUNBOOK.md b/docs/reports/GSIFI_GOVERNANCE_ARTIFACTS_RUNBOOK.md new file mode 100644 index 0000000..96925aa --- /dev/null +++ b/docs/reports/GSIFI_GOVERNANCE_ARTIFACTS_RUNBOOK.md @@ -0,0 +1,60 @@ +# GSIFI Governance Artifacts Runbook + +This runbook defines the minimum operator workflow for maintaining and validating the +GSIFI governance artifact set. + +## Artifact inventory + +- Schema: `docs/schemas/gien-governance-event.schema.json` +- Sample event: `docs/examples/gien_governance_event_sample.json` +- Rego policy: `docs/policies/sentinel-tiered-autonomy.rego` +- SR-DSL sample: `docs/examples/sr_dsl_fairness_regression_v1.txt` +- Blueprint: `docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md` +- Validator: `scripts/validate_gsifi_governance_assets.py` +- Tests: `tests/` (including `tests/test_validate_gsifi_governance_assets.py` and `tests/test_validate_gsifi_governance_cli.py`) + +## Local validation sequence + +Quick all-in-one check: + +```bash +make check-gsifi-governance +``` + +Run these commands before pushing changes: + +```bash +make validate-gsifi-governance +make validate-gsifi-governance-module +make test-gsifi-governance +make lint-gsifi-governance +``` + +Optional installed-CLI smoke check (after `pip install -e .[governance]`): + +```bash +validate-gsifi-governance-assets --help +validate-gsifi-governance-assets +``` + +## CI workflow + +Workflow file: `.github/workflows/gsifi-governance-artifacts.yml` + +CI automatically runs on pull requests and pushes that touch governance artifacts. + +## Change policy + +1. Keep schema and sample synchronized. +2. Do not remove Tier 3 dual-authorization/human-override controls from Rego examples. +3. Preserve `TEST`, `SCOPE`, `ASSERT`, and `ON_FAIL` directives for SR-DSL samples. +4. Update tests when validator behavior changes. + +## Incident response for failed checks + +- **Schema/sample failure:** align required fields/types/formats, then rerun validator. +- **Rego fragment failure:** restore required control fragments and violation messages. +- **SR-DSL failure:** fix directive structure and ensure at least two `ASSERT` lines. +- **Markdown lint failure:** fix formatting in the report file or update scoped lint config. + +Note: validator failures are emitted to `stderr` with the prefix `VALIDATION FAILED`. diff --git a/docs/schemas/gien-governance-event.schema.json b/docs/schemas/gien-governance-event.schema.json new file mode 100644 index 0000000..2420c96 --- /dev/null +++ b/docs/schemas/gien-governance-event.schema.json @@ -0,0 +1,83 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://example.org/schemas/gien-governance-event.schema.json", + "title": "GIEN Governance Event", + "description": "Canonical governance and supervision event record for Sentinel AI v2.4", + "type": "object", + "required": [ + "crs_uuid", + "event_type", + "timestamp_utc", + "institution_id", + "jurisdiction_code", + "risk_tier", + "model_id", + "model_version", + "policy_bundle_digest", + "decision_outcome", + "human_override_flag", + "signature" + ], + "properties": { + "crs_uuid": { + "type": "string", + "pattern": "^CRS-UUID-[0-9]{4}-[0-9]{2}-[0-9]{2}-[0-9]{6}$" + }, + "event_type": { + "type": "string", + "enum": [ + "ai.decision", + "ai.override", + "ai.incident", + "ai.attestation" + ] + }, + "timestamp_utc": { + "type": "string", + "format": "date-time" + }, + "institution_id": { + "type": "string", + "minLength": 3 + }, + "jurisdiction_code": { + "type": "string", + "minLength": 2, + "maxLength": 8 + }, + "risk_tier": { + "type": "string", + "enum": [ + "TIER_0", + "TIER_1", + "TIER_2", + "TIER_3" + ] + }, + "model_id": { + "type": "string" + }, + "model_version": { + "type": "string" + }, + "prompt_hash": { + "type": "string" + }, + "context_hash": { + "type": "string" + }, + "policy_bundle_digest": { + "type": "string" + }, + "decision_outcome": { + "type": "string" + }, + "human_override_flag": { + "type": "boolean" + }, + "signature": { + "type": "string" + } + }, + "additionalProperties": false +} diff --git a/pyproject.toml b/pyproject.toml index c3140cb..0229b49 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -24,3 +24,10 @@ dependencies = [ "loguru", "nest_asyncio", ] + + +[project.optional-dependencies] +governance = ["jsonschema"] + +[project.scripts] +validate-gsifi-governance-assets = "scripts.validate_gsifi_governance_assets:main" diff --git a/scripts/__init__.py b/scripts/__init__.py new file mode 100644 index 0000000..0023da3 --- /dev/null +++ b/scripts/__init__.py @@ -0,0 +1 @@ +"""Utility scripts package.""" diff --git a/scripts/validate_gsifi_governance_assets.py b/scripts/validate_gsifi_governance_assets.py new file mode 100755 index 0000000..94844b1 --- /dev/null +++ b/scripts/validate_gsifi_governance_assets.py @@ -0,0 +1,224 @@ +#!/usr/bin/env python3 +"""Lightweight validation for GSIFI governance artifacts.""" + +from __future__ import annotations + +import argparse +import datetime as dt +import functools +import importlib +import importlib.util +import json +import re +import sys +from pathlib import Path + +ROOT = Path(__file__).resolve().parents[1] +SCHEMA_PATH = ROOT / "docs/schemas/gien-governance-event.schema.json" +SAMPLE_EVENT_PATH = ROOT / "docs/examples/gien_governance_event_sample.json" +REGO_PATH = ROOT / "docs/policies/sentinel-tiered-autonomy.rego" +SR_DSL_PATH = ROOT / "docs/examples/sr_dsl_fairness_regression_v1.txt" + + +class ValidationError(RuntimeError): + pass + + +def _read_text(path: Path) -> str: + try: + return path.read_text(encoding="utf-8") + except OSError as exc: + raise ValidationError(f"Unable to read file: {path}: {exc}") from exc + + +def load_json(path: Path) -> dict: + try: + return json.loads(_read_text(path)) + except json.JSONDecodeError as exc: + raise ValidationError(f"Unable to parse JSON: {path}: {exc}") from exc + + +def _matches_json_type(value: object, expected_type: str) -> bool: + if expected_type == "string": + return isinstance(value, str) + if expected_type == "boolean": + return isinstance(value, bool) + if expected_type == "number": + return isinstance(value, (int, float)) and not isinstance(value, bool) + if expected_type == "integer": + return isinstance(value, int) and not isinstance(value, bool) + if expected_type == "object": + return isinstance(value, dict) + if expected_type == "array": + return isinstance(value, list) + if expected_type == "null": + return value is None + return False + + +def _validate_type(value: object, expected_type: str | list[str], key: str) -> None: + expected_types = [expected_type] if isinstance(expected_type, str) else expected_type + if any(_matches_json_type(value, candidate) for candidate in expected_types): + return + + expected_display = ", ".join(expected_types) + raise ValidationError( + f"Field '{key}' must match JSON Schema type(s): {expected_display}; " + f"got '{type(value).__name__}'" + ) + + +def _validate_date_time(value: str, key: str) -> None: + if not value.endswith("Z"): + raise ValidationError(f"Field '{key}' must be UTC and end with 'Z'") + try: + dt.datetime.fromisoformat(value.replace("Z", "+00:00")) + except ValueError as exc: + raise ValidationError(f"Field '{key}' is not valid RFC3339 datetime") from exc + +@functools.lru_cache(maxsize=1) +def _get_jsonschema_validator() -> type | None: + if importlib.util.find_spec("jsonschema") is None: + return None + try: + jsonschema_module = importlib.import_module("jsonschema") + except ImportError: + return None + return getattr(jsonschema_module, "Draft202012Validator", None) + + +def _validate_with_jsonschema(schema: dict, sample: dict) -> None: + validator_type = _get_jsonschema_validator() + if validator_type is None: + return + + validator = validator_type(schema) + errors = sorted(validator.iter_errors(sample), key=lambda e: e.path) + if errors: + first = errors[0] + path = ".".join(str(p) for p in first.path) or "" + raise ValidationError(f"JSON Schema validation failed at {path}: {first.message}") + +def validate_event_schema_and_sample( + schema_path: Path = SCHEMA_PATH, + sample_path: Path = SAMPLE_EVENT_PATH, +) -> None: + schema = load_json(schema_path) + sample = load_json(sample_path) + if not isinstance(schema, dict): + raise ValidationError("Schema root must be a JSON object") + if not isinstance(sample, dict): + raise ValidationError("Sample event root must be a JSON object") + + _validate_with_jsonschema(schema, sample) + + required = schema.get("required", []) + if not isinstance(required, list): + raise ValidationError("Schema field 'required' must be a list") + missing = [k for k in required if k not in sample] + if missing: + raise ValidationError(f"Sample event missing required keys: {missing}") + + properties = schema.get("properties", {}) + if not isinstance(properties, dict): + raise ValidationError("Schema field 'properties' must be an object") + additional_allowed = schema.get("additionalProperties", True) + if additional_allowed is False: + allowed = set(properties.keys()) + extras = [k for k in sample if k not in allowed] + if extras: + raise ValidationError(f"Sample event contains unknown keys: {extras}") + + for key, value in sample.items(): + prop = properties.get(key, {}) + + expected_type = prop.get("type") + if expected_type: + _validate_type(value, expected_type, key) + + enum = prop.get("enum") + if enum and value not in enum: + raise ValidationError(f"Field '{key}' is not in allowed enum: {value}") + + pattern = prop.get("pattern") + if pattern and isinstance(value, str) and re.fullmatch(pattern, value) is None: + raise ValidationError(f"Field '{key}' does not match required pattern") + + min_len = prop.get("minLength") + if min_len is not None and isinstance(value, str) and len(value) < min_len: + raise ValidationError(f"Field '{key}' shorter than minLength={min_len}") + + max_len = prop.get("maxLength") + if max_len is not None and isinstance(value, str) and len(value) > max_len: + raise ValidationError(f"Field '{key}' longer than maxLength={max_len}") + + if prop.get("format") == "date-time" and isinstance(value, str): + _validate_date_time(value, key) + + +def validate_rego_policy(rego_path: Path = REGO_PATH) -> None: + text = _read_text(rego_path) + required_fragments = [ + "package sentinel.governance", + "default allow = false", + "allow if", + "violation[msg] if", + "tier_3_requires_dual_authorization", + "human_override_must_be_available", + ] + missing = [frag for frag in required_fragments if frag not in text] + if missing: + raise ValidationError(f"Rego policy missing expected fragments: {missing}") + + +def validate_sr_dsl(sr_dsl_path: Path = SR_DSL_PATH) -> None: + lines = [line.strip() for line in _read_text(sr_dsl_path).splitlines() if line.strip()] + expected_prefixes = ["TEST ", "SCOPE ", "ASSERT ", "ON_FAIL "] + if not lines or not lines[0].startswith("TEST "): + raise ValidationError("SR-DSL must begin with TEST") + + if not any(line.startswith("SCOPE ") for line in lines): + raise ValidationError("SR-DSL missing SCOPE line") + + if sum(1 for line in lines if line.startswith("ASSERT ")) < 2: + raise ValidationError("SR-DSL should include at least two ASSERT lines") + + if not any(line.startswith("ON_FAIL ") for line in lines): + raise ValidationError("SR-DSL missing ON_FAIL line") + + for line in lines: + if not any(line.startswith(prefix) for prefix in expected_prefixes): + raise ValidationError(f"Unexpected SR-DSL directive: {line}") + + +def parse_args(argv: list[str] | None = None) -> argparse.Namespace: + parser = argparse.ArgumentParser(description="Validate GSIFI governance artifacts") + parser.add_argument("--schema", type=Path, default=SCHEMA_PATH) + parser.add_argument("--sample", type=Path, default=SAMPLE_EVENT_PATH) + parser.add_argument("--rego", type=Path, default=REGO_PATH) + parser.add_argument("--srdsl", type=Path, default=SR_DSL_PATH) + parser.add_argument( + "--quiet", + action="store_true", + help="Suppress success output; failures are still printed to stderr.", + ) + return parser.parse_args(argv) + + +def main(argv: list[str] | None = None) -> int: + args = parse_args(argv) + try: + validate_event_schema_and_sample(args.schema, args.sample) + validate_rego_policy(args.rego) + validate_sr_dsl(args.srdsl) + except ValidationError as exc: + print(f"VALIDATION FAILED: {exc}", file=sys.stderr) + return 1 + + if not args.quiet: + print("All GSIFI governance artifact checks passed.") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/setup.py b/setup.py index 3e13536..78720a5 100644 --- a/setup.py +++ b/setup.py @@ -16,4 +16,6 @@ "loguru", "nest_asyncio", ], + extras_require={"governance": ["jsonschema"]}, + entry_points={"console_scripts": ["validate-gsifi-governance-assets=scripts.validate_gsifi_governance_assets:main"]}, ) diff --git a/tests/conftest.py b/tests/conftest.py new file mode 100644 index 0000000..17cdbe1 --- /dev/null +++ b/tests/conftest.py @@ -0,0 +1,6 @@ +from pathlib import Path +import sys + +ROOT = Path(__file__).resolve().parents[1] +if str(ROOT) not in sys.path: + sys.path.insert(0, str(ROOT)) diff --git a/tests/test_validate_gsifi_governance_assets.py b/tests/test_validate_gsifi_governance_assets.py new file mode 100644 index 0000000..755b89d --- /dev/null +++ b/tests/test_validate_gsifi_governance_assets.py @@ -0,0 +1,275 @@ +import json +from pathlib import Path + +import pytest +import scripts.validate_gsifi_governance_assets as validator + + +def test_validate_event_schema_and_sample_passes() -> None: + validator.validate_event_schema_and_sample() + + +def test_validate_rego_policy_passes() -> None: + validator.validate_rego_policy() + + +def test_validate_sr_dsl_passes() -> None: + validator.validate_sr_dsl() + + +def test_validation_error_type() -> None: + assert issubclass(validator.ValidationError, RuntimeError) + + +def test_validate_event_schema_and_sample_fails_on_missing_required_key( + tmp_path: Path, +) -> None: + schema = { + "required": ["crs_uuid", "event_type"], + "properties": { + "crs_uuid": {"type": "string"}, + "event_type": {"type": "string", "enum": ["ai.decision"]}, + }, + } + sample = {"crs_uuid": "CRS-UUID-2026-04-24-000001"} + + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + with pytest.raises(validator.ValidationError, match="missing required keys"): + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_validate_event_schema_and_sample_fails_on_non_utc_datetime( + tmp_path: Path, +) -> None: + schema = { + "required": ["timestamp_utc"], + "properties": { + "timestamp_utc": {"type": "string", "format": "date-time"} + }, + } + sample = {"timestamp_utc": "2026-04-24T12:00:00+00:00"} + + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + with pytest.raises(validator.ValidationError, match="end with 'Z'"): + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_validate_sr_dsl_fails_on_invalid_directive(tmp_path: Path) -> None: + dsl_path = tmp_path / "bad.dsl" + dsl_path.write_text( + "\n".join( + [ + "TEST bad", + "SCOPE jurisdiction=UK product=retail_credit", + "ASSERT disparity_ratio <= 1.25", + "ASSERT evidence_completeness == 1.0", + "BROKEN something", + "ON_FAIL severity=high remediation_window_days=14", + ] + ) + ) + + with pytest.raises(validator.ValidationError, match="Unexpected SR-DSL directive"): + validator.validate_sr_dsl(dsl_path) + + +def test_main_returns_1_when_validation_fails() -> None: + assert validator.main(["--schema", "does/not/exist.json"]) == 1 + + +def test_main_returns_0_and_prints_success(capsys: pytest.CaptureFixture[str]) -> None: + assert validator.main([]) == 0 + captured = capsys.readouterr() + assert "All GSIFI governance artifact checks passed." in captured.out + + +def test_main_quiet_suppresses_success_output(capsys: pytest.CaptureFixture[str]) -> None: + assert validator.main(["--quiet"]) == 0 + captured = capsys.readouterr() + assert captured.out == "" + + +def test_validate_event_schema_allows_additional_properties_when_enabled( + tmp_path: Path, +) -> None: + schema = { + "required": ["foo"], + "properties": {"foo": {"type": "string"}}, + "additionalProperties": True, + } + sample = {"foo": "ok", "bar": "extra"} + + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_get_jsonschema_validator_returns_none_when_validator_missing( + monkeypatch: pytest.MonkeyPatch, +) -> None: + class _JsonschemaWithoutDraft: + pass + + validator._get_jsonschema_validator.cache_clear() + monkeypatch.setattr(validator.importlib.util, "find_spec", lambda _name: object()) + monkeypatch.setattr( + validator.importlib, + "import_module", + lambda _name: _JsonschemaWithoutDraft(), + ) + + assert validator._get_jsonschema_validator() is None + validator._get_jsonschema_validator.cache_clear() + + +def test_get_jsonschema_validator_returns_none_on_import_error( + monkeypatch: pytest.MonkeyPatch, +) -> None: + validator._get_jsonschema_validator.cache_clear() + monkeypatch.setattr(validator.importlib.util, "find_spec", lambda _name: object()) + + def _raise_import_error(_name: str) -> None: + raise ImportError("boom") + + monkeypatch.setattr(validator.importlib, "import_module", _raise_import_error) + assert validator._get_jsonschema_validator() is None + validator._get_jsonschema_validator.cache_clear() + + +def test_validate_event_schema_rejects_boolean_for_integer_field( + tmp_path: Path, +) -> None: + schema = { + "required": ["count"], + "properties": {"count": {"type": "integer"}}, + } + sample = {"count": True} + + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + with pytest.raises(validator.ValidationError, match="must match JSON Schema type"): + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_main_returns_1_when_rego_file_missing() -> None: + assert validator.main(["--rego", "does/not/exist.rego"]) == 1 + + +def test_main_returns_1_when_srdsl_file_missing() -> None: + assert validator.main(["--srdsl", "does/not/exist.txt"]) == 1 + + +def test_validate_event_schema_fails_when_schema_root_is_not_object( + tmp_path: Path, +) -> None: + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(["not", "an", "object"])) + sample_path.write_text(json.dumps({"foo": "bar"})) + + with pytest.raises(validator.ValidationError, match="Schema root must be a JSON object"): + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_validate_event_schema_fails_when_sample_root_is_not_object( + tmp_path: Path, +) -> None: + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps({"type": "object"})) + sample_path.write_text(json.dumps(["not", "an", "object"])) + + with pytest.raises( + validator.ValidationError, + match="Sample event root must be a JSON object", + ): + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_validate_event_schema_supports_object_and_array_types(tmp_path: Path) -> None: + schema = { + "required": ["meta", "tags"], + "properties": { + "meta": {"type": "object"}, + "tags": {"type": "array"}, + }, + } + sample = {"meta": {"owner": "risk"}, "tags": ["tier3", "credit"]} + + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_validate_event_schema_supports_union_types(tmp_path: Path) -> None: + schema = { + "required": ["score"], + "properties": {"score": {"type": ["integer", "null"]}}, + } + sample = {"score": None} + + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_validate_event_schema_fails_on_unknown_type_keyword(tmp_path: Path) -> None: + schema = { + "required": ["field"], + "properties": {"field": {"type": "definitely_not_a_jsonschema_type"}}, + } + sample = {"field": "value"} + + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + with pytest.raises(validator.ValidationError, match="must match JSON Schema type"): + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_validate_event_schema_fails_when_required_is_not_list(tmp_path: Path) -> None: + schema = {"required": "not-a-list", "properties": {"foo": {"type": "string"}}} + sample = {"foo": "value"} + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + with pytest.raises(validator.ValidationError, match="required' must be a list"): + validator.validate_event_schema_and_sample(schema_path, sample_path) + + +def test_validate_event_schema_fails_when_properties_is_not_object( + tmp_path: Path, +) -> None: + schema = {"required": [], "properties": ["not-an-object"]} + sample = {} + schema_path = tmp_path / "schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps(schema)) + sample_path.write_text(json.dumps(sample)) + + with pytest.raises(validator.ValidationError, match="properties' must be an object"): + validator.validate_event_schema_and_sample(schema_path, sample_path) diff --git a/tests/test_validate_gsifi_governance_cli.py b/tests/test_validate_gsifi_governance_cli.py new file mode 100644 index 0000000..feb04f0 --- /dev/null +++ b/tests/test_validate_gsifi_governance_cli.py @@ -0,0 +1,40 @@ +import json +import subprocess +import sys +from pathlib import Path + + +def test_cli_module_invocation_succeeds() -> None: + result = subprocess.run( + [sys.executable, "-m", "scripts.validate_gsifi_governance_assets"], + capture_output=True, + text=True, + check=False, + ) + assert result.returncode == 0 + assert "All GSIFI governance artifact checks passed." in result.stdout + + +def test_cli_returns_nonzero_for_bad_schema(tmp_path: Path) -> None: + schema_path = tmp_path / "bad-schema.json" + sample_path = tmp_path / "sample.json" + schema_path.write_text(json.dumps({"type": "object", "required": ["foo"], "properties": {"foo": {"type": "string"}}})) + sample_path.write_text(json.dumps({"bar": "x"})) + + result = subprocess.run( + [ + sys.executable, + "-m", + "scripts.validate_gsifi_governance_assets", + "--schema", + str(schema_path), + "--sample", + str(sample_path), + ], + capture_output=True, + text=True, + check=False, + ) + + assert result.returncode == 1 + assert "VALIDATION FAILED" in result.stderr diff --git a/tests b/tests_tree.txt similarity index 100% rename from tests rename to tests_tree.txt From cc489338f1145a729ac9b00c86a6ebf502360dd5 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 27 Apr 2026 07:36:29 +0000 Subject: [PATCH 2/2] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- ...I_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md b/docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md index 97f60b8..303f51e 100644 --- a/docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md +++ b/docs/reports/GSIFI_AGI_ASI_GOVERNANCE_BLUEPRINT_2026_2030.md @@ -1,9 +1,9 @@ # Comprehensive 2026–2030 Enterprise and Civilizational AGI/ASI Governance Blueprint ## For G-SIFI Institutions, Global Financial Regulators, and Critical Infrastructure Supervisors -**Version:** 1.1 (Operationalized Revision) -**Date:** April 24, 2026 -**Audience:** Board Risk Committees, CRO/CTO/CISO organizations, model risk functions, prudential and conduct supervisors. +**Version:** 1.1 (Operationalized Revision) +**Date:** April 24, 2026 +**Audience:** Board Risk Committees, CRO/CTO/CISO organizations, model risk functions, prudential and conduct supervisors. **Primary outcome:** Transition from policy-only AI governance to **proof-bearing, regulator-verifiable, and containment-ready** operations. --- @@ -569,22 +569,22 @@ A Tier 2/3 AI use case is not "production-ready" unless all criteria are met: ## 20) Common Failure Modes and Required Countermeasures -1. **Policy drift in production** +1. **Policy drift in production** Countermeasure: signed bundle verification + deployment admission checks + daily drift scans. -2. **Silent evidence gaps** +2. **Silent evidence gaps** Countermeasure: schema enforcement at ingest + non-null critical fields + daily completeness attestations. -3. **Autonomy creep** +3. **Autonomy creep** Countermeasure: immutable autonomy budget controls + monthly variance reviews by 2LOD. -4. **Cross-border compliance conflicts** +4. **Cross-border compliance conflicts** Countermeasure: jurisdiction precedence matrix + legal override workflow + reconciliation log. -5. **Third-party model opacity** +5. **Third-party model opacity** Countermeasure: contractual evidence rights + black-box stress tests + fallback model requirements. -6. **Delayed supervisory reporting** +6. **Delayed supervisory reporting** Countermeasure: ARRE timer-based alerts + escalation to named SMCR/Accountable Executive owners. ---