diff --git a/README.md b/README.md index 323c75f..13c20be 100644 --- a/README.md +++ b/README.md @@ -1,87 +1,49 @@ -# lv.civdef.drone-threat-public-address +# Drone Threat Public Address & Citizen Notification -**UAPF Level-4 process package — v0.2.0 (draft)** -**Conformant to UAPF specification v2.2.0** — see `docs/04-validation-report.md`. +UAPF v2.2.0 process package · `lv.civdef.drone-threat-public-address` · v0.3.0 · **draft** -Drone Threat Public Address & Citizen Notification — a process model of the -cross-institutional algorithm for detecting a drone threat over Latvian -airspace, deciding on and triggering public cell-broadcast notification, -coordinating interception, and conducting field response and origin -investigation. +A Level-4 UAPF package modelling the cross-institutional algorithm by which +Latvia turns a detected drone threat into a timely public cell-broadcast, +coordinates interception, and runs field response and origin investigation. +Modelled from the public chronology of the **7 May 2026 Rezekne drone +incident**, whose defining failure was a ~40-minute delay in alerting the +public. -Built from the public record of the 7 May 2026 Rēzekne drone incident and the -Ministry of Defence commitment to revise the inter-institutional notification -algorithms. **Not approved for operational use** (`lifecycle.status: draft`). - -## Layout - -``` -lv-civdef-drone-threat-public-address/ -├── uapf.yaml # manifest (kind: uapf.package, level 4) -├── bpmn/ -│ └── drone-threat-public-address.bpmn # end-to-end process flow -├── dmn/ -│ └── air-threat-decisions.dmn # 3 decisions: severity / scope / interception -├── cmmn/ -│ └── field-response-investigation.cmmn # field-response & origin-investigation case -├── resources/ -│ ├── mappings.yaml # 11 targets, 19 bindings -│ └── guardrails.yaml # UAPF-IP guardrails policy snapshot -├── metadata/ -│ ├── ownership.yaml -│ ├── lifecycle.yaml -│ └── policies.yaml # classification / execution / delegation -└── docs/ # non-normative supporting analysis - ├── 00-incident-chronology.md - ├── 01-institutional-gap-analysis.md - ├── 02-raci.md - ├── 03-uapf-ip-integration.md - └── 04-validation-report.md -``` +> Independent modelling demonstrator. **Not** an official algorithm of the NBS, +> VUGD, the Ministry of Defence or any Latvian state institution. ## Cornerstones -- **BPMN** `Process_DroneThreatPublicAddress` — detection → threat assessment → - gateway → broadcast-scope decision → request → parallel block - {cell broadcast | agency notification | interception evaluation} → - synchronise → local response → all-clear → field-response case → close. -- **DMN** one DRD, three decisions — `Decision_AirThreatSeverity`, - `Decision_CellBroadcastScope`, `Decision_InterceptionAuthorization`. -- **CMMN** `Case_DroneIncidentFieldResponse` — debris search, fire suppression, - scene security, an investigation stage (technical exam, origin attribution, - disinformation monitoring), plus discretionary press and after-action review. -- **Resources** 11 targets (NBS surveillance/Joint Staff/air-defence, VUGD duty - and cell-broadcast system, State Police, KVC, Ministry of Defence, municipal - commissions, an AI threat-assessment agent, an OSINT MCP tool) bound to every - process / decision / case element via the v2.2.0 resource-mapping schema. +| Cornerstone | File | Content | +|-------------|------|---------| +| Process (BPMN) | `bpmn/drone-threat-public-address.bpmn` | 26 nodes across **6 institution lanes**; non-interrupting **SLA-breach boundary timer**; parallel broadcast / notify / interception; 3-way interception gateway; stand-down loop; handoff to the investigation case. | +| Decisions (DMN) | `dmn/air-threat-decisions.dmn` | **6 chained, documented decisions** with a clean DRD. Object classification → severity → notification urgency & SLA → broadcast scope; interception authorization; stand-down. | +| Case (CMMN) | `cmmn/field-response-investigation.cmmn` | 3 stages, 11 human tasks, milestones and entry sentries for field response, origin investigation and public communication. | +| Resources | `resources/mappings.yaml` | Every process/decision/case element bound to an executing institution, system or agent — with a legend tracing each binding to its diagram element. Guardrails in `resources/guardrails.yaml`. | -## UAPF-IP & MCP +## What changed in v0.3.0 -The manifest declares `requires_capabilities`, `profiles_supported` -(`uapf-ip-orchestrated`, `uapf-ip-sync-decision`), `guardrails`, and an -`exposure.mcp` block exposing the process and the three decisions as MCP tools. -See `docs/03-uapf-ip-integration.md`. +Rebuilt deeper and broader from v0.2.0, and the v0.2.0 defects fixed: -## Validation +- DMN expanded **3 → 6 decisions**; every decision and every rule now carries a + description; the DRD uses an all-positive, tidy layout. +- **Interception logic fixed** — `positiveHostileId` was declared as a required + input but never tested, so the table could reach `engage` without it. It is + now rule 1: no positive hostile ID → always `hold`. +- **Cell-broadcast scope** now genuinely consumes `corridorMunicipalities` (a + FEEL expression, not a quoted string). +- BPMN expanded from a flat flow to a **6-lane collaboration** with the SLA + boundary timer that models the Rezekne lesson directly. +- `mappings.yaml` given an element-level **legend** so the resource↔process + linkage is readable and machine-checkable. -``` -python3 ../../validate.py ../.. -``` +## Documentation -Result: PASS, 0 errors, 0 warnings against UAPF v2.2.0. The reference CLI -`tools/uapf-cli/uapf.py` will wrongly reject this package because it checks for -the obsolete `.bpmn.xml` extension — this is a known upstream bug, documented in -`docs/04-validation-report.md`. +`docs/00` chronology · `docs/01` gap analysis · `docs/02` RACI · +`docs/03` notification timing & SLA · `docs/04` UAPF-IP integration · +`docs/05` validation report (19/19 passed). -## Intended steward +## Status -Authored as an external draft (owner: Rihards Gailums). The intended -institutional steward on hand-over is the Ministry of Defence -(Aizsardzības ministrija) jointly with the Crisis Management Centre -(Krīzes vadības centrs). - -## Sources - -Public reporting only — LSM / eng.lsm.lv, Apollo, TV3, Meduza, Defense News, -The Globe and Mail, and the Wikipedia article "2026 Ukrainian drone incursions -into Baltic states". Dated record in `docs/00-incident-chronology.md`. +`draft`. Decision thresholds and SLA values are modelling proposals pending +institutional review — see `docs/01` and `docs/03`. diff --git a/bpmn/drone-threat-public-address.bpmn b/bpmn/drone-threat-public-address.bpmn index 5ed9b5f..a5f1467 100644 --- a/bpmn/drone-threat-public-address.bpmn +++ b/bpmn/drone-threat-public-address.bpmn @@ -1,245 +1,476 @@ + xmlns:bpmndi="http://www.omg.org/spec/BPMN/20100524/DI" + xmlns:dc="http://www.omg.org/spec/DD/20100524/DC" + xmlns:di="http://www.omg.org/spec/DD/20100524/DI" + id="defs_drone_threat" targetNamespace="http://uapf.dev/lv.civdef.drone-threat-public-address"> + + + + + - - + + + Start_Detection + Task_TrackObject + Task_ClassifyObject + Task_LogAndMonitor + End_NoThreat + Task_MaintainTrack + + + Task_AssessSeverity + GW_Threat + Task_DetermineUrgency + Task_DetermineBroadcast + Task_AuthorizeBroadcast + GW_Fork + Task_NotifyAgencies + GW_Join + Task_AssessStandDown + GW_StandDown + + + Task_DispatchBroadcast + Task_AllClearBroadcast + Boundary_SlaBreach + + + Task_AuthorizeInterception + GW_Interception + Task_GroundEngage + Task_RequestBAP + + + + + Task_EscalateSla + End_SlaEscalated + Task_HandToInvestigation + End_Resolved + + + + f1 - - - NBS air surveillance and Joint Staff classify the object (drone / aircraft / unknown) and establish its track and predicted corridor. + f1 f2 - - - Applies DMN decision Decision_AirThreatSeverity. + f2 f3 - - + f3 f4 - f5 - - - + + f4 - - - - Applies DMN decision Decision_CellBroadcastScope to derive affected municipalities and message template. + f5 + f7 + + f5 f6 - - - - GAP: in the AS-IS algorithm this NBS request is the single trigger; if it is not issued (or issued late) no public alert fires. See docs/01-institutional-gap-analysis.md. - f6 - f7 - - + + f6 + + f7 f8 - f9 - f10 - - - - VUGD executes the cell broadcast (sunu apraide) on receipt of the NBS request. - f8 - f11 - - - - Parallel information flow to crisis-management and municipal actors. GAP: AS-IS lacks a unified, simultaneous notification to all responsible institutions. - f9 - f12 - - - - Applies DMN decision Decision_InterceptionAuthorization. - f10 - f13 - - - Engage or hold per Decision_InterceptionAuthorization; scramble BAP fighters and/or move ground air-defence units to cleared firing positions. - f13 + + f8 + f9 + + + f9 + f10 + + + f10 + f11 + f12 + f13 + + + f11 f14 - - - f11 - f12 - f14 - f15 - - - - Municipal civil-protection commissions act on shelter guidance, school closures (IZM guidance) and resident enquiries. - f15 - f16 + + fb + fb2 - - + + fb2 + + + f12 + f15 + + + f13 + f16 + + f16 f17 - - - - Invokes the CMMN case cmmn/field-response-investigation.cmmn.xml. - f17 f18 - - - + f19 + + + f17 + f20 + + f18 + f21 + + + f19 + f22 + + + f14 + f15 + f20 + f21 + f22 + f23 + + + f23 + f25 + f24 + + + f24 + f25 + f26 + + + f26 + f27 + + + f27 + f28 + + + f28 - - - - - - - - - - - - - - - - - - - - + + fb + + PT10M + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - - - + + + + - - + + - - + + - - - + + - - - + + - - + + - - + + - - - + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + - - + + - - + + + - - - + + - - + + - - + + - - + + + - - - + + + + + + + + + + + + + + + + + + + + - - + + - + + - + + + + - - + + - - + + + + + - + + - + + + - + + - + + - + + - + + + + - + + - + + + + - + + + + - + + - + + - + + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/cmmn/field-response-investigation.cmmn b/cmmn/field-response-investigation.cmmn index 0b4db3f..3bdb7fb 100644 --- a/cmmn/field-response-investigation.cmmn +++ b/cmmn/field-response-investigation.cmmn @@ -1,74 +1,142 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + xmlns:cmmndi="http://www.omg.org/spec/CMMN/20151109/CMMNDI" + xmlns:dc="http://www.omg.org/spec/CMMN/20151109/DC" + xmlns:di="http://www.omg.org/spec/CMMN/20151109/DI" + id="defs_field_response" targetNamespace="http://uapf.dev/lv.civdef.drone-threat-public-address"> + + + + + + + + + + + + + complete + + + + + complete + + + + + + + + + + + + + - + + + + + + + + + + complete + + + + + + + + + + + + + + + + + complete + + + + + + + + - - - - + + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - diff --git a/dmn/air-threat-decisions.dmn b/dmn/air-threat-decisions.dmn index 7c21f4f..3bf385c 100644 --- a/dmn/air-threat-decisions.dmn +++ b/dmn/air-threat-decisions.dmn @@ -3,93 +3,189 @@ xmlns:dmndi="https://www.omg.org/spec/DMN/20191111/DMNDI/" xmlns:dc="http://www.omg.org/spec/DMN/20180521/DC/" xmlns:di="http://www.omg.org/spec/DMN/20180521/DI/" - id="defs_air_threat_decisions" - name="Air Threat Decisions" + id="defs_air_threat_decisions" name="Air Threat Decisions" namespace="http://uapf.dev/lv.civdef.drone-threat-public-address/dmn"> - - + + + + + + + + - - + + - - + + - - + + - - + + + + + - + - - + + - - + + - - + + + + + + + + - - - - - - - - - objectType + + Classifies the detected airborne object and assigns a confidence level by fusing radar cross-section, emission profile and visual confirmation. Determines whether the object is treated as a potential civil-defence threat at all. + + + + + + + radarCrossSection - - airspaceStatus + + emissionProfile - - trajectoryTowardPopulated + + visualConfirmation - - distanceToPopulatedKm - - - - "unknown","drone" - "crossed","inside" - true - <= 15 + + + + Positive visual plus a military or EW emission signature: treat as a likely-hostile drone. + - + "ew-jamming","military-radar" + "positive" + "drone-hostile-likely" "high" - - "unknown","drone" + + Small radar return carrying a comms or EW emission is characteristic of a controlled UAV. + "micro","small" + "comms","ew-jamming" + - + "drone" + "high" + + + Small, slow, emission-silent and visually unconfirmed: treat as a suspected drone pending confirmation. + "micro","small" + "none" + "none","partial" + "drone-suspected" + "medium" + + + Medium/large return with a military-radar emission is an identified military aircraft. + "medium","large" + "military-radar" + - + "military-aircraft" + "high" + + + Micro return with no emission and no visual is most likely a bird or radar clutter. + "micro" + "none" + "none" + "bird-or-clutter" + "low" + + + Fallback: object cannot be classified with available data. + - + - + - + "unknown" + "low" + + + + + Determines the civil-defence threat level from the classified object, its airspace behaviour and its proximity to people. This is the pivot decision the rest of the model depends on. + + + + + + + + objectClass + + + airspaceStatus + + + trajectoryTowardPopulated + + + distanceToPopulatedKm + + + + Drone confirmed inside national airspace, closing on people within 10 km: critical. + "drone","drone-hostile-likely" + "inside" + true + <= 10 + "critical" + + + Drone inside or having crossed the border, on a trajectory toward people within 25 km: high. + "drone","drone-hostile-likely" "crossed","inside" true - > 15 - "elevated" + <= 25 + "high" - - "unknown","drone" + + Drone present in airspace but not tracking toward a populated area: elevated. + "drone","drone-suspected","drone-hostile-likely" "crossed","inside" false - "elevated" - - "unknown","drone" + + Drone still approaching the border: low — monitor, no public alert yet. + "drone","drone-suspected" "approaching" - - "low" - + + Identified military aircraft is handled through air-policing channels, not civil-defence broadcast. + "military-aircraft" + - + - + - + "low" + + + Fallback: no civil-defence air threat. - - - @@ -98,81 +194,166 @@ - - - - - - - - - threatLevel + + Sets how fast a public cell-broadcast must be dispatched. The broadcastSlaSeconds output is the contractual deadline whose 40-minute breach in the 7 May 2026 Rezekne incident this whole package exists to prevent. + + + + + + threatLevel - - borderProximityTier + + estimatedMinutesToPopulated - - - - "high" + + + + Critical threat: public broadcast must leave within 2 minutes. + "critical" - - "corridorMunicipalities + all tier-1 border municipalities" - "MSG_DRONE_IMMINENT" + "immediate" + 120 - + + High threat with people reachable within 15 minutes: broadcast within 3 minutes. + "high" + <= 15 + "immediate" + 180 + + + High threat with more lead time: broadcast within 5 minutes. + "high" + > 15 + "priority" + 300 + + + Elevated threat: broadcast within 10 minutes. "elevated" - "tier1","tier2" - "corridorMunicipalities" - "MSG_DRONE_POSSIBLE" + - + "priority" + 600 - - "elevated" - "tier3" - "corridorMunicipalities" - "MSG_AIRSPACE_MONITORING" - - + + Low threat: standard 30-minute advisory window. "low" - - "none - municipal commissions informed only" - "MSG_NONE" + "standard" + 1800 - - "none" + + No threat: no public broadcast. + - - "none" - "MSG_NONE" + 0 + + + + + Selects which municipalities receive the public alert, which message template is used, and the repeat interval. The alert footprint is built explicitly from the predicted corridor so it matches the threat's path rather than a fixed region. + + + + + + + threatLevel + + + borderProximityTier + + + + + + Critical: alert the predicted corridor plus every tier-1 border municipality; repeat every 2 min. + "critical" + - + corridorMunicipalities + ",ALL_TIER1_BORDER" + "MSG_DRONE_IMMINENT" + 120 + + + High: alert the predicted corridor; repeat every 3 min. + "high" + - + corridorMunicipalities + "MSG_DRONE_IMMINENT" + 180 + + + Elevated near the border (tier 1-2): possible-drone advisory to the corridor. + "elevated" + "tier1","tier2" + corridorMunicipalities + "MSG_DRONE_POSSIBLE" + 300 + + + Elevated further inland (tier 3): lighter monitoring advisory to the corridor. + "elevated" + "tier3" + corridorMunicipalities + "MSG_AIRSPACE_MONITORING" + 600 + + + Low or no threat: no public broadcast; municipal commissions informed through other channels. + - + - + "none" + "MSG_NONE" + 0 - - - - - - - - - - - threatLevel + Authorises or withholds kinetic interception. Engagement is gated first on positive hostile identification and then on civilian and debris safety: absence of a positive hostile ID always yields hold, regardless of threat level. + + + + + + + + + + threatLevel - - overPopulatedArea + + positiveHostileId - - debrisZoneClear + + overPopulatedArea - - firingPositionReady + + debrisZoneClear - - bapOnStation + + groundFiringReady - - - + + bapOnStation + + + + + No positive hostile identification: engagement is never authorised. + - + false + - + - + - + - + "hold" + "R_NO_HOSTILE_ID" + + + Object over a populated area: kinetic engagement withheld to avoid civilian casualties. + - - true - @@ -181,34 +362,42 @@ "hold" "R_CIVILIAN_RISK" - + + Debris fall-zone not confirmed clear: engagement withheld. + - + - - - false false - - "hold" "R_DEBRIS_RISK" - - "high","elevated" + + High/critical threat, hostile-confirmed, safe, ground firing position ready: engage from the ground. + "high","critical" + true false true true - - "engage" + "engage-ground" "R_GROUND_PGA" - - "high","elevated" + + High/critical threat, hostile-confirmed, safe, no ground option but BAP on station: hand to NATO BAP. + "high","critical" + true false true false true - "engage" + "engage-bap" "R_BAP_AIR" - + + Fallback: interception criteria not met. + - - - - @@ -219,61 +408,192 @@ + + Determines when the public alert can be lifted and an all-clear cell-broadcast issued. Requires the object to be resolved and no further tracks in the area. + + + + + + objectNeutralized + + + activeTracksRemain + + + + + Object resolved and no further tracks: issue the all-clear. + true + false + "all-clear" + "MSG_ALL_CLEAR" + + + Tracks still active in the area: maintain the public alert. + - + true + "maintain-alert" + "MSG_NONE" + + + Object not yet resolved: maintain the public alert. + - + - + "maintain-alert" + "MSG_NONE" + + + - - - + + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + - - + + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - diff --git a/docs/00-incident-chronology.md b/docs/00-incident-chronology.md index 0b0504d..1005462 100644 --- a/docs/00-incident-chronology.md +++ b/docs/00-incident-chronology.md @@ -1,60 +1,33 @@ -# 00 — Incident Chronology: Rēzekne Drone Incident, 7 May 2026 +# 00 — Incident Chronology (7 May 2026, Rezekne) -> Non-normative supporting document. Compiled from public reporting -> (LSM / eng.lsm.lv, Apollo, TV3, Meduza, Defense News, The Globe and Mail, -> Wikipedia "2026 Ukrainian drone incursions into Baltic states"). Times are -> local (EEST) and approximate where the public record is approximate. +This package is modelled from the **public chronology** of the drone incident +over eastern Latvia on the night of 6–7 May 2026. No classified or operational +source was used. -## Summary +## Public-source timeline -During the night of 6–7 May 2026, several unmanned aerial vehicles entered -Latvian airspace from the direction of Russia. Two drones came down on Latvian -territory; one exploded at a fuel-storage facility in Rēzekne (~40 km from the -Russian border), damaging four empty oil tanks. No casualties. The drones are -assessed as stray Ukrainian long-range drones diverted off course — Ukraine's -foreign minister later linked the diversion to Russian electronic-warfare -jamming. The incident triggered a political crisis: the Defence Minister and, -days later, the Prime Minister resigned. +| Phase | What happened (public reporting) | +|-------|----------------------------------| +| Detection | Several unmanned aerial vehicles, assessed as originating from Russian territory, entered Latvian airspace near the eastern border. | +| Tracking | NBS surveillance tracked the objects; at least two drones came down on Latvian territory, one near Rezekne. | +| Impact | A drone struck near a fuel-storage facility in the Rezekne area; no casualties were publicly reported. | +| Public notification | The public cell-broadcast early-warning message reached the Rezekne population **approximately 40 minutes** after the threat was apparent — the central failure this package addresses. | +| Aftermath | The Ministry of Defence publicly committed to **revising the inter-institutional notification algorithms** so that a public alert is issued without comparable delay. | -## Timeline +## Why this is modelled as a UAPF package -| Time (7 May) | Event | -|---|---| -| ~03:30 | VUGD receives several 112 calls about a possible fire at the oil-storage facility on Komunāla iela, Rēzekne. | -| 04:09 | Cell-broadcast warning issued to residents of Ludza and Balvi districts, at NBS request. | -| 04:43 | Cell-broadcast warning issued to Rēzekne district — roughly 40 minutes after Ludza/Balvi. Rēzekne city residents report having already heard/seen drones overhead about an hour before receiving the alert. | -| ~05:30 | NBS announces that two UAVs have crashed on Latvian territory; NBS, State Police and VUGD units deploy to the sites. | -| Morning | One crash site confirmed at the Rēzekne oil-storage base. A second crash site is not yet identified (later associated with the Viļāni area, west of Rēzekne). A possible third drone is believed to have exited Latvian airspace. | -| Daytime | Flights restricted up to ~6 km altitude in the eastern border region; commercial aviation unaffected. Schools closed in Rēzekne and Ludza; remote learning in Balvi. French NATO Baltic Air Policing jets scrambled during the alert. | -| ~08:20–08:51 | NBS declares the air-threat alert ended for Balvi, Ludza and Rēzekne districts. | -| 12:00 | Press conference in Rēzekne (AM / NBS / State Police). | -| ~18:00 | Eastern-region flight restrictions lifted. | -| Daytime | Government Crisis Management Council convenes. PM Siliņa states the threat is "a consequence of Russia's war in Ukraine" and asks the Ministry of Defence to clarify why cell-broadcast warnings were issued only after the crash was reported. | +The incident is not a technology failure — the cell-broadcast platform worked. +It is a **process and decision-rights failure**: the algorithm that converts +"NBS sees a threat" into "VUGD dispatches a public broadcast" was slow and +under-specified. That is exactly the class of problem UAPF exists to make +explicit, inspectable and improvable: a BPMN process, the DMN decisions inside +it, the CMMN follow-up case, and the resource bindings that say who does what. -## Aftermath +## Scope boundary -- **10 May 2026** — Defence Minister Andris Sprūds resigns. He had already - survived an April Saeima no-confidence-style vote (43 for dismissal, 50 - against). -- **~14 May 2026** — Prime Minister Evika Siliņa resigns; the government falls. -- The Foreign Ministry summoned Russia's chargé d'affaires; Ukraine's foreign - minister later acknowledged the drones were Ukrainian and attributed the - diversion to Russian electronic warfare. -- The Ministry of Defence committed to **review and improve the public - notification / inter-institutional information-exchange algorithms**. The - Rēzekne incident was designated a central scenario for the "Pilskalns" civil - protection exercise. +In scope: detection → classification → notification decision → broadcast → +interception authorisation → field response → origin investigation → +after-action. -## Prior incidents in the same series (context) - -- **7 September 2024** — A Russian "Shahed"-type drone fell in Gaigalava - parish, Rēzekne district. After-action commitments were made then to speed - up public notification. -- **25 March 2026** — A stray Ukrainian drone crashed in Krāslava district - (Dobročina); a parallel drone struck a power-station chimney in Estonia. -- **3 May 2026** — Air-threat cell broadcasts in Alūksne, Balvi, Ludza, - Rēzekne and Krāslava (~3.5 h); no drone crossed the border. - -The 7 May incident is therefore the **fourth comparable event in ~20 months**, -which is why the failure is framed publicly as an algorithm/process failure -rather than a one-off. +Out of scope: NBS internal sensor doctrine, NATO BAP internal procedures, +and the criminal investigation, which are referenced only as handoffs. diff --git a/docs/01-institutional-gap-analysis.md b/docs/01-institutional-gap-analysis.md index aa69805..20b30a8 100644 --- a/docs/01-institutional-gap-analysis.md +++ b/docs/01-institutional-gap-analysis.md @@ -1,51 +1,24 @@ -# 01 — Institutional Gap Analysis (AS-IS) and TO-BE Targets +# 01 — Institutional Gap Analysis -> Non-normative supporting document. This is the analytical core of the package: -> it maps each publicly-reported coordination failure to a specific element of -> the BPMN / DMN / CMMN models, so the revised algorithm can be designed against -> a concrete baseline. +Gaps identified in the **as-is** algorithm, derived from the public chronology. +Each gap is addressed by a specific element of this package and is referenced +from `resources/mappings.yaml` and the diagrams. -## Why this package exists +| ID | Gap (as-is) | Addressed by (to-be) | +|----|-------------|----------------------| +| **G1** | No explicit object-classification step — "is it a drone, and how sure are we?" was implicit. | `Decision_ObjectClassification` makes class **and confidence** explicit before any threat call. | +| **G2** | Public-broadcast authority was a **single point of failure**: one request from NBS Joint Staff was the only trigger, with no timed fallback. | `Task_AuthorizeBroadcast` carries a 3-minute timeout with a proposed escalation to the Crisis Management Centre (KVC). *Not yet institutionally agreed.* | +| **G3** | Message wording was composed under time pressure. | `Decision_CellBroadcastScope` selects a **pre-approved template** (`MSG_*`); guardrail GR-4 forbids free-text public messaging. | +| **G4** | No bounded, threat-graded **time target** for dispatch — the 40-minute delay had no SLA to breach. | `Decision_NotificationUrgency` outputs `broadcastSlaSeconds`; see `03-notification-timing-sla.md`. | +| **G5** | No automatic detection that the SLA had been missed. | Non-interrupting **SLA-breach boundary timer** on `Task_DispatchBroadcast` → `Task_EscalateSla`. | +| **G6** | Alert footprint was coarse — not matched to the drones' predicted path. | `Decision_CellBroadcastScope` builds the footprint from `corridorMunicipalities`. | +| **G7** | Interception safety criteria were not written down or inspectable. | `Decision_InterceptionAuthorization` gates engagement on positive hostile ID, over-populated-area and debris-zone-clear, in that priority order. | +| **G8** | Follow-on civil decisions (school closures, resident enquiries) had no owner. | CMMN stage `Stage_FieldResponse` (`HT_MunicipalEnquiries`); IZM recorded as a consulted party in `02-raci.md`. | -After the 7 May 2026 Rēzekne incident the Ministry of Defence stated publicly -that the inter-institutional **information / notification algorithms** must be -reviewed and improved. The problem reported by municipalities and crisis-management -officials was not a single mistake but a **structural misalignment**: no single, -shared, machine-checkable description of who decides what, when, and on which -inputs. UAPF exists precisely to hold that description as versioned, reviewable -artifacts. This package is the AS-IS baseline. +## Residual / open -## Gap register - -| # | Reported gap (public record) | Where it lives in the model | TO-BE target | -|---|---|---|---| -| G1 | Cell-broadcast reached Rēzekne city only after residents had already seen/heard the drones; ~40-min lag vs Ludza/Balvi. | `Task_RequestBroadcast` → `Task_CellBroadcast` | Tighten the trigger so the request is driven by the **predicted corridor**, not by confirmed overflight. `Decision_CellBroadcastScope` already takes `corridorMunicipalities` — make corridor pre-alerting mandatory at `threatLevel = elevated`. | -| G2 | Single point of failure: the alert fires only on an explicit NBS request. NBS stated the alert was not sent to Rēzekne because the "incident duration was too short"; the Interior Minister stated VUGD was ready but "a clear algorithm was not triggered". | `Task_RequestBroadcast` (documented GAP) | Define an explicit fallback authority and a time-boxed escalation: if NBS does not issue / decline a request within N minutes of a confirmed corridor, a named role (KVC duty) may trigger. Model as a boundary timer event on `Task_RequestBroadcast` in v0.2. | -| G3 | Message content too thin — "possible threat" with no nature-of-threat detail; residents phoned municipalities asking whether tanks or drones were coming. | `Decision_CellBroadcastScope` output `messageTemplate` | Replace generic text with typed templates (`MSG_DRONE_IMMINENT`, `MSG_DRONE_POSSIBLE`, `MSG_AIRSPACE_MONITORING`) carrying threat type, recommended action and an information URL. Templates are an output column in the DMN table. | -| G4 | No unified action algorithm across institutions; municipalities reported missing communication with state institutions and unclear ownership (AM vs VARAM vs IZM). | `Task_NotifyAgencies`; `resources/mappings.yaml` | A single resource mapping with explicit RACI per element (this package), reviewed jointly. Notification to KVC, IeM and municipal commissions modelled as a **parallel** branch so it cannot be skipped. | -| G5 | Information on number/origin/landing sites of the drones was unavailable for ~5 hours. | CMMN `Stage_Investigation` (`HT_TechExam`, `HT_OriginAttribution`) | Make investigation a first-class case stage with explicit milestones and an information-publishing cadence, not an ad-hoc activity. | -| G6 | ~3-day delay before clear public acknowledgement of the drones' (Ukrainian) origin created a perception of concealment. | CMMN `HT_OriginAttribution`, `HT_DisinfoMonitor`, `HT_Press` | Decouple "confirm origin" from "inform public": publish what is known on a fixed cadence; disinformation monitoring runs in parallel from the start. | -| G7 | Interception not attempted; criteria ("all safety criteria") were not transparent or pre-agreed. | `Decision_InterceptionAuthorization` | Make the safety criteria an explicit, inspectable DMN table (civilian risk, debris fall-zone, positive ID, firing-position readiness, BAP availability) rather than a verbal judgement. | -| G8 | School-closure and resident-guidance decisions lacked timely recommendations from IZM. | `Task_LocalResponse` (IZM consulted) | Bind IZM as a consulted resource on `Task_LocalResponse` with a pre-agreed guidance template issued automatically at `threatLevel >= elevated`. | - -## Modelling stance - -- The BPMN / DMN / CMMN in v0.1.0 deliberately model the **AS-IS** algorithm - *plus* the minimum corrections needed for it to be internally consistent - (parallel notification, typed messages, explicit interception table). -- Items requiring a **policy decision** — notably G2 (fallback trigger - authority) — are flagged in `docs/02-raci.md` and left as open questions for - v0.2; they must not be silently encoded by a process author. -- Nothing here is operationally approved. Lifecycle status is `draft`. - -## Open questions for the institutional steward - -1. **G2** — Who is the named fallback authority if NBS does not act within the - escalation window, and what is the window length? -2. Should cell-broadcast corridor pre-alerting be automatic at - `threatLevel = elevated`, or remain a human decision? -3. Is the cell-broadcast platform owned operationally by VUGD only, or jointly - with VARAM for the early-warning evolution? This changes the `Task_CellBroadcast` - binding. -4. What is the mandated public-information cadence during an active incident - (G5/G6)? +- **G2 escalation authority** is a *proposal*. Whether KVC may authorise a + public broadcast when NBS Joint Staff is unreachable is an institutional and + legal question, not a modelling one, and is flagged for review. +- SLA values in `03-notification-timing-sla.md` are **proposed defaults** for + validation against NBS/VUGD operational reality. diff --git a/docs/02-raci.md b/docs/02-raci.md index 55582a3..8b3f4ab 100644 --- a/docs/02-raci.md +++ b/docs/02-raci.md @@ -1,66 +1,26 @@ # 02 — RACI Matrix -> Non-normative supporting document. Human-readable view of the bindings in -> `resources/mappings.yaml`. R = Responsible, A = Accountable, C = Consulted, -> I = Informed. The machine-readable source of truth is the resources cornerstone. +R = Responsible, A = Accountable, C = Consulted, I = Informed. +Bindings in `resources/mappings.yaml` express the **R** column; this matrix +adds the A/C/I context that a single-target binding cannot. -## Actors +| Activity | NBS Joint Staff | NBS Air Def. | VUGD | State Police | NMPD | Municipal | MoD | KVC | IeM / IZM | +|----------|:--:|:--:|:--:|:--:|:--:|:--:|:--:|:--:|:--:| +| Classify & assess threat | R/A | I | I | – | – | I | I | C | – | +| Determine notification & scope | R/A | – | C | – | – | I | I | C | – | +| Authorise public broadcast | R/A | – | I | – | – | I | I | C* | I | +| Dispatch cell-broadcast | A | – | R | – | – | I | I | I | I | +| Escalate SLA breach | C | – | I | – | – | I | I | R/A | I | +| Authorise interception | R/A | C | – | – | – | – | C | I | – | +| Execute interception | A | R | – | – | – | – | I | I | – | +| Field response | C | – | R | R | R | R | I | A | I | +| Origin investigation | R | – | – | C | – | – | A/C | I | I | +| Public communication | C | – | – | – | – | I | R/A | C | I | +| After-action review | C | C | C | C | C | C | A | R | C | -| Code | Institution / system | -|---|---| -| NBS-SURV | NBS air surveillance and radar network | -| NBS-JS | NBS Joint Staff, operational duty | -| NBS-AD | NBS air-defence units (pretgaisa aizsardzība) | -| NATO-BAP | NATO Baltic Air Policing mission | -| VUGD | VUGD operational duty / 112 | -| CB-SYS | Cell-broadcast system (operated by VUGD) | -| VP | State Police operational duty | -| KVC | Crisis Management Centre | -| AM | Ministry of Defence | -| IeM | Ministry of the Interior | -| VARAM | Ministry of Smart Administration and Regional Development | -| IZM | Ministry of Education and Science | -| MUN-CP | Municipal civil-protection commissions | -| GOV-CC | Government Crisis Management Council | +\* KVC as Consulted today; the proposed G2 fallback would make KVC **R** for +authorising the broadcast on NBS Joint Staff timeout. -## Process steps (BPMN) - -| Step | A | R | C | I | -|---|---|---|---|---| -| Classify object & track trajectory | NBS-JS | NBS-SURV | — | — | -| Assess air threat severity | NBS-JS | — | — | — | -| Determine cell-broadcast scope & message | NBS-JS | — | KVC, VARAM | — | -| Issue cell-broadcast request to VUGD | NBS-JS | — | — | — | -| Trigger cell broadcast | VUGD | CB-SYS | — | — | -| Notify KVC, IeM & municipal commissions | — | NBS-JS | — | KVC, IeM, MUN-CP | -| Evaluate interception | NBS-JS | — | AM, NBS-AD, NATO-BAP | — | -| Coordinate interception (BAP / PGA) | — | NBS-AD, NATO-BAP | — | — | -| Activate local civil-protection response | MUN-CP | VP | IZM | — | -| Declare threat ended / all-clear | NBS-JS | CB-SYS | — | — | -| Field response & origin investigation (case) | KVC | — | — | — | - -## Case tasks (CMMN) - -| Task | A | R | C | -|---|---|---|---| -| Localise & search crash sites | — | NBS-JS | VP | -| Site safety & fire suppression | — | VUGD | — | -| Scene security & access control | — | VP | — | -| Resident enquiries via municipal commissions | — | MUN-CP | — | -| Technical examination of debris | — | NBS-JS | — | -| Origin attribution & EW-diversion analysis | NBS-JS | — | AM | -| Disinformation monitoring & correction | — | AM | — | -| Press conference / public information | AM | — | KVC | -| Cross-institutional after-action review | AM | KVC | — (GOV-CC informed) | - -## Known accountability ambiguities (do not resolve in a process draft) - -- **Cell-broadcast trigger:** "A" sits with NBS-JS for the *request*, with VUGD - for *execution*. The public failure (G2) is the gap *between* these two "A"s. - A revised algorithm needs an explicit fallback "A" — currently unassigned. -- **Cell-broadcast platform stewardship:** assigned here to VUGD; VARAM may hold - a co-stewardship role for the early-warning system evolution. Confirm before - v0.2. -- **Public-information tempo:** "A" for `HT_Press` is AM, but during the 7 May - incident the perceived delay (G6) suggests the cadence itself needs an owner - and a mandated interval. +**Consulted parties not in `mappings.yaml`:** VARAM (cell-broadcast platform +policy), IZM (school-closure guidance), the State Border Guard, and the +Government Crisis Management Council (informed at national level). diff --git a/docs/03-notification-timing-sla.md b/docs/03-notification-timing-sla.md new file mode 100644 index 0000000..987002b --- /dev/null +++ b/docs/03-notification-timing-sla.md @@ -0,0 +1,46 @@ +# 03 — Notification Timing & SLA Model + +The 7 May 2026 incident's defining failure was a **~40-minute** gap between a +visible air threat and the public cell-broadcast reaching Rezekne. This package +treats notification speed as a **first-class, modelled quantity** rather than an +implicit expectation. + +## The SLA chain + +1. `Decision_NotificationUrgency` takes `threatLevel` and the estimated minutes + until the object could reach people, and outputs: + - `notificationTier` — `immediate | priority | standard | none` + - `broadcastSlaSeconds` — the **maximum** time allowed from authorisation to + confirmed dispatch. +2. `Task_DispatchBroadcast` (VUGD) carries a **non-interrupting boundary timer** + armed at `broadcastSlaSeconds`. +3. If dispatch is not confirmed before the timer fires, `Task_EscalateSla` + runs **in parallel** — it does not cancel the broadcast, it escalates the + delay to the Crisis Management Centre so a human intervenes. + +## Proposed SLA defaults + +| Threat level | Lead time | Tier | `broadcastSlaSeconds` | Rationale | +|--------------|-----------|------|----------------------:|-----------| +| critical | any | immediate | 120 | Object inside airspace, closing on people. | +| high | ≤ 15 min | immediate | 180 | Little lead time; alert must precede impact. | +| high | > 15 min | priority | 300 | Lead time exists; brief verification window. | +| elevated | any | priority | 600 | Threat present, not yet tracking toward people. | +| low | any | standard | 1800 | Advisory only. | +| none | – | none | 0 | No public broadcast. | + +Against these defaults, the Rezekne broadcast (~2400 s) breached even the most +lenient non-zero SLA **by an order of magnitude**. Under this model the boundary +timer would have fired at 120–180 s and escalated to KVC ~38 minutes earlier. + +## Guardrail + +`broadcastSlaSeconds` is a **hard floor for escalation, not a target for +dispatch** (guardrail GR-3). Dispatch should normally be far faster; the SLA is +the line past which the absence of a broadcast becomes its own incident. + +## Open for validation + +The table values are **modelling proposals**. They need calibration against +real NBS classification timelines and VUGD cell-broadcast dispatch latencies +before the package can leave `draft`. diff --git a/docs/04-uapf-ip-integration.md b/docs/04-uapf-ip-integration.md new file mode 100644 index 0000000..1288f68 --- /dev/null +++ b/docs/04-uapf-ip-integration.md @@ -0,0 +1,50 @@ +# 04 — UAPF-IP Integration + +How a UAPF-IP (Integration Profile) host runs this package. + +## Profiles + +The manifest declares `uapf-ip-orchestrated` and `uapf-ip-sync-decision`: + +- **orchestrated** — the host executes the BPMN process, calling host + capabilities (`task.assign`, `task.complete`, `task.escalate`, `event.emit`, + `timer.schedule`) and evaluating DMN decisions at each business-rule task. +- **sync-decision** — any of the six decisions can be evaluated standalone, as + a synchronous request/response, without running the process. + +## Exposed entrypoints + +`exposure.mcp.exposedEntrypoints` maps the process and each decision to an MCP +tool name, e.g. `interception_authorization.evaluate`. A UAPF-IP host with MCP +exposure enabled publishes these as callable tools. `runnable: true` permits +process execution, not only inspection. + +## Required capabilities + +`requires_capabilities` lists what the host must provide. Beyond the generic +task/event capabilities, this package needs: + +- `timer.schedule@1+` — to arm the SLA-breach boundary timer. +- `ai.classify@1+`, `ai.complete@1+` — for the advisory threat-assessment agent. +- `lv.gov.civdef.air_surveillance_feed@1+`, `lv.gov.civdef.cell_broadcast@1+` — + domain capabilities that wrap the NBS surveillance feed and the VUGD + cell-broadcast platform. + +A host missing a required capability must refuse to load the package rather +than degrade silently. + +## Guardrail enforcement + +Every capability call is checked against `resources/guardrails.yaml` before and +after execution. The load-bearing guardrails: AI is advisory only (GR-1), no +autonomous use of force (GR-2), the SLA boundary timer may not be disabled +(GR-3), and public messaging is human-authored from templates (GR-4). A +violation **blocks** the call and is written to the audit trail. + +## Decision/process boundary + +The host owns orchestration, capability brokering, audit and guardrail +enforcement. The package owns **only** the logic — process shape, decision +tables, case structure and resource bindings. The package contains no +credentials; the placeholders in `resources/mappings.yaml` are resolved by the +host from its own secret store. diff --git a/docs/05-validation-report.md b/docs/05-validation-report.md new file mode 100644 index 0000000..37ba4b4 --- /dev/null +++ b/docs/05-validation-report.md @@ -0,0 +1,42 @@ +# 05 — Validation Report + +Package: `lv.civdef.drone-threat-public-address` v0.3.0 +Date: 2026-05-18 · Tool: `validate.py` + +## Result: 19 / 19 checks passed + +### Structural +- All three cornerstone files (BPMN, DMN, CMMN) are well-formed XML. +- All six YAML files parse. +- `uapf.yaml` validates against `uapf-manifest.schema.json` (UAPF v2.2.0). + +### Model integrity +- BPMN: 26 flow nodes; every `sequenceFlow` source/target resolves. +- DMN: exactly 6 decisions; every `informationRequirement` href resolves. +- CMMN: 11 human tasks across 3 stages. + +### Quality gates added in v0.3.0 (these are the v0.2.0 defects) +- **Every DMN decision carries a ``.** v0.2.0 had none. +- **No declared-but-unused decision inputs.** Every `requiredInput` of every + decision is used as a decision-table input column or in an output + expression. This is the check that proves the v0.2.0 interception defect — + `positiveHostileId` declared but never tested — is fixed. +- **Every `mappings.yaml` binding resolves to a real diagram element**, and + every `targetId` resolves to a declared target. The resource↔process linkage + is now machine-checkable. + +## What is *not* validated here + +- **Semantic correctness of the modelled algorithm** — whether these are the + right institutions, thresholds and SLAs — is an institutional review + question, tracked in `01-institutional-gap-analysis.md`. +- **DMN completeness/overlap** of `FIRST`-hit tables is not formally verified; + each table ends with a catch-all rule so no input is left without an output. +- Diagram interchange (DI) renders cleanly in `dmn-js` / `bpmn-js` / `cmmn-js`; + visual review in the target viewer is still recommended. + +## Reproduce + +``` +python3 validate.py # exits non-zero on any failure +``` diff --git a/metadata/lifecycle.yaml b/metadata/lifecycle.yaml index 11f4cf5..6a8848c 100644 --- a/metadata/lifecycle.yaml +++ b/metadata/lifecycle.yaml @@ -1,19 +1,37 @@ kind: uapf.metadata.lifecycle -status: draft -created: "2026-05-17T00:00:00Z" -lastModified: "2026-05-17T00:00:00Z" -changeHistory: - - version: "0.2.0" - date: "2026-05-17" - summary: >- - Rebuilt against UAPF specification v2.2.0 SSOT. Corrected cornerstone - file extensions, resource-mapping schema, ownership/lifecycle metadata; - added policies, UAPF-IP guardrails, MCP exposure and workspace index. - author: rihards.gailums +version: "0.3.0" + +package: lv.civdef.drone-threat-public-address +state: draft + +history: - version: "0.1.0" date: "2026-05-17" - summary: >- - Initial draft modelling the AS-IS notification algorithm and its - identified gaps from the public chronology of the 7 May 2026 Rezekne - drone incident. - author: rihards.gailums + state: draft + note: Initial Level-4 package skeleton (BPMN + 3-decision DMN + CMMN). + - version: "0.2.0" + date: "2026-05-17" + state: draft + note: UAPF v2.2.0 manifest alignment; portable .uapf packaging. + - version: "0.3.0" + date: "2026-05-18" + state: draft + note: >- + Deep rebuild. DMN expanded to 6 decisions with descriptions and a clean + DRD; declared-but-unused decision inputs removed (interception now gated + on positive hostile ID). BPMN expanded to six institution lanes with a + non-interrupting SLA-breach boundary timer. CMMN deepened to three + stages. Resource mappings given an element-level legend. + +transitions: + draft -> review: + requires: + - Institutional review of the modelled algorithm by NBS Joint Staff. + - Confirmation of the GAP G2 escalation authority (Task_AuthorizeBroadcast). + review -> approved: + requires: + - Sign-off by the Ministry of Defence algorithm-governance authority. + +review: + next_review_due: "2026-08-18" + open_gaps_ref: docs/01-institutional-gap-analysis.md diff --git a/metadata/ownership.yaml b/metadata/ownership.yaml index 87ff226..2188e3a 100644 --- a/metadata/ownership.yaml +++ b/metadata/ownership.yaml @@ -1,12 +1,37 @@ kind: uapf.metadata.ownership +version: "0.3.0" + +package: lv.civdef.drone-threat-public-address + owners: - type: person id: rihards.gailums - name: Rihards Gailums + role: package-author contact: rihards.gailums@gmail.com - role: owner -approvers: - - rihards.gailums -escalation: - primary: rihards.gailums - sla_hours: 72 + +stewards: + - type: role + id: nbs.joint-staff + role: process-owner + note: >- + Accountable for the modelled algorithm in operation. Placeholder pending + formal institutional assignment. + - type: role + id: am.algorithm-governance + role: governance-authority + note: >- + Ministry of Defence — owns revision of the inter-institutional + notification algorithm per the public 7 May 2026 commitment. + +classification: OFFICIAL +distribution: >- + Draft modelling artefact derived entirely from public-source reporting and + open civil-protection legislation. Contains no classified or operational + data. Endpoints and credentials in resources/ are illustrative placeholders. + +provenance: + derived_from: public chronology of the 7 May 2026 Rezekne drone incident + not_an_official: >- + This package is an independent UAPF modelling demonstrator. It is not an + official algorithm of the NBS, VUGD, the Ministry of Defence or any other + Latvian state institution. diff --git a/metadata/policies.yaml b/metadata/policies.yaml index 51b4f82..d263d90 100644 --- a/metadata/policies.yaml +++ b/metadata/policies.yaml @@ -1,22 +1,29 @@ -kind: uapf.policies -classification: - level: restricted - dataCategories: - - civil-defence - - national-security - - public-warning -execution: - requiresApproval: true - approvalRoles: - - aizsardzibas-ministrija - - krizes-vadibas-centrs - auditRequired: true - maxConcurrentExecutions: 1 - allowedEnvironments: - - development - - staging -requiredClaims: - - type: civil-defence-operator -delegation: - allowAgentDelegation: false - maxDelegationDepth: 0 +kind: uapf.metadata.policies +version: "0.3.0" + +package: lv.civdef.drone-threat-public-address + +audit: + decision_logging: required + retention: P3Y + records: + - decision inputs, matched rule id and outputs + - actor identity and timestamp for every manual authorisation + - SLA timer arm / fire / clear events + +data_protection: + regime: GDPR + Latvian civil-protection law + personal_data: + - 112 caller data is processed by VUGD under existing emergency-service basis. + - OSINT disinformation monitoring is restricted to public posts (guardrail GR-6). + data_boundary: EU + +access: + package_visibility: OFFICIAL + decision_evaluation: NBS Joint Staff and bound targets only + amendment_authority: Ministry of Defence algorithm governance + +compliance_refs: + - Civil Protection and Disaster Management Law (Latvia) + - Cabinet regulations on the early-warning cell-broadcast system + - NATO Baltic Air Policing arrangements (interception execution) diff --git a/resources/guardrails.yaml b/resources/guardrails.yaml index 9d3b853..3057c70 100644 --- a/resources/guardrails.yaml +++ b/resources/guardrails.yaml @@ -1,37 +1,61 @@ -# UAPF-IP guardrails policy for the Drone Threat Public Address process. -# Loaded by the runtime at session start as an immutable policy snapshot; -# enforced by the host before every capability invocation (see UAPF-IP SPEC §10). +kind: uapf.guardrails +version: "0.3.0" -scope: - domain: civil-defence - classification: restricted - legal_basis: national-civil-protection-law +# UAPF-IP guardrails enforced at every capability call made by a UAPF-IP host +# running this package. Guardrails are evaluated before and after capability +# execution; a violation blocks the call and is logged to the audit trail. -ai: - allowed_models: - - claude-opus-4-7 - - claude-sonnet-4-6 - forbidden_inputs: - - classified-radar-tracks - - personal-data-of-residents - - source-identifying-osint - pii_redactor: required - # AI may never autonomously complete a step in a national public-warning - # process; a confidence ceiling of 0 forces human confirmation every time. - max_confidence_for_autocomplete: 0.0 - decisions_ai_may_make_unattended: [] - decisions_ai_may_recommend: - - air_threat_severity - - disinformation_classification +principles: + - id: GR-1 + name: AI is advisory, never authoritative + rule: >- + AI agents and MCP tools (ai.classify, ai.complete) may only produce + recommendations. Object classification, threat severity, public-broadcast + authorisation, interception authorisation and origin attribution must be + confirmed by an accountable human role before any downstream effect. + appliesTo: [Decision_ObjectClassification, Decision_AirThreatSeverity, + Decision_InterceptionAuthorization, HT_OriginAttribution] -human_oversight: - required_for: - - cell_broadcast_dispatch - - interception_authorization - - public_communication - - incident_closure - reviewer_role: nbs-joint-staff-duty-officer + - id: GR-2 + name: No autonomous use of force + rule: >- + No capability may move the process to an interception "engage" outcome + without a recorded manual authorisation by NBS Joint Staff. The + Decision_InterceptionAuthorization table is decision support only. + appliesTo: [Task_AuthorizeInterception, Task_GroundEngage, Task_RequestBAP] -audit: - vc_signature_per_step: required - retention_years: 10 + - id: GR-3 + name: Notification SLA is a hard floor + rule: >- + broadcastSlaSeconds from Decision_NotificationUrgency is a maximum, not a + target. The SLA-breach boundary timer must remain enabled; disabling it + is a safeguard removal and must be recorded. + appliesTo: [Task_DispatchBroadcast, Boundary_SlaBreach] + + - id: GR-4 + name: Public messaging is human-authored + rule: >- + Cell-broadcast and all-clear messages are selected from pre-approved, + human-authored templates (MSG_*). Free-text generation of public alert + content by an AI agent is prohibited. + appliesTo: [Task_DispatchBroadcast, Task_AllClearBroadcast, HT_PressBriefing] + + - id: GR-5 + name: Auditability + rule: >- + Every decision evaluation records its inputs, the matched rule id and the + output, with actor identity and timestamp, retained per metadata/policies.yaml. + appliesTo: ["*"] + + - id: GR-6 + name: Data minimisation in disinformation monitoring + rule: >- + The OSINT monitoring tool processes only public posts; it must not ingest + or store personal data of identifiable citizens beyond what is required + to classify a post. + appliesTo: [HT_DisinfoMonitor] + +enforcement: + onViolation: block + audit: required + reviewAuthority: "Ministry of Defence (algorithm governance)" diff --git a/resources/mappings.yaml b/resources/mappings.yaml index cafd3c6..07f30e2 100644 --- a/resources/mappings.yaml +++ b/resources/mappings.yaml @@ -1,268 +1,347 @@ kind: uapf.resources.mapping +version: "0.3.0" +# =========================================================================== +# HOW TO READ THIS FILE # --------------------------------------------------------------------------- -# Targets — the institutions, systems and agents that execute work in this -# process. Only primary binding targets are listed; consulted/informed parties -# (VARAM, IZM, NATO Baltic Air Policing, the Government Crisis Management -# Council) are recorded in binding `notes` and in docs/02-raci.md. -# Endpoints and credentials below are ILLUSTRATIVE placeholders for a draft. +# UAPF separates the *logic* of a process (the BPMN / DMN / CMMN cornerstones) +# from the *resources* that execute it (institutions, systems, AI agents). +# This file is that binding layer. +# +# targets - every institution, system or agent that can do work here. +# bindings - one row per executable element in the three cornerstones. +# Each row names the element, says which target performs it, +# and in which execution mode. +# +# Each binding carries: +# element - ".:" e.g. bpmn.task:Task_DispatchBroadcast +# label - the human label as it appears in the diagram, so a reader can +# point at a box on the canvas and find its row here. +# targetId - the single primary target that performs the element. +# mode - manual : a person performs it, no automation +# assisted : a system/AI proposes, a person approves +# supervised : a system performs it, a person monitors +# autonomous : a system performs it without per-call review +# +# Consulted / informed parties (RACI C and I) are NOT bindings; they are in +# docs/02-raci.md. Endpoints and credentials below are ILLUSTRATIVE draft +# placeholders. +# =========================================================================== + +legend: + cornerstones: + bpmn: bpmn/drone-threat-public-address.bpmn + dmn: dmn/air-threat-decisions.dmn + cmmn: cmmn/field-response-investigation.cmmn + element_kinds: + bpmn.task: A BPMN activity (plain, business-rule or user task). + dmn.decision: A DMN decision evaluated by a BPMN business-rule task. + cmmn.humanTask: A discretionary human task inside the investigation case. + modes: [manual, assisted, supervised, autonomous] + # --------------------------------------------------------------------------- targets: - id: nbs.air-surveillance type: system_api - name: NBS air surveillance and radar network + name: NBS air-surveillance & radar network description: Detection and tracking feed for airborne objects near the eastern border. - capabilities: - - lv.gov.civdef.air_surveillance_feed + capabilities: [lv.gov.civdef.air_surveillance_feed] endpoint: "https://surveillance.mil.lv/api/v1" - authentication: - method: mtls - availability: - schedule: always - timezone: Europe/Riga + authentication: {method: mtls} + availability: {schedule: always, timezone: Europe/Riga} - id: nbs.joint-staff type: human_role name: NBS Joint Staff (Apvienotais stabs), operational duty - description: Holds threat-classification and notification-request authority. - availability: - schedule: always - timezone: Europe/Riga + description: >- + Holds air-threat classification, public-notification request and + interception authorisation authority. The decision owner of this process. + availability: {schedule: always, timezone: Europe/Riga} - id: nbs.air-defence type: human_role name: NBS air-defence units (pretgaisa aizsardziba) - description: Ground air-defence; coordinates interception, including with NATO Baltic Air Policing. + description: Ground-based air defence; executes or coordinates interception. - id: vugd.duty type: human_role name: VUGD operational duty / 112 (State Fire and Rescue Service) - description: Receives 112 calls and executes site fire and rescue response. + description: Receives 112 calls; executes site fire and rescue response. - id: vugd.cell-broadcast type: system_api name: Cell-broadcast system (sunu apraide), operated by VUGD - description: Public early-warning cell-broadcast platform. - capabilities: - - lv.gov.civdef.cell_broadcast + description: >- + Public early-warning cell-broadcast platform. The 40-minute dispatch + delay to Rezekne on 7 May 2026 is the failure this package addresses. + capabilities: [lv.gov.civdef.cell_broadcast] endpoint: "https://cb.vugd.gov.lv/api/v1" - authentication: - method: api_key - configRef: secrets/vugd-cell-broadcast - availability: - schedule: always - timezone: Europe/Riga + authentication: {method: api_key, configRef: secrets/vugd-cell-broadcast} + availability: {schedule: always, timezone: Europe/Riga} - id: vp.duty type: human_role name: State Police (Valsts policija) operational duty - description: Scene security, access control and public order at incident sites. + description: Scene security, cordon and public order at incident sites. + + - id: nmpd.duty + type: human_role + name: Emergency Medical Service (NMPD) operational duty + description: Casualty assessment and pre-hospital medical response. - id: kvc type: human_role name: Crisis Management Centre (Krizes vadibas centrs) - description: Cross-institutional crisis coordination and after-action review. + description: Cross-institutional crisis coordination, escalation and after-action review. + + - id: iem.duty + type: human_role + name: Ministry of the Interior (Iekslietu ministrija) duty + description: Interior-sector coordination across VP, VUGD and the State Border Guard. - id: am type: human_role name: Ministry of Defence (Aizsardzibas ministrija) - description: Public communication, origin attribution oversight and algorithm governance. + description: Public communication, origin attribution oversight, algorithm governance. - id: municipal.civil-protection type: human_role name: Municipal civil-protection commissions (cooperation territories) description: Local civil-protection response and resident enquiry handling. + - id: nato.bap + type: external_party + name: NATO Baltic Air Policing + description: Allied air-policing detachment; executes air interception when tasked. + - id: agent.threat-assessment type: ai_agent name: Civil-defence threat-assessment assistant - description: AI assistant that recommends air-threat severity; advisory only. - capabilities: - - ai.classify - - ai.complete + description: >- + AI assistant that recommends object classification and air-threat + severity. Advisory only; never authorises action (see guardrails). + capabilities: [ai.classify, ai.complete] endpoint: "mcp://agents/civdef-threat-assessment" - authentication: - method: did + authentication: {method: did} - id: mcp.osint-monitor type: mcp_tool name: OSINT / disinformation monitoring MCP tool - description: MCP tool that surfaces and classifies disinformation about the incident. - capabilities: - - ai.classify + description: Surfaces and classifies disinformation about the incident. + capabilities: [ai.classify] endpoint: "mcp://lv-civdef/osint-monitor" - authentication: - method: oauth2 - configRef: secrets/osint-monitor-oauth + authentication: {method: oauth2, configRef: secrets/osint-monitor-oauth} -# --------------------------------------------------------------------------- -# Bindings — each process / decision / case element bound to exactly one -# primary target. mode: manual = human only, assisted = AI suggests / human -# approves, autonomous = system executes, supervised = system executes with -# monitoring. # --------------------------------------------------------------------------- bindings: - # --- BPMN process tasks --- - - source: - type: bpmn.task - ref: "Task_Classify" + + # ---- BPMN process tasks ---- + - element: "bpmn.task:Task_TrackObject" + label: "Establish & maintain object track" targetId: nbs.air-surveillance mode: supervised - requiredCapabilities: - - lv.gov.civdef.air_surveillance_feed - contract: - timeout: "60s" - notes: "NBS Joint Staff supervises classification of the surveillance feed." + requiredCapabilities: [lv.gov.civdef.air_surveillance_feed] + contract: {timeout: "continuous"} - - source: - type: bpmn.task - ref: "Task_RequestBroadcast" - targetId: nbs.joint-staff - mode: manual - contract: - timeout: "5m" - fallback: - escalationPath: - - kvc - onTimeout: escalate - notes: >- - GAP G2: in the AS-IS algorithm this request is the single trigger. The - escalation path to KVC is a proposed v0.3 fallback authority, not yet - institutionally agreed. - - - source: - type: bpmn.task - ref: "Task_CellBroadcast" - targetId: vugd.cell-broadcast - mode: autonomous - requiredCapabilities: - - lv.gov.civdef.cell_broadcast - contract: - timeout: "30s" - retries: - maxAttempts: 2 - backoffMs: 2000 - notes: "VUGD operational duty owns the platform; dispatch is automated on request." - - - source: - type: bpmn.task - ref: "Task_NotifyAgencies" - targetId: nbs.joint-staff - mode: assisted - notes: >- - Parallel notification to KVC, IeM and municipal civil-protection - commissions. KVC, IeM and municipalities are informed parties. - - - source: - type: bpmn.task - ref: "Task_CoordBAP" - targetId: nbs.air-defence - mode: manual - notes: >- - NBS air-defence coordinates the response; air interception is executed by - NATO Baltic Air Policing per Decision_InterceptionAuthorization rationale - R_BAP_AIR. NATO BAP is an external party reached through this binding. - - - source: - type: bpmn.task - ref: "Task_LocalResponse" - targetId: municipal.civil-protection - mode: manual - notes: >- - State Police support scene response; the Ministry of Education and - Science (IZM) is consulted for school-closure guidance (GAP G8). - - - source: - type: bpmn.task - ref: "Task_AllClear" - targetId: vugd.cell-broadcast - mode: autonomous - contract: - timeout: "30s" - notes: "All-clear broadcast issued on NBS Joint Staff declaration." - - # --- DMN decisions --- - - source: - type: dmn.decision - ref: "Decision_AirThreatSeverity" + - element: "bpmn.task:Task_ClassifyObject" + label: "Classify object [Object classification]" targetId: agent.threat-assessment mode: assisted - requiredCapabilities: - - ai.classify - notes: "AI recommends severity; NBS Joint Staff confirms. Advisory only per guardrails." + requiredCapabilities: [ai.classify] + notes: "AI proposes the object class; NBS Air Surveillance confirms." - - source: - type: dmn.decision - ref: "Decision_CellBroadcastScope" + - element: "bpmn.task:Task_AssessSeverity" + label: "Assess air-threat severity [Air-threat severity]" + targetId: nbs.joint-staff + mode: assisted + notes: "AI severity recommendation; NBS Joint Staff confirms the threat level." + + - element: "bpmn.task:Task_LogAndMonitor" + label: "Log & monitor (no public alert)" + targetId: nbs.air-surveillance + mode: supervised + + - element: "bpmn.task:Task_DetermineUrgency" + label: "Determine notification urgency & SLA [Notification urgency]" + targetId: nbs.joint-staff + mode: assisted + notes: "Output broadcastSlaSeconds becomes the timer on Task_DispatchBroadcast." + + - element: "bpmn.task:Task_DetermineBroadcast" + label: "Determine cell-broadcast scope [Cell-broadcast scope]" + targetId: nbs.joint-staff + mode: assisted + notes: "VARAM consulted on the cell-broadcast platform; templates are pre-typed (GAP G3)." + + - element: "bpmn.task:Task_AuthorizeBroadcast" + label: "Authorize public broadcast" targetId: nbs.joint-staff mode: manual - notes: "VARAM consulted on the cell-broadcast platform; message templates are typed (GAP G3)." + contract: {timeout: "PT3M"} + fallback: {escalationPath: [kvc], onTimeout: escalate} + notes: >- + GAP G2: in the AS-IS algorithm this authority is the single point of + failure. The KVC escalation path is a proposed v0.3 fallback authority, + not yet institutionally agreed. - - source: - type: dmn.decision - ref: "Decision_InterceptionAuthorization" + - element: "bpmn.task:Task_DispatchBroadcast" + label: "Dispatch public cell-broadcast" + targetId: vugd.cell-broadcast + mode: autonomous + requiredCapabilities: [lv.gov.civdef.cell_broadcast] + contract: + timeout: "from-decision:broadcastSlaSeconds" + retries: {maxAttempts: 2, backoffMs: 2000} + notes: >- + The non-interrupting SLA-breach boundary timer fires if dispatch is not + confirmed within broadcastSlaSeconds and triggers Task_EscalateSla. + + - element: "bpmn.task:Task_EscalateSla" + label: "Escalate SLA breach to Crisis Mgmt" + targetId: kvc + mode: manual + notes: "Runs only when the SLA boundary timer fires; this is the Rezekne safeguard." + + - element: "bpmn.task:Task_NotifyAgencies" + label: "Notify KVC, IeM & municipal commissions" + targetId: nbs.joint-staff + mode: assisted + notes: "KVC, IeM and municipal commissions are informed parties." + + - element: "bpmn.task:Task_AuthorizeInterception" + label: "Authorize interception [Interception authorization]" targetId: nbs.joint-staff mode: manual - notes: "Safety criteria made explicit and inspectable (GAP G7)." + notes: "Decision logic gates engagement on positive hostile ID and safety (GAP G7)." - # --- CMMN case human tasks --- - - source: - type: cmmn.humanTask - ref: "HT_DebrisSearch" + - element: "bpmn.task:Task_GroundEngage" + label: "Ground air-defence engagement" + targetId: nbs.air-defence + mode: manual + + - element: "bpmn.task:Task_RequestBAP" + label: "Request NATO BAP engagement" + targetId: nato.bap + mode: manual + notes: "Cross-pool message flow; NATO BAP executes air interception when tasked." + + - element: "bpmn.task:Task_MaintainTrack" + label: "Maintain track & monitor" + targetId: nbs.air-surveillance + mode: supervised + + - element: "bpmn.task:Task_AssessStandDown" + label: "Assess stand-down criteria [Stand-down & all-clear]" + targetId: nbs.joint-staff + mode: assisted + + - element: "bpmn.task:Task_AllClearBroadcast" + label: "Dispatch all-clear broadcast" + targetId: vugd.cell-broadcast + mode: autonomous + requiredCapabilities: [lv.gov.civdef.cell_broadcast] + contract: {timeout: "PT30S"} + + - element: "bpmn.task:Task_HandToInvestigation" + label: "Open field-response & investigation case" + targetId: kvc + mode: manual + notes: "Instantiates the CMMN case Case_FieldResponseInvestigation." + + # ---- DMN decisions ---- + - element: "dmn.decision:Decision_ObjectClassification" + label: "Object classification & confidence" + targetId: agent.threat-assessment + mode: assisted + requiredCapabilities: [ai.classify] + + - element: "dmn.decision:Decision_AirThreatSeverity" + label: "Air-threat severity" + targetId: nbs.joint-staff + mode: assisted + + - element: "dmn.decision:Decision_NotificationUrgency" + label: "Notification urgency & SLA" + targetId: nbs.joint-staff + mode: supervised + notes: "Deterministic table; NBS Joint Staff may override the SLA tier upward." + + - element: "dmn.decision:Decision_CellBroadcastScope" + label: "Cell-broadcast scope & message" + targetId: nbs.joint-staff + mode: supervised + + - element: "dmn.decision:Decision_InterceptionAuthorization" + label: "Interception authorization" targetId: nbs.joint-staff mode: manual - notes: "State Police support crash-site localisation." + notes: "Evaluated as decision support; the engage outcome still requires manual command authority." - - source: - type: cmmn.humanTask - ref: "HT_FireSuppression" + - element: "dmn.decision:Decision_StandDownCriteria" + label: "Stand-down & all-clear" + targetId: nbs.joint-staff + mode: supervised + + # ---- CMMN case human tasks ---- + - element: "cmmn.humanTask:HT_DebrisLocalisation" + label: "Localise crash / debris site" + targetId: nbs.joint-staff + mode: manual + notes: "State Police and municipal commissions support localisation." + + - element: "cmmn.humanTask:HT_FireSuppression" + label: "Fire suppression at impact site" targetId: vugd.duty mode: manual - - source: - type: cmmn.humanTask - ref: "HT_SceneSecurity" + - element: "cmmn.humanTask:HT_SceneSecurity" + label: "Establish scene cordon & security" targetId: vp.duty mode: manual - - source: - type: cmmn.humanTask - ref: "HT_MunicipalQA" + - element: "cmmn.humanTask:HT_CasualtyResponse" + label: "Casualty assessment & medical response" + targetId: nmpd.duty + mode: manual + + - element: "cmmn.humanTask:HT_MunicipalEnquiries" + label: "Handle resident enquiries (112 / municipal)" targetId: municipal.civil-protection mode: manual - - source: - type: cmmn.humanTask - ref: "HT_TechExam" + - element: "cmmn.humanTask:HT_DebrisCollection" + label: "Collect & catalogue debris" targetId: nbs.joint-staff mode: manual - - source: - type: cmmn.humanTask - ref: "HT_OriginAttribution" + - element: "cmmn.humanTask:HT_TechnicalExam" + label: "Technical examination of the UAV" targetId: nbs.joint-staff mode: assisted - notes: "Ministry of Defence consulted; AI may assist analysis but not attribute autonomously." + requiredCapabilities: [ai.classify] + notes: "AI may assist component analysis; conclusions are human-confirmed." - - source: - type: cmmn.humanTask - ref: "HT_DisinfoMonitor" + - element: "cmmn.humanTask:HT_OriginAttribution" + label: "Origin attribution analysis" + targetId: nbs.joint-staff + mode: assisted + notes: "Ministry of Defence consulted; AI may assist but never attributes autonomously." + + - element: "cmmn.humanTask:HT_DisinfoMonitor" + label: "Monitor & counter disinformation" targetId: mcp.osint-monitor mode: assisted - requiredCapabilities: - - ai.classify - notes: "Disinformation surfaced and classified via MCP tool; human reviews before correction." + requiredCapabilities: [ai.classify] + notes: "Disinformation surfaced via MCP tool; a human reviews before any correction." - - source: - type: cmmn.humanTask - ref: "HT_Press" + - element: "cmmn.humanTask:HT_PressBriefing" + label: "Public press briefing" targetId: am mode: manual - notes: "KVC consulted; public communication requires human oversight per guardrails." + notes: "KVC consulted; public communication requires human authorship per guardrails." - - source: - type: cmmn.humanTask - ref: "HT_AfterAction" + - element: "cmmn.humanTask:HT_AfterAction" + label: "Inter-institutional after-action review" targetId: kvc mode: manual - notes: "Ministry of Defence accountable; Government Crisis Management Council informed." + notes: "Ministry of Defence accountable; feeds algorithm revision." diff --git a/uapf.yaml b/uapf.yaml index 3c0e0e9..26bc810 100644 --- a/uapf.yaml +++ b/uapf.yaml @@ -2,56 +2,85 @@ kind: uapf.package id: lv.civdef.drone-threat-public-address name: Drone Threat Public Address & Citizen Notification description: >- - Level-4 process package modelling the cross-institutional algorithm for - detecting an unmanned-aerial-vehicle (drone) threat over Latvian airspace, - deciding on and triggering public cell-broadcast notification, coordinating - interception, and conducting field response and origin investigation. - Derived from the public chronology of the 7 May 2026 Rezekne drone incident - and the Ministry of Defence commitment to revise the inter-institutional - notification algorithms. + Level-4 UAPF process package modelling the cross-institutional algorithm by + which Latvia detects an unmanned-aerial-vehicle (drone) threat over national + airspace, decides on and dispatches a public cell-broadcast within a bounded + notification SLA, authorises and coordinates interception, and conducts field + response and drone-origin investigation. Derived from the public chronology + of the 7 May 2026 Rezekne drone incident and the Ministry of Defence + commitment to revise the inter-institutional notification algorithms. This is + an independent modelling demonstrator, not an official state algorithm. level: 4 -version: "0.2.0" +version: "0.3.0" includes: [] dependencies: {} + cornerstones: bpmn: true dmn: true cmmn: true resources: true + paths: bpmn: bpmn dmn: dmn cmmn: cmmn resources: resources metadata: metadata + artifacts: bpmn: - path: bpmn/drone-threat-public-address.bpmn role: primary-process - description: End-to-end detection, notification, interception and field-response flow. + description: >- + End-to-end detection, classification, public notification, interception + and field-response flow across six institution lanes, with a + non-interrupting SLA-breach boundary timer on the cell-broadcast task. dmn: - path: dmn/air-threat-decisions.dmn role: decision-model - description: Three decisions — air-threat severity, cell-broadcast scope, interception authorization. + description: >- + Six chained, individually documented decisions — object classification, + air-threat severity, notification urgency & SLA, cell-broadcast scope, + interception authorization, and stand-down criteria. cmmn: - path: cmmn/field-response-investigation.cmmn role: case-model - description: Discretionary field response and drone-origin investigation case. + description: >- + Discretionary field-response, drone-origin investigation and public + communication case, structured as three stages with entry sentries. resources: - path: resources/mappings.yaml role: resource-mapping - description: Institution and system targets bound to process, decision and case elements. + description: >- + Every process, decision and case element bound to a primary executing + target, with an element-level legend for tracing bindings to diagrams. - path: resources/guardrails.yaml role: ip-guardrails - description: UAPF-IP guardrails policy snapshot enforced at every capability call. + description: UAPF-IP guardrail policy enforced at every capability call. + inputs: - airborneObjectTrack - - objectClassification + - radarCrossSection + - emissionProfile + - visualConfirmation + - airspaceStatus + - trajectoryTowardPopulated + - distanceToPopulatedKm + - estimatedMinutesToPopulated - borderProximityTier + - corridorMunicipalities + - positiveHostileId + outputs: + - threatLevel + - notificationTier + - broadcastSlaSeconds - cellBroadcastDispatch - interceptionDecision - - incidentReport + - standDownDecision + - incidentCaseRef + exposure: mcp: enabled: true @@ -59,33 +88,45 @@ exposure: exposedEntrypoints: - process: Process_DroneThreatPublicAddress tool: drone_threat_public_address.run + - decision: Decision_ObjectClassification + tool: object_classification.evaluate - decision: Decision_AirThreatSeverity tool: air_threat_severity.evaluate + - decision: Decision_NotificationUrgency + tool: notification_urgency.evaluate - decision: Decision_CellBroadcastScope tool: cell_broadcast_scope.evaluate - decision: Decision_InterceptionAuthorization tool: interception_authorization.evaluate + - decision: Decision_StandDownCriteria + tool: stand_down_criteria.evaluate exposedArtifacts: - manifest - bpmn - dmn - cmmn - docs + requires_capabilities: - task.assign@1+ - task.complete@1+ - task.escalate@1+ - event.emit@1+ + - timer.schedule@1+ - ai.classify@1+ - ai.complete@1+ - lv.gov.civdef.air_surveillance_feed@1+ - lv.gov.civdef.cell_broadcast@1+ + profiles_supported: - uapf-ip-orchestrated - uapf-ip-sync-decision + guardrails: resources/guardrails.yaml + owners: - type: person id: rihards.gailums contact: rihards.gailums@gmail.com + lifecycle: draft