v0.2

2026-05-18 14:05:37 +03:00
parent 3da6362c49
commit ed1d44e94a
16 changed files with 1686 additions and 867 deletions
--- a/metadata/lifecycle.yaml
+++ b/metadata/lifecycle.yaml
@@ -1,19 +1,37 @@
 kind: uapf.metadata.lifecycle
-status: draft
-created: "2026-05-17T00:00:00Z"
-lastModified: "2026-05-17T00:00:00Z"
-changeHistory:
-  - version: "0.2.0"
-    date: "2026-05-17"
-    summary: >-
-      Rebuilt against UAPF specification v2.2.0 SSOT. Corrected cornerstone
-      file extensions, resource-mapping schema, ownership/lifecycle metadata;
-      added policies, UAPF-IP guardrails, MCP exposure and workspace index.
-    author: rihards.gailums
+version: "0.3.0"
+
+package: lv.civdef.drone-threat-public-address
+state: draft
+
+history:
  - version: "0.1.0"
    date: "2026-05-17"
-    summary: >-
-      Initial draft modelling the AS-IS notification algorithm and its
-      identified gaps from the public chronology of the 7 May 2026 Rezekne
-      drone incident.
-    author: rihards.gailums
+    state: draft
+    note: Initial Level-4 package skeleton (BPMN + 3-decision DMN + CMMN).
+  - version: "0.2.0"
+    date: "2026-05-17"
+    state: draft
+    note: UAPF v2.2.0 manifest alignment; portable .uapf packaging.
+  - version: "0.3.0"
+    date: "2026-05-18"
+    state: draft
+    note: >-
+      Deep rebuild. DMN expanded to 6 decisions with descriptions and a clean
+      DRD; declared-but-unused decision inputs removed (interception now gated
+      on positive hostile ID). BPMN expanded to six institution lanes with a
+      non-interrupting SLA-breach boundary timer. CMMN deepened to three
+      stages. Resource mappings given an element-level legend.
+
+transitions:
+  draft -> review:
+    requires:
+      - Institutional review of the modelled algorithm by NBS Joint Staff.
+      - Confirmation of the GAP G2 escalation authority (Task_AuthorizeBroadcast).
+  review -> approved:
+    requires:
+      - Sign-off by the Ministry of Defence algorithm-governance authority.
+
+review:
+  next_review_due: "2026-08-18"
+  open_gaps_ref: docs/01-institutional-gap-analysis.md
--- a/metadata/ownership.yaml
+++ b/metadata/ownership.yaml
@@ -1,12 +1,37 @@
 kind: uapf.metadata.ownership
+version: "0.3.0"
+
+package: lv.civdef.drone-threat-public-address
+
 owners:
  - type: person
    id: rihards.gailums
-    name: Rihards Gailums
+    role: package-author
    contact: rihards.gailums@gmail.com
-    role: owner
-approvers:
-  - rihards.gailums
-escalation:
-  primary: rihards.gailums
-  sla_hours: 72
+
+stewards:
+  - type: role
+    id: nbs.joint-staff
+    role: process-owner
+    note: >-
+      Accountable for the modelled algorithm in operation. Placeholder pending
+      formal institutional assignment.
+  - type: role
+    id: am.algorithm-governance
+    role: governance-authority
+    note: >-
+      Ministry of Defence — owns revision of the inter-institutional
+      notification algorithm per the public 7 May 2026 commitment.
+
+classification: OFFICIAL
+distribution: >-
+  Draft modelling artefact derived entirely from public-source reporting and
+  open civil-protection legislation. Contains no classified or operational
+  data. Endpoints and credentials in resources/ are illustrative placeholders.
+
+provenance:
+  derived_from: public chronology of the 7 May 2026 Rezekne drone incident
+  not_an_official: >-
+    This package is an independent UAPF modelling demonstrator. It is not an
+    official algorithm of the NBS, VUGD, the Ministry of Defence or any other
+    Latvian state institution.
--- a/metadata/policies.yaml
+++ b/metadata/policies.yaml
@@ -1,22 +1,29 @@
-kind: uapf.policies
-classification:
-  level: restricted
-  dataCategories:
-    - civil-defence
-    - national-security
-    - public-warning
-execution:
-  requiresApproval: true
-  approvalRoles:
-    - aizsardzibas-ministrija
-    - krizes-vadibas-centrs
-  auditRequired: true
-  maxConcurrentExecutions: 1
-  allowedEnvironments:
-    - development
-    - staging
-requiredClaims:
-  - type: civil-defence-operator
-delegation:
-  allowAgentDelegation: false
-  maxDelegationDepth: 0
+kind: uapf.metadata.policies
+version: "0.3.0"
+
+package: lv.civdef.drone-threat-public-address
+
+audit:
+  decision_logging: required
+  retention: P3Y
+  records:
+    - decision inputs, matched rule id and outputs
+    - actor identity and timestamp for every manual authorisation
+    - SLA timer arm / fire / clear events
+
+data_protection:
+  regime: GDPR + Latvian civil-protection law
+  personal_data:
+    - 112 caller data is processed by VUGD under existing emergency-service basis.
+    - OSINT disinformation monitoring is restricted to public posts (guardrail GR-6).
+  data_boundary: EU
+
+access:
+  package_visibility: OFFICIAL
+  decision_evaluation: NBS Joint Staff and bound targets only
+  amendment_authority: Ministry of Defence algorithm governance
+
+compliance_refs:
+  - Civil Protection and Disaster Management Law (Latvia)
+  - Cabinet regulations on the early-warning cell-broadcast system
+  - NATO Baltic Air Policing arrangements (interception execution)