lv-civdef-drone-threat-public-address/README.md

# lv.civdef.drone-threat-public-address

**UAPF Level-4 process package — v0.2.0 (draft)**
**Conformant to UAPF specification v2.2.0** — see `docs/04-validation-report.md`.

Drone Threat Public Address & Citizen Notification — a process model of the
cross-institutional algorithm for detecting a drone threat over Latvian
airspace, deciding on and triggering public cell-broadcast notification,
coordinating interception, and conducting field response and origin
investigation.

Built from the public record of the 7 May 2026 Rēzekne drone incident and the
Ministry of Defence commitment to revise the inter-institutional notification
algorithms. **Not approved for operational use** (`lifecycle.status: draft`).

## Layout

```
lv-civdef-drone-threat-public-address/
├── uapf.yaml                                  # manifest (kind: uapf.package, level 4)
├── bpmn/
│   └── drone-threat-public-address.bpmn       # end-to-end process flow
├── dmn/
│   └── air-threat-decisions.dmn               # 3 decisions: severity / scope / interception
├── cmmn/
│   └── field-response-investigation.cmmn      # field-response & origin-investigation case
├── resources/
│   ├── mappings.yaml                          # 11 targets, 19 bindings
│   └── guardrails.yaml                        # UAPF-IP guardrails policy snapshot
├── metadata/
│   ├── ownership.yaml
│   ├── lifecycle.yaml
│   └── policies.yaml                          # classification / execution / delegation
└── docs/                                      # non-normative supporting analysis
    ├── 00-incident-chronology.md
    ├── 01-institutional-gap-analysis.md
    ├── 02-raci.md
    ├── 03-uapf-ip-integration.md
    └── 04-validation-report.md
```

## Cornerstones

- **BPMN** `Process_DroneThreatPublicAddress` — detection → threat assessment →
  gateway → broadcast-scope decision → request → parallel block
  {cell broadcast | agency notification | interception evaluation} →
  synchronise → local response → all-clear → field-response case → close.
- **DMN** one DRD, three decisions — `Decision_AirThreatSeverity`,
  `Decision_CellBroadcastScope`, `Decision_InterceptionAuthorization`.
- **CMMN** `Case_DroneIncidentFieldResponse` — debris search, fire suppression,
  scene security, an investigation stage (technical exam, origin attribution,
  disinformation monitoring), plus discretionary press and after-action review.
- **Resources** 11 targets (NBS surveillance/Joint Staff/air-defence, VUGD duty
  and cell-broadcast system, State Police, KVC, Ministry of Defence, municipal
  commissions, an AI threat-assessment agent, an OSINT MCP tool) bound to every
  process / decision / case element via the v2.2.0 resource-mapping schema.

## UAPF-IP & MCP

The manifest declares `requires_capabilities`, `profiles_supported`
(`uapf-ip-orchestrated`, `uapf-ip-sync-decision`), `guardrails`, and an
`exposure.mcp` block exposing the process and the three decisions as MCP tools.
See `docs/03-uapf-ip-integration.md`.

## Validation

```
python3 ../../validate.py ../.. <path-to-UAPF-specification-repo>
```

Result: PASS, 0 errors, 0 warnings against UAPF v2.2.0. The reference CLI
`tools/uapf-cli/uapf.py` will wrongly reject this package because it checks for
the obsolete `.bpmn.xml` extension — this is a known upstream bug, documented in
`docs/04-validation-report.md`.

## Intended steward

Authored as an external draft (owner: Rihards Gailums). The intended
institutional steward on hand-over is the Ministry of Defence
(Aizsardzības ministrija) jointly with the Crisis Management Centre
(Krīzes vadības centrs).

## Sources

Public reporting only — LSM / eng.lsm.lv, Apollo, TV3, Meduza, Defense News,
The Globe and Mail, and the Wikipedia article "2026 Ukrainian drone incursions
into Baltic states". Dated record in `docs/00-incident-chronology.md`.