Skip to content

docs(conformance): add runtime-enforcement-mapping addendum (OWASP#802)#177

Open
pshkv wants to merge 4 commits intomainfrom
docs/owasp-runtime-enforcement-mapping
Open

docs(conformance): add runtime-enforcement-mapping addendum (OWASP#802)#177
pshkv wants to merge 4 commits intomainfrom
docs/owasp-runtime-enforcement-mapping

Conversation

@pshkv
Copy link
Copy Markdown
Contributor

@pshkv pshkv commented Apr 21, 2026

Summary

Adds docs/conformance/runtime-enforcement-mapping.md — an invariant-level companion to owasp-asi-mapping.md that maps each of the 30 ASI fixture vectors to the four runtime integrity invariants converging in OWASP/www-project-top-10-for-large-language-model-applications#802.

Follow-through on the commitment made in the OWASP thread to contribute this addendum.

Structure

  • Layer 1 (Transmission integrity) — 3 fixtures. Ed25519 + RFC 8785 JCS guarantees. Open gap tracked in Persistence round-trip: rowToToken drops 8 optional token fields (follow-up to #168) #175.
  • Layer 2 (Authorization integrity at execution) — 10 fixtures. SINT's primary claim. request_authorized == request_executed.
  • Layer 3 (Execution integrity) — 12 fixtures. Supply chain, history, circuit breaker.
  • Layer 4 (Intent integrity) — 4 fixtures, explicitly scoped as advisory, not deterministic. Keeps heuristic detection separate from cryptographic enforcement so conformance claims can't overclaim.

Why this matters for conformance

Implementations claiming "ASI02 coverage" should specify the invariant (authorization-integrity-at-execution, fixtures X/Y/Z) rather than just the control ID. Intent-layer coverage should be explicitly scoped as heuristic and fail-open. This doc gives that level of granularity without changing any existing owasp-asi-mapping.md content.

Files changed

  • docs/conformance/runtime-enforcement-mapping.md (new, 130 lines)
  • docs/conformance/owasp-asi-mapping.md (+1 line — header link to new doc)

Test plan

  • Docs-only change; no test suite run required
  • Verify invariant-level counts (3 + 10 + 12 + 4 = 29) against fixture pack (30 vectors — ASI07-safe-valid-delegation-chain is non-vector-enforced, delegation allow case)
  • Verify links resolve (./runtime-enforcement-mapping.md from owasp-asi-mapping.md)

Refs

pshkv added 4 commits April 18, 2026 10:47
@pshkv
feat(world-model-provenance): v0.3 Phase 1 implementation with stalen…
e98fcf5 
…ess thresholds, assumption ledger, and simulator validation (39 tests)
@pshkv
feat(degraded-connectivity): v0.3 Phase 2 implementation with offline…
56e9deb 
… T0/T1 autonomy and local buffer replay (50 tests)
@pshkv
feat(delegated-capability-chains): v0.3 Phase 3 implementation with c…
d1bf55c 
…apability delegation, handoff receipts, and quorum rules (37 tests)
@pshkv
docs(conformance): add runtime-enforcement-mapping.md addendum
2341afc 
Maps each of the 30 ASI fixture vectors to the four runtime integrity
invariants converging in OWASP#802 (transmission / authorization-at-
execution / execution / intent).

Rationale:
- Implementations should claim coverage against a specific invariant,
  not the broader OWASP category — a regex heuristic is not the same
  conformance guarantee as a monotonic-delegation check
- Keeps the cryptographic layer (deterministic) separate from the
  intent layer (advisory, fail-open) so conformance claims can't
  overclaim intent integrity as runtime-enforceable
- Addresses the "pin each layer to concrete control-class IDs"
  suggestion raised in the thread

Links companion doc from owasp-asi-mapping.md header.

Refs: OWASP/www-project-top-10-for-large-language-model-applications#802
Refs: #175 (transmission-integrity fixture gap tracked separately)
@pshkv pshkv mentioned this pull request Apr 21, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pshkv