Skip to content

wiki: sync 90 updated research pages, restructure C04/C05/C06#703

Merged
jmanico merged 1 commit intomainfrom
wiki/sync-20260417-b06c
Apr 17, 2026
Merged

wiki: sync 90 updated research pages, restructure C04/C05/C06#703
jmanico merged 1 commit intomainfrom
wiki/sync-20260417-b06c

Conversation

@jmanico
Copy link
Copy Markdown
Member

@jmanico jmanico commented Apr 17, 2026

Summary

Bulk sync of the research companion pages to match the current AISVS 1.0 standard. Most of this is refreshed prose and citations from recent research passes; the structural changes in C04, C05, and C06 bring the file layout in line with the requirement numbering in 1.0/en/.

Refreshed research (across C01–C14 and Appendix C/D)

Updated prose, recent incidents, tooling callouts, and citation freshness pass across 90 existing pages. Highlights from recent batches:

  • C14-04 explainable AI techniques
  • C14-03 chain of responsibility & auditability
  • C14-02 human-in-the-loop checkpoints
  • C12 privacy set (C12-01 anonymization, C12-02 right-to-be-forgotten, C12-06 federated learning)
  • C08 memory/embeddings (C08-02 sanitization, C08-04 inversion/leakage, C08-05 multi-tenant scope)
  • C05-01 authentication, C05-04 output entitlement
  • C03-05 hosted provider-managed controls
  • C01-01/02/04 training data origin, security, quality
  • Appendix C (AI secure coding), Appendix D (controls inventory)

C04 — Infrastructure (8 → 3 requirements)

Rewritten to match the current standard, which consolidated the old 8-requirement layout into 3:

  • New: C04-01-Workload-Sandboxing-Validation.md, C04-02-Hardware-Security.md, C04-03-Edge-Distributed-Security.md
  • Removed: old C04-01-Runtime-Environment-Isolation, C04-02-Secure-Build-Deployment, C04-03-Network-Security-Access-Control, C04-04-Secrets-Key-Management, C04-05-Workload-Sandboxing-Validation, C04-06-Resource-Management-Backup-Recovery, C04-07-Hardware-Security, C04-08-Edge-Distributed-Security

C05 — Access Control & Identity

  • New: C05-05-Policy-Decision-Point-Isolation.md, C05-06-Multi-Tenant-Isolation.md
  • Removed: old C05-05-Multi-Tenant-Isolation.md, C05-06-Autonomous-Agent-Authorization.md

C06 — Supply Chain

Requirement set reordered to match 1.0:

  • New: C06-02-Trusted-Source-Enforcement.md, C06-03-Third-Party-Dataset-Risk.md, C06-04-Supply-Chain-Attack-Monitoring.md, C06-05-AI-BOM-Model-Artifacts.md
  • Removed: C06-02-Framework-Library-Scanning.md, C06-03-Dependency-Pinning-Verification.md, C06-04-Trusted-Source-Enforcement.md, C06-05-Third-Party-Dataset-Risk.md, C06-06-Supply-Chain-Attack-Monitoring.md, C06-07-AI-BOM-Model-Artifacts.md

Checklist

  • Requirement IDs match current source
  • No infrastructure references in content
  • Spot-check URLs resolve

@jmanico jmanico merged commit daccaa6 into main Apr 17, 2026
2 checks passed
@jmanico jmanico deleted the wiki/sync-20260417-b06c branch April 17, 2026 10:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jmanico