PyPI - icdev - Versions diffs - 1.0.0__py3-none-any.whl - Mend

icdev 1.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1105) hide show

icdev/__init__.py +18 -0
icdev/_paths.py +85 -0
icdev/_version.py +3 -0
icdev/data/__init__.py +1 -0
icdev/data/args/__init__.py +1 -0
icdev/data/args/agent_authority.yaml +61 -0
icdev/data/args/agent_config.yaml +355 -0
icdev/data/args/agentic_fitness.yaml +31 -0
icdev/data/args/ai_governance_config.yaml +137 -0
icdev/data/args/atlas_critique_config.yaml +66 -0
icdev/data/args/bedrock_models.yaml +63 -0
icdev/data/args/cicd_config.yaml +82 -0
icdev/data/args/classification_config.yaml +232 -0
icdev/data/args/cli_config.yaml +154 -0
icdev/data/args/cloud_config.yaml +63 -0
icdev/data/args/code_pattern_config.yaml +151 -0
icdev/data/args/code_quality_config.yaml +47 -0
icdev/data/args/companion_registry.yaml +202 -0
icdev/data/args/context_config.yaml +82 -0
icdev/data/args/csp_monitor_config.yaml +268 -0
icdev/data/args/cui_markings.yaml +35 -0
icdev/data/args/db_config.yaml +40 -0
icdev/data/args/deployment_profiles.yaml +248 -0
icdev/data/args/dev_profile_config.yaml +144 -0
icdev/data/args/devsecops_config.yaml +286 -0
icdev/data/args/endpoint_security_config.yaml +137 -0
icdev/data/args/extension_config.yaml +79 -0
icdev/data/args/file_access_tiers.yaml +88 -0
icdev/data/args/framework_registry.yaml +415 -0
icdev/data/args/innovation_config.yaml +431 -0
icdev/data/args/installation_manifest.yaml +1087 -0
icdev/data/args/llm_config.yaml +495 -0
icdev/data/args/maintenance_config.yaml +55 -0
icdev/data/args/memory_config.yaml +83 -0
icdev/data/args/monitoring_config.yaml +127 -0
icdev/data/args/mosa_config.yaml +190 -0
icdev/data/args/nlq_config.yaml +35 -0
icdev/data/args/observability_config.yaml +39 -0
icdev/data/args/observability_tracing_config.yaml +170 -0
icdev/data/args/oscal_tools_config.yaml +43 -0
icdev/data/args/owasp_agentic_config.yaml +171 -0
icdev/data/args/phase_registry.yaml +618 -0
icdev/data/args/project_defaults.yaml +235 -0
icdev/data/args/prompt_chains.yaml +163 -0
icdev/data/args/resilience_config.yaml +50 -0
icdev/data/args/ricoas_config.yaml +191 -0
icdev/data/args/role_personas.yaml +362 -0
icdev/data/args/scaling_config.yaml +176 -0
icdev/data/args/security_gates.yaml +685 -0
icdev/data/args/skill_injection_config.yaml +322 -0
icdev/data/args/spec_config.yaml +53 -0
icdev/data/args/supply_chain_config.yaml +76 -0
icdev/data/args/translation_config.yaml +228 -0
icdev/data/args/workflow_templates/ato_acceleration.yaml +54 -0
icdev/data/args/workflow_templates/build_deploy.yaml +63 -0
icdev/data/args/workflow_templates/full_compliance.yaml +43 -0
icdev/data/args/workflow_templates/security_hardening.yaml +55 -0
icdev/data/args/worktree_config.yaml +34 -0
icdev/data/args/zta_config.yaml +247 -0
icdev/data/context/__init__.py +1 -0
icdev/data/context/agent/__init__.py +1 -0
icdev/data/context/agent/response_schemas/__init__.py +1 -0
icdev/data/context/agent/response_schemas/debate_position.json +46 -0
icdev/data/context/agent/response_schemas/fitness_scorecard.json +74 -0
icdev/data/context/agent/response_schemas/review_decision.json +39 -0
icdev/data/context/agent/response_schemas/task_decomposition.json +82 -0
icdev/data/context/agent/response_schemas/veto_decision.json +40 -0
icdev/data/context/agentic/__init__.py +1 -0
icdev/data/context/agentic/architecture_patterns.md +269 -0
icdev/data/context/agentic/capability_registry.yaml +202 -0
icdev/data/context/agentic/csp_mcp_registry.yaml +280 -0
icdev/data/context/agentic/fitness_rubric.md +56 -0
icdev/data/context/agentic/governance_baseline.md +205 -0
icdev/data/context/ci/__init__.py +1 -0
icdev/data/context/ci/worktree_templates.json +44 -0
icdev/data/context/cloud/__init__.py +1 -0
icdev/data/context/cloud/csp_service_registry.json +739 -0
icdev/data/context/compliance/__init__.py +1 -0
icdev/data/context/compliance/atlas_mitigations.json +293 -0
icdev/data/context/compliance/atlas_techniques.json +833 -0
icdev/data/context/compliance/cisa_sbd_requirements.json +432 -0
icdev/data/context/compliance/cjis_security_policy.json +522 -0
icdev/data/context/compliance/cmmc_practices.json +2494 -0
icdev/data/context/compliance/cmmc_report_template.md +142 -0
icdev/data/context/compliance/cnssi_1253_overlay.json +109 -0
icdev/data/context/compliance/control_crosswalk.json +1914 -0
icdev/data/context/compliance/control_families/__init__.py +1 -0
icdev/data/context/compliance/csp_certifications.json +251 -0
icdev/data/context/compliance/cssp_report_template.md +193 -0
icdev/data/context/compliance/cui_templates/__init__.py +1 -0
icdev/data/context/compliance/cui_templates/banner_block.txt +4 -0
icdev/data/context/compliance/cui_templates/code_header.txt +8 -0
icdev/data/context/compliance/cui_templates/document_template.md +35 -0
icdev/data/context/compliance/data_type_framework_map.json +321 -0
icdev/data/context/compliance/data_type_registry.json +147 -0
icdev/data/context/compliance/dod_cssp_8530.json +463 -0
icdev/data/context/compliance/eu_ai_act_annex_iii.json +108 -0
icdev/data/context/compliance/export_templates/__init__.py +1 -0
icdev/data/context/compliance/export_templates/emass_controls.csv.j2 +4 -0
icdev/data/context/compliance/export_templates/evidence_package.md.j2 +39 -0
icdev/data/context/compliance/export_templates/executive_summary.md.j2 +55 -0
icdev/data/context/compliance/export_templates/poam_tracking.csv.j2 +4 -0
icdev/data/context/compliance/fedramp_20x_ksi_schemas.json +133 -0
icdev/data/context/compliance/fedramp_high_baseline.json +4370 -0
icdev/data/context/compliance/fedramp_moderate_baseline.json +2183 -0
icdev/data/context/compliance/fedramp_report_template.md +181 -0
icdev/data/context/compliance/fips_200_areas.json +362 -0
icdev/data/context/compliance/gao_ai_accountability.json +262 -0
icdev/data/context/compliance/hipaa_security_rule.json +720 -0
icdev/data/context/compliance/hitrust_csf_v11.json +930 -0
icdev/data/context/compliance/impact_level_profiles.json +251 -0
icdev/data/context/compliance/incident_response_template.md +1110 -0
icdev/data/context/compliance/iso27001_2022_controls.json +750 -0
icdev/data/context/compliance/iso27001_nist_bridge.json +382 -0
icdev/data/context/compliance/iso42001_controls.json +254 -0
icdev/data/context/compliance/ivv_checklist_template.md +80 -0
icdev/data/context/compliance/ivv_report_template.md +116 -0
icdev/data/context/compliance/ivv_requirements.json +372 -0
icdev/data/context/compliance/mosa_crosswalk.json +327 -0
icdev/data/context/compliance/mosa_framework.json +250 -0
icdev/data/context/compliance/narrative_templates/AC.md.j2 +101 -0
icdev/data/context/compliance/narrative_templates/AU.md.j2 +106 -0
icdev/data/context/compliance/narrative_templates/IA.md.j2 +104 -0
icdev/data/context/compliance/narrative_templates/SC.md.j2 +102 -0
icdev/data/context/compliance/narrative_templates/SI.md.j2 +111 -0
icdev/data/context/compliance/narrative_templates/__init__.py +1 -0
icdev/data/context/compliance/narrative_templates/default.md.j2 +50 -0
icdev/data/context/compliance/narrative_templates/executive_summary.j2 +27 -0
icdev/data/context/compliance/narrative_templates/poam_milestone.j2 +19 -0
icdev/data/context/compliance/narrative_templates/ssp_section.j2 +11 -0
icdev/data/context/compliance/nist_800_171_controls.json +1552 -0
icdev/data/context/compliance/nist_800_207_crosswalk.json +399 -0
icdev/data/context/compliance/nist_800_207_zta.json +258 -0
icdev/data/context/compliance/nist_800_53.json +324 -0
icdev/data/context/compliance/nist_ai_600_1_genai.json +326 -0
icdev/data/context/compliance/nist_ai_rmf.json +206 -0
icdev/data/context/compliance/nist_sp_800_60_types.json +1667 -0
icdev/data/context/compliance/omb_m25_21_high_impact_ai.json +248 -0
icdev/data/context/compliance/omb_m26_04_unbiased_ai.json +262 -0
icdev/data/context/compliance/owasp_agentic_asi.json +133 -0
icdev/data/context/compliance/owasp_agentic_threats.json +285 -0
icdev/data/context/compliance/owasp_llm_top10.json +274 -0
icdev/data/context/compliance/pci_dss_v4.json +510 -0
icdev/data/context/compliance/poam_template.md +117 -0
icdev/data/context/compliance/safeai_controls.json +512 -0
icdev/data/context/compliance/sbd_report_template.md +77 -0
icdev/data/context/compliance/siem_config_templates/__init__.py +1 -0
icdev/data/context/compliance/siem_config_templates/filebeat.yml +213 -0
icdev/data/context/compliance/siem_config_templates/log_sources.json +208 -0
icdev/data/context/compliance/soc2_trust_criteria.json +661 -0
icdev/data/context/compliance/ssp_template.md +432 -0
icdev/data/context/compliance/stig_templates/__init__.py +1 -0
icdev/data/context/compliance/stig_templates/webapp_stig.json +139 -0
icdev/data/context/compliance/xai_requirements.json +108 -0
icdev/data/context/dashboard/__init__.py +1 -0
icdev/data/context/dashboard/nlq_examples.json +50 -0
icdev/data/context/dashboard/schema_descriptions.json +23 -0
icdev/data/context/integration/__init__.py +1 -0
icdev/data/context/integration/approval_workflows.json +32 -0
icdev/data/context/integration/gitlab_field_mappings.json +33 -0
icdev/data/context/integration/jira_field_mappings.json +32 -0
icdev/data/context/integration/reqif_export_schema.json +23 -0
icdev/data/context/integration/servicenow_field_mappings.json +22 -0
icdev/data/context/languages/__init__.py +1 -0
icdev/data/context/languages/framework_patterns.json +205 -0
icdev/data/context/languages/language_registry.json +279 -0
icdev/data/context/llm/__init__.py +1 -0
icdev/data/context/llm/example_provider.py +86 -0
icdev/data/context/mbse/__init__.py +1 -0
icdev/data/context/mbse/des_report_template.md +162 -0
icdev/data/context/mbse/des_requirements.json +411 -0
icdev/data/context/mbse/digital_thread_patterns.json +403 -0
icdev/data/context/mbse/reqif_schema.json +280 -0
icdev/data/context/mbse/sysml_element_types.json +432 -0
icdev/data/context/modernization/__init__.py +1 -0
icdev/data/context/modernization/db_type_mappings.json +148 -0
icdev/data/context/modernization/decomposition_patterns.json +284 -0
icdev/data/context/modernization/framework_migration_patterns.json +359 -0
icdev/data/context/modernization/migration_report_template.md +168 -0
icdev/data/context/modernization/seven_rs_catalog.json +369 -0
icdev/data/context/modernization/version_upgrade_rules.json +279 -0
icdev/data/context/oscal/NIST_SP-800-53_rev5_catalog.json +254987 -0
icdev/data/context/oscal/README.md +43 -0
icdev/data/context/patterns/__init__.py +1 -0
icdev/data/context/profiles/__init__.py +1 -0
icdev/data/context/profiles/dod_baseline_v1.yaml +145 -0
icdev/data/context/profiles/fedramp_baseline_v1.yaml +143 -0
icdev/data/context/profiles/financial_baseline_v1.yaml +142 -0
icdev/data/context/profiles/healthcare_baseline_v1.yaml +135 -0
icdev/data/context/profiles/law_enforcement_v1.yaml +129 -0
icdev/data/context/profiles/startup_v1.yaml +134 -0
icdev/data/context/requirements/__init__.py +1 -0
icdev/data/context/requirements/ambiguity_patterns.json +97 -0
icdev/data/context/requirements/boundary_impact_rules.json +123 -0
icdev/data/context/requirements/default_constitutions.json +67 -0
icdev/data/context/requirements/document_extraction_rules.json +58 -0
icdev/data/context/requirements/gap_patterns.json +108 -0
icdev/data/context/requirements/readiness_rubric.json +78 -0
icdev/data/context/requirements/red_alternative_patterns.json +210 -0
icdev/data/context/requirements/safe_templates.json +72 -0
icdev/data/context/requirements/spec_quality_checklist.json +122 -0
icdev/data/context/simulation/__init__.py +1 -0
icdev/data/context/simulation/architecture_patterns.json +36 -0
icdev/data/context/simulation/coa_templates.json +38 -0
icdev/data/context/simulation/cost_models.json +23 -0
icdev/data/context/simulation/risk_categories.json +46 -0
icdev/data/context/supply_chain/__init__.py +1 -0
icdev/data/context/supply_chain/isa_templates.json +129 -0
icdev/data/context/supply_chain/nist_800_161_controls.json +247 -0
icdev/data/context/supply_chain/scrm_risk_matrix.json +147 -0
icdev/data/context/templates/__init__.py +1 -0
icdev/data/context/templates/ansible/__init__.py +1 -0
icdev/data/context/templates/ansible/playbooks/__init__.py +1 -0
icdev/data/context/templates/ansible/roles/__init__.py +1 -0
icdev/data/context/templates/gitlab_ci/__init__.py +1 -0
icdev/data/context/templates/grafana/__init__.py +1 -0
icdev/data/context/templates/kubernetes/__init__.py +1 -0
icdev/data/context/templates/project/__init__.py +1 -0
icdev/data/context/templates/project/api/__init__.py +1 -0
icdev/data/context/templates/project/cli/__init__.py +1 -0
icdev/data/context/templates/project/data_pipeline/__init__.py +1 -0
icdev/data/context/templates/project/iac/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/src/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/tests/__init__.py +1 -0
icdev/data/context/templates/project/microservice/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/src/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/features/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/steps/__init__.py +1 -0
icdev/data/context/templates/terraform/__init__.py +1 -0
icdev/data/context/templates/terraform/govcloud_base/__init__.py +1 -0
icdev/data/context/templates/terraform/modules/__init__.py +1 -0
icdev/data/context/tone/__init__.py +1 -0
icdev/data/context/translation/dependency_mappings.json +186 -0
icdev/data/context/translation/type_mappings.json +149 -0
icdev/data/docs/README.md +187 -0
icdev/data/docs/__init__.py +1 -0
icdev/data/docs/admin/gateway-guide.md +338 -0
icdev/data/docs/admin/marketplace-guide.md +396 -0
icdev/data/docs/admin/monitoring-guide.md +509 -0
icdev/data/docs/architecture/compliance-framework.md +764 -0
icdev/data/docs/architecture/database-schema.md +689 -0
icdev/data/docs/architecture/gotcha-framework.md +518 -0
icdev/data/docs/architecture/multi-agent-system.md +603 -0
icdev/data/docs/dx/README.md +106 -0
icdev/data/docs/dx/__init__.py +1 -0
icdev/data/docs/dx/ci-cd-integration.md +378 -0
icdev/data/docs/dx/claude-code-guide.md +213 -0
icdev/data/docs/dx/companion-guide.md +232 -0
icdev/data/docs/dx/dev-profiles.md +309 -0
icdev/data/docs/dx/icdev-yaml-spec.md +219 -0
icdev/data/docs/dx/integration-tiers.md +279 -0
icdev/data/docs/dx/llm-routing-guide.md +456 -0
icdev/data/docs/dx/quickstart.md +192 -0
icdev/data/docs/dx/sdk-reference.md +356 -0
icdev/data/docs/dx/unified-mcp-setup.md +525 -0
icdev/data/docs/features/__init__.py +1 -0
icdev/data/docs/features/phase-01-gotcha-framework.md +249 -0
icdev/data/docs/features/phase-02-atlas-build-workflow.md +223 -0
icdev/data/docs/features/phase-03-tdd-bdd-testing.md +261 -0
icdev/data/docs/features/phase-04-nist-compliance.md +255 -0
icdev/data/docs/features/phase-05-security-scanning.md +229 -0
icdev/data/docs/features/phase-06-infrastructure-deployment.md +288 -0
icdev/data/docs/features/phase-07-code-review-gates.md +276 -0
icdev/data/docs/features/phase-08-self-healing.md +223 -0
icdev/data/docs/features/phase-09-monitoring-observability.md +230 -0
icdev/data/docs/features/phase-10-dashboard-web-ui.md +218 -0
icdev/data/docs/features/phase-11-multi-agent-architecture.md +272 -0
icdev/data/docs/features/phase-12-integration-testing.md +228 -0
icdev/data/docs/features/phase-13-cicd-integration.md +257 -0
icdev/data/docs/features/phase-14-secure-by-design-ivv.md +240 -0
icdev/data/docs/features/phase-15-maintenance-audit.md +192 -0
icdev/data/docs/features/phase-16-ato-acceleration.md +228 -0
icdev/data/docs/features/phase-17-multi-framework-compliance.md +223 -0
icdev/data/docs/features/phase-18-mbse-integration.md +242 -0
icdev/data/docs/features/phase-19-agentic-generation.md +202 -0
icdev/data/docs/features/phase-20-fips-security-categorization.md +198 -0
icdev/data/docs/features/phase-21-saas-multi-tenancy.md +273 -0
icdev/data/docs/features/phase-22-federated-gotcha-marketplace.md +242 -0
icdev/data/docs/features/phase-23-universal-compliance-platform.md +238 -0
icdev/data/docs/features/phase-24-devsecops-pipeline-security.md +198 -0
icdev/data/docs/features/phase-25-zero-trust-architecture.md +220 -0
icdev/data/docs/features/phase-26-dod-mosa.md +205 -0
icdev/data/docs/features/phase-27-cli-capabilities.md +222 -0
icdev/data/docs/features/phase-28-remote-command-gateway.md +235 -0
icdev/data/docs/features/phase-29-proactive-monitoring.md +212 -0
icdev/data/docs/features/phase-30-dashboard-auth.md +215 -0
icdev/data/docs/features/phase-31-dashboard-ux-low-impact.md +188 -0
icdev/data/docs/features/phase-32-dashboard-ux-medium-impact.md +223 -0
icdev/data/docs/features/phase-33-modular-installation.md +218 -0
icdev/data/docs/features/phase-34-dev-profiles.md +239 -0
icdev/data/docs/features/phase-35-innovation-engine.md +257 -0
icdev/data/docs/features/phase-36-evolutionary-intelligence.md +351 -0
icdev/data/docs/features/phase-37-mitre-atlas-integration.md +485 -0
icdev/data/docs/features/phase-38-cloud-agnostic-architecture.md +1033 -0
icdev/data/docs/features/phase-39-observability-operations.md +178 -0
icdev/data/docs/features/phase-40-nlq-compliance-queries.md +176 -0
icdev/data/docs/features/phase-41-parallel-cicd.md +169 -0
icdev/data/docs/features/phase-42-framework-planning.md +177 -0
icdev/data/docs/features/phase-43-cross-language-translation.md +225 -0
icdev/data/docs/features/phase-44-innovation-adaptation.md +227 -0
icdev/data/docs/features/phase-45-owasp-agentic-security.md +239 -0
icdev/data/docs/features/phase-46-observability-traceability-xai.md +240 -0
icdev/data/docs/features/phase-47-unified-mcp-gateway.md +257 -0
icdev/data/docs/features/phase-48-ai-transparency.md +203 -0
icdev/data/docs/features/phase-49-ai-accountability.md +243 -0
icdev/data/docs/features/phase-50-ai-governance-intake-chat.md +195 -0
icdev/data/docs/features/phase-51-unified-chat-dashboard.md +240 -0
icdev/data/docs/features/phase-52-code-intelligence.md +244 -0
icdev/data/docs/features/phase-53-fedramp-20x-owasp-asi.md +359 -0
icdev/data/docs/features/phase-54-slsa-swft-orchestration.md +379 -0
icdev/data/docs/features/phase-55-a2a-v03-mcp-oauth.md +322 -0
icdev/data/docs/features/phase-56-evidence-lineage.md +352 -0
icdev/data/docs/features/phase-57-eu-ai-act-iron-bank.md +319 -0
icdev/data/docs/features/phase-58-creative-engine.md +370 -0
icdev/data/docs/features/phase-59-govcon-intelligence.md +535 -0
icdev/data/docs/features/phase-60-cpmp.md +528 -0
icdev/data/docs/features/phase-61-orchestration-improvements.md +534 -0
icdev/data/docs/operations/dashboard-guide.md +354 -0
icdev/data/docs/operations/deployment-guide.md +556 -0
icdev/data/docs/operations/saas-admin-guide.md +439 -0
icdev/data/docs/operations/security-operations-guide.md +733 -0
icdev/data/docs/runbooks/backup-restore.md +412 -0
icdev/data/docs/runbooks/troubleshooting.md +499 -0
icdev/data/features/__init__.py +1 -0
icdev/data/features/cicd_integration.feature +41 -0
icdev/data/features/compliance_gates.feature +46 -0
icdev/data/features/dashboard.feature +72 -0
icdev/data/features/environment.py +25 -0
icdev/data/features/project_management.feature +32 -0
icdev/data/features/requirements_intake.feature +42 -0
icdev/data/features/saas_platform.feature +53 -0
icdev/data/features/security_scanning.feature +36 -0
icdev/data/features/steps/__init__.py +1 -0
icdev/data/features/steps/cicd_steps.py +465 -0
icdev/data/features/steps/compliance_steps.py +308 -0
icdev/data/features/steps/dashboard_steps.py +88 -0
icdev/data/features/steps/project_steps.py +126 -0
icdev/data/features/steps/requirements_intake_steps.py +689 -0
icdev/data/features/steps/saas_platform_steps.py +572 -0
icdev/data/features/steps/security_steps.py +236 -0
icdev/data/features/steps/testing_steps.py +226 -0
icdev/data/features/testing_pipeline.feature +42 -0
icdev/data/goals/__init__.py +1 -0
icdev/data/goals/agent_management.md +144 -0
icdev/data/goals/agentic_generation.md +345 -0
icdev/data/goals/agentic_threat_model.md +309 -0
icdev/data/goals/ai_accountability.md +90 -0
icdev/data/goals/ai_governance_intake.md +132 -0
icdev/data/goals/ai_transparency.md +76 -0
icdev/data/goals/atlas_integration.md +405 -0
icdev/data/goals/ato_acceleration.md +139 -0
icdev/data/goals/boundary_supply_chain.md +206 -0
icdev/data/goals/build_app.md +544 -0
icdev/data/goals/cicd_integration.md +86 -0
icdev/data/goals/claude_dir_maintenance.md +77 -0
icdev/data/goals/cli_capabilities.md +340 -0
icdev/data/goals/cloud_agnostic.md +312 -0
icdev/data/goals/code_intelligence.md +197 -0
icdev/data/goals/code_review.md +94 -0
icdev/data/goals/compliance_workflow.md +858 -0
icdev/data/goals/continuous_harmonization.md +140 -0
icdev/data/goals/cross_language_translation.md +171 -0
icdev/data/goals/dashboard.md +142 -0
icdev/data/goals/deploy_workflow.md +390 -0
icdev/data/goals/devsecops_workflow.md +408 -0
icdev/data/goals/evolutionary_intelligence.md +305 -0
icdev/data/goals/external_integration.md +113 -0
icdev/data/goals/framework_planning.md +63 -0
icdev/data/goals/init_project.md +235 -0
icdev/data/goals/innovation_engine.md +199 -0
icdev/data/goals/integration_testing.md +189 -0
icdev/data/goals/maintenance_audit.md +196 -0
icdev/data/goals/manifest.md +56 -0
icdev/data/goals/mbse_integration.md +504 -0
icdev/data/goals/modernization_workflow.md +618 -0
icdev/data/goals/monitoring.md +126 -0
icdev/data/goals/mosa_workflow.md +463 -0
icdev/data/goals/multi_agent_orchestration.md +68 -0
icdev/data/goals/nlq_compliance.md +63 -0
icdev/data/goals/observability.md +64 -0
icdev/data/goals/observability_traceability_xai.md +154 -0
icdev/data/goals/owasp_agentic_security.md +395 -0
icdev/data/goals/parallel_cicd.md +61 -0
icdev/data/goals/requirements_intake.md +213 -0
icdev/data/goals/sbd_ivv_workflow.md +195 -0
icdev/data/goals/security_categorization.md +133 -0
icdev/data/goals/security_scan.md +381 -0
icdev/data/goals/self_healing.md +120 -0
icdev/data/goals/simulation_engine.md +111 -0
icdev/data/goals/tdd_workflow.md +403 -0
icdev/data/goals/zero_trust_architecture.md +403 -0
icdev/data/hardprompts/__init__.py +1 -0
icdev/data/hardprompts/agent/__init__.py +1 -0
icdev/data/hardprompts/agent/agentic_architect.md +100 -0
icdev/data/hardprompts/agent/debate_prompt.md +32 -0
icdev/data/hardprompts/agent/fitness_evaluation.md +48 -0
icdev/data/hardprompts/agent/governance_review.md +214 -0
icdev/data/hardprompts/agent/reviewer_prompt.md +34 -0
icdev/data/hardprompts/agent/skill_design.md +172 -0
icdev/data/hardprompts/agent/task_decomposition.md +275 -0
icdev/data/hardprompts/agent/veto_check_prompt.md +33 -0
icdev/data/hardprompts/architect/__init__.py +1 -0
icdev/data/hardprompts/architect/api_design.md +283 -0
icdev/data/hardprompts/architect/data_model.md +277 -0
icdev/data/hardprompts/architect/system_design.md +180 -0
icdev/data/hardprompts/builder/__init__.py +1 -0
icdev/data/hardprompts/builder/code_generation.md +59 -0
icdev/data/hardprompts/builder/refactor.md +58 -0
icdev/data/hardprompts/builder/scaffold_project.md +69 -0
icdev/data/hardprompts/builder/test_generation.md +87 -0
icdev/data/hardprompts/ci/__init__.py +1 -0
icdev/data/hardprompts/ci/worktree_setup.md +35 -0
icdev/data/hardprompts/compliance/__init__.py +1 -0
icdev/data/hardprompts/compliance/cmmc_assessment.md +63 -0
icdev/data/hardprompts/compliance/cssp_assessment.md +75 -0
icdev/data/hardprompts/compliance/cui_marking.md +86 -0
icdev/data/hardprompts/compliance/fedramp_assessment.md +55 -0
icdev/data/hardprompts/compliance/ivv_assessment.md +96 -0
icdev/data/hardprompts/compliance/poam_generation.md +57 -0
icdev/data/hardprompts/compliance/sbd_assessment.md +101 -0
icdev/data/hardprompts/compliance/security_categorization.md +74 -0
icdev/data/hardprompts/compliance/ssp_generation.md +56 -0
icdev/data/hardprompts/compliance/stig_evaluation.md +63 -0
icdev/data/hardprompts/dashboard/__init__.py +1 -0
icdev/data/hardprompts/dashboard/nlq_system_prompt.md +26 -0
icdev/data/hardprompts/infra/__init__.py +1 -0
icdev/data/hardprompts/infra/k8s_manifests.md +118 -0
icdev/data/hardprompts/infra/pipeline_generation.md +160 -0
icdev/data/hardprompts/infra/terraform_generation.md +92 -0
icdev/data/hardprompts/integration/__init__.py +1 -0
icdev/data/hardprompts/integration/approval_review.md +17 -0
icdev/data/hardprompts/integration/jira_mapping.md +25 -0
icdev/data/hardprompts/integration/servicenow_mapping.md +14 -0
icdev/data/hardprompts/knowledge/__init__.py +1 -0
icdev/data/hardprompts/knowledge/pattern_detection.md +73 -0
icdev/data/hardprompts/knowledge/recommendation_engine.md +90 -0
icdev/data/hardprompts/knowledge/root_cause_analysis.md +91 -0
icdev/data/hardprompts/maintenance/__init__.py +1 -0
icdev/data/hardprompts/maintenance/maintenance_assessment.md +82 -0
icdev/data/hardprompts/mbse/__init__.py +1 -0
icdev/data/hardprompts/mbse/digital_thread.md +67 -0
icdev/data/hardprompts/mbse/model_import.md +62 -0
icdev/data/hardprompts/mbse/model_to_code.md +65 -0
icdev/data/hardprompts/modernization/__init__.py +1 -0
icdev/data/hardprompts/modernization/legacy_analysis.md +93 -0
icdev/data/hardprompts/modernization/migration_planning.md +150 -0
icdev/data/hardprompts/modernization/seven_r_assessment.md +107 -0
icdev/data/hardprompts/requirements/__init__.py +1 -0
icdev/data/hardprompts/requirements/bdd_generation.md +35 -0
icdev/data/hardprompts/requirements/clarification_prioritization.md +29 -0
icdev/data/hardprompts/requirements/decomposition.md +60 -0
icdev/data/hardprompts/requirements/document_extraction.md +45 -0
icdev/data/hardprompts/requirements/gap_detection.md +70 -0
icdev/data/hardprompts/requirements/intake_conversation.md +101 -0
icdev/data/hardprompts/requirements/readiness_assessment.md +39 -0
icdev/data/hardprompts/requirements/spec_quality.md +33 -0
icdev/data/hardprompts/requirements/traceability_analysis.md +23 -0
icdev/data/hardprompts/security/__init__.py +1 -0
icdev/data/hardprompts/security/endpoint_security.md +78 -0
icdev/data/hardprompts/security/threat_model.md +70 -0
icdev/data/hardprompts/security/vulnerability_assessment.md +81 -0
icdev/data/hardprompts/simulation/__init__.py +1 -0
icdev/data/hardprompts/simulation/architecture_impact.md +27 -0
icdev/data/hardprompts/simulation/coa_alternative.md +27 -0
icdev/data/hardprompts/simulation/coa_generation.md +25 -0
icdev/data/hardprompts/simulation/compliance_impact.md +28 -0
icdev/data/hardprompts/simulation/cost_estimation.md +33 -0
icdev/data/hardprompts/simulation/risk_assessment.md +28 -0
icdev/data/hardprompts/translation/code_translation.md +68 -0
icdev/data/hardprompts/translation/dependency_suggestion.md +44 -0
icdev/data/hardprompts/translation/test_translation.md +64 -0
icdev/data/hardprompts/translation/translation_repair.md +59 -0
icdev/py.typed +0 -0
icdev/tools/__init__.py +1 -0
icdev/tools/_gen_formatter.py +12 -0
icdev/tools/a2a/__init__.py +1 -0
icdev/tools/a2a/agent_cards/architect.json +43 -0
icdev/tools/a2a/agent_cards/builder.json +50 -0
icdev/tools/a2a/agent_cards/compliance.json +57 -0
icdev/tools/a2a/agent_cards/devsecops.json +71 -0
icdev/tools/a2a/agent_cards/infra.json +57 -0
icdev/tools/a2a/agent_cards/integration.json +57 -0
icdev/tools/a2a/agent_cards/knowledge.json +43 -0
icdev/tools/a2a/agent_cards/mbse.json +57 -0
icdev/tools/a2a/agent_cards/modernization.json +50 -0
icdev/tools/a2a/agent_cards/monitor.json +43 -0
icdev/tools/a2a/agent_cards/orchestrator.json +36 -0
icdev/tools/a2a/agent_cards/requirements_analyst.json +64 -0
icdev/tools/a2a/agent_cards/security.json +50 -0
icdev/tools/a2a/agent_cards/simulation.json +57 -0
icdev/tools/a2a/agent_cards/supply_chain.json +50 -0
icdev/tools/a2a/agent_client.py +349 -0
icdev/tools/a2a/agent_registry.py +412 -0
icdev/tools/a2a/agent_server.py +579 -0
icdev/tools/a2a/task.py +200 -0
icdev/tools/agent/__init__.py +2 -0
icdev/tools/agent/a2a_agent_card_generator.py +285 -0
icdev/tools/agent/a2a_discovery_server.py +250 -0
icdev/tools/agent/agent_executor.py +529 -0
icdev/tools/agent/agent_memory.py +557 -0
icdev/tools/agent/agent_models.py +51 -0
icdev/tools/agent/atlas_critique.py +908 -0
icdev/tools/agent/authority.py +443 -0
icdev/tools/agent/bedrock_client.py +1075 -0
icdev/tools/agent/collaboration.py +871 -0
icdev/tools/agent/dispatcher_mode.py +665 -0
icdev/tools/agent/mailbox.py +575 -0
icdev/tools/agent/prompt_chain_executor.py +1064 -0
icdev/tools/agent/session_purpose.py +350 -0
icdev/tools/agent/skill_router.py +638 -0
icdev/tools/agent/skill_selector.py +486 -0
icdev/tools/agent/team_orchestrator.py +1108 -0
icdev/tools/agent/token_tracker.py +290 -0
icdev/tools/analysis/__init__.py +1 -0
icdev/tools/analysis/code_analyzer.py +780 -0
icdev/tools/analysis/runtime_feedback.py +389 -0
icdev/tools/audit/__init__.py +1 -0
icdev/tools/audit/audit_logger.py +196 -0
icdev/tools/audit/audit_query.py +157 -0
icdev/tools/audit/decision_recorder.py +72 -0
icdev/tools/builder/__init__.py +1 -0
icdev/tools/builder/agentic_fitness.py +534 -0
icdev/tools/builder/agentic_test_templates/test_a2a_callback.py +117 -0
icdev/tools/builder/agentic_test_templates/test_a2a_lifecycle.feature +52 -0
icdev/tools/builder/agentic_test_templates/test_agent_card.feature +37 -0
icdev/tools/builder/agentic_test_templates/test_agent_health.py +128 -0
icdev/tools/builder/agentic_test_templates/test_memory_system.feature +50 -0
icdev/tools/builder/agentic_test_templates/test_skill_execution.feature +40 -0
icdev/tools/builder/app_blueprint.py +1583 -0
icdev/tools/builder/child_app_generator.py +2852 -0
icdev/tools/builder/claude_md_generator.py +1734 -0
icdev/tools/builder/code_generator.py +3703 -0
icdev/tools/builder/db_init_generator.py +1709 -0
icdev/tools/builder/dev_profile_manager.py +954 -0
icdev/tools/builder/formatter.py +768 -0
icdev/tools/builder/goal_adapter.py +592 -0
icdev/tools/builder/gotcha_validator.py +812 -0
icdev/tools/builder/language_support.py +441 -0
icdev/tools/builder/linter.py +976 -0
icdev/tools/builder/profile_detector.py +657 -0
icdev/tools/builder/profile_md_generator.py +723 -0
icdev/tools/builder/scaffolder.py +1590 -0
icdev/tools/builder/scaffolder_extended.py +1771 -0
icdev/tools/builder/test_writer.py +950 -0
icdev/tools/ci/__init__.py +2 -0
icdev/tools/ci/connectors/__init__.py +2 -0
icdev/tools/ci/connectors/base_connector.py +80 -0
icdev/tools/ci/connectors/connector_registry.py +188 -0
icdev/tools/ci/connectors/mattermost_connector.py +159 -0
icdev/tools/ci/connectors/slack_connector.py +197 -0
icdev/tools/ci/core/__init__.py +2 -0
icdev/tools/ci/core/air_gap_detector.py +115 -0
icdev/tools/ci/core/comment_handler.py +192 -0
icdev/tools/ci/core/conversation_manager.py +479 -0
icdev/tools/ci/core/event_envelope.py +500 -0
icdev/tools/ci/core/event_router.py +443 -0
icdev/tools/ci/core/failure_parser.py +397 -0
icdev/tools/ci/core/recovery_engine.py +527 -0
icdev/tools/ci/modules/__init__.py +2 -0
icdev/tools/ci/modules/agent.py +271 -0
icdev/tools/ci/modules/git_ops.py +175 -0
icdev/tools/ci/modules/state.py +117 -0
icdev/tools/ci/modules/vcs.py +303 -0
icdev/tools/ci/modules/workflow_ops.py +295 -0
icdev/tools/ci/modules/worktree.py +340 -0
icdev/tools/ci/pipeline_config_generator.py +558 -0
icdev/tools/ci/triggers/__init__.py +2 -0
icdev/tools/ci/triggers/gitlab_task_monitor.py +330 -0
icdev/tools/ci/triggers/poll_trigger.py +237 -0
icdev/tools/ci/triggers/webhook_server.py +356 -0
icdev/tools/ci/workflows/__init__.py +2 -0
icdev/tools/ci/workflows/icdev_build.py +140 -0
icdev/tools/ci/workflows/icdev_comply.py +284 -0
icdev/tools/ci/workflows/icdev_document.py +152 -0
icdev/tools/ci/workflows/icdev_e2e.py +188 -0
icdev/tools/ci/workflows/icdev_patch.py +186 -0
icdev/tools/ci/workflows/icdev_plan.py +202 -0
icdev/tools/ci/workflows/icdev_plan_build.py +41 -0
icdev/tools/ci/workflows/icdev_plan_build_test.py +46 -0
icdev/tools/ci/workflows/icdev_plan_build_test_review.py +47 -0
icdev/tools/ci/workflows/icdev_review.py +126 -0
icdev/tools/ci/workflows/icdev_sdlc.py +261 -0
icdev/tools/ci/workflows/icdev_test.py +240 -0
icdev/tools/cli/__init__.py +1 -0
icdev/tools/cli/output_formatter.py +756 -0
icdev/tools/cli_formatter.py +42 -0
icdev/tools/cloud/__init__.py +11 -0
icdev/tools/cloud/cloud_mode_manager.py +364 -0
icdev/tools/cloud/csp_changelog.py +383 -0
icdev/tools/cloud/csp_health_checker.py +268 -0
icdev/tools/cloud/csp_monitor.py +951 -0
icdev/tools/cloud/iam_provider.py +593 -0
icdev/tools/cloud/kms_provider.py +346 -0
icdev/tools/cloud/monitoring_provider.py +628 -0
icdev/tools/cloud/provider_factory.py +376 -0
icdev/tools/cloud/region_validator.py +345 -0
icdev/tools/cloud/registry_provider.py +563 -0
icdev/tools/cloud/secrets_provider.py +486 -0
icdev/tools/cloud/storage_provider.py +446 -0
icdev/tools/compat/__init__.py +21 -0
icdev/tools/compat/cli_harmonizer.py +251 -0
icdev/tools/compat/datetime_utils.py +18 -0
icdev/tools/compat/db_utils.py +160 -0
icdev/tools/compat/platform_utils.py +123 -0
icdev/tools/compliance/__init__.py +1 -0
icdev/tools/compliance/accountability_manager.py +397 -0
icdev/tools/compliance/ai_accountability_audit.py +294 -0
icdev/tools/compliance/ai_impact_assessor.py +273 -0
icdev/tools/compliance/ai_incident_response.py +301 -0
icdev/tools/compliance/ai_inventory_manager.py +239 -0
icdev/tools/compliance/ai_reassessment_scheduler.py +256 -0
icdev/tools/compliance/ai_transparency_audit.py +248 -0
icdev/tools/compliance/atlas_assessor.py +278 -0
icdev/tools/compliance/atlas_report_generator.py +1211 -0
icdev/tools/compliance/base_assessor.py +597 -0
icdev/tools/compliance/cato_monitor.py +1385 -0
icdev/tools/compliance/cato_scheduler.py +699 -0
icdev/tools/compliance/cjis_assessor.py +76 -0
icdev/tools/compliance/classification_manager.py +1353 -0
icdev/tools/compliance/cmmc_assessor.py +1491 -0
icdev/tools/compliance/cmmc_report_generator.py +1100 -0
icdev/tools/compliance/compliance_detector.py +463 -0
icdev/tools/compliance/compliance_exporter.py +427 -0
icdev/tools/compliance/compliance_status.py +825 -0
icdev/tools/compliance/control_mapper.py +505 -0
icdev/tools/compliance/crosswalk_engine.py +1203 -0
icdev/tools/compliance/cssp_assessor.py +1045 -0
icdev/tools/compliance/cssp_evidence_collector.py +729 -0
icdev/tools/compliance/cssp_report_generator.py +1116 -0
icdev/tools/compliance/cui_marker.py +388 -0
icdev/tools/compliance/diagram_validator.py +600 -0
icdev/tools/compliance/emass/__init__.py +2 -0
icdev/tools/compliance/emass/emass_client.py +840 -0
icdev/tools/compliance/emass/emass_export.py +777 -0
icdev/tools/compliance/emass/emass_sync.py +826 -0
icdev/tools/compliance/eu_ai_act_classifier.py +194 -0
icdev/tools/compliance/evidence_collector.py +468 -0
icdev/tools/compliance/fairness_assessor.py +316 -0
icdev/tools/compliance/fedramp_assessor.py +1808 -0
icdev/tools/compliance/fedramp_authorization_packager.py +137 -0
icdev/tools/compliance/fedramp_ksi_generator.py +355 -0
icdev/tools/compliance/fedramp_report_generator.py +1128 -0
icdev/tools/compliance/fips199_categorizer.py +881 -0
icdev/tools/compliance/fips200_validator.py +315 -0
icdev/tools/compliance/gao_ai_assessor.py +231 -0
icdev/tools/compliance/gao_evidence_builder.py +308 -0
icdev/tools/compliance/hipaa_assessor.py +78 -0
icdev/tools/compliance/hitrust_assessor.py +49 -0
icdev/tools/compliance/incident_response_plan.py +718 -0
icdev/tools/compliance/iso27001_assessor.py +92 -0
icdev/tools/compliance/iso42001_assessor.py +114 -0
icdev/tools/compliance/ivv_assessor.py +2327 -0
icdev/tools/compliance/ivv_report_generator.py +1662 -0
icdev/tools/compliance/model_card_generator.py +297 -0
icdev/tools/compliance/mosa_assessor.py +117 -0
icdev/tools/compliance/multi_regime_assessor.py +451 -0
icdev/tools/compliance/narrative_generator.py +1013 -0
icdev/tools/compliance/nist_800_207_assessor.py +191 -0
icdev/tools/compliance/nist_ai_600_1_assessor.py +188 -0
icdev/tools/compliance/nist_ai_rmf_assessor.py +110 -0
icdev/tools/compliance/nist_lookup.py +245 -0
icdev/tools/compliance/omb_m25_21_assessor.py +228 -0
icdev/tools/compliance/omb_m26_04_assessor.py +188 -0
icdev/tools/compliance/oscal_catalog_adapter.py +395 -0
icdev/tools/compliance/oscal_generator.py +2170 -0
icdev/tools/compliance/oscal_tools.py +1182 -0
icdev/tools/compliance/owasp_agentic_assessor.py +226 -0
icdev/tools/compliance/owasp_asi_assessor.py +200 -0
icdev/tools/compliance/owasp_llm_assessor.py +244 -0
icdev/tools/compliance/pci_dss_assessor.py +80 -0
icdev/tools/compliance/pi_compliance_tracker.py +1461 -0
icdev/tools/compliance/poam_generator.py +405 -0
icdev/tools/compliance/resolve_marking.py +283 -0
icdev/tools/compliance/sbd_assessor.py +2068 -0
icdev/tools/compliance/sbd_report_generator.py +1236 -0
icdev/tools/compliance/sbom_generator.py +1008 -0
icdev/tools/compliance/siem_config_generator.py +674 -0
icdev/tools/compliance/slsa_attestation_generator.py +490 -0
icdev/tools/compliance/soc2_assessor.py +77 -0
icdev/tools/compliance/ssp_generator.py +573 -0
icdev/tools/compliance/stig_checker.py +727 -0
icdev/tools/compliance/swft_evidence_bundler.py +337 -0
icdev/tools/compliance/system_card_generator.py +309 -0
icdev/tools/compliance/traceability_matrix.py +1281 -0
icdev/tools/compliance/universal_classification_manager.py +1172 -0
icdev/tools/compliance/xacta/__init__.py +2 -0
icdev/tools/compliance/xacta/xacta_client.py +449 -0
icdev/tools/compliance/xacta/xacta_export.py +557 -0
icdev/tools/compliance/xacta/xacta_sync.py +333 -0
icdev/tools/compliance/xai_assessor.py +231 -0
icdev/tools/dashboard/__init__.py +1 -0
icdev/tools/dashboard/api/__init__.py +1 -0
icdev/tools/dashboard/api/_pipeline_state.py +17 -0
icdev/tools/dashboard/api/activity.py +206 -0
icdev/tools/dashboard/api/admin.py +176 -0
icdev/tools/dashboard/api/agents.py +53 -0
icdev/tools/dashboard/api/ai_accountability.py +163 -0
icdev/tools/dashboard/api/ai_transparency.py +198 -0
icdev/tools/dashboard/api/audit.py +58 -0
icdev/tools/dashboard/api/batch.py +666 -0
icdev/tools/dashboard/api/chat.py +241 -0
icdev/tools/dashboard/api/cicd.py +219 -0
icdev/tools/dashboard/api/code_quality.py +223 -0
icdev/tools/dashboard/api/compliance.py +171 -0
icdev/tools/dashboard/api/cpmp.py +915 -0
icdev/tools/dashboard/api/diagrams.py +65 -0
icdev/tools/dashboard/api/events.py +250 -0
icdev/tools/dashboard/api/evidence.py +99 -0
icdev/tools/dashboard/api/fedramp_20x.py +77 -0
icdev/tools/dashboard/api/govcon.py +1095 -0
icdev/tools/dashboard/api/intake.py +1171 -0
icdev/tools/dashboard/api/lineage.py +163 -0
icdev/tools/dashboard/api/metrics.py +155 -0
icdev/tools/dashboard/api/nlq.py +72 -0
icdev/tools/dashboard/api/orchestration.py +472 -0
icdev/tools/dashboard/api/oscal.py +183 -0
icdev/tools/dashboard/api/prod_audit.py +183 -0
icdev/tools/dashboard/api/projects.py +191 -0
icdev/tools/dashboard/api/proposals.py +1084 -0
icdev/tools/dashboard/api/traces.py +363 -0
icdev/tools/dashboard/api/usage.py +234 -0
icdev/tools/dashboard/app.py +1986 -0
icdev/tools/dashboard/auth.py +500 -0
icdev/tools/dashboard/byok.py +245 -0
icdev/tools/dashboard/chat_manager.py +675 -0
icdev/tools/dashboard/config.py +116 -0
icdev/tools/dashboard/diagram_definitions.py +642 -0
icdev/tools/dashboard/nlq_processor.py +323 -0
icdev/tools/dashboard/phase_loader.py +136 -0
icdev/tools/dashboard/sse_manager.py +89 -0
icdev/tools/dashboard/state_tracker.py +267 -0
icdev/tools/dashboard/static/css/style.css +706 -0
icdev/tools/dashboard/static/css/ux.css +2047 -0
icdev/tools/dashboard/static/js/activity.js +322 -0
icdev/tools/dashboard/static/js/api.js +161 -0
icdev/tools/dashboard/static/js/batch.js +814 -0
icdev/tools/dashboard/static/js/charts.js +618 -0
icdev/tools/dashboard/static/js/chat.js +1514 -0
icdev/tools/dashboard/static/js/kanban.js +113 -0
icdev/tools/dashboard/static/js/live.js +569 -0
icdev/tools/dashboard/static/js/mermaid-icdev.js +332 -0
icdev/tools/dashboard/static/js/proposals.js +588 -0
icdev/tools/dashboard/static/js/shortcuts.js +544 -0
icdev/tools/dashboard/static/js/tables.js +652 -0
icdev/tools/dashboard/static/js/tour.js +524 -0
icdev/tools/dashboard/static/js/ux.js +942 -0
icdev/tools/dashboard/templates/404.html +10 -0
icdev/tools/dashboard/templates/activity.html +80 -0
icdev/tools/dashboard/templates/admin/users.html +144 -0
icdev/tools/dashboard/templates/ai_accountability.html +235 -0
icdev/tools/dashboard/templates/ai_transparency.html +263 -0
icdev/tools/dashboard/templates/base.html +104 -0
icdev/tools/dashboard/templates/batch.html +23 -0
icdev/tools/dashboard/templates/chat.html +332 -0
icdev/tools/dashboard/templates/children.html +149 -0
icdev/tools/dashboard/templates/cicd.html +253 -0
icdev/tools/dashboard/templates/code_quality.html +214 -0
icdev/tools/dashboard/templates/cpmp/cor_detail.html +220 -0
icdev/tools/dashboard/templates/cpmp/cor_portal.html +91 -0
icdev/tools/dashboard/templates/cpmp/deliverable_detail.html +197 -0
icdev/tools/dashboard/templates/cpmp/detail.html +578 -0
icdev/tools/dashboard/templates/cpmp/portfolio.html +202 -0
icdev/tools/dashboard/templates/dev_profiles.html +304 -0
icdev/tools/dashboard/templates/diagrams.html +224 -0
icdev/tools/dashboard/templates/events/timeline.html +232 -0
icdev/tools/dashboard/templates/evidence.html +134 -0
icdev/tools/dashboard/templates/fedramp_20x.html +207 -0
icdev/tools/dashboard/templates/gateway.html +244 -0
icdev/tools/dashboard/templates/govcon/capabilities.html +135 -0
icdev/tools/dashboard/templates/govcon/pipeline.html +214 -0
icdev/tools/dashboard/templates/govcon/requirements.html +120 -0
icdev/tools/dashboard/templates/index.html +254 -0
icdev/tools/dashboard/templates/lineage.html +141 -0
icdev/tools/dashboard/templates/login.html +51 -0
icdev/tools/dashboard/templates/monitoring/overview.html +193 -0
icdev/tools/dashboard/templates/orchestration/dashboard.html +545 -0
icdev/tools/dashboard/templates/oscal.html +263 -0
icdev/tools/dashboard/templates/phases.html +150 -0
icdev/tools/dashboard/templates/prod_audit.html +280 -0
icdev/tools/dashboard/templates/profile.html +183 -0
icdev/tools/dashboard/templates/projects/detail.html +583 -0
icdev/tools/dashboard/templates/projects/list.html +47 -0
icdev/tools/dashboard/templates/proposals/detail.html +1253 -0
icdev/tools/dashboard/templates/proposals/list.html +179 -0
icdev/tools/dashboard/templates/proposals/section_detail.html +193 -0
icdev/tools/dashboard/templates/provenance.html +181 -0
icdev/tools/dashboard/templates/query/nlq.html +234 -0
icdev/tools/dashboard/templates/quick_paths.html +69 -0
icdev/tools/dashboard/templates/traces.html +155 -0
icdev/tools/dashboard/templates/translation_detail.html +199 -0
icdev/tools/dashboard/templates/translations.html +162 -0
icdev/tools/dashboard/templates/usage.html +225 -0
icdev/tools/dashboard/templates/wizard.html +539 -0
icdev/tools/dashboard/templates/xai.html +208 -0
icdev/tools/dashboard/ux_helpers.py +962 -0
icdev/tools/dashboard/websocket.py +81 -0
icdev/tools/db/__init__.py +1 -0
icdev/tools/db/backup.py +312 -0
icdev/tools/db/backup_manager.py +832 -0
icdev/tools/db/init_icdev_db.py +5900 -0
icdev/tools/db/migrate.py +178 -0
icdev/tools/db/migration_runner.py +549 -0
icdev/tools/db/migrations/001_baseline/meta.json +9 -0
icdev/tools/db/migrations/001_baseline/up.py +68 -0
icdev/tools/db/migrations/002_memory_enhancements/down.sql +8 -0
icdev/tools/db/migrations/002_memory_enhancements/meta.json +9 -0
icdev/tools/db/migrations/002_memory_enhancements/up.py +118 -0
icdev/tools/db/migrations/003_dev_profiles/meta.json +8 -0
icdev/tools/db/migrations/003_dev_profiles/up.py +93 -0
icdev/tools/db/migrations/004_innovation_engine/down.py +19 -0
icdev/tools/db/migrations/004_innovation_engine/up.py +227 -0
icdev/tools/db/migrations/005_phase_37_ai_security/down.py +19 -0
icdev/tools/db/migrations/005_phase_37_ai_security/up.py +258 -0
icdev/tools/db/migrations/006_phase_36_evolution/down.py +21 -0
icdev/tools/db/migrations/006_phase_36_evolution/up.py +323 -0
icdev/tools/db/migrations/007_phase_38_cloud/down.py +14 -0
icdev/tools/db/migrations/007_phase_38_cloud/up.py +110 -0
icdev/tools/db/migrations/008_phase36_37_integration/up.py +55 -0
icdev/tools/db/migrations/__init__.py +2 -0
icdev/tools/devsecops/__init__.py +2 -0
icdev/tools/devsecops/attestation_manager.py +458 -0
icdev/tools/devsecops/network_segmentation_generator.py +614 -0
icdev/tools/devsecops/pdp_config_generator.py +1256 -0
icdev/tools/devsecops/pipeline_security_generator.py +484 -0
icdev/tools/devsecops/policy_generator.py +653 -0
icdev/tools/devsecops/profile_manager.py +388 -0
icdev/tools/devsecops/service_mesh_generator.py +1073 -0
icdev/tools/devsecops/zta_maturity_scorer.py +368 -0
icdev/tools/devsecops/zta_terraform_generator.py +1303 -0
icdev/tools/dx/__init__.py +3 -0
icdev/tools/dx/companion.py +266 -0
icdev/tools/dx/instruction_generator.py +753 -0
icdev/tools/dx/mcp_config_generator.py +282 -0
icdev/tools/dx/skill_translator.py +425 -0
icdev/tools/dx/tool_detector.py +144 -0
icdev/tools/extensions/__init__.py +21 -0
icdev/tools/extensions/builtins/010_ai_governance_chat.py +277 -0
icdev/tools/extensions/builtins/__init__.py +2 -0
icdev/tools/extensions/extension_manager.py +455 -0
icdev/tools/infra/__init__.py +1 -0
icdev/tools/infra/ansible_generator.py +869 -0
icdev/tools/infra/dockerfile_generator.py +361 -0
icdev/tools/infra/infra_status.py +393 -0
icdev/tools/infra/ironbank_metadata_generator.py +411 -0
icdev/tools/infra/k8s_generator.py +1002 -0
icdev/tools/infra/pipeline_generator.py +832 -0
icdev/tools/infra/rollback.py +400 -0
icdev/tools/infra/terraform_generator.py +1142 -0
icdev/tools/infra/terraform_generator_azure.py +1254 -0
icdev/tools/infra/terraform_generator_gcp.py +953 -0
icdev/tools/infra/terraform_generator_ibm.py +360 -0
icdev/tools/infra/terraform_generator_oci.py +919 -0
icdev/tools/infra/terraform_generator_onprem.py +319 -0
icdev/tools/innovation/__init__.py +8 -0
icdev/tools/innovation/competitive_intel.py +492 -0
icdev/tools/innovation/innovation_manager.py +681 -0
icdev/tools/innovation/introspective_analyzer.py +774 -0
icdev/tools/innovation/register_external_patterns.py +440 -0
icdev/tools/innovation/signal_ranker.py +1038 -0
icdev/tools/innovation/solution_generator.py +697 -0
icdev/tools/innovation/standards_monitor.py +466 -0
icdev/tools/innovation/trend_detector.py +1046 -0
icdev/tools/innovation/triage_engine.py +1149 -0
icdev/tools/innovation/web_scanner.py +894 -0
icdev/tools/installer/__init__.py +1 -0
icdev/tools/installer/compliance_configurator.py +637 -0
icdev/tools/installer/installer.py +1711 -0
icdev/tools/installer/module_registry.py +805 -0
icdev/tools/installer/platform_setup.py +961 -0
icdev/tools/integration/__init__.py +2 -0
icdev/tools/integration/approval_manager.py +561 -0
icdev/tools/integration/doors_exporter.py +627 -0
icdev/tools/integration/gitlab_connector.py +784 -0
icdev/tools/integration/jira_connector.py +774 -0
icdev/tools/integration/servicenow_connector.py +693 -0
icdev/tools/knowledge/__init__.py +1 -0
icdev/tools/knowledge/knowledge_ingest.py +293 -0
icdev/tools/knowledge/pattern_detector.py +693 -0
icdev/tools/knowledge/recommendation_engine.py +461 -0
icdev/tools/knowledge/self_heal_analyzer.py +504 -0
icdev/tools/llm/__init__.py +72 -0
icdev/tools/llm/anthropic_provider.py +170 -0
icdev/tools/llm/azure_openai_provider.py +338 -0
icdev/tools/llm/bedrock_provider.py +315 -0
icdev/tools/llm/embedding_provider.py +438 -0
icdev/tools/llm/gemini_provider.py +381 -0
icdev/tools/llm/ibm_watsonx_provider.py +232 -0
icdev/tools/llm/oci_genai_provider.py +462 -0
icdev/tools/llm/ollama_provider.py +340 -0
icdev/tools/llm/openai_provider.py +225 -0
icdev/tools/llm/provider.py +355 -0
icdev/tools/llm/provider_sdk.py +175 -0
icdev/tools/llm/router.py +780 -0
icdev/tools/llm/vertex_ai_provider.py +374 -0
icdev/tools/maintenance/__init__.py +2 -0
icdev/tools/maintenance/dependency_scanner.py +1030 -0
icdev/tools/maintenance/maintenance_auditor.py +815 -0
icdev/tools/maintenance/remediation_engine.py +966 -0
icdev/tools/maintenance/vulnerability_checker.py +987 -0
icdev/tools/mbse/__init__.py +3 -0
icdev/tools/mbse/des_assessor.py +1186 -0
icdev/tools/mbse/des_report_generator.py +800 -0
icdev/tools/mbse/diagram_extractor.py +811 -0
icdev/tools/mbse/digital_thread.py +1665 -0
icdev/tools/mbse/model_code_generator.py +1122 -0
icdev/tools/mbse/model_control_mapper.py +420 -0
icdev/tools/mbse/pi_model_tracker.py +1093 -0
icdev/tools/mbse/reqif_parser.py +1483 -0
icdev/tools/mbse/sync_engine.py +1805 -0
icdev/tools/mbse/xmi_parser.py +1573 -0
icdev/tools/mcp/__init__.py +1 -0
icdev/tools/mcp/base_server.py +535 -0
icdev/tools/mcp/builder_server.py +725 -0
icdev/tools/mcp/compliance_server.py +1407 -0
icdev/tools/mcp/context_indexer.py +199 -0
icdev/tools/mcp/context_server.py +305 -0
icdev/tools/mcp/core_server.py +679 -0
icdev/tools/mcp/devsecops_server.py +432 -0
icdev/tools/mcp/gap_handlers.py +1079 -0
icdev/tools/mcp/gateway_server.py +339 -0
icdev/tools/mcp/generate_registry.py +623 -0
icdev/tools/mcp/infra_server.py +264 -0
icdev/tools/mcp/innovation_server.py +316 -0
icdev/tools/mcp/integration_server.py +527 -0
icdev/tools/mcp/knowledge_server.py +429 -0
icdev/tools/mcp/maintenance_server.py +248 -0
icdev/tools/mcp/marketplace_server.py +499 -0
icdev/tools/mcp/mbse_server.py +398 -0
icdev/tools/mcp/modernization_server.py +496 -0
icdev/tools/mcp/observability_server.py +354 -0
icdev/tools/mcp/requirements_server.py +415 -0
icdev/tools/mcp/simulation_server.py +468 -0
icdev/tools/mcp/standalone/__init__.py +2 -0
icdev/tools/mcp/standalone/builder.py +59 -0
icdev/tools/mcp/standalone/compliance.py +59 -0
icdev/tools/mcp/standalone/core.py +59 -0
icdev/tools/mcp/standalone/knowledge.py +59 -0
icdev/tools/mcp/standalone/maintenance.py +59 -0
icdev/tools/mcp/supply_chain_server.py +476 -0
icdev/tools/mcp/tool_registry.py +2008 -0
icdev/tools/mcp/unified_server.py +158 -0
icdev/tools/memory/__init__.py +2 -0
icdev/tools/memory/auto_capture.py +347 -0
icdev/tools/memory/embed_memory.py +158 -0
icdev/tools/memory/history_compressor.py +334 -0
icdev/tools/memory/hybrid_search.py +236 -0
icdev/tools/memory/maintenance_cron.py +289 -0
icdev/tools/memory/memory_consolidation.py +444 -0
icdev/tools/memory/memory_db.py +133 -0
icdev/tools/memory/memory_read.py +102 -0
icdev/tools/memory/memory_write.py +222 -0
icdev/tools/memory/semantic_search.py +139 -0
icdev/tools/memory/time_decay.py +435 -0
icdev/tools/modernization/__init__.py +3 -0
icdev/tools/modernization/architecture_extractor.py +734 -0
icdev/tools/modernization/compliance_bridge.py +1499 -0
icdev/tools/modernization/db_migration_planner.py +1385 -0
icdev/tools/modernization/doc_generator.py +1428 -0
icdev/tools/modernization/framework_migrator.py +1525 -0
icdev/tools/modernization/legacy_analyzer.py +1948 -0
icdev/tools/modernization/migration_code_generator.py +1639 -0
icdev/tools/modernization/migration_report_generator.py +1653 -0
icdev/tools/modernization/migration_tracker.py +1726 -0
icdev/tools/modernization/monolith_decomposer.py +1508 -0
icdev/tools/modernization/seven_r_assessor.py +1658 -0
icdev/tools/modernization/strangler_fig_manager.py +1705 -0
icdev/tools/modernization/ui_analyzer.py +771 -0
icdev/tools/modernization/version_migrator.py +1392 -0
icdev/tools/monitor/__init__.py +1 -0
icdev/tools/monitor/alert_correlator.py +495 -0
icdev/tools/monitor/auto_resolver.py +612 -0
icdev/tools/monitor/health_checker.py +509 -0
icdev/tools/monitor/heartbeat_daemon.py +792 -0
icdev/tools/monitor/log_analyzer.py +516 -0
icdev/tools/monitor/metric_collector.py +496 -0
icdev/tools/mosa/__init__.py +10 -0
icdev/tools/mosa/icd_generator.py +370 -0
icdev/tools/mosa/modular_design_analyzer.py +683 -0
icdev/tools/mosa/mosa_code_enforcer.py +349 -0
icdev/tools/mosa/tsp_generator.py +265 -0
icdev/tools/observability/__init__.py +100 -0
icdev/tools/observability/genai_attributes.py +88 -0
icdev/tools/observability/instrumentation.py +140 -0
icdev/tools/observability/mlflow_exporter.py +194 -0
icdev/tools/observability/otel_tracer.py +168 -0
icdev/tools/observability/provenance/__init__.py +3 -0
icdev/tools/observability/provenance/prov_recorder.py +324 -0
icdev/tools/observability/shap/__init__.py +3 -0
icdev/tools/observability/shap/agent_shap.py +275 -0
icdev/tools/observability/sqlite_tracer.py +361 -0
icdev/tools/observability/trace_context.py +205 -0
icdev/tools/observability/tracer.py +230 -0
icdev/tools/orchestration/__init__.py +2 -0
icdev/tools/orchestration/workflow_composer.py +361 -0
icdev/tools/project/__init__.py +1 -0
icdev/tools/project/manifest_loader.py +418 -0
icdev/tools/project/project_create.py +350 -0
icdev/tools/project/project_list.py +174 -0
icdev/tools/project/project_scaffold.py +1715 -0
icdev/tools/project/project_status.py +479 -0
icdev/tools/project/session_context_builder.py +757 -0
icdev/tools/project/validate_manifest.py +55 -0
icdev/tools/registry/__init__.py +10 -0
icdev/tools/registry/absorption_engine.py +832 -0
icdev/tools/registry/capability_evaluator.py +668 -0
icdev/tools/registry/child_registry.py +617 -0
icdev/tools/registry/cross_pollinator.py +1065 -0
icdev/tools/registry/genome_manager.py +671 -0
icdev/tools/registry/learning_collector.py +912 -0
icdev/tools/registry/propagation_manager.py +942 -0
icdev/tools/registry/staging_manager.py +742 -0
icdev/tools/registry/telemetry_collector.py +423 -0
icdev/tools/requirements/__init__.py +1 -0
icdev/tools/requirements/ai_governance_scorer.py +208 -0
icdev/tools/requirements/boundary_analyzer.py +1293 -0
icdev/tools/requirements/clarification_engine.py +618 -0
icdev/tools/requirements/complexity_scorer.py +387 -0
icdev/tools/requirements/consistency_analyzer.py +803 -0
icdev/tools/requirements/constitution_manager.py +605 -0
icdev/tools/requirements/decomposition_engine.py +778 -0
icdev/tools/requirements/document_extractor.py +1016 -0
icdev/tools/requirements/elicitation_techniques.py +519 -0
icdev/tools/requirements/gap_detector.py +271 -0
icdev/tools/requirements/intake_engine.py +2188 -0
icdev/tools/requirements/prd_generator.py +847 -0
icdev/tools/requirements/prd_validator.py +595 -0
icdev/tools/requirements/readiness_scorer.py +313 -0
icdev/tools/requirements/spec_organizer.py +1029 -0
icdev/tools/requirements/spec_quality_checker.py +1097 -0
icdev/tools/requirements/traceability_builder.py +579 -0
icdev/tools/resilience/__init__.py +34 -0
icdev/tools/resilience/circuit_breaker.py +340 -0
icdev/tools/resilience/correlation.py +150 -0
icdev/tools/resilience/errors.py +81 -0
icdev/tools/resilience/retry.py +95 -0
icdev/tools/schemas/__init__.py +27 -0
icdev/tools/schemas/chat.py +61 -0
icdev/tools/schemas/compliance.py +56 -0
icdev/tools/schemas/core.py +85 -0
icdev/tools/schemas/innovation.py +37 -0
icdev/tools/schemas/validation.py +109 -0
icdev/tools/sdk/__init__.py +3 -0
icdev/tools/sdk/icdev_client.py +218 -0
icdev/tools/security/__init__.py +1 -0
icdev/tools/security/agent_output_validator.py +330 -0
icdev/tools/security/agent_trust_scorer.py +466 -0
icdev/tools/security/ai_bom_generator.py +725 -0
icdev/tools/security/ai_telemetry_logger.py +469 -0
icdev/tools/security/atlas_red_team.py +543 -0
icdev/tools/security/code_pattern_scanner.py +378 -0
icdev/tools/security/confabulation_detector.py +271 -0
icdev/tools/security/container_scanner.py +491 -0
icdev/tools/security/dependency_auditor.py +944 -0
icdev/tools/security/endpoint_security_scanner.py +579 -0
icdev/tools/security/mcp_tool_authorizer.py +243 -0
icdev/tools/security/prompt_injection_detector.py +737 -0
icdev/tools/security/sast_runner.py +948 -0
icdev/tools/security/secret_detector.py +378 -0
icdev/tools/security/tool_chain_validator.py +357 -0
icdev/tools/security/vuln_scanner.py +539 -0
icdev/tools/simulation/__init__.py +2 -0
icdev/tools/simulation/coa_generator.py +1552 -0
icdev/tools/simulation/monte_carlo.py +758 -0
icdev/tools/simulation/scenario_manager.py +1073 -0
icdev/tools/simulation/simulation_engine.py +1104 -0
icdev/tools/supply_chain/__init__.py +2 -0
icdev/tools/supply_chain/cve_triager.py +705 -0
icdev/tools/supply_chain/dependency_graph.py +645 -0
icdev/tools/supply_chain/isa_manager.py +540 -0
icdev/tools/supply_chain/scrm_assessor.py +546 -0
icdev/tools/testing/__init__.py +2 -0
icdev/tools/testing/acceptance_validator.py +411 -0
icdev/tools/testing/claude_dir_validator.py +831 -0
icdev/tools/testing/data_types.py +199 -0
icdev/tools/testing/e2e_runner.py +715 -0
icdev/tools/testing/fuzz_cli.py +306 -0
icdev/tools/testing/health_check.py +483 -0
icdev/tools/testing/platform_check.py +143 -0
icdev/tools/testing/production_audit.py +1862 -0
icdev/tools/testing/production_remediate.py +804 -0
icdev/tools/testing/screenshot_validator.py +539 -0
icdev/tools/testing/smoke_test.py +283 -0
icdev/tools/testing/test_agent_models.py +117 -0
icdev/tools/testing/test_orchestrator.py +957 -0
icdev/tools/testing/utils.py +229 -0
icdev/tools/translation/__init__.py +17 -0
icdev/tools/translation/code_translator.py +550 -0
icdev/tools/translation/dependency_mapper.py +277 -0
icdev/tools/translation/feature_map.py +395 -0
icdev/tools/translation/project_assembler.py +439 -0
icdev/tools/translation/source_extractor.py +609 -0
icdev/tools/translation/test_translator.py +333 -0
icdev/tools/translation/translation_manager.py +582 -0
icdev/tools/translation/translation_validator.py +662 -0
icdev/tools/translation/type_checker.py +371 -0
icdev-1.0.0.dist-info/METADATA +868 -0
icdev-1.0.0.dist-info/RECORD +1105 -0
icdev-1.0.0.dist-info/WHEEL +5 -0
icdev-1.0.0.dist-info/entry_points.txt +9 -0
icdev-1.0.0.dist-info/licenses/LICENSE +254 -0
icdev-1.0.0.dist-info/licenses/NOTICE +268 -0
icdev-1.0.0.dist-info/top_level.txt +1 -0

icdev/data/docs/features/phase-18-mbse-integration.md ADDED Viewed

@@ -0,0 +1,242 @@
+# Phase 18 — MBSE Integration
+**CUI // SP-CTI**
+| Field | Value |
+|-------|-------|
+| Phase | 18 |
+| Title | MBSE Integration |
+| Status | Implemented |
+| Priority | P0 |
+| Dependencies | Phase 11 (Compliance Workflow), Phase 12 (Build App / ATLAS Workflow) |
+| Author | ICDEV Architect Agent |
+| Date | 2026-02-23 |
+---
+## 1. Problem Statement
+DoDI 5000.87 mandates digital engineering for all DoD acquisition programs. Without model-code traceability, programs fail audits and cannot demonstrate that delivered code implements the authoritative design. The digital thread -- the end-to-end chain from requirements through models to code, tests, and compliance controls -- is the foundation of Digital Engineering Strategy (DES) compliance and Milestone B/C review readiness.
+Currently, SysML models authored in tools like Cameo Systems Modeler and requirements managed in IBM DOORS NG exist in isolation from the code that implements them. There is no automated mechanism to import model elements into the development environment, generate code scaffolding from model definitions, map model elements to NIST 800-53 security controls, detect drift between model and code, or capture point-in-time snapshots for SAFe PI boundaries.
+ICDEV needs an MBSE integration layer that extends the ATLAS workflow with a Model pre-phase (M-ATLAS), establishing bidirectional traceability from DOORS requirements through SysML models to generated code, test cases, and NIST compliance controls, with continuous drift detection and DES compliance assessment.
+---
+## 2. Goals
+1. Import SysML v1.6 models from Cameo Systems Modeler via XMI 2.5.1 format into the ICDEV database for downstream traceability and code generation
+2. Import requirements from IBM DOORS NG via ReqIF 1.2 format with diff-against-previous capability
+3. Build an end-to-end digital thread: Requirement -> Model Element -> Code Module -> Test Case -> NIST Control
+4. Generate code scaffolding from SysML block definitions, activities, state machines, and interfaces with traceability comments and CUI markings
+5. Map model elements to NIST 800-53 security controls via keyword-based and type-based matching rules
+6. Detect model-code drift continuously with bidirectional sync capabilities (model-to-code and code-to-model)
+7. Assess DES compliance against the 5 goals of DoDI 5000.87 for Milestone readiness
+8. Capture PI model snapshots with PI-over-PI comparison for trend tracking and audit
+---
+## 3. Architecture
+```
++-------------------+     +-------------------+     +-------------------+
+|  Cameo XMI 2.5.1  |---->|  XMI Parser       |---->|  sysml_elements   |
+|  (SysML Model)    |     |                   |     |  sysml_relations  |
++-------------------+     +-------------------+     +-------------------+
+                                                            |
++-------------------+     +-------------------+             |
+|  DOORS NG ReqIF   |---->|  ReqIF Parser     |---->doors_requirements
+|  (Requirements)   |     |                   |             |
++-------------------+     +-------------------+             |
+                                                            v
+                                                    +-------------------+
+                                                    |  Digital Thread   |
+                                                    |  (auto-link)      |
+                                                    +-------------------+
+                                                            |
+                          +----------------+----------------+----------------+
+                          |                |                |                |
+                          v                v                v                v
+                   +-----------+   +-----------+   +-----------+   +-----------+
+                   | Code Gen  |   | Control   |   | Drift     |   | DES       |
+                   | (classes, |   | Mapper    |   | Detector  |   | Assessor  |
+                   |  stubs)   |   | (NIST)    |   | (sync)    |   | (5000.87) |
+                   +-----------+   +-----------+   +-----------+   +-----------+
+                                                                        |
+                                                                        v
+                                                                 +-----------+
+                                                                 | PI Model  |
+                                                                 | Tracker   |
+                                                                 +-----------+
+```
+M-ATLAS extends the standard ATLAS workflow by adding a Model pre-phase. If no model exists, the system gracefully falls back to standard ATLAS. The pipeline processes:
+- **M (Model)** -- Import XMI/ReqIF, build digital thread, generate code scaffolding
+- **A (Architect)** -- System design informed by model elements (blocks, interfaces, behaviors)
+- **T (Trace)** -- Data schema, integrations, stack augmented with model traceability
+- **L (Link)** -- Validate model-to-code and requirement-to-test mappings
+- **A (Assemble)** -- Build with model-generated scaffolding as starting point
+- **S (Stress-test)** -- Test including model-generated stubs and traceability verification
+---
+## 4. Requirements
+### 4.1 Model Import
+#### REQ-18-001: SysML XMI Import
+The system SHALL parse SysML v1.6 models exported as XMI 2.5.1 from Cameo Systems Modeler, extracting: Block Definition Diagrams, Activity Diagrams, Requirement Diagrams, State Machine Diagrams, Use Case Diagrams, Internal Block Diagrams, and Parametric Diagrams.
+#### REQ-18-002: ReqIF Import
+The system SHALL parse requirements exported as ReqIF 1.2 from IBM DOORS NG, extracting SPEC-OBJECTs, SPEC-RELATIONs, ATTRIBUTE-DEFINITIONs, and SPEC-HIERARCHY with configurable field mappings.
+#### REQ-18-003: Import Diff
+The system SHALL support diff-against-previous import to show new, changed, and deleted elements since the last import.
+### 4.2 Digital Thread
+#### REQ-18-004: End-to-End Traceability
+The system SHALL establish a digital thread: Requirement (ReqIF) -> Model Element (XMI) -> Code Module (generated) -> Test Case (TDD) -> NIST Control (800-53).
+#### REQ-18-005: Auto-Link
+The system SHALL automatically link requirements to model elements using name/ID matching and NLP similarity, with a configurable confidence threshold (default 0.6, below which items are queued for manual review).
+#### REQ-18-006: Coverage Reporting
+The system SHALL report digital thread coverage percentages: requirements with model links, model elements with code links, code modules with test links, and end-to-end traced chains.
+### 4.3 Code Generation
+#### REQ-18-007: Model-Driven Code Generation
+The system SHALL generate code scaffolding from SysML elements: Blocks become classes, Activities become functions, State Machines become state pattern classes, Flow Ports become interfaces, and Constraint Blocks become validation functions.
+#### REQ-18-008: Traceability Comments
+All generated code SHALL include traceability comments (`# GENERATED FROM:`, `# TRACES TO:`) and CUI // SP-CTI markings.
+### 4.4 Control Mapping and Compliance
+#### REQ-18-009: NIST Control Mapping
+The system SHALL map model elements to NIST 800-53 controls using keyword-based and type-based matching rules with confidence scoring.
+#### REQ-18-010: DES Assessment
+The system SHALL assess compliance against the 5 goals of DoDI 5000.87 Digital Engineering Strategy and produce a DES compliance score with per-goal status.
+### 4.5 Drift Detection and Sync
+#### REQ-18-011: Drift Detection
+The system SHALL detect drift between model definitions and generated code by comparing class names, method signatures, properties, state transitions, and interface implementations.
+#### REQ-18-012: Bidirectional Sync
+The system SHALL support model-to-code and code-to-model sync directions with conflict detection for cases where both model and code have changed.
+### 4.6 PI Snapshots
+#### REQ-18-013: PI Model Snapshot
+The system SHALL capture point-in-time snapshots of model elements, requirements, digital thread coverage, drift status, NIST mapping, DES score, and SBOM at SAFe PI boundaries.
+#### REQ-18-014: PI Comparison
+The system SHALL support comparing two PI snapshots to show element deltas, coverage improvements, drift resolution progress, and compliance velocity.
+---
+## 5. Database Schema
+### Tables
+| Table | Purpose |
+|-------|---------|
+| `sysml_elements` | Imported model elements: element_id, type (block/activity/requirement/state_machine/use_case/constraint_block), name, properties_json |
+| `sysml_relationships` | Model relationships: source_id, target_id, type (connector/dependency/association), properties_json |
+| `doors_requirements` | Imported requirements: req_id, text, type, priority, status, parent_id |
+| `doors_req_links` | Requirement links: source_id, target_id, link_type (parent-child/derives/satisfies) |
+| `model_imports` | Import metadata: import_id, file_path, file_hash, element_count, timestamp |
+| `digital_thread_links` | Traceability links: source_type, source_id, target_type, target_id, link_type, confidence |
+| `model_control_mappings` | Model-to-NIST mappings: element_id, control_id, confidence, mapping_rule |
+| `pi_snapshots` | PI snapshots: pi_id, snapshot_data_json, coverage_pct, drift_count, des_score, timestamp |
+| `des_assessments` | DES compliance: project_id, goal_scores_json, overall_score, milestone_readiness |
+---
+## 6. Tools
+| Tool | Purpose |
+|------|---------|
+| `tools/mbse/xmi_parser.py` | Parse SysML XMI 2.5.1 into sysml_elements and sysml_relationships |
+| `tools/mbse/reqif_parser.py` | Parse DOORS NG ReqIF 1.2 into doors_requirements and doors_req_links |
+| `tools/mbse/digital_thread.py` | Auto-link, coverage, report, manual link for end-to-end traceability |
+| `tools/mbse/model_code_generator.py` | Generate code scaffolding from model elements with traceability |
+| `tools/mbse/model_control_mapper.py` | Map model elements to NIST 800-53 controls |
+| `tools/mbse/sync_engine.py` | Detect drift and sync model-to-code or code-to-model |
+| `tools/mbse/des_assessor.py` | Assess DoDI 5000.87 DES compliance (5 goals) |
+| `tools/mbse/des_report_generator.py` | Generate DES compliance report |
+| `tools/mbse/pi_model_tracker.py` | Create and compare PI model snapshots |
+| `tools/mbse/diagram_extractor.py` | Extract SysML elements from screenshot images via vision LLM |
+| `tools/mcp/mbse_server.py` | MCP server: import_xmi, import_reqif, trace_forward, trace_backward, generate_code, detect_drift, sync_model, des_assess, thread_coverage, model_snapshot |
+---
+## 7. Architecture Decisions
+| ID | Decision | Rationale |
+|----|----------|-----------|
+| D7 | Python stdlib `xml.etree.ElementTree` for XMI/ReqIF parsing | Zero external dependencies, air-gap safe |
+| D8 | Normalized DB tables for model elements | Enables SQL joins across the digital thread |
+| D9 | M-ATLAS adds "Model" pre-phase to ATLAS | Backward compatible -- skips if no model exists |
+| D10 | File-based sync only for Cameo | Air-gapped desktop, no API -- XMI export/import |
+| D11 | PI-snapshot versioning with SHA-256 content hashing | Drift detection between PI boundaries |
+| D12 | N:M digital thread links | One block can map to many code modules; one control to many requirements |
+| D86 | Vision diagram extraction is advisory-only | Requires `--store` flag to write to DB; human review gate before model contamination |
+---
+## 8. Security Gate
+**DES Gate:**
+- 0 non_compliant on critical DoDI 5000.87 Digital Engineering requirements
+- DES score < 70% flags project for program management review
+**Drift Gate:**
+- Drift > 20% blocks deployment -- model and code must be reconciled
+**Traceability Gate:**
+- No code merged without at least one requirement link in the digital thread
+**CUI Gate:**
+- All generated reports and code files must carry CUI // SP-CTI markings
+---
+## 9. Commands
+```bash
+# Import SysML model
+python tools/mbse/xmi_parser.py --project-id "proj-123" --file /path/to/model.xmi --json
+# Import DOORS requirements
+python tools/mbse/reqif_parser.py --project-id "proj-123" --file /path/to/reqs.reqif --json
+# Build digital thread
+python tools/mbse/digital_thread.py --project-id "proj-123" auto-link --json
+python tools/mbse/digital_thread.py --project-id "proj-123" coverage --json
+# Generate code from model
+python tools/mbse/model_code_generator.py --project-id "proj-123" --language python --output ./src
+# Map to NIST controls
+python tools/mbse/model_control_mapper.py --project-id "proj-123" --map-all --json
+# Detect drift
+python tools/mbse/sync_engine.py --project-id "proj-123" detect-drift --json
+python tools/mbse/sync_engine.py --project-id "proj-123" sync-model-to-code --json
+# DES assessment
+python tools/mbse/des_assessor.py --project-id "proj-123" --project-dir /path --json
+python tools/mbse/des_report_generator.py --project-id "proj-123" --output-dir /path
+# PI snapshot
+python tools/mbse/pi_model_tracker.py --project-id "proj-123" --pi PI-25.1 --snapshot
+# Extract diagram from screenshot
+python tools/mbse/diagram_extractor.py --image diagram.png --diagram-type block_definition --project-id "proj-123" --json
+```

icdev/data/docs/features/phase-19-agentic-generation.md ADDED Viewed

@@ -0,0 +1,202 @@
+# Phase 19 — Agentic Application Generation
+**CUI // SP-CTI**
+| Field | Value |
+|-------|-------|
+| Phase | 19 |
+| Title | Agentic Application Generation |
+| Status | Implemented |
+| Priority | P1 |
+| Dependencies | Phase 12 (Build App / ATLAS Workflow), Phase 11 (Compliance Workflow) |
+| Author | ICDEV Architect Agent |
+| Date | 2026-02-23 |
+---
+## 1. Problem Statement
+Organizations need multiple independent agentic systems -- one per program, per enclave, or per mission thread. Manually bootstrapping each system is error-prone and takes weeks. Each new agentic application requires the full GOTCHA framework (6 layers), ATLAS workflow, agent infrastructure, memory system, compliance scaffolding, CI/CD pipeline, and cloud provider integration -- all wired together correctly from day one.
+Without automated generation, teams either copy-paste from existing systems (creating drift and inconsistency) or build from scratch (wasting weeks of effort and introducing configuration errors). The result is a proliferation of inconsistent agentic systems that cannot be audited, updated, or governed centrally.
+ICDEV needs the ability to generate mini-ICDEV clone child applications that inherit the full GOTCHA framework, ATLAS workflow, own agents, memory system, and CI/CD -- everything except the ability to generate further children (grandchild prevention). These child applications must be fully autonomous, cloud-native systems capable of building, testing, deploying, and self-healing their own workloads, produced in minutes rather than weeks.
+---
+## 2. Goals
+1. Assess application specifications across 6 fitness dimensions (data complexity, decision complexity, user interaction, integration density, compliance sensitivity, scale variability) to recommend architecture type (full agent, hybrid, traditional)
+2. Generate a comprehensive blueprint from fitness scorecard and user decisions that drives all subsequent generation steps
+3. Scaffold child applications with the full GOTCHA directory structure (goals/, tools/, args/, context/, hardprompts/)
+4. Generate 5 core agents (Orchestrator, Architect, Builder, Knowledge, Monitor) plus up to 2 ATO agents (Compliance, Security) when compliance is required
+5. Produce dynamic CLAUDE.md via Jinja2 that documents only the capabilities present in the child application
+6. Generate standalone DB init scripts with core tables and capability-specific tables added via migration
+7. Integrate cloud provider MCP servers (AWS, GCP, Azure, Oracle, IBM) based on target cloud configuration
+8. Enforce 3-layer grandchild prevention: config flag, scaffolder stripping, CLAUDE.md documentation (D52)
+---
+## 3. Architecture
+```
++-------------------+     +-------------------+     +-------------------+
+|  User Spec        |---->|  Fitness Assessor  |---->|  User Decisions   |
+|  (interactive)    |     |  (6 dimensions)   |     |  (confirm/override)|
++-------------------+     +-------------------+     +-------------------+
+                                                            |
+                                                            v
+                                                    +-------------------+
+                                                    |  Blueprint Engine |
+                                                    |  (single source   |
+                                                    |   of truth)       |
+                                                    +-------------------+
+                                                            |
+                                                            v
+                                                    +-------------------+
+                                                    |  Scaffolder       |
+                                                    |  (--agentic flag) |
+                                                    +-------------------+
+                                                            |
+                     +------+------+------+------+------+---+---+
+                     |      |      |      |      |      |       |
+                     v      v      v      v      v      v       v
+                  GOTCHA  Agents Memory  Goals  CI/CD   DB    CLAUDE.md
+                  Dirs    Cards  System  Files  Pipeline Init  (Jinja2)
+```
+The generation pipeline follows 7 steps:
+1. **Gather Requirements** -- Interactive collection of app name, cloud provider, compliance needs, impact level, language, MBSE, and deployment target
+2. **Assess Fitness** -- Score across 6 weighted dimensions (>= 6.0 full agent, 4.0-5.9 hybrid, < 4.0 traditional)
+3. **User Decisions** -- Confirm architecture, MBSE, ATO, cloud provider, port offset, agent roster
+4. **Generate Blueprint** -- Single JSON blueprint drives all generators (capability map, agent roster, file manifest, CSP MCP servers, DB schema, memory config, CI/CD config, ATLAS config, classification)
+5. **Scaffold + Generate** -- Phase 1: base language scaffold (15+ files), Phase 2: agentic generation (12 steps)
+6. **Verify** -- Directory structure, content, and functional checks
+7. **Document and Register** -- Audit trail, generation summary, memory entry
+---
+## 4. Requirements
+### 4.1 Fitness Assessment
+#### REQ-19-001: 6-Dimension Fitness Scoring
+The system SHALL score application specifications across: data_complexity (10%), decision_complexity (25%), user_interaction (20%), integration_density (15%), compliance_sensitivity (15%), and scale_variability (15%).
+#### REQ-19-002: Architecture Recommendation
+The system SHALL recommend architecture based on score: >= 6.0 full agent, 4.0-5.9 hybrid, < 4.0 traditional. Users MAY override the recommendation with documented rationale.
+### 4.2 Blueprint Generation
+#### REQ-19-003: Blueprint as Single Source of Truth
+The blueprint JSON SHALL be the sole driver of all generation steps. No generator SHALL make hardcoded decisions outside the blueprint (D47).
+#### REQ-19-004: CSP MCP Server Selection
+The blueprint SHALL include cloud provider MCP server selections based on target cloud (AWS: 66+ servers, GCP: managed endpoints, Azure: catalog, Oracle: OCI servers, IBM: IC4G servers with watsonx.ai) from `context/agentic/csp_mcp_registry.yaml`.
+### 4.3 Child Application Generation
+#### REQ-19-005: GOTCHA Framework
+The child application SHALL include the complete GOTCHA directory structure: goals/, tools/, args/, context/, hardprompts/ with content adapted from ICDEV.
+#### REQ-19-006: Agent Roster
+The child application SHALL include 5 core agents (Orchestrator, Architect, Builder, Knowledge, Monitor) with configurable port offsets (default +1000). Up to 2 additional ATO agents (Compliance, Security) SHALL be included when compliance is required.
+#### REQ-19-007: Memory System
+The child application SHALL include a complete memory system: MEMORY.md, daily logs, SQLite database with embeddings, and semantic search capability.
+#### REQ-19-008: Dynamic CLAUDE.md
+The child application SHALL include a CLAUDE.md generated via Jinja2 template that documents only the capabilities present in that specific child application (D50).
+### 4.4 Governance
+#### REQ-19-009: Grandchild Prevention
+The system SHALL enforce 3-layer grandchild prevention (D52): config flag (`can_generate_children: false`), scaffolder stripping (generation tools excluded from child), and CLAUDE.md documentation ("CANNOT generate child applications").
+#### REQ-19-010: CUI Markings
+All generated files SHALL carry CUI // SP-CTI markings appropriate to the child application's impact level.
+#### REQ-19-011: Generation Audit Trail
+The system SHALL record all generation events in the append-only audit trail and store a `data/generation_summary.json` in each child application.
+---
+## 5. Database Schema
+### Tables
+| Table | Purpose |
+|-------|---------|
+| `child_app_registry` | Registered child apps: name, path, architecture, agent_count, compliance_level, genome_version |
+| `agentic_fitness_assessments` | Fitness scorecards: spec_json, dimension_scores, overall_score, recommendation |
+---
+## 6. Tools
+| Tool | Purpose |
+|------|---------|
+| `tools/builder/agentic_fitness.py` | 6-dimension fitness scoring engine |
+| `tools/builder/app_blueprint.py` | Blueprint generation from scorecard + user decisions |
+| `tools/builder/child_app_generator.py` | 12-step child application generation |
+| `tools/builder/claude_md_generator.py` | Dynamic CLAUDE.md via Jinja2 template rendering |
+| `tools/builder/goal_adapter.py` | Copy and adapt goals from ICDEV for child app context |
+| `tools/builder/db_init_generator.py` | Generate standalone DB init scripts with core + capability tables |
+| `tools/builder/scaffolder.py` | Base language scaffold with `--agentic` flag for full generation |
+---
+## 7. Architecture Decisions
+| ID | Decision | Rationale |
+|----|----------|-----------|
+| D44 | Flag-based (`--agentic`) for backward compatibility | Omitting flag produces identical output; existing scaffolding unchanged |
+| D45 | Copy-and-adapt over template library | ICDEV tools are the source of truth; no template drift |
+| D46 | Weighted rule-based fitness + optional LLM override | Deterministic scoring with human escape hatch |
+| D47 | Blueprint-driven generation | Single JSON config drives all generators; no hardcoded decisions |
+| D48 | ICDEV callback uses A2A protocol for child-to-parent communication | Standard protocol for all agent communication |
+| D50 | Dynamic CLAUDE.md via Jinja2 | Documents only what is present; no stale references |
+| D51 | Minimal DB + migration | Core tables first, expand as capabilities activate |
+| D52 | 3-layer grandchild prevention (config + scaffolder + CLAUDE.md) | Prevents uncontrolled proliferation of agentic systems |
+| D53 | Port offset for child agents (default +1000) | Avoids port conflicts when ICDEV and child run on same host |
+---
+## 8. Security Gate
+**Agentic Generation Gate:**
+- Fitness assessment completed with all 6 dimensions scored before generation proceeds
+- User decisions confirmed and logged in audit trail
+- Blueprint integrity verified (SHA-256 hash match)
+- Grandchild prevention verified: config flag set, generation tools excluded, CLAUDE.md contains prevention statement
+- CUI markings present on all generated files
+- Child database initializes successfully
+- No hardcoded ICDEV paths or ports in generated files
+---
+## 9. Commands
+```bash
+# Assess fitness
+python tools/builder/agentic_fitness.py --spec "..." --json
+# Generate blueprint
+python tools/builder/app_blueprint.py --fitness-scorecard sc.json \
+  --user-decisions '{}' --app-name "my-app" --json
+# Generate child application
+python tools/builder/child_app_generator.py --blueprint bp.json \
+  --project-path /tmp --name "my-app" --json
+# Scaffold with agentic flag
+python tools/builder/scaffolder.py --project-path /tmp --name "my-app" \
+  --type api --agentic --fitness-scorecard sc.json
+# Generate dynamic CLAUDE.md
+python tools/builder/claude_md_generator.py --blueprint bp.json --output CLAUDE.md
+# Initialize child database
+python tools/db/init_my_app_db.py
+```

icdev/data/docs/features/phase-20-fips-security-categorization.md ADDED Viewed

@@ -0,0 +1,198 @@
+# Phase 20 — FIPS 199/200 Security Categorization
+**CUI // SP-CTI**
+| Field | Value |
+|-------|-------|
+| Phase | 20 |
+| Title | FIPS 199/200 Security Categorization |
+| Status | Implemented |
+| Priority | P0 |
+| Dependencies | Phase 17 (Multi-Framework Compliance) |
+| Author | ICDEV Architect Agent |
+| Date | 2026-02-23 |
+---
+## 1. Problem Statement
+FIPS 199 security categorization is Step 1 of the NIST Risk Management Framework (RMF). Every downstream compliance decision -- SSP control selection, NIST 800-53 baseline, FedRAMP level, CMMC maturity, and deployment architecture -- depends on correct categorization. An incorrect categorization means wrong controls, which means failed ATO. Yet most organizations perform categorization manually as a one-time paper exercise with no connection to the automated compliance pipeline.
+The categorization process itself is non-trivial. Organizations must identify all information types their system processes, stores, or transmits using the NIST SP 800-60 Volume 2 catalog (hundreds of types across defense, government resource management, and internal risk management categories). Each type carries provisional Confidentiality, Integrity, and Availability (CIA) impact levels that may need organizational adjustment. The overall categorization uses a high watermark across all assigned types.
+For IL6/SECRET national security systems, CNSSI 1253 overlays must be applied on top of FIPS 199, elevating minimum CIA floors per overlay rules. Additionally, FIPS 200 mandates validation across 17 minimum security requirement areas before any system can receive authorization. Without automation, these interdependent processes are error-prone, inconsistent, and disconnected from downstream artifact generation.
+---
+## 2. Goals
+1. Provide a browsable SP 800-60 Volume 2 information type catalog with filtering by category (D.1 Services Delivery, D.2 Government Resource Management, D.3 Internal Risk Management)
+2. Support assigning multiple information types to a project with per-type organizational impact adjustments and mandatory written justification
+3. Compute FIPS 199 categorization using the high watermark method across all assigned types for Confidentiality, Integrity, and Availability
+4. Automatically apply CNSSI 1253 overlays for IL6/SECRET national security systems, elevating minimum CIA floor per overlay rules
+5. Validate all 17 FIPS 200 minimum security requirement areas (AC, AT, AU, CA, CM, CP, IA, IR, MA, MP, PE, PL, PS, RA, SA, SC, SI) against the computed baseline
+6. Dynamically drive SSP baseline selection from categorization results (replacing static IL-based mapping)
+7. Support manual categorization override with required justification
+8. Integrate with the crosswalk engine to cascade categorization-driven baseline changes across all mapped frameworks
+---
+## 3. Architecture
+```
++-------------------+     +-------------------+     +-------------------+
+|  SP 800-60        |     |  Type Assignment  |     |  FIPS 199         |
+|  Catalog Browse   |---->|  (per project)    |---->|  Categorizer      |
+|  (D.1, D.2, D.3) |     |  + adjustments    |     |  (high watermark) |
++-------------------+     +-------------------+     +-------------------+
+                                                            |
+                                    +-----------------------+
+                                    |                       |
+                                    v                       v
+                           +----------------+      +----------------+
+                           | CNSSI 1253     |      | FIPS 200       |
+                           | Overlay        |      | Validator      |
+                           | (IL6/SECRET)   |      | (17 areas)     |
+                           +----------------+      +----------------+
+                                    |                       |
+                                    v                       v
+                           +----------------+      +----------------+
+                           | SSP Baseline   |      | Gate            |
+                           | Selection      |      | Evaluation      |
+                           | (dynamic)      |      |                 |
+                           +----------------+      +----------------+
+```
+The categorization pipeline follows 6 steps:
+1. **Browse Catalog** -- Review SP 800-60 Vol 2 types filtered by category
+2. **Assign Types** -- Add information types to project with optional CIA adjustments
+3. **Categorize** -- Compute high watermark across all types; apply CNSSI 1253 if IL6
+4. **Validate FIPS 200** -- Check all 17 minimum security areas against computed baseline
+5. **Drive SSP** -- SSP generator reads categorization from DB for dynamic baseline selection
+6. **Review and Approve** -- Categorization starts as draft; AO approves after verification
+---
+## 4. Requirements
+### 4.1 Information Type Catalog
+#### REQ-20-001: SP 800-60 Catalog
+The system SHALL provide a browsable NIST SP 800-60 Volume 2 information type catalog stored in `context/compliance/nist_sp_800_60_types.json`, with filtering by category prefix (D.1, D.2, D.3).
+#### REQ-20-002: Provisional Impact Levels
+Each information type SHALL carry provisional Confidentiality, Integrity, and Availability impact levels as defined by SP 800-60.
+### 4.2 Type Assignment and Adjustment
+#### REQ-20-003: Multiple Type Assignment
+The system SHALL support assigning multiple information types to a single project, stored in the `project_information_types` table.
+#### REQ-20-004: Impact Adjustment
+The system SHALL support organizational adjustments to provisional impact levels with mandatory written justification. Adjustments SHALL only raise impact levels, not lower below provisional.
+### 4.3 Categorization
+#### REQ-20-005: High Watermark Method
+The system SHALL compute the overall system categorization as the maximum impact level across all assigned information types for each CIA objective: SC = {(C, max), (I, max), (A, max)}.
+#### REQ-20-006: CNSSI 1253 Overlay
+For IL6/SECRET national security systems, the system SHALL automatically apply CNSSI 1253 overlays from `context/compliance/cnssi_1253_overlay.json`, elevating minimum CIA floor per overlay rules.
+#### REQ-20-007: Manual Override
+The system SHALL support manual categorization override via `--method manual` with `--manual-c`, `--manual-i`, `--manual-a` flags and mandatory justification.
+### 4.4 FIPS 200 Validation
+#### REQ-20-008: 17-Area Validation
+The system SHALL validate all 17 FIPS 200 minimum security requirement areas (AC, AT, AU, CA, CM, CP, IA, IR, MA, MP, PE, PL, PS, RA, SA, SC, SI) against the baseline derived from FIPS 199 categorization.
+#### REQ-20-009: FIPS 200 Gate
+The system SHALL evaluate a gate requiring 0 not_satisfied requirement areas, all 17 areas assessed, and coverage >= 80%.
+### 4.5 SSP Integration
+#### REQ-20-010: Dynamic Baseline Selection
+The SSP generator SHALL dynamically read categorization from the database to determine the correct NIST 800-53 baseline, replacing static IL-based mapping (D56).
+#### REQ-20-011: SSP Section Population
+The SSP SHALL include actual C/I/A impact levels in Section 2, correct baseline applicability in Section 12, dynamic control baseline in Section 13, and all 17 FIPS 200 families in Section 15.
+---
+## 5. Database Schema
+### Tables
+| Table | Purpose |
+|-------|---------|
+| `fips199_categorizations` | Categorization results: project_id, method, confidentiality, integrity, availability, overall, cnssi_applied, status (draft/approved), approved_by |
+| `project_information_types` | Assigned types: project_id, type_id, provisional_c/i/a, adjusted_c/i/a, adjustment_justification |
+| `fips200_assessments` | FIPS 200 validation results: project_id, area (17 values), status, baseline_requirement, evidence |
+---
+## 6. Tools
+| Tool | Purpose |
+|------|---------|
+| `tools/compliance/fips199_categorizer.py` | Catalog browse, type assignment, categorization, CNSSI 1253 overlay, gate evaluation |
+| `tools/compliance/fips200_validator.py` | Validate 17 FIPS 200 minimum security areas against baseline, gate evaluation |
+| `tools/compliance/ssp_generator.py` | SSP generation with dynamic baseline from categorization (enhanced) |
+---
+## 7. Architecture Decisions
+| ID | Decision | Rationale |
+|----|----------|-----------|
+| D54 | FIPS 199 uses high watermark across SP 800-60 information types | Provisional levels are defaults, adjustable per organization; watermark ensures system categorized to highest need |
+| D55 | FIPS 200 validates all 17 areas against baseline from FIPS 199, not impact level alone | Baseline drives control selection, not raw impact level |
+| D56 | SSP baseline selection is dynamic: query DB first, fall back to IL mapping | Ensures SSP always reflects actual categorization, not a static assumption |
+| D57 | CNSSI 1253 auto-applies for IL6/SECRET; elevates minimum C/I/A floor | National security systems require overlay per CNSSI guidance; auto-detection prevents omission |
+---
+## 8. Security Gate
+**FIPS 199 Gate:**
+- Categorization required for all ATO-tracked projects
+- IL6 projects must have CNSSI 1253 overlay applied
+- Categorization must be in approved status (not draft) before ATO proceeds
+- At least one information type must be assigned
+**FIPS 200 Gate:**
+- 0 not_satisfied requirement areas
+- All 17 minimum security areas assessed
+- Coverage >= 80%
+---
+## 9. Commands
+```bash
+# Browse SP 800-60 catalog
+python tools/compliance/fips199_categorizer.py --list-catalog
+python tools/compliance/fips199_categorizer.py --list-catalog --category D.1 --json
+# Assign information types
+python tools/compliance/fips199_categorizer.py --project-id "proj-123" --add-type "D.1.1.1"
+python tools/compliance/fips199_categorizer.py --project-id "proj-123" --add-type "D.2.3.4" --adjust-c High
+# List assigned types
+python tools/compliance/fips199_categorizer.py --project-id "proj-123" --list-types --json
+# Run categorization
+python tools/compliance/fips199_categorizer.py --project-id "proj-123" --categorize --json
+# Force CNSSI 1253 method
+python tools/compliance/fips199_categorizer.py --project-id "proj-123" --categorize --method cnssi_1253
+# Gate evaluation
+python tools/compliance/fips199_categorizer.py --project-id "proj-123" --gate
+# FIPS 200 validation
+python tools/compliance/fips200_validator.py --project-id "proj-123" --json
+python tools/compliance/fips200_validator.py --project-id "proj-123" --gate --json
+```