|
| 1 | +# IX-Style Developer Onboarding and Quickstart |
| 2 | + |
| 3 | +## Document ID |
| 4 | + |
| 5 | +IXS-DEVELOPER-ONBOARDING-AND-QUICKSTART |
| 6 | + |
| 7 | +## Status |
| 8 | + |
| 9 | +Draft developer baseline. |
| 10 | + |
| 11 | +## Purpose |
| 12 | + |
| 13 | +This document gives a new engineer a fast, accurate path to: |
| 14 | + |
| 15 | +- understand what IX-Style is trying to prove |
| 16 | +- install the reference environment |
| 17 | +- execute the baseline verification flow |
| 18 | +- export review-ready artifacts |
| 19 | +- inspect results in a useful order |
| 20 | + |
| 21 | +This document exists because a serious repo should not force a reviewer to guess |
| 22 | +how to enter the system. |
| 23 | + |
| 24 | +--- |
| 25 | + |
| 26 | +## What IX-Style Is |
| 27 | + |
| 28 | +IX-Style is an assured-autonomy reference architecture and executable baseline |
| 29 | +for the problem: |
| 30 | + |
| 31 | +> can we prove that when trust degrades, faults accumulate, recovery is requested, |
| 32 | +> or authority becomes risky, the vehicle stays inside a safe envelope and leaves |
| 33 | +> a usable evidence trail showing why it acted |
| 34 | +
|
| 35 | +The current repository baseline includes: |
| 36 | + |
| 37 | +- command authority logic |
| 38 | +- runtime-assurance guard logic |
| 39 | +- trust evaluation |
| 40 | +- FDIR lifecycle handling |
| 41 | +- dominant posture allocation |
| 42 | +- recovery gating |
| 43 | +- mission-health generation |
| 44 | +- operator-facing summary generation |
| 45 | +- tamper-evident evidence bundles |
| 46 | +- review-artifact export |
| 47 | +- invariant checking |
| 48 | + |
| 49 | +--- |
| 50 | + |
| 51 | +## What This Repo Is Not |
| 52 | + |
| 53 | +At the current baseline, IX-Style is not yet: |
| 54 | + |
| 55 | +- a flight-qualified implementation |
| 56 | +- a real-time embedded target |
| 57 | +- a full cFS application set |
| 58 | +- a hardware-in-the-loop campaign |
| 59 | +- a platform-specific certification package |
| 60 | + |
| 61 | +It is a serious reference architecture and executable review baseline. |
| 62 | + |
| 63 | +--- |
| 64 | + |
| 65 | +## Recommended Reading Order |
| 66 | + |
| 67 | +A new engineer should read in this order: |
| 68 | + |
| 69 | +1. `docs/PROJECT_CHARTER.md` |
| 70 | +2. `docs/requirements/IXS-SYS-REQ-BASELINE.md` |
| 71 | +3. `docs/hazards/IXS-HAZARD-REGISTER.md` |
| 72 | +4. `docs/architecture/IXS-COMMAND-AUTHORITY-MODEL.md` |
| 73 | +5. `docs/architecture/IXS-RUNTIME-ASSURANCE-GUARD.md` |
| 74 | +6. `docs/architecture/IXS-SENSOR-TRUST-AND-ESTIMATION-FRAMEWORK.md` |
| 75 | +7. `docs/architecture/IXS-FDIR-ARCHITECTURE.md` |
| 76 | +8. `docs/architecture/IXS-MODE-ALLOCATION-AND-POSTURE-RESOLUTION.md` |
| 77 | +9. `docs/architecture/IXS-RECOVERY-GATE-AND-AUTHORITY-RESTORATION.md` |
| 78 | +10. `docs/architecture/IXS-TAMPER-EVIDENT-EVIDENCE-BUNDLES.md` |
| 79 | +11. `docs/operations/IXS-MISSION-HEALTH-AND-OPERATOR-SUPPORT.md` |
| 80 | +12. `docs/operations/IXS-OPERATOR-RATIONALE-AND-SUMMARY-LAYER.md` |
| 81 | +13. `docs/verification/IXS-VERIFICATION-AND-TRACEABILITY-STRATEGY.md` |
| 82 | +14. `docs/verification/IXS-INVARIANT-CHECKS-AND-PROPERTY-LAYER.md` |
| 83 | +15. `docs/review/IXS-REVIEW-WALKTHROUGH.md` |
| 84 | + |
| 85 | +That order moves from purpose -> hazards -> architecture -> execution -> review. |
| 86 | + |
| 87 | +--- |
| 88 | + |
| 89 | +## Baseline Environment |
| 90 | + |
| 91 | +The executable reference baseline currently targets: |
| 92 | + |
| 93 | +- Python 3.11 |
| 94 | +- editable local install |
| 95 | +- pytest |
| 96 | +- jsonschema |
| 97 | +- PyYAML |
| 98 | +- repo-local scripts for self-audit, scenario runs, invariants, and export |
| 99 | + |
| 100 | +--- |
| 101 | + |
| 102 | +## Install |
| 103 | + |
| 104 | +From the repository root: |
| 105 | + |
| 106 | +```bash |
| 107 | +python -m pip install --upgrade pip |
| 108 | +python -m pip install -e ".[dev]" |
| 109 | + |
| 110 | +First Execution Path |
| 111 | + |
| 112 | +A new engineer should run these commands in order. |
| 113 | + |
| 114 | +1. Repository sanity check |
| 115 | +python scripts/run_repo_self_audit.py |
| 116 | + |
| 117 | +2. Baseline scenario execution |
| 118 | +python scripts/run_sample_scenarios.py |
| 119 | + |
| 120 | +3. Invariant checks |
| 121 | +python scripts/run_invariant_checks.py |
| 122 | + |
| 123 | +4. Review-artifact export |
| 124 | +python scripts/export_sample_review_artifacts.py |
| 125 | + |
| 126 | +5. Full onboarding flow |
| 127 | +python scripts/run_quickstart_flow.py |
| 128 | + |
| 129 | +The last command is the best single-command onboarding path once dependencies are installed. |
| 130 | + |
| 131 | +What Each Script Does |
| 132 | +run_repo_self_audit.py |
| 133 | + |
| 134 | +Checks that the important docs, schemas, scripts, and seed traceability artifacts |
| 135 | +exist and load correctly. |
| 136 | + |
| 137 | +run_sample_scenarios.py |
| 138 | + |
| 139 | +Executes baseline sample scenarios and validates mission-health output. |
| 140 | + |
| 141 | +run_invariant_checks.py |
| 142 | + |
| 143 | +Evaluates architecture-level non-negotiables over the baseline scenarios. |
| 144 | + |
| 145 | +export_sample_review_artifacts.py |
| 146 | + |
| 147 | +Exports review-ready JSON artifact packages for the baseline scenarios. |
| 148 | + |
| 149 | +run_quickstart_flow.py |
| 150 | + |
| 151 | +Runs the baseline onboarding flow end-to-end and exports review artifacts. |
| 152 | + |
| 153 | +Current Baseline Scenarios |
| 154 | + |
| 155 | +The repository currently emphasizes three baseline executable review scenarios: |
| 156 | + |
| 157 | +Power fault clamp |
| 158 | + |
| 159 | +Shows that low power/resource posture narrows actuation behavior. |
| 160 | + |
| 161 | +Navigation spoof transition |
| 162 | + |
| 163 | +Shows that navigation trust collapse drives posture and evidence generation. |
| 164 | + |
| 165 | +Recovery deferred over weak comms |
| 166 | + |
| 167 | +Shows that recovery-expanding remote intent is deferred when comms trust is weak. |
| 168 | + |
| 169 | +These are not the full future scenario set. |
| 170 | +They are the current serious baseline. |
| 171 | + |
| 172 | +Where the Main Logic Lives |
| 173 | +src/ix_style/core |
| 174 | + |
| 175 | +Shared data structures, enums, IDs, and pipeline scaffolding. |
| 176 | + |
| 177 | +src/ix_style/authority |
| 178 | + |
| 179 | +Command-source eligibility and authority evaluation. |
| 180 | + |
| 181 | +src/ix_style/guard |
| 182 | + |
| 183 | +Constraint-driven runtime-assurance intervention logic. |
| 184 | + |
| 185 | +src/ix_style/trust |
| 186 | + |
| 187 | +Trust record creation, degradation, and bounded recovery logic. |
| 188 | + |
| 189 | +src/ix_style/fdir |
| 190 | + |
| 191 | +Fault lifecycle and mitigation posture logic. |
| 192 | + |
| 193 | +src/ix_style/modes |
| 194 | + |
| 195 | +Dominant safety posture allocation and posture transition records. |
| 196 | + |
| 197 | +src/ix_style/recovery |
| 198 | + |
| 199 | +Recovery-gate evaluation for authority restoration. |
| 200 | + |
| 201 | +src/ix_style/messages |
| 202 | + |
| 203 | +Schemas, receipts, tamper-evident chains, and evidence bundles. |
| 204 | + |
| 205 | +src/ix_style/telemetry |
| 206 | + |
| 207 | +Mission-health snapshots and operator-facing narration. |
| 208 | + |
| 209 | +src/ix_style/verification |
| 210 | + |
| 211 | +Scenario execution, audits, invariants, exports, and review packages. |
| 212 | + |
| 213 | +What to Inspect First After Running Quickstart |
| 214 | + |
| 215 | +After the onboarding flow succeeds, inspect: |
| 216 | + |
| 217 | +quickstart JSON output in the terminal |
| 218 | +exported package directories under the quickstart output root |
| 219 | +manifest.json for each exported scenario |
| 220 | +operator_safety_summary.json |
| 221 | +mission_health_snapshot.json |
| 222 | +decision_receipt.json |
| 223 | +evidence_bundle.json |
| 224 | + |
| 225 | +That order gives a clean human-to-machine descent. |
| 226 | + |
| 227 | +What “Good” Looks Like |
| 228 | + |
| 229 | +A healthy baseline run should show: |
| 230 | + |
| 231 | +self-audit passed |
| 232 | +scenario execution passed |
| 233 | +invariant checks passed |
| 234 | +evidence bundle validation passed |
| 235 | +exported review package directories created |
| 236 | +mission-health posture aligned with scenario intent |
| 237 | +operator summary aligned with receipt and snapshot state |
| 238 | +Common Failure Interpretation |
| 239 | +Self-audit failure |
| 240 | + |
| 241 | +Usually means a required file path, schema, or artifact is missing. |
| 242 | + |
| 243 | +Scenario failure |
| 244 | + |
| 245 | +Usually means a decision outcome or required degradation flag did not match the scenario expectation. |
| 246 | + |
| 247 | +Invariant failure |
| 248 | + |
| 249 | +Usually means an architecture truth was violated, such as: |
| 250 | + |
| 251 | +recovery blocked too late |
| 252 | +required evidence missing |
| 253 | +posture changed without a mode transition |
| 254 | +bundle integrity failed |
| 255 | +Bundle validation failure |
| 256 | + |
| 257 | +Usually means exported evidence was altered, malformed, or chained incorrectly. |
| 258 | + |
| 259 | +Onboarding Exit Criteria |
| 260 | + |
| 261 | +A new engineer is meaningfully onboarded when they can: |
| 262 | + |
| 263 | +explain the repo purpose in one sentence |
| 264 | +run the baseline flow without guessing commands |
| 265 | +find the decision receipt for a scenario |
| 266 | +find the dominant posture for a scenario |
| 267 | +verify that the evidence bundle validates |
| 268 | +explain why a scenario outcome occurred using the exported artifacts |
| 269 | + |
| 270 | +That is the real quickstart finish line. |
| 271 | + |
| 272 | +Deferred Items |
| 273 | + |
| 274 | +This document intentionally does not yet add: |
| 275 | + |
| 276 | +containerized onboarding |
| 277 | +Windows-specific automation wrappers |
| 278 | +Makefile targets |
| 279 | +extended scenario packs |
| 280 | +full reviewer FAQ |
| 281 | + |
| 282 | +Those can come later if useful. |
0 commit comments