The Architecture Canontruth · evidence · projection

Back to site index

Case Study

AISDR (AI Security Decision Record)

case-aisdr · canon/case-studies/aisdr/unit.md

Content source: Deepest Treatment · publications/books/building-systems-that-matter/volumes/II/README.md · Canonical source: canon/case-studies/aisdr/unit.md

Building Systems That Matter — Volume II: The Governed System (EDDA & AISDR)

A case-study volume. Where Volume I argued the eight laws and proved each against fragments of real systems, Volume II takes one architecture — EDDA, a governance framework for intelligent systems, and AISDR, its security profile — and follows it end to end, showing the eight laws operating together.

Source material: RESOURCES/whatisaisdr.md and the EDDA framework material. Built on CLAUDE.md; see ROADMAP.md and PROOF_POINTS.md.

Status: drafted end to end (M5). In editorial review.

The distinction this volume insists on: EDDA is the general framework; AISDR is one profile of it (EDDA applied to AI-assisted security). They are never collapsed.

Projected Canonical Units

  • refarch-edda
  • case-aisdr

This volume is projection prose. Canonical claims live in canon/; the volume supplies teaching order, examples, and synthesis.

Front matter

  • Introduction

Chapters

#ChapterFocus
1The Problem: Ungoverned IntelligenceWhy AI-assisted decisions need governance; the seven questions
2EDDA: The General FrameworkGovernance domains; the eight laws of governed AI; framework vs. profile
3Identity, Policy, and the Control PlaneThe single door; fail-closed gate; action rights; the decision registry
4Evidence and GroundingThe governed corpus; provenance; freshness; evidence bundles (Law V)
5Reasoning That May Not ActThe AI that proposes, never disposes; confidence; calibration; eval gates
6Actions, Agents, and the PromptConnector firewall; tier enforcement; tool integrity; prompt security
7The Governed Request LifecycleOne decision, followed end to end through every domain
8The Eight Laws, TogetherSynthesis: all eight laws simultaneously true in one system

Reference material

Promoted from the former legacy tree during Phase 4 (see reference/README.md):

JSON schemas, OpenAPI control-plane definitions, reference architecture, conformance specs.

governance-lifecycle, risk-approval-flow, federation, runtime-topology, service-map, EDDA pillars, governed-request sequence).

  • reference/edda-framework/ — the formal EDDA framework: RFCs, ADRs,
  • diagrams/ — EDDA / AI-governance diagrams (control-fabric, evidence-chain,

Related

  • Volume I — The Laws
  • Series glossary — the single authoritative source for terms
  • Appendix A — Proof-Point Systems (EDDA §A.2, AISDR §A.3)

Incoming References

Law 6
Projection 7
Reference Architecture 1