use crate::scan::AUDIT_SCORE_METHOD;
use crate::{
generate_csv, run_scenario, AdmissibilityEnvelope, AsyncStarvationScenario,
ChannelBackpressureScenario, ClockDriftScenario, FaultScenario, ObserverConfig,
PartialPartitionScenario, ScenarioResult, WorkloadPhase,
};
use std::fs;
use std::io;
use std::path::{Path, PathBuf};
const AUDIT_NON_CERTIFICATION_STATEMENT: &str =
"The DSFB audit includes standards- and certification-relevant structural checks, but it does not certify compliance with IEC, ISO, RTCA, MIL, NIST, or other standards.";
#[derive(Debug, Clone)]
pub struct PrimaryEvaluationRow {
pub name: String,
pub result: ScenarioResult,
pub csv_name: String,
}
#[derive(Debug, Clone, Copy)]
pub struct SensitivitySweepRow {
pub sigma: f64,
pub persistence_window: usize,
pub detection_delay: Option<u64>,
pub lead_time: Option<u64>,
pub detected: bool,
pub early_window_detection: bool,
pub has_false_alarm: bool,
pub boundary_steps: u32,
pub violation_steps: u32,
}
#[derive(Debug, Clone)]
pub struct NegativeControlRow {
pub name: String,
pub result: ScenarioResult,
}
#[derive(Debug, Clone, Copy)]
pub struct DriftElasticityRow {
pub drift_rate: f64,
pub result_detected: bool,
pub detection_delay: Option<u64>,
pub lead_time: Option<u64>,
}
#[derive(Debug, Clone)]
pub struct PublicEvaluationBundle {
pub primary: Vec<PrimaryEvaluationRow>,
pub sensitivity_sweep: Vec<SensitivitySweepRow>,
pub negative_controls: Vec<NegativeControlRow>,
pub reproducibility_boundary_steps: Vec<u64>,
pub drift_elasticity: Vec<DriftElasticityRow>,
}
#[derive(Debug, Clone)]
pub struct PublicArtifactPaths {
pub evaluation_results_path: PathBuf,
pub demo_output_path: PathBuf,
pub sensitivity_sweep_path: PathBuf,
pub generated_docs_dir: PathBuf,
pub generated_paper_dir: PathBuf,
}
pub fn build_public_evaluation() -> PublicEvaluationBundle {
let primary = build_primary_evaluation();
let sensitivity_sweep = build_sensitivity_sweep();
let negative_controls = build_negative_controls();
let reproducibility_boundary_steps = build_reproducibility_steps();
let drift_elasticity = build_drift_elasticity();
PublicEvaluationBundle {
primary,
sensitivity_sweep,
negative_controls,
reproducibility_boundary_steps,
drift_elasticity,
}
}
fn count_true<T>(items: &[T], predicate: impl Fn(&T) -> bool) -> usize {
let mut count = 0usize;
for item in items.iter() {
if predicate(item) {
count += 1;
}
}
count
}
fn find_negative_control<'a>(
bundle: &'a PublicEvaluationBundle,
name: &str,
) -> Option<&'a NegativeControlRow> {
bundle.negative_controls.iter().find(|row| row.name == name)
}
fn render_optional_number(value: Option<u64>) -> String {
match value {
Some(number) => number.to_string(),
None => "-".to_string(),
}
}
fn render_optional_steps(value: Option<u64>, missing: &'static str) -> String {
match value {
Some(steps) => format!("{steps} steps"),
None => missing.to_string(),
}
}
pub fn render_public_evaluation_report(bundle: &PublicEvaluationBundle) -> String {
let mut out = String::new();
let stats = compute_evaluation_summary(bundle);
push_evaluation_header(&mut out);
push_primary_section(&mut out, bundle);
push_sensitivity_section(&mut out, bundle);
push_negative_control_section(&mut out, bundle);
push_reproducibility_section(&mut out, bundle, stats.reproducibility_baseline);
push_structural_discrimination_section(&mut out, bundle);
push_drift_elasticity_section(&mut out, bundle);
push_evaluation_summary(&mut out, bundle, &stats);
out
}
struct EvaluationSummaryStats {
primary_detected: usize,
detected_sweep_points: usize,
sweep_false_alarm_points: usize,
clean_control_clear: usize,
reproducibility_baseline: u64,
reproducibility_matches: usize,
}
fn compute_evaluation_summary(bundle: &PublicEvaluationBundle) -> EvaluationSummaryStats {
let reproducibility_baseline = bundle
.reproducibility_boundary_steps
.first()
.copied()
.unwrap_or(0);
EvaluationSummaryStats {
primary_detected: count_true(&bundle.primary, |row| row.result.detected()),
detected_sweep_points: count_true(&bundle.sensitivity_sweep, |row| row.detected),
sweep_false_alarm_points: count_true(&bundle.sensitivity_sweep, |row| row.has_false_alarm),
clean_control_clear: count_true(&bundle.negative_controls, |row| {
row.result.total_boundary_steps + row.result.total_violation_steps == 0
}),
reproducibility_baseline,
reproducibility_matches: count_true(&bundle.reproducibility_boundary_steps, |step| {
*step == reproducibility_baseline
}),
}
}
fn push_evaluation_header(out: &mut String) {
out.push_str("╔══════════════════════════════════════════════════════════════╗\n");
out.push_str("║ DSFB Gray Failure Detection — Full Empirical Evaluation ║\n");
out.push_str("║ Invariant Forge LLC — Deterministic Structural Engine ║\n");
out.push_str("╚══════════════════════════════════════════════════════════════╝\n\n");
}
fn push_primary_section(out: &mut String, bundle: &PublicEvaluationBundle) {
out.push_str("══ Section 1: Primary Evaluation (Recommended Configuration) ══\n\n");
out.push_str("Table 1: Primary Results (Recommended Configuration)\n");
out.push_str(
"┌─────────────────────┬───────┬──────────┬───────┬──────┬────────┬─────────┬──────────┐\n",
);
out.push_str(
"│ Scenario │ Steps │ Inj.Start│ Det. │Delay │ Lead │ FalseAl │ Viol.Steps│\n",
);
out.push_str(
"├─────────────────────┼───────┼──────────┼───────┼──────┼────────┼─────────┼──────────┤\n",
);
for row in &bundle.primary {
let result = &row.result;
out.push_str(&format!(
"│ {:19} │ {:3} │ {:3} │ {} │ {:>4} │ {:>4} │ {} │ {:>4} │\n",
row.name,
result.total_steps,
result.injection_start,
if result.detected() { "YES" } else { "NO " },
render_optional_number(result.detection_delay_from_injection()),
render_optional_number(result.detection_lead_time()),
result.false_alarms_before_injection,
result.total_violation_steps
));
}
out.push_str(
"└─────────────────────┴───────┴──────────┴───────┴──────┴────────┴─────────┴──────────┘\n\n",
);
}
fn push_sensitivity_section(out: &mut String, bundle: &PublicEvaluationBundle) {
out.push_str("══ Section 2: Sensitivity Sweep (Clock Drift, 42-point 2D) ══\n\n");
out.push_str("Table 2: Sensitivity Sweep — Clock Drift Scenario\n");
out.push_str("┌──────┬─────┬──────────┬───────┬──────┬────────┐\n");
out.push_str("│ σ │ P │ Med.Lead │ Det.% │ EW% │ False% │\n");
out.push_str("├──────┼─────┼──────────┼───────┼──────┼────────┤\n");
for row in &bundle.sensitivity_sweep {
out.push_str(&format!(
"│ {:4.1} │ {:3} │ {:>4} │ {:3} │ {:3} │ {:>3} │\n",
row.sigma,
row.persistence_window,
row.lead_time.unwrap_or(0),
if row.detected { 100 } else { 0 },
if row.early_window_detection { 100 } else { 0 },
if row.has_false_alarm { 100 } else { 0 },
));
}
out.push_str("└──────┴─────┴──────────┴───────┴──────┴────────┘\n");
out.push_str(" CSV: data/sensitivity_sweep.csv\n\n");
}
fn push_negative_control_section(out: &mut String, bundle: &PublicEvaluationBundle) {
out.push_str("══ Section 3: Negative Control — No-Fault Baseline ══\n\n");
out.push_str("Table 3: Negative Control — False Alarm Analysis on Healthy Windows\n");
out.push_str("┌─────────────────────┬──────────┬────────────┬────────────┬────────────┐\n");
out.push_str("│ Scenario │ Samples │ Boundary │ Violation │ False Rate │\n");
out.push_str("├─────────────────────┼──────────┼────────────┼────────────┼────────────┤\n");
for row in &bundle.negative_controls {
let result = &row.result;
out.push_str(&format!(
"│ {:19} │ {:4} │ {:4} │ {:4} │ {:5.1}% │\n",
row.name,
result.total_steps,
result.total_boundary_steps,
result.total_violation_steps,
negative_control_false_rate(result)
));
}
out.push_str("└─────────────────────┴──────────┴────────────┴────────────┴────────────┘\n\n");
}
fn negative_control_false_rate(result: &ScenarioResult) -> f64 {
if result.total_steps > 0 {
(result.total_boundary_steps + result.total_violation_steps) as f64
/ result.total_steps as f64
* 100.0
} else {
0.0
}
}
fn push_reproducibility_section(out: &mut String, bundle: &PublicEvaluationBundle, baseline: u64) {
out.push_str("══ Section 4: Deterministic Reproducibility Verification ══\n\n");
for (idx, step) in bundle.reproducibility_boundary_steps.iter().enumerate() {
out.push_str(&format!(
" Run {:2}: first_boundary=step {} {}\n",
idx + 1,
step,
reproducibility_status_suffix(idx, *step, baseline)
));
}
out.push_str(&format!(
" Deterministic: {}\n\n",
if reproducibility_verified(bundle) {
"VERIFIED — 10/10 runs identical"
} else {
"FAILED"
}
));
}
fn reproducibility_status_suffix(idx: usize, step: u64, baseline: u64) -> &'static str {
if idx == 0 {
"(baseline)"
} else if step == baseline {
"✓ matches"
} else {
"✗ MISMATCH"
}
}
fn push_structural_discrimination_section(out: &mut String, bundle: &PublicEvaluationBundle) {
out.push_str("══ Section 5: Multi-Scenario Structural Discrimination ══\n\n");
out.push_str("Table 4: Structural Signatures by Scenario at Detection Point\n");
out.push_str("┌─────────────────────┬──────────┬──────────┬──────────┬────────────┐\n");
out.push_str("│ Scenario │ Residual │ Drift │ Slew │ Drift/Slew │\n");
out.push_str("├─────────────────────┼──────────┼──────────┼──────────┼────────────┤\n");
for row in &bundle.primary {
if let Some(signature_row) = render_structural_signature_row(row) {
out.push_str(&signature_row);
}
}
out.push_str("└─────────────────────┴──────────┴──────────┴──────────┴────────────┘\n\n");
out.push_str("Interpretation: Each scenario produces a structurally distinct signature\n");
out.push_str("at its detection point. Clock drift has high drift/slew ratio (pure drift).\n");
out.push_str("Backpressure has lower ratio (accelerating growth → positive slew).\n");
out.push_str(
"This discrimination is information that scalar threshold alerts do not provide.\n\n",
);
}
fn render_structural_signature_row(row: &PrimaryEvaluationRow) -> Option<String> {
let det_step = row.result.first_anomaly_step?;
let sample = row
.result
.samples
.iter()
.find(|sample| sample.step == det_step)?;
let ratio = if sample.slew.abs() > 1e-10 {
sample.drift / sample.slew
} else {
f64::INFINITY
};
let ratio_str = if ratio.is_infinite() {
"∞ (pure drift)".to_string()
} else {
format!("{ratio:.1}")
};
Some(format!(
"│ {:19} │ {:>8.4} │ {:>8.6} │ {:>8.6} │ {:>10} │\n",
row.name, sample.residual, sample.drift, sample.slew, ratio_str
))
}
fn push_drift_elasticity_section(out: &mut String, bundle: &PublicEvaluationBundle) {
out.push_str("══ Section 6: Drift Rate Variation — Detection Elasticity ══\n\n");
out.push_str("Table 5: Clock Drift Detection vs. Drift Rate\n");
out.push_str("┌────────────┬───────┬──────┬────────┐\n");
out.push_str("│ Drift Rate │ Det. │Delay │ Lead │\n");
out.push_str("├────────────┼───────┼──────┼────────┤\n");
for row in &bundle.drift_elasticity {
out.push_str(&format!(
"│ {:6.3} │ {} │ {:>4} │ {:>4} │\n",
row.drift_rate,
if row.result_detected { "YES" } else { "NO " },
render_optional_number(row.detection_delay),
render_optional_number(row.lead_time)
));
}
out.push_str("└────────────┴───────┴──────┴────────┘\n\n");
}
fn push_evaluation_summary(
out: &mut String,
bundle: &PublicEvaluationBundle,
stats: &EvaluationSummaryStats,
) {
out.push_str("══════════════════════════════════════════════════════════════\n");
out.push_str(" EVALUATION COMPLETE\n");
out.push_str(&format!(
" • {}/4 primary scenarios: gray failures detected\n",
stats.primary_detected
));
out.push_str(&format!(
" • 42-point sensitivity sweep completed: {} detected, {} with pre-injection alarms\n",
stats.detected_sweep_points, stats.sweep_false_alarm_points
));
out.push_str(&format!(
" • Clean-window controls: {}/{} had zero anomaly steps\n",
stats.clean_control_clear,
bundle.negative_controls.len()
));
out.push_str(&format!(
" • Deterministic reproducibility: {}/{} runs identical\n",
stats.reproducibility_matches,
bundle.reproducibility_boundary_steps.len()
));
out.push_str(" • Structural discrimination: distinct signatures per scenario\n");
out.push_str(" • Drift rate elasticity: 8-point sweep completed\n");
out.push_str("══════════════════════════════════════════════════════════════\n");
}
pub fn write_public_artifacts(
bundle: &PublicEvaluationBundle,
root: &Path,
) -> io::Result<PublicArtifactPaths> {
let paths = public_artifact_paths(root);
fs::create_dir_all(&paths.generated_docs_dir)?;
fs::create_dir_all(&paths.generated_paper_dir)?;
if let Some(data_dir) = paths.evaluation_results_path.parent() {
fs::create_dir_all(data_dir)?;
}
let report = render_public_evaluation_report(bundle);
write_primary_public_outputs(bundle, &paths, &report)?;
let snippets = generated_public_snippets(bundle);
write_generated_public_docs(bundle, &paths, &snippets)?;
rewrite_public_marked_sections(root, bundle, &snippets)?;
Ok(paths)
}
fn public_artifact_paths(root: &Path) -> PublicArtifactPaths {
let data_dir = root.join("data");
PublicArtifactPaths {
evaluation_results_path: data_dir.join("evaluation_results.txt"),
demo_output_path: data_dir.join("demo-output.txt"),
sensitivity_sweep_path: data_dir.join("sensitivity_sweep.csv"),
generated_docs_dir: root.join("docs/generated"),
generated_paper_dir: root.join("paper/generated"),
}
}
fn write_primary_public_outputs(
bundle: &PublicEvaluationBundle,
paths: &PublicArtifactPaths,
report: &str,
) -> io::Result<()> {
fs::write(&paths.evaluation_results_path, report)?;
fs::write(&paths.demo_output_path, report)?;
fs::write(
&paths.sensitivity_sweep_path,
render_sensitivity_sweep_csv(bundle),
)?;
for row in &bundle.primary {
let output_root = paths
.evaluation_results_path
.parent()
.unwrap_or_else(|| Path::new("."));
fs::write(output_root.join(&row.csv_name), generate_csv(&row.result))?;
}
Ok(())
}
struct GeneratedPublicSnippets {
readme_results: String,
evidence_ledger: String,
claim_ledger: String,
audit_contract: String,
paper_results_md: String,
}
fn generated_public_snippets(bundle: &PublicEvaluationBundle) -> GeneratedPublicSnippets {
GeneratedPublicSnippets {
readme_results: render_readme_results_section(bundle),
evidence_ledger: render_evidence_ledger_md(bundle),
claim_ledger: render_claim_ledger_md(bundle),
audit_contract: render_audit_contract_md(),
paper_results_md: render_paper_results_table_md(bundle),
}
}
fn write_generated_public_docs(
bundle: &PublicEvaluationBundle,
paths: &PublicArtifactPaths,
snippets: &GeneratedPublicSnippets,
) -> io::Result<()> {
fs::write(
paths.generated_docs_dir.join("README_RESULTS.md"),
&snippets.readme_results,
)?;
fs::write(
paths.generated_docs_dir.join("EVIDENCE_LEDGER.md"),
&snippets.evidence_ledger,
)?;
fs::write(
paths.generated_docs_dir.join("CLAIM_LEDGER.md"),
&snippets.claim_ledger,
)?;
fs::write(
paths.generated_docs_dir.join("AUDIT_CONTRACT.md"),
&snippets.audit_contract,
)?;
fs::write(
paths.generated_paper_dir.join("results_summary.tex"),
render_paper_results_table_tex(bundle),
)?;
fs::write(
paths.generated_paper_dir.join("claim_ledger.tex"),
render_paper_claim_ledger_tex(bundle),
)?;
fs::write(
paths.generated_paper_dir.join("results_summary.md"),
&snippets.paper_results_md,
)?;
fs::write(
paths.generated_paper_dir.join("claim_ledger.md"),
&snippets.claim_ledger,
)?;
fs::write(
paths.generated_paper_dir.join("audit_contract.md"),
&snippets.audit_contract,
)?;
fs::write(
paths.generated_paper_dir.join("audit_contract.tex"),
render_paper_audit_contract_tex(),
)?;
Ok(())
}
fn rewrite_public_marked_sections(
root: &Path,
_bundle: &PublicEvaluationBundle,
snippets: &GeneratedPublicSnippets,
) -> io::Result<()> {
rewrite_marked_section_if_present(
&root.join("README.md"),
"<!-- DSFB:README_RESULTS:BEGIN -->",
"<!-- DSFB:README_RESULTS:END -->",
&snippets.readme_results,
)?;
rewrite_marked_section_if_present(
&root.join("README.md"),
"<!-- DSFB:EVIDENCE_LEDGER:BEGIN -->",
"<!-- DSFB:EVIDENCE_LEDGER:END -->",
&snippets.evidence_ledger,
)?;
rewrite_marked_section_if_present(
&root.join("paper/paper.md"),
"<!-- DSFB:PAPER_RESULTS:BEGIN -->",
"<!-- DSFB:PAPER_RESULTS:END -->",
&snippets.paper_results_md,
)?;
rewrite_marked_section_if_present(
&root.join("paper/paper.md"),
"<!-- DSFB:PAPER_CLAIM_LEDGER:BEGIN -->",
"<!-- DSFB:PAPER_CLAIM_LEDGER:END -->",
&snippets.claim_ledger,
)?;
rewrite_marked_section_if_present(
&root.join("paper/paper.md"),
"<!-- DSFB:PAPER_AUDIT_CONTRACT:BEGIN -->",
"<!-- DSFB:PAPER_AUDIT_CONTRACT:END -->",
&snippets.audit_contract,
)?;
Ok(())
}
fn rewrite_marked_section_if_present(
path: &Path,
start_marker: &str,
end_marker: &str,
generated: &str,
) -> io::Result<()> {
if !path.exists() {
return Ok(());
}
rewrite_marked_section(path, start_marker, end_marker, generated)
}
pub fn reproducibility_verified(bundle: &PublicEvaluationBundle) -> bool {
let Some(first) = bundle.reproducibility_boundary_steps.first().copied() else {
return false;
};
bundle
.reproducibility_boundary_steps
.iter()
.all(|step| *step == first)
}
fn build_primary_evaluation() -> Vec<PrimaryEvaluationRow> {
vec![
primary_clock_drift_row(),
primary_partial_partition_row(),
primary_backpressure_row(),
primary_async_starvation_row(),
]
}
fn primary_clock_drift_row() -> PrimaryEvaluationRow {
primary_row(
"Clock Drift",
"clock_drift.csv",
&mut ClockDriftScenario::default_scenario(),
symmetric_config(20, 2.0, 0.1, 0.05),
)
}
fn primary_partial_partition_row() -> PrimaryEvaluationRow {
primary_row(
"Partial Partition",
"partial_partition.csv",
&mut PartialPartitionScenario::default_scenario(),
symmetric_config(15, 3.0, 0.15, 0.08),
)
}
fn primary_backpressure_row() -> PrimaryEvaluationRow {
primary_row(
"Channel Backpressure",
"channel_backpressure.csv",
&mut ChannelBackpressureScenario::default_scenario(),
symmetric_config(15, 100.0, 10.0, 5.0),
)
}
fn primary_async_starvation_row() -> PrimaryEvaluationRow {
primary_row(
"Async Starvation",
"async_starvation.csv",
&mut AsyncStarvationScenario::default_scenario(),
symmetric_config(15, 30.0, 3.0, 1.5),
)
}
fn primary_row(
name: &str,
csv_name: &str,
scenario: &mut dyn FaultScenario,
config: ObserverConfig,
) -> PrimaryEvaluationRow {
PrimaryEvaluationRow {
name: name.to_string(),
csv_name: csv_name.to_string(),
result: run_scenario(scenario, &config),
}
}
fn symmetric_config(
persistence_window: usize,
residual: f64,
drift: f64,
slew: f64,
) -> ObserverConfig {
ObserverConfig {
persistence_window,
hysteresis_count: 3,
default_envelope: AdmissibilityEnvelope::symmetric(
residual,
drift,
slew,
WorkloadPhase::SteadyState,
),
..ObserverConfig::fast_response()
}
}
fn build_sensitivity_sweep() -> Vec<SensitivitySweepRow> {
let sigma_values = [0.5, 1.0, 1.5, 2.0, 2.5, 3.0];
let p_values: [usize; 7] = [5, 10, 15, 20, 25, 30, 40];
let mut rows = Vec::new();
for &sigma in &sigma_values {
for &p in &p_values {
let config = ObserverConfig {
persistence_window: p,
hysteresis_count: 3,
default_envelope: AdmissibilityEnvelope::symmetric(
sigma,
sigma * 0.05,
sigma * 0.025,
WorkloadPhase::SteadyState,
),
..ObserverConfig::fast_response()
};
let result = run_scenario(&mut ClockDriftScenario::default_scenario(), &config);
rows.push(SensitivitySweepRow {
sigma,
persistence_window: p,
detection_delay: result.detection_delay_from_injection(),
lead_time: result.detection_lead_time(),
detected: result.detected(),
early_window_detection: result.first_anomaly_step.is_some_and(|step| {
step >= result.injection_start && step < result.injection_start + 100
}),
has_false_alarm: result.false_alarms_before_injection > 0,
boundary_steps: result.total_boundary_steps,
violation_steps: result.total_violation_steps,
});
}
}
rows
}
fn build_negative_controls() -> Vec<NegativeControlRow> {
vec![
clean_clock_drift_row(),
clean_partition_row(),
clean_backpressure_row(),
clean_starvation_row(),
]
}
fn clean_clock_drift_row() -> NegativeControlRow {
negative_control_row(
"Clock Drift (clean)",
&mut ClockDriftScenario::new(5.0, 0.05, 999, 200, 0.02),
symmetric_config(20, 2.0, 0.1, 0.05),
)
}
fn clean_partition_row() -> NegativeControlRow {
negative_control_row(
"Partition (clean)",
&mut PartialPartitionScenario {
baseline: 5.0,
start: 999,
duration: 200,
rate: 0.08,
burst: 3.0,
burst_dur: 10,
noise_state: 137,
seed: 137,
},
symmetric_config(15, 3.0, 0.15, 0.08),
)
}
fn clean_backpressure_row() -> NegativeControlRow {
negative_control_row(
"Backpressure (clean)",
&mut ChannelBackpressureScenario {
baseline: 100.0,
start: 999,
duration: 200,
rate: 5.0,
noise_state: 271,
seed: 271,
},
symmetric_config(15, 100.0, 10.0, 5.0),
)
}
fn clean_starvation_row() -> NegativeControlRow {
negative_control_row(
"Starvation (clean)",
&mut AsyncStarvationScenario {
baseline: 50.0,
start: 999,
duration: 200,
rate: 2.0,
noise_state: 313,
seed: 313,
},
symmetric_config(15, 30.0, 3.0, 1.5),
)
}
fn negative_control_row(
name: &str,
scenario: &mut dyn FaultScenario,
config: ObserverConfig,
) -> NegativeControlRow {
NegativeControlRow {
name: name.to_string(),
result: run_scenario(scenario, &config),
}
}
fn build_reproducibility_steps() -> Vec<u64> {
let config = ObserverConfig {
persistence_window: 20,
hysteresis_count: 3,
default_envelope: AdmissibilityEnvelope::symmetric(
2.0,
0.1,
0.05,
WorkloadPhase::SteadyState,
),
..ObserverConfig::fast_response()
};
let mut steps = Vec::with_capacity(10);
for _ in 0..10 {
let result = run_scenario(&mut ClockDriftScenario::default_scenario(), &config);
steps.push(result.first_boundary_step.unwrap_or(999));
}
steps
}
fn build_drift_elasticity() -> Vec<DriftElasticityRow> {
let mut rows = Vec::new();
for &drift_rate in &[0.01, 0.02, 0.03, 0.05, 0.08, 0.10, 0.15, 0.20] {
let result = run_scenario(
&mut ClockDriftScenario::new(5.0, drift_rate, 50, 200, 0.02),
&ObserverConfig {
persistence_window: 20,
hysteresis_count: 3,
default_envelope: AdmissibilityEnvelope::symmetric(
2.0,
0.1,
0.05,
WorkloadPhase::SteadyState,
),
..ObserverConfig::fast_response()
},
);
rows.push(DriftElasticityRow {
drift_rate,
result_detected: result.detected(),
detection_delay: result.detection_delay_from_injection(),
lead_time: result.detection_lead_time(),
});
}
rows
}
fn render_sensitivity_sweep_csv(bundle: &PublicEvaluationBundle) -> String {
let mut csv = String::from(
"sigma,P,detection_delay,lead_time,detected,false_alarms,boundary_steps,violation_steps\n",
);
for row in &bundle.sensitivity_sweep {
csv.push_str(&format!(
"{},{},{},{},{},{},{},{}\n",
row.sigma,
row.persistence_window,
row.detection_delay.unwrap_or(0),
row.lead_time.unwrap_or(0),
u8::from(row.detected),
u8::from(row.has_false_alarm),
row.boundary_steps,
row.violation_steps
));
}
csv
}
fn render_readme_results_section(bundle: &PublicEvaluationBundle) -> String {
let mut out = String::new();
let detected_count = count_true(&bundle.primary, |row| row.result.detected());
let pre_injection_primary = count_true(&bundle.primary, |row| {
row.result.false_alarms_before_injection > 0
});
out.push_str("| Gray Failure Scenario | Detection Delay | Lead Time | False Alarms |\n");
out.push_str("|----------------------|-----------------|-----------|--------------|\n");
for row in &bundle.primary {
let result = &row.result;
let delay = render_optional_steps(result.detection_delay_from_injection(), "pre-injection");
let lead = render_optional_steps(result.detection_lead_time(), "-");
out.push_str(&format!(
"| {} | {} | {} | **{}** |\n",
row.name, delay, lead, result.false_alarms_before_injection
));
}
out.push('\n');
out.push_str(&format!(
"Current metrics are generated by `cargo run --bin dsfb-regenerate-public-artifacts`. The current recommended configuration detects {}/{} primary scenarios, and {} primary scenario(s) show a pre-injection anomaly.\n",
detected_count,
bundle.primary.len(),
pre_injection_primary
));
out
}
fn render_evidence_ledger_md(bundle: &PublicEvaluationBundle) -> String {
let mut out = String::new();
out.push_str("## Evidence Ledger\n\n");
out.push_str("Every public-facing numeric claim in this repository should map to one command, one artifact, or one generated section.\n\n");
out.push_str("| Claim Surface | Generated From | Artifact |\n");
out.push_str("|---------------|----------------|----------|\n");
out.push_str("| README results table | `cargo run --bin dsfb-regenerate-public-artifacts` | `docs/generated/README_RESULTS.md` |\n");
out.push_str("| Full evaluation narrative | `cargo run --bin dsfb-regenerate-public-artifacts` | `data/evaluation_results.txt` |\n");
out.push_str("| Demo output | `cargo run --bin dsfb-regenerate-public-artifacts` | `data/demo-output.txt` |\n");
out.push_str("| Sensitivity sweep table | `cargo run --bin dsfb-regenerate-public-artifacts` | `data/sensitivity_sweep.csv` |\n");
for row in &bundle.primary {
out.push_str(&format!(
"| Scenario CSV: {} | `cargo run --bin dsfb-regenerate-public-artifacts` | `data/{}` |\n",
row.name, row.csv_name
));
}
out.push_str("| Paper TeX results table | `cargo run --bin dsfb-regenerate-public-artifacts` | `paper/generated/results_summary.tex` |\n");
out.push_str("| Audit contract summary | `cargo run --bin dsfb-regenerate-public-artifacts` | `docs/generated/AUDIT_CONTRACT.md` |\n");
out.push_str("| Paper TeX audit contract | `cargo run --bin dsfb-regenerate-public-artifacts` | `paper/generated/audit_contract.tex` |\n");
out.push_str("| Claim ledger | `cargo run --bin dsfb-regenerate-public-artifacts` | `docs/generated/CLAIM_LEDGER.md` |\n");
out
}
fn render_audit_contract_md() -> String {
let mut out = String::new();
out.push_str("## Canonical Broad Audit Contract\n\n");
out.push_str(
"- DSFB emits one canonical broad audit rather than primary profile-specific reports.\n",
);
out.push_str("- The audit keeps one shared evidence set and one shared denominator, then renders domain and standards interpretations as conclusion lenses at the end of the report.\n");
out.push_str(&format!(
"- The locked score method is `{}` with one overall score plus visible advisory subscores.\n",
AUDIT_SCORE_METHOD
));
out.push_str("- The score is a broad code-improvement and review-readiness target for Rust developers.\n");
out.push_str("- The score is not runtime correctness, not a certification result, and not a standards certificate.\n");
out.push_str(&format!("- {}\n", AUDIT_NON_CERTIFICATION_STATEMENT));
out.push_str("- The report contract includes remediation guidance, verification suggestions, evidence IDs, SARIF, in-toto, DSSE, and static-to-runtime prior derivation.\n");
out
}
fn render_claim_ledger_md(bundle: &PublicEvaluationBundle) -> String {
let detected_count = count_true(&bundle.primary, |row| row.result.detected());
let clean_control_false_rate = find_negative_control(bundle, "Starvation (clean)")
.map(|row| {
if row.result.total_steps > 0 {
(row.result.total_boundary_steps + row.result.total_violation_steps) as f64
/ row.result.total_steps as f64
* 100.0
} else {
0.0
}
})
.unwrap_or(0.0);
let sweep_pre_injection = count_true(&bundle.sensitivity_sweep, |row| row.has_false_alarm);
let mut out = String::new();
out.push_str("## Claim Ledger\n\n");
out.push_str(&format!(
"- DSFB detects {}/{} primary deterministic scenarios under the recommended configuration.\n",
detected_count,
bundle.primary.len()
));
out.push_str(&format!(
" Evidence: `data/evaluation_results.txt`, Section 1; generated from {} primary scenarios.\n",
bundle.primary.len()
));
out.push_str("- The recommended configuration is not zero-false-alarm in all clean windows.\n");
out.push_str(&format!(
" Evidence: `data/evaluation_results.txt`, Section 3; async starvation clean control produces a {:.1}% false rate.\n",
clean_control_false_rate
));
out.push_str(
"- Sensitivity behavior is configuration-dependent rather than universally robust.\n",
);
out.push_str(&format!(
" Evidence: `data/evaluation_results.txt`, Section 2; {}/{} sweep points show pre-injection alarms.\n",
sweep_pre_injection,
bundle.sensitivity_sweep.len()
));
out.push_str("- Reproducibility is deterministic for the current clock-drift harness.\n");
out.push_str(" Evidence: `data/evaluation_results.txt`, Section 4; 10/10 runs identical.\n");
out.push_str("- DSFB provides structurally distinct detection-point signatures across the primary scenarios.\n");
out.push_str(" Evidence: `data/evaluation_results.txt`, Section 5.\n");
out.push_str("- The companion crate now emits one canonical broad audit rather than primary profile-specific reports.\n");
out.push_str(" Evidence: `docs/generated/AUDIT_CONTRACT.md`; regenerated from `cargo run --bin dsfb-regenerate-public-artifacts`.\n");
out.push_str(&format!(
"- The audit score method is `{}` and is treated as a broad improvement/readiness guide rather than certification.\n",
AUDIT_SCORE_METHOD
));
out.push_str(
" Evidence: `docs/generated/AUDIT_CONTRACT.md` and `docs/AUDIT_SCORING_LOCKED.md`.\n",
);
out.push_str("- The audit report includes conclusion lenses over one shared evidence set rather than separate primary scan modes.\n");
out.push_str(" Evidence: `docs/generated/AUDIT_CONTRACT.md`; mirrored in the current scan report contract.\n");
out.push_str("- The scanner emits SARIF, in-toto, and DSSE artifacts as part of the established public contract.\n");
out.push_str(" Evidence: `docs/generated/AUDIT_CONTRACT.md` and the generated scanner outputs in `output-dsfb-gray/`.\n");
out
}
fn render_paper_results_table_tex(bundle: &PublicEvaluationBundle) -> String {
let mut out = String::new();
out.push_str("\\begin{table}[H]\n\\centering\n");
out.push_str(
"\\caption{Primary deterministic evaluation results (recommended configuration).}\n",
);
out.push_str("\\label{tab:summary}\n");
out.push_str("\\begin{tabular}{lcccc}\n\\toprule\n");
out.push_str("Scenario & Detection Delay & Lead Time & False Alarms & Notes \\\\\n\\midrule\n");
for row in &bundle.primary {
let result = &row.result;
let delay = result
.detection_delay_from_injection()
.map_or("pre-injection".to_string(), |value| value.to_string());
let lead = result
.detection_lead_time()
.map_or("-".to_string(), |value| value.to_string());
let notes = if result.false_alarms_before_injection > 0 {
"pre-injection anomaly observed"
} else {
"none in primary run"
};
out.push_str(&format!(
"{} & {} & {} & {} & {} \\\\\n",
row.name, delay, lead, result.false_alarms_before_injection, notes
));
}
out.push_str("\\bottomrule\n\\end{tabular}\n\\end{table}\n");
out
}
fn render_paper_claim_ledger_tex(bundle: &PublicEvaluationBundle) -> String {
let detected_count = count_true(&bundle.primary, |row| row.result.detected());
let clean_control_false_rate = find_negative_control(bundle, "Starvation (clean)")
.map(|row| {
if row.result.total_steps > 0 {
(row.result.total_boundary_steps + row.result.total_violation_steps) as f64
/ row.result.total_steps as f64
* 100.0
} else {
0.0
}
})
.unwrap_or(0.0);
let sweep_pre_injection = count_true(&bundle.sensitivity_sweep, |row| row.has_false_alarm);
let mut out = String::new();
out.push_str("\\subsection*{Claim Ledger}\n");
out.push_str("\\begin{itemize}\n");
out.push_str(&format!(
"\\item Primary evaluation detects {} of {} deterministic scenarios under the recommended configuration. Evidence: Table~\\ref{{tab:summary}} and \\texttt{{data/evaluation\\_results.txt}}.\n",
detected_count,
bundle.primary.len()
));
out.push_str(&format!(
"\\item The recommended configuration is not universally zero-false-alarm: the clean async-starvation control produces a {:.1}\\% false rate. Evidence: negative-control section in \\texttt{{data/evaluation\\_results.txt}}.\n",
clean_control_false_rate
));
out.push_str(&format!(
"\\item Sensitivity behavior is configuration-dependent: {} of {} sweep points show pre-injection alarms. Evidence: sensitivity sweep in \\texttt{{data/evaluation\\_results.txt}}.\n",
sweep_pre_injection,
bundle.sensitivity_sweep.len()
));
out.push_str(&format!(
"\\item Deterministic reproducibility holds for {} repeated clock-drift runs in the current harness. Evidence: reproducibility section in \\texttt{{data/evaluation\\_results.txt}}.\n",
bundle.reproducibility_boundary_steps.len()
));
out.push_str(&format!(
"\\item The companion crate now emits one canonical broad audit with locked score method \\texttt{{{}}}. Evidence: \\texttt{{paper/generated/audit\\_contract.tex}} and \\texttt{{docs/AUDIT\\_SCORING\\_LOCKED.md}}.\n",
AUDIT_SCORE_METHOD
));
out.push_str("\\item The audit score is a broad improvement and review-readiness guide, not a compliance or certification result. Evidence: \\texttt{paper/generated/audit\\_contract.tex}.\n");
out.push_str("\\item The report contract includes conclusion lenses over one shared evidence set rather than separate primary scan modes. Evidence: \\texttt{paper/generated/audit\\_contract.tex}.\n");
out.push_str("\\end{itemize}\n");
out
}
fn render_paper_audit_contract_tex() -> String {
let mut out = String::new();
out.push_str("\\begin{itemize}[leftmargin=1.5em,itemsep=2pt]\n");
out.push_str("\\item DSFB now emits one canonical broad static audit rather than primary profile-specific reports.\n");
out.push_str("\\item The audit keeps one shared evidence set and one shared score denominator, then renders domain and standards interpretations as conclusion lenses at the end of the report.\n");
out.push_str(&format!(
"\\item The locked score method is \\texttt{{{}}}, reported as one overall score plus visible advisory subscores.\n",
AUDIT_SCORE_METHOD
));
out.push_str("\\item The score is intended as a broad code-improvement and review-readiness target for Rust developers.\n");
out.push_str("\\item The score is not runtime correctness, not a compliance result, and not a certification outcome.\n");
out.push_str(&format!(
"\\item {}\n",
escape_latex(AUDIT_NON_CERTIFICATION_STATEMENT)
));
out.push_str("\\item The public audit contract includes remediation guidance, verification suggestions, evidence identifiers, SARIF, in-toto, DSSE, and static-to-runtime prior derivation.\n");
out.push_str("\\end{itemize}\n");
out
}
fn render_paper_results_table_md(bundle: &PublicEvaluationBundle) -> String {
let mut out = String::new();
out.push_str("## Generated Primary Results\n\n");
out.push_str("| Scenario | Detection Delay | Lead Time | False Alarms | Notes |\n");
out.push_str("|----------|-----------------|-----------|--------------|-------|\n");
for row in &bundle.primary {
let result = &row.result;
let delay = result
.detection_delay_from_injection()
.map_or("pre-injection".to_string(), |value| value.to_string());
let lead = result
.detection_lead_time()
.map_or("-".to_string(), |value| value.to_string());
let notes = if result.false_alarms_before_injection > 0 {
"pre-injection anomaly observed"
} else {
"none in primary run"
};
out.push_str(&format!(
"| {} | {} | {} | {} | {} |\n",
row.name, delay, lead, result.false_alarms_before_injection, notes
));
}
out
}
fn rewrite_marked_section(
path: &Path,
start_marker: &str,
end_marker: &str,
generated: &str,
) -> io::Result<()> {
let contents = fs::read_to_string(path)?;
let Some(start) = contents.find(start_marker) else {
return Err(io::Error::new(
io::ErrorKind::InvalidData,
format!(
"missing start marker `{start_marker}` in {}",
path.display()
),
));
};
let Some(end) = contents.find(end_marker) else {
return Err(io::Error::new(
io::ErrorKind::InvalidData,
format!("missing end marker `{end_marker}` in {}", path.display()),
));
};
let before = &contents[..start + start_marker.len()];
let after = &contents[end..];
let mut rewritten = String::new();
rewritten.push_str(before);
rewritten.push('\n');
rewritten.push_str(generated.trim_end());
rewritten.push('\n');
rewritten.push_str(after);
fs::write(path, rewritten)
}
fn escape_latex(input: &str) -> String {
input
.replace('\\', "\\textbackslash{}")
.replace('&', "\\&")
.replace('%', "\\%")
.replace('$', "\\$")
.replace('#', "\\#")
.replace('_', "\\_")
.replace('{', "\\{")
.replace('}', "\\}")
.replace('~', "\\textasciitilde{}")
.replace('^', "\\textasciicircum{}")
}