From 005509b20c59e31089d65136d46a7b24b75aff13 Mon Sep 17 00:00:00 2001
From: Christian Nennemann <christian@nennemann.de>
Date: Tue, 24 Feb 2026 06:31:10 +0100
Subject: [PATCH] Replace medical device workflow with medtech SDLC use case

Replace the clinical treatment recommendation workflow with a
software development lifecycle (SDLC) workflow covering spec
review, code generation, autonomous testing, build validation,
and HITL release approval. Add FDA audit subsection showing DAG
reconstruction for regulatory evidence review. Update Example 2
in appendix with matching detailed JSON examples for all 5 SDLC
phases.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 draft-nennemann-wimse-execution-context-00.md | 243 +++++++++++++-----
 1 file changed, 172 insertions(+), 71 deletions(-)

diff --git a/draft-nennemann-wimse-execution-context-00.md b/draft-nennemann-wimse-execution-context-00.md
index 8e9bbe5..dfb04c9 100644
--- a/draft-nennemann-wimse-execution-context-00.md
+++ b/draft-nennemann-wimse-execution-context-00.md
@@ -904,51 +904,95 @@ Note: task identifiers in this section are abbreviated for
 readability.  In production, all "tid" values MUST be UUIDs per
 {{RFC9562}}.
 
-## Medical Device Workflow
+## Medical Device SDLC Workflow
 
-In a medical device workflow, multiple AI agents coordinate to
-produce a treatment recommendation.  Regulatory frameworks
+In a medical device software development lifecycle (SDLC),
+AI agents assist across multiple phases from requirements
+analysis through release approval.  Regulatory frameworks
 including {{FDA-21CFR11}} Section 11.10(e) and {{EU-MDR}} require
-audit trails of decisions made by or with the assistance of
-software systems.
+audit trails documenting the complete development process for
+software used in medical devices.
 
 ~~~
-Agent A (Clinical Reasoning):
+Agent A (Spec Reviewer):
   tid: task-001    par: []
-  exec_act: recommend_treatment
-  pol: clinical_rules_v2      pol_decision: approved
+  exec_act: review_requirements_spec
+  pol: spec_review_policy_v2     pol_decision: approved
 
-Agent B (Safety Check):
+Agent B (Code Generator):
   tid: task-002    par: [task-001]
-  exec_act: check_drug_interactions
-  pol: safety_policy_v3       pol_decision: approved
+  exec_act: implement_module
+  pol: coding_standards_v3       pol_decision: approved
 
-Agent C (Dosage Calculation):
+Agent C (Test Agent):
   tid: task-003    par: [task-002]
-  exec_act: calculate_dosage
-  pol: dosage_rules_v1        pol_decision: approved
+  exec_act: execute_test_suite
+  pol: test_coverage_policy_v1   pol_decision: approved
 
-Human Physician Review:
+Agent D (Build Agent):
   tid: task-004    par: [task-003]
-  exec_act: approve_treatment
-  pol: physician_approval     pol_decision: approved
-  pol_enforcer: spiffe://hospital.com/human/physician-123
-  witnessed_by: [spiffe://hospital.com/audit/observer-1]
-~~~
-{: #fig-medtech title="Medical Device Workflow"}
+  exec_act: build_release_artifact
+  pol: build_validation_v2       pol_decision: approved
 
-ECTs record that clinical reasoning preceded safety checking,
-safety checking preceded dosage calculation, and a human physician
-approved the final recommendation.  The DAG structure shows that
-no step was skipped or reordered.
+Human Release Manager:
+  tid: task-005    par: [task-004]
+  exec_act: approve_release
+  pol: release_approval_policy   pol_decision: approved
+  pol_enforcer: spiffe://meddev.example/human/release-mgr-42
+  witnessed_by: [spiffe://meddev.example/audit/qa-observer-1]
+~~~
+{: #fig-medtech-sdlc title="Medical Device SDLC Workflow"}
+
+ECTs record that requirements were reviewed before implementation
+began, that tests were executed against the implemented code, that
+the build artifact was validated, and that a human release manager
+explicitly approved the release.  The DAG structure ensures no
+phase was skipped or reordered.
+
+### FDA Audit with DAG Reconstruction
+
+During a regulatory audit, an FDA reviewer requests evidence of
+the development process for a specific software release.  The
+auditing authority retrieves all ECTs sharing the same workflow
+identifier ("wid") from the audit ledger and reconstructs the
+complete DAG:
+
+~~~
+task-001 (review_requirements_spec)
+  |
+  v
+task-002 (implement_module)
+  |
+  v
+task-003 (execute_test_suite)
+  |
+  v
+task-004 (build_release_artifact)
+  |
+  v
+task-005 (approve_release) [human, witnessed]
+~~~
+{: #fig-fda-audit title="Reconstructed DAG for FDA Audit"}
+
+The reconstructed DAG provides cryptographic evidence that:
+
+- Each phase was executed by an identified and authenticated agent.
+- Policy checkpoints were evaluated at every phase transition.
+- The execution sequence was maintained (no step was bypassed).
+- A human-in-the-loop approved the final release, with independent
+  witness attestation.
+- Timestamps and execution durations are recorded for each step.
 
 This can contribute to compliance with:
 
 - {{FDA-21CFR11}} Section 11.10(e): Computer-generated audit trails
   that record the date, time, and identity of the operator.
-- {{EU-MDR}} Annex II: Technical documentation traceability.
+- {{EU-MDR}} Annex II: Technical documentation traceability for the
+  software development lifecycle.
 - {{EU-AI-ACT}} Article 12: Automatic logging capabilities for
-  high-risk AI systems.
+  high-risk AI systems involved in the development process.
+- {{EU-AI-ACT}} Article 14: ECTs can record evidence that human
+  oversight events occurred during the release process.
 
 ## Financial Trading Workflow
 
@@ -1565,87 +1609,144 @@ task-...-0001 (fetch_patient_data)
 task-...-0002 (validate_safety)
 ~~~
 
-## Example 2: Medical Workflow with Human Oversight
+## Example 2: Medical Device SDLC with Release Approval
 {:numbered="false"}
 
-A multi-step clinical workflow with physician approval:
+A multi-step medical device software lifecycle workflow with
+autonomous agents and human release approval:
 
-Task 1 (Clinical Reasoning Agent):
+Task 1 (Spec Review Agent):
 
 ~~~json
 {
-  "iss": "spiffe://hospital.example/agent/clinical",
-  "sub": "spiffe://hospital.example/agent/clinical",
-  "aud": "spiffe://hospital.example/agent/safety",
+  "iss": "spiffe://meddev.example/agent/spec-reviewer",
+  "sub": "spiffe://meddev.example/agent/spec-reviewer",
+  "aud": "spiffe://meddev.example/agent/code-gen",
   "iat": 1772064150,
   "exp": 1772064750,
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "tid": "a1b2c3d4-0001-0000-0000-000000000001",
-  "exec_act": "recommend_treatment",
+  "exec_act": "review_requirements_spec",
   "par": [],
-  "pol": "clinical_rules_v2",
+  "pol": "spec_review_policy_v2",
   "pol_decision": "approved",
   "regulated_domain": "medtech",
-  "model_version": "clinical-reasoning-v4.2"
+  "model_version": "spec-review-v3.1",
+  "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
+  "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
 ~~~
 
-Task 2 (Human Physician Approval):
+Task 2 (Code Generation Agent):
 
 ~~~json
 {
-  "iss": "spiffe://hospital.example/human/physician-456",
-  "sub": "spiffe://hospital.example/human/physician-456",
-  "aud": "spiffe://hospital.example/agent/dosage",
-  "iat": 1772064210,
-  "exp": 1772064810,
+  "iss": "spiffe://meddev.example/agent/code-gen",
+  "sub": "spiffe://meddev.example/agent/code-gen",
+  "aud": "spiffe://meddev.example/agent/test-runner",
+  "iat": 1772064200,
+  "exp": 1772064800,
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "tid": "a1b2c3d4-0001-0000-0000-000000000002",
-  "exec_act": "approve_treatment_recommendation",
+  "exec_act": "implement_module",
   "par": ["a1b2c3d4-0001-0000-0000-000000000001"],
-  "pol": "physician_approval_policy",
+  "pol": "coding_standards_v3",
   "pol_decision": "approved",
-  "pol_enforcer": "spiffe://hospital.example/human/physician-456",
+  "regulated_domain": "medtech",
+  "model_version": "codegen-v2.4"
+}
+~~~
+
+Task 3 (Autonomous Test Agent):
+
+~~~json
+{
+  "iss": "spiffe://meddev.example/agent/test-runner",
+  "sub": "spiffe://meddev.example/agent/test-runner",
+  "aud": "spiffe://meddev.example/agent/build",
+  "iat": 1772064260,
+  "exp": 1772064860,
+  "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
+  "tid": "a1b2c3d4-0001-0000-0000-000000000003",
+  "exec_act": "execute_test_suite",
+  "par": ["a1b2c3d4-0001-0000-0000-000000000002"],
+  "pol": "test_coverage_policy_v1",
+  "pol_decision": "approved",
+  "regulated_domain": "medtech",
+  "exec_time_ms": 4523
+}
+~~~
+
+Task 4 (Build Agent):
+
+~~~json
+{
+  "iss": "spiffe://meddev.example/agent/build",
+  "sub": "spiffe://meddev.example/agent/build",
+  "aud": "spiffe://meddev.example/human/release-mgr-42",
+  "iat": 1772064310,
+  "exp": 1772064910,
+  "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
+  "tid": "a1b2c3d4-0001-0000-0000-000000000004",
+  "exec_act": "build_release_artifact",
+  "par": ["a1b2c3d4-0001-0000-0000-000000000003"],
+  "pol": "build_validation_v2",
+  "pol_decision": "approved",
+  "regulated_domain": "medtech",
+  "out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
+}
+~~~
+
+Task 5 (Human Release Manager Approval):
+
+~~~json
+{
+  "iss": "spiffe://meddev.example/human/release-mgr-42",
+  "sub": "spiffe://meddev.example/human/release-mgr-42",
+  "aud": "spiffe://meddev.example/system/ledger",
+  "iat": 1772064510,
+  "exp": 1772065110,
+  "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
+  "tid": "a1b2c3d4-0001-0000-0000-000000000005",
+  "exec_act": "approve_release",
+  "par": ["a1b2c3d4-0001-0000-0000-000000000004"],
+  "pol": "release_approval_policy",
+  "pol_decision": "approved",
+  "pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
   "witnessed_by": [
-    "spiffe://hospital.example/audit/observer-1"
+    "spiffe://meddev.example/audit/qa-observer-1"
   ],
   "regulated_domain": "medtech"
 }
 ~~~
 
-Task 3 (Dosage Calculation Agent):
-
-~~~json
-{
-  "iss": "spiffe://hospital.example/agent/dosage",
-  "sub": "spiffe://hospital.example/agent/dosage",
-  "aud": "spiffe://hospital.example/system/ledger",
-  "iat": 1772064230,
-  "exp": 1772064830,
-  "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
-  "tid": "a1b2c3d4-0001-0000-0000-000000000003",
-  "exec_act": "calculate_dosage",
-  "par": ["a1b2c3d4-0001-0000-0000-000000000002"],
-  "pol": "dosage_rules_v1",
-  "pol_decision": "approved",
-  "regulated_domain": "medtech"
-}
-~~~
-
-The resulting DAG records: clinical reasoning preceded physician
-approval, which preceded dosage calculation.  The physician
-approval was independently witnessed.
+The resulting DAG records the complete SDLC: spec review preceded
+implementation, implementation preceded testing, testing preceded
+build, and a human release manager approved the final release
+with independent witness attestation.
 
 ~~~
-task-...-0001 (recommend_treatment)
+task-...-0001 (review_requirements_spec)
   |
   v
-task-...-0002 (approve_treatment) [physician, witnessed]
+task-...-0002 (implement_module)
   |
   v
-task-...-0003 (calculate_dosage)
+task-...-0003 (execute_test_suite)
+  |
+  v
+task-...-0004 (build_release_artifact)
+  |
+  v
+task-...-0005 (approve_release) [human, witnessed]
 ~~~
 
+An FDA auditor reconstructs this DAG by querying the audit ledger
+for all ECTs with wid "c2d3e4f5-a6b7-8901-cdef-012345678901" and
+verifying each signature.  The DAG provides cryptographic evidence
+that the SDLC followed the prescribed process with human oversight
+at the release gate.
+
 ## Example 3: Parallel Execution with Join
 {:numbered="false"}