Assurance Profiles: Choosing (or Customizing) Your Validation Grammar
New here? ValidKeep governs regulated software with linked atomic files in Git and deterministic npx validkeep verify (no LLM in the audit path). Optional ysbuild helps author specs; verify is the impartial gate either way.
Start with the ecosystem map for the platform stack (assurance profile, landscape profile, CLI, ValidKeep Hub). Then read the atomic model ($D_x$, $R_x$, $C_x$, $L_x$) if notation like $C_x$ is unfamiliar. Operational Qualification (OQ) and Performance Qualification (PQ) are explained in their own articles.
One engine, many rigor packs. validkeep.yaml points at an assurance profile that defines allowed node types, trace edges, join semantics, and risk metadata. High Assurance is Yttrigen's atomic model ($D_x$ / $R_x$ / $C_x$ / $L_x$ with separated OQ and PQ loops); other profiles target different industries without forking ValidKeep core.
What a profile controls
Your repository's validkeep.yaml references a profile URL or path. The assurance YAML defines structural rules validkeep verify enforces:
# illustrative excerpt: High Assurance assurance profile
traceability_rules:
orphan_policy: zero_orphan
scopes:
peer: [rx, cx, lx, oqts, pqts]
children: [dx, bx]
tree: [oqtest, pqtest, code]
Role codes such as rx and cx map to atomic files types; see ysbuild for the full inventory.
- nodes: file types, parsers, required headings, risk tag fields
- traceability_rules: allowed edges, orphan policy, scope keys (peer, children, tree)
- active_ast_parsers and enforce flags: which structural checks run at verify time
- rendered joins: how RS, FS, DS compile from atoms when auditors want CSV-shaped documents
High Assurance (featured)
Yttrigen's recommended profile for governed SaaS and internal tools:
- Functional risk on *.dx.md and *.rx.md; technical risk on *.lx.md
- Strict OQ and PQ separation: OQ authors blind to $L_x$; PQ probes tied to $L_x$ fragments
- Balance law $O_x = C_x$ enforced per module directory
Deep dive: Module architecture hub and technical reference.
Other profiles (comparison)
| Profile | Industry focus | Distinctive rules | Status |
|---|---|---|---|
| GAMP5 | Life sciences CSV | RS/FS boundaries, fs_risk on functional nodes |
Available |
| IEC 62304 SaMD | Medical device software | Hierarchical decomposition, hazard tracing | Planned |
| SOC2 security | Enterprise SaaS | CR traceability, PII/RBAC obligation tags | Planned |
| DO-178C | Avionics | Strictest orphan policy, MC/DC coverage hooks | Planned |
| ISO 26262 | Automotive | HW/SW boundaries, sidecar ASIL metadata | Planned |
Landscape + assurance orthogonality
Landscape profiles (branches, ValidKeep Hub gates) and assurance profiles (atomic grammar) compose independently. An organization can run the High Assurance landscape with a GAMP5 assurance pack for a life-sciences subsidiary, or swap assurance profiles per repository while sharing one SDLC ladder.
Rendered views are compiler output
RS, FS, and DS are not authoring targets in High Assurance. They are joins over atomic files, identical in spirit to GAMP5-oriented profiles when those joins are defined. Edit atoms in Git; export binders when QA asks.