SQ2: Compiler Mapping to Technical Guardrails¶

Problem Investigation¶

Even when rules are represented correctly in IR, implementation fails if mapping logic is brittle, non-portable, or opaque to developers and auditors.

Treatment Design¶

Design a mapping architecture from IR constructs to target controls.

Mapping Concerns¶

• Deterministic rule translation.
• Human-in-the-loop trigger generation.
• Target adapters (for example policy engine outputs).
• Error reporting and developer feedback.
• Evidence artifact generation for auditability.

Treatment Validation¶

Use prototype mappings on selected IR samples and verify:

• correctness of generated controls,
• explainability of mapping decisions,
• compatibility with CI/CD execution flow.

Iteration Checkpoints¶

• Iteration 1: Minimal deterministic mapping path.
• Iteration 2: Add human-judgment and fallback branches.
• Iteration 3: Add evidence output and diagnostics.

Evaluation Boundary¶

Validation covers selected target environments and representative mappings; it does not guarantee universal portability across all platforms.

Evidence Map¶

• Mapping specification drafts.
• Prototype translation outputs.
• Test cases and expected/actual behavior logs.
• Developer feedback snippets.

Expected Contribution to Main Question¶

SQ2 operationalizes the IR by proving how compliance intent becomes enforceable, environment-specific controls.