{
  "version": "ark-sovereign-segment-replay-pack-v1",
  "segment_id": "navgov_replay_witness",
  "title": "NavGov Replay Witness / CAS Intervention Evidence Packet",
  "buyer": "fleet safety teams, mining operators, telematics teams, collision-avoidance-system reviewers, insurers, and ADAS safety reviewers",
  "public_status": "synthetic example",
  "positioning": "controller-independent, time-aware replay witness packets for intervention review; not CAS certification",
  "review_surface": "Vehicle, fleet, mining, CAS, ADAS, and telematics intervention evidence before safety, causality, route, or deployment claims are made.",
  "website_safe_wording": "NavGov Replay Witness does not replace CAS, ADAS, telematics, or vehicle controllers. It provides controller-independent, time-aware, replayable evidence packets for intervention review. The packet records what was observed, what timing integrity is known, what evidence was independently captured, what context is missing, and what claims remain blocked.",
  "portfolio_boundary": "NavGov = fleet / vehicle / intervention replay evidence boundary",
  "product_wedge": [
    "A replay packet is only as good as its trace integrity.",
    "The controller can issue the command. The witness layer keeps the books.",
    "A vehicle replay is not crash causality, route safety, or deployment approval."
  ],
  "controller_independent_witness_layer": {
    "principle": "The system issuing an intervention should not be the only system producing the evidence for that intervention.",
    "witness_layer_requirements": [
      "event-centric capture",
      "persistent log chain",
      "time-synchronized evidence",
      "controller-independent signal capture where available",
      "raw-signal hash manifest",
      "explicit integrity limitations"
    ],
    "controller_path_can_issue_command": true,
    "witness_layer_keeps_books": true
  },
  "declared_input_scope": {
    "scenario": "synthetic mining CAS intervention review packet",
    "vehicle_context": "haul_truck_or_mobile_equipment",
    "inputs_expected": [
      "controller_event_log",
      "independent_logger_trace",
      "vehicle_bus_events",
      "gps_or_ptp_clock_source",
      "brake_pressure_or_deceleration_signal",
      "operator_alarm_trace",
      "load_state_record",
      "grade_or_slope_record",
      "raw_signal_hash_manifest"
    ],
    "synthetic_example": true
  },
  "evidence_integrity": {
    "time_sync_status": "degraded",
    "clock_source": "gps",
    "secondary_clock_source": "independent_logger",
    "event_ordering_confidence": "medium",
    "controller_independent_capture": true,
    "raw_signal_hashes_present": true,
    "tamper_evidence": "sha256_manifest",
    "persistent_log_chain_present": true,
    "integrity_limitations": [
      "controller_event_log and independent_logger_trace show a 183 ms offset requiring reviewer confirmation",
      "brake_condition record is absent",
      "load_state is not confirmed at intervention time",
      "operator alarm acknowledgement is captured, but alarm audibility/load is unknown"
    ]
  },
  "intervention_outcome": {
    "command_issued": true,
    "command_received_evidence": true,
    "braking_response_detected": true,
    "stopping_distance_m": null,
    "load_state_known": false,
    "grade_known": false,
    "brake_condition_known": false,
    "operator_alarm_load_known": false,
    "outcome_claim": "OUTCOME_REVIEW_REQUIRED"
  },
  "review_targets": [
    {
      "id": "NAV-P1-001",
      "priority": "P1",
      "target": "time_sync_degraded",
      "reason": "Controller and independent witness traces differ by 183 ms; intervention sequencing depends on clock alignment.",
      "human_review_question": "Which clock source is authoritative for command, warning, brake-response, and stop-window ordering?"
    },
    {
      "id": "NAV-P1-002",
      "priority": "P1",
      "target": "controller_independent_capture",
      "reason": "Independent logger evidence exists and should be compared against controller self-report before any outcome claim.",
      "human_review_question": "Does the independent logger confirm command receipt and braking response within the expected window?"
    },
    {
      "id": "NAV-P1-003",
      "priority": "P1",
      "target": "missing_load_grade_brake_context",
      "reason": "Stopping outcome cannot be evaluated without load state, grade, and brake-condition evidence.",
      "human_review_question": "Were load, grade, and brake condition known at the intervention timestamp?"
    },
    {
      "id": "NAV-P2-001",
      "priority": "P2",
      "target": "operator_alarm_context",
      "reason": "Alarm acknowledgement is recorded, but operator alarm load and audibility are unknown.",
      "human_review_question": "Was the operator warning channel independently observable and within expected human-response thresholds?"
    }
  ],
  "allowed_outputs": [
    "INTERVENTION_REVIEW_TARGET",
    "OUTCOME_WINDOW_RECORDED",
    "OUTCOME_REVIEW_REQUIRED",
    "EVIDENCE_INTEGRITY_LIMITATION",
    "TIME_SYNC_DEGRADED",
    "CONTROLLER_INDEPENDENT_CAPTURE_PRESENT",
    "HUMAN_REVIEW_REQUIRED"
  ],
  "blocked_claims": [
    "CAS_VALIDATED",
    "COLLISION_AVOIDED_PROVEN",
    "CRASH_CAUSALITY_PROVEN",
    "VEHICLE_SAFE",
    "ROUTE_SAFE",
    "DEPLOYMENT_APPROVED",
    "STOPPING_DISTANCE_CONFIRMED",
    "BRAKE_RESPONSE_VALIDATED",
    "OPERATOR_RESPONSE_VALIDATED",
    "CONTROLLER_LOG_TRUSTED_AS_SOLE_EVIDENCE",
    "HUMAN_REVIEW_REPLACED"
  ],
  "packet_authorizes_execution": false,
  "requires_human_operator": true,
  "zero_operation_receipt": true,
  "claim_boundary": {
    "does_not_replace": [
      "CAS",
      "ADAS",
      "telematics",
      "vehicle controller",
      "safety engineering review",
      "accident reconstruction",
      "regulatory certification"
    ],
    "does_not_prove": [
      "vehicle safety",
      "crash causality",
      "route safety",
      "deployment readiness",
      "CAS correctness",
      "operator response adequacy"
    ]
  },
  "packet_summary": "Synthetic NavGov Replay Witness packet showing how time synchronization, controller-independent capture, raw signal hashes, missing context, and intervention outcome limits are recorded before any safety, causality, route, or deployment claim.",
  "segment_sha256": "synthetic packet artifact; verify by hashing navgov_replay_witness.json"
}
