docs(future): finalize FUTURE threat model for H3 AWS scenarios; align FUTURE_* metadata#2855
Merged
Conversation
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot
AI
changed the title
docs: complete refresh of FUTURE_* architecture portfolio (v3.0, three-horizon 2026–2037)
docs: refresh FUTURE_* architecture portfolio (v3.0, three-horizon 2026–2037)
May 31, 2026
Copilot created this pull request from a session on behalf of
pethers
May 31, 2026 16:55
View session
github-actions
Bot
added
documentation
Contributor
🏷️ Automatic Labeling SummaryThis PR has been automatically labeled based on the files changed and PR metadata. Applied Labels: documentation,size-xl Label Categories
For more information, see |
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot
AI
changed the title
docs: refresh FUTURE_* architecture portfolio (v3.0, three-horizon 2026–2037)
FUTURE_MINDMAP v3.1: close SWOT gaps and expand the agentic-AI vision
May 31, 2026
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
…n FUTURE_* metadata Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot
AI
changed the title
FUTURE_MINDMAP v3.1: close SWOT gaps and expand the agentic-AI vision
docs(future): finalize FUTURE threat model for H3 AWS scenarios; align FUTURE_* metadata
May 31, 2026
github-actions
Bot
added
security
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
Contributor
There was a problem hiding this comment.
Pull request overview
This docs-only PR aligns the future-state documentation portfolio around a three-horizon roadmap and expands the future threat model for AWS/serverless H3 scenarios.
Changes:
- Reworks future architecture, state, and mindmap docs around H1 static, H2 static-deepening, and H3 AWS serverless evolution.
- Expands
FUTURE_THREAT_MODEL.mdwith H3 AWS threat scenarios, controls, STRIDE mappings, and risk/KPI coverage. - Refreshes metadata/version/footer consistency across future security and workflow docs.
Reviewed changes
Copilot reviewed 8 out of 9 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
FUTURE_ARCHITECTURE.md |
Adds three-horizon roadmap framing and H2 static-deepening architecture detail. |
FUTURE_THREAT_MODEL.md |
Expands future threat model with H3 AWS/serverless scenarios, controls, and risk mappings. |
FUTURE_STATEDIAGRAM.md |
Reorganizes future state machines by horizon and adds H3 lifecycle models. |
FUTURE_MINDMAP.md |
Rebuilds future capability mindmaps around horizon, AI, sustainability, and SWOT coverage themes. |
FUTURE_SECURITY_ARCHITECTURE.md |
Updates metadata version/effective/review dates. |
FUTURE_WORKFLOWS.md |
Reconciles stale footer metadata with current header version/date. |
| root((🦾 Agentic AI<br/>Autonomous Operations)) | ||
| 🟢 v1.x Seed Agents Today | ||
| 14 gh-aw newsroom workflows | ||
| Single-pass analysis aggregate render PR |
| |----------------|---------|-------------|--------------------|--------------------| | ||
| | **CIA Data Pipeline Integration** | H2 | Q2 2026 | Automated nightly fetch of 19 CIA visualization products | External API dependency, data validation, cache poisoning | | ||
| | **Advanced AI Content Pipelines** | H2 | Q2-Q3 2026 | Additional agentic workflows (committee reports, motion analysis, week-ahead) | Expanded prompt injection surface, multi-workflow orchestration risks | | ||
| | **Real-Time Voting Dashboard** | H2 | Q3 2026 | WebSocket/SSE for live parliamentary voting data | Real-time data manipulation, WebSocket security, connection state attacks | |
| ## 4. 🤖 AI Enhancement Roadmap (Amazon Bedrock) | ||
|
|
||
| ### 3.1 Phase 1: Enhanced Journalism (2026 Q2-Q3) | ||
| ### 4.1 Phase 1: Enhanced Journalism (2026 Q2-Q3) |
| | **Enhanced Chart.js/D3.js Dashboards** | H2 | Q2-Q3 2026 | 5 placeholder dashboards activated (Budget, Voting Patterns, Committee, Regional, Historical) | Dashboard data injection, chart rendering exploits, large dataset DoS | | ||
| | **Automated Content Translation** | H2 | Q3 2026 | Machine translation pipeline for 14 languages | Translation manipulation, cultural sensitivity attacks, LLM hallucination in non-English | | ||
| | **EU Parliament Cross-Reference** | H2 | Q4 2026 | Integration with European Parliament MCP Server | Cross-platform data integrity, new external API dependency | | ||
| | **Bedrock AI Content Engine** | H3 | 2026 Q2–2027 | Step-Functions-orchestrated Lambda + Bedrock (Claude Opus, Nova Premier, Polly) article/image/audio generation | Managed-LLM prompt injection, insecure output handling, excessive agency, model supply chain | |
… review - FUTURE_MINDMAP.md: Change "Single-pass" to "Multi-pass" to match gh-aw prompt contract (minimum two complete passes) - FUTURE_THREAT_MODEL.md: Move Real-Time Voting Dashboard from H2 to H3 (WebSocket/SSE requires Kinesis streaming backend, not static) - FUTURE_THREAT_MODEL.md: Align Bedrock/SageMaker/Neptune dates to H3 window (2028+) instead of conflicting 2026-2027 - FUTURE_ARCHITECTURE.md: Shift AI Enhancement Roadmap phases to H3 timeframe (2028+) to match horizon boundary definitions Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The
FUTURE_*.mdset had drifted: three docs lagged behind the v3.x/2026-05-31 cohort, andFUTURE_THREAT_MODEL.md(v1.x) predated the new "Three-Horizon" AWS-serverless vision (Bedrock, Neptune, Aurora, Cognito, SageMaker, multi-region, Nordic/EU federation) introduced across the architecture/data-model/workflow docs. This brings every FUTURE doc into a consistent metadata baseline and rebuilds the threat model to pre-model all H3 attack surface.Threat model expansion (
FUTURE_THREAT_MODEL.md, v1.x → v2.0)Metadata consistency
FUTURE_SECURITY_ARCHITECTURE.md— v2.0 → 2.1, dates → 2026-05-31, Next Review → 2026-08-31 (badge, Document Version, footer).FUTURE_WORKFLOWS.md— reconciled footer (v3.0/2026-03-27) to match header (v6.0/2026-05-02).Validation
Code-fence parity balanced across all 9 docs, 5 mermaid blocks intact, and FUT-001..022 ↔ F1..F12 ↔ risk-matrix references confirmed internally consistent.