16 Drift Detection Standard
UIAO Drift Detection & Remediation Standard
Document: 16 Phase: 5 — Data Governance Substrate Version: 1.0 Status: Draft Classification: Public Date: 2026-04-01 Promotes: PHASE5_RuntimeDriftModel.md (see that document for operational runtime detail)
1. Purpose
This document formalizes the UIAO Drift Detection & Remediation Standard — the first federated drift taxonomy with severity classification, remediation contracts, and vendor accountability requirements for federal canonical data systems. It promotes and extends PHASE5_RuntimeDriftModel.md into the numbered canon.
2. Drift Taxonomy
UIAO defines five classes of canonical drift:
| Class | Code | Definition |
|---|---|---|
| Schema Drift | DRIFT-SCHEMA |
Claim structure deviates from canonical schema version |
| Semantic Drift | DRIFT-SEMANTIC |
Claim value is structurally valid but semantically stale or inconsistent |
| Provenance Drift | DRIFT-PROVENANCE |
Provenance envelope is incomplete, invalid, or chain is broken |
| Authorization Drift | DRIFT-AUTHZ |
Claim is transmitted outside its authorized consent envelope |
| Identity Drift | DRIFT-IDENTITY |
Claim issuer cannot be resolved to a verified identity plane object |
3. Severity Model
| Severity | Code | Definition | Auto-Remediate | SLA |
|---|---|---|---|---|
| Critical | P1 |
Claim in active use; provenance or identity drift | No — halt and alert | Immediate |
| High | P2 |
Schema or semantic drift in a live claim | Yes, if deterministic | 1 hour |
| Medium | P3 |
Drift in a dormant or historical claim | Yes | 24 hours |
| Low | P4 |
Style or metadata drift; no semantic impact | Yes | 72 hours |
4. Remediation Contract
Every adapter MUST implement the following remediation contract:
remediation_contract:
drift_class: "{DRIFT-*}"
severity: "{P1|P2|P3|P4}"
detection_timestamp: "{ISO8601}"
detected_by: "{adapter_id | workflow_id}"
auto_remediated: true | false
remediation_action: "halt | fix | flag | log"
remediation_timestamp: "{ISO8601}"
remediation_evidence: "{commit_sha or audit_record_id}"
escalation_path: "{Canon Steward | Architecture Lead | CISO}"5. Vendor Accountability Requirements
Certified UIAO adapters MUST:
- Report all drift events to the UIAO telemetry plane within 5 minutes of detection
- Maintain a 30-day drift event log accessible to the Canon Steward
- Achieve < 0.1% P1/P2 drift rate over any rolling 30-day window to maintain certification
- Provide remediation evidence for every P1 event within 24 hours
6. Compliance Mapping
| NIST Control | Drift Standard Requirement |
|---|---|
| CM-3 (Configuration Change Control) | Schema drift detection and remediation |
| SI-7 (Software Integrity) | Provenance and lineage hash verification |
| CA-7 (Continuous Monitoring) | Automated drift detection workflow |
| IR-6 (Incident Reporting) | P1/P2 escalation paths |
7. Cross-References
docs/PHASE5_RuntimeDriftModel.md— Operational runtime drift model (promoted by this document)docs/15_ProvenanceProfile.md— Provenance envelope that drift detection validatesdocs/17_ConsentEnvelope.md— Authorization drift detectiondocs/18_ClaimCatalog.md— Schema drift detection against catalog versionsscripts/detect_drift.py— Drift detection automation
8. Revision History
| Version | Date | Author | Summary |
|---|---|---|---|
| 1.0 | 2026-04-01 | UIAO Canon Engine | Initial canonical release — promotes PHASE5_RuntimeDriftModel.md |