Incident History — Vauban Trust Center
Audience: all (transparency commitment)
Last updated:
Incident History
Vauban s’engage à publier les post-mortems publics RCA (Root Cause Analysis) des incidents P0/P1 conformément à la transparency commitment + EU AI Act Article 13.
Public Incidents
Status : currently empty (initial Trust Center MVP). Phase 0-1 commitment :
- Every P0 incident → public RCA published within 30 days
- Every P1 incident → public summary within 60 days (full RCA optional based on technical/strategic sensitivity)
- Phase 2+ : public RCA repository with searchable archive
Incident Response Process
Per .claude/rules/core/incident-response.md :
Classification & SLA
| Severity | Trigger | SLA | Brain Archive |
|---|---|---|---|
| P0 | Prod down OR fonds à risque | On-call wakes immediately, postmortem within 24h | 1h SLA |
| P1 | Service dégradé, workaround available | Escalate next business hour | 4h SLA |
| P2 | Minor bug, workaround stable | Backlog, defer to next sprint | 24h SLA |
Brain Archival Decomposition (atomic discipline)
Every P0/P1 incident produces exactly 3 atomic Brain entries :
- RCA ; Root cause analysis + specific failure mode + why it wasn’t caught
- Fix Pattern ; The applied remedy, why it works, generalization to similar systems
- Prevention ; Test, monitoring, or architecture change to prevent recurrence
Each entry : 50-200 words, self-contained, distinct query keywords. Query Brain before creating (cosine > 0.80 = update existing).
Internal Incidents (not yet public)
For Phase 0 transparency baseline, internal incidents tracked Brain Protocol (986+ entries) include :
- Brain V6 audit remediation in progress (cognitive flags 0% activated ; drift signal)
- MCP Audit Phase 2.5 (DeFi apps) + Phase 1.0 (SealedSecrets) pending
- NEXT_PUBLIC_ env dump in layout.tsx (server proxy needed ; critical pending)
- Starknet sequencer incidents (pattern Brain entry 1b22e516 = multi-RPC failover required)
Public RCA disclosure : Phase 1+ post-Vauban-Tech SAS incorporation + DPO approval per disclosure agreement.
Incident Disclosure Process
Vauban commitment :
- Internal P0/P1 detection → on-call wakes (P0) or business hour escalation (P1)
- Brain Protocol archival 3 atomic entries (RCA + Fix + Prevention)
- Affected customers/partners notified directly within SLA
- Public RCA published Phase 1+ via Trust Center :
- Anonymized customer impact
- Technical root cause + fix pattern
- Prevention measures applied
- Cross-reference Brain entry IDs (verifiable institutional memory)
- Acknowledgments published security#acknowledgments if security researcher disclosure
Communication Templates
- P0 incident : status page update within 15min + comms every 15min (planned status.vauban.tech Phase 1+)
- P1 incident : status page update within 1h + comms hourly
- Resolution : full RCA published within SLA
Cross-references
- Incident response rule :
.claude/rules/core/incident-response.md - Security disclosures : security.md
- Brain archival :
.claude/rules/knowledge/brain-archival.md - Audit reports : audit-reports.md
- Risk register :
governance/risks/ecosystem-risk-register.md - DR runbooks : sprint-487 sealed (5 scenarios + GameDay drill workflow)