作者 :Darren H. Chen
方向 :汽车芯片功能安全分析与故障注入实践
Demo :D20_public_demo_package
标签:汽车芯片、功能安全、GitHub Release、Evidence Package、故障注入、FMEDA、Diagnostic Coverage、CI 自动化、Dashboard、开源工程实践
1. 为什么这一篇重要?
上一篇文章中,我们为 safety-analysis workflow 引入了 CI automation。
D19 生成的输出包括:
text
ci_summary.md
ci_status.csv
ci_gate_result.json
ci_stage_status.csv
ci_artifact_index.csv
ci_warnings.csv
ci_failure_reasons.csv
ci_run_manifest.yamlCI layer 让整个 workflow 具备了可重复执行能力。
但是,如果目标是对外沟通方法论、发布工程 Demo、建立专业可信度,或者准备外部合作,仅仅在本地 workspace 中可重复还不够。
下一个问题是:
如何把 safety workflow 打包成一个 public-safe、可复现、可共享的 GitHub demo release?
本篇对应的 Demo 是:
text
D20_public_demo_package本篇引入的通用工具名是:
text
safeic-packagesafeic-package 的目标,是从 CI run、evidence package、safety report、regression results、dashboard site 和 demo scripts 中收集可公开发布的 artifacts,并整理成 release-ready package:
text
source demo files
sanitized input data
sample outputs
evidence package summaries
safety reports
dashboard site
CI summaries
release manifest
artifact index
public-data validation
license and disclaimer files
reproduction scripts并生成:
text
release/
README.md
RELEASE_NOTES.md
QUICKSTART.md
DEMO_SCOPE.md
DISCLAIMER.md
public_artifact_index.csv
public_data_validation.csv
reproducibility_manifest.yaml
demos/
reports/
dashboard/
data/
scripts/
docs/核心思想是:
Public demo package 不是随便上传一堆脚本和报告,而是一个经过筛选、脱敏、可复现的 release artifact。它必须说明包含什么、不包含什么、如何运行,以及不主张什么。
2. D20 在整体流程中的位置
D20 是 release packaging layer。
D19 CI Artifacts
D20 Public Demo Package
D14-D18 Public-Safe Artifacts
Release Policy
GitHub Repository
Release Archive
Public Demo Site
External Reviewer Package
图 1:D20 把 CI 生成的 artifacts 和 public-safe demo data 转换成可共享 release package。
D19 回答的是:
text
自动化流程是否运行?
生成了哪些 artifacts?
CI gate 的结论是什么?D20 回答的是:
text
哪些 artifacts 可以安全公开?
哪些 scripts 应该包含?
哪些 reports 应该包含?
另一个用户如何复现这个 demo?
哪些 assumptions 和 limitations 必须声明?
哪些内容必须从 public release 中排除?
GitHub 上应该如何组织这个 package?这一步是从 internal automation 转向 external communication。
3. Public Demo Package 是一个产品边界
Public package 是一个边界。
在 private workspace 中,可能存在:
text
private experiments
temporary scripts
raw logs
absolute paths
license-related environment
commercial tool exports
internal notes
customer-like dataPublic package 只应该包含:
text
sanitized sample data
generic scripts
public-safe outputs
methodology reports
reproducible demo commands
clear disclaimers
source-visible examplesexcluded
Private Workspace
Public Data Filter
Release Builder
Public Demo Package
Private / Confidential Artifacts
图 2:D20 是 private workspace artifacts 和 public demo assets 之间的 release boundary。
这个边界非常重要,因为 public demos 会成为个人或团队专业形象的一部分。
一个粗心的 public package 可能泄露信息,也可能过度宣称。
一个干净的 public package 则能展示很强的工程纪律。
4. Public Demo Package 应该证明什么?
Public demo package 应该证明:
text
workflow 是结构化的
demo 可以运行或检查
artifact chain 是可理解的
data 是 public-safe 的
methodology 在 sample scale 上可复现
reports 和 dashboard 来自已知 inputs
limitations 是显式的它不应该声称:
text
production safety signoff
ISO 26262 certification
commercial tool equivalence
customer project validation
complete automotive SoC coverage
proprietary tool replacement这个边界能保护可信度。
一个 public demo 可以很有说服力,但不需要假装它是最终产品级安全签核。
5. Demo Package 与 Source Repository 的区别
一个 GitHub repository 可以包含多个层次:
text
source code
demo input data
demo output data
documentation
reports
dashboard site
release archivesPublic demo package 是其中经过筛选的子集。
Repository
Source Tree
Demo Workspace
Generated Outputs
Release Package
Downloadable Archive
图 3:Release package 是 repository 中经过筛选、可复现的子集。
不要把本地所有文件都放进 release。
应该明确 public artifact set 的边界。
6. 建议 Repository Layout
围绕本专题,一个比较清晰的 repository layout 可以是:
text
automotive-safeic-fault-injection-practice/
README.md
LICENSE
DISCLAIMER.md
QUICKSTART.md
DEMO_SCOPE.md
RELEASE_NOTES.md
docs/
articles/
methodology/
figures/
demos/
D01_safa_sa_bfr_input_package/
D02_safety_assumption_setup/
...
D20_public_demo_package/
tools/
safeic_input/
safeic_fit/
safeic_faultgen/
safeic_classify/
safeic_measdc/
safeic_fmeda/
safeic_evidence/
safeic_report/
safeic_regress/
safeic_compare/
safeic_dashboard/
safeic_package/
examples/
toy_counter/
rtl/
policies/
manifests/
releases/
D20_public_demo_package/
release/这个结构把以下内容分开:
text
methodology documentation
demo implementations
tool code
sample design
release outputs7. Public Release Package Structure
D20 release package 可以组织为:
text
release/
README.md
QUICKSTART.md
RELEASE_NOTES.md
DEMO_SCOPE.md
DISCLAIMER.md
reproducibility_manifest.yaml
public_artifact_index.csv
public_data_validation.csv
package_warnings.csv
demos/
D01/
D11/
D12/
D13/
D14/
D15/
D16/
D18/
D19/
data/
toy_counter/
rtl/
policies/
sample_faults/
sample_results/
reports/
safety_report.md
evidence_package_summary.md
regression_summary.md
ci_summary.md
dashboard/
index.html
assets/
data/
scripts/
run_quickstart.sh
run_quickstart.csh
validate_public_package.sh
validate_public_package.csh
docs/
methodology_notes.md
artifact_map.md
limitations.md这个 release package 应该在没有完整 development workspace 的情况下也能被理解。
8. Public Artifact Classes
D20 应该在 release 前对 artifacts 分类。
建议分类:
text
include_public
include_sanitized
include_generated_summary
include_sample_only
exclude_private
exclude_license_restricted
exclude_temporary
exclude_unknown示例:
csv
artifact,file_path,classification,reason
toy_counter.v,examples/toy_counter/rtl/toy_counter.v,include_public,synthetic demo RTL
safety_report.md,reports/safety_report.md,include_generated_summary,public methodology report
commercial_raw.log,private/commercial_raw.log,exclude_license_restricted,raw tool output
/tmp/run123.log,tmp/run123.log,exclude_temporary,temporary local run logRelease builder 不应默认包含 unknown artifacts。
默认排除比默认包含更安全。
9. Public Data Validation
Public release 必须验证数据安全性。
Validation checks 可以包括:
text
no absolute private paths
no license server strings
no customer names
no internal usernames
no private hostnames
no raw commercial tool outputs
no confidential labels
no unsupported file extensions
no oversized binary dumps
no temporary files示例输出:
csv
check,status,details
absolute_path_scan,PASS,no private absolute paths found
license_string_scan,PASS,no license strings found
customer_name_scan,PASS,no customer names found
raw_commercial_output_scan,PASS,no raw commercial reports included
unknown_file_scan,WARN,2 files require manual review
binary_file_scan,PASS,no unexpected binary files这个输出应包含在 release 中。
它能体现负责任的公开发布纪律。
10. Sanitization 不是事后补丁
Public packaging 应该包含 sanitization layer。
Sanitization 示例:
text
replace private paths with relative paths
remove usernames and hostnames
remove license environment variables
replace raw commercial tool references with normalized sample references
replace project-specific IDs with demo IDs
truncate large logs
remove timestamps if they reveal private workflow details示例 mapping:
yaml
sanitize:
path_replacements:
"/home/private/project": "<DEMO_ROOT>"
"/tools/vendor/license": "<LICENSE_PATH_REDACTED>"
string_replacements:
"LM_LICENSE_FILE": "LICENSE_ENV_REDACTED"
"customer_alpha": "demo_customer"对于公开发布,最好从一开始就生成 clean data,而不是最后再清理 risky data。
11. Reproducibility Manifest
Release 应包含 reproducibility manifest。
示例:
yaml
release:
name: D20_public_demo_package
version: 0.1.0
profile: public_methodology_demo
design: toy_counter
source:
generated_from_ci_run: ci_demo_latest
generated_by: safeic-package
generation_mode: sanitized_public_release
included:
demos:
- D01_safa_sa_bfr_input_package
- D11_fault_outcome_classification
- D12_measured_diagnostic_coverage
- D13_fmeda_update
- D14_safety_evidence_package
- D15_safety_report_generation
- D16_regression_and_trend_tracking
- D18_dashboard_and_website_demo
- D19_ci_automation
reproduce:
quickstart_csh: scripts/run_quickstart.csh
quickstart_bash: scripts/run_quickstart.sh这个文件告诉用户 package 是如何生成的。
12. Artifact Index
Public package 应包含 public_artifact_index.csv。
示例:
csv
artifact_id,path,type,source_stage,public_classification,sha256,description
P001,data/toy_counter/rtl/toy_counter.v,rtl,D01,include_public,abc123,synthetic demo RTL
P002,reports/safety_report.md,report,D15,include_generated_summary,def456,safety report
P003,dashboard/index.html,dashboard,D18,include_public,789abc,static dashboard entry
P004,outputs/ci_summary.md,ci_summary,D19,include_generated_summary,555aaa,CI run summary这个 index 让 release 可审计。
Public package 不应该是黑盒。
13. Quickstart 非常关键
Public demo package 必须有简单 quickstart。
示例 QUICKSTART.md:
md
# Quickstart
## 1. Check Python
```bash
python3 --version2. Run the public demo
bash
bash scripts/run_quickstart.shor:
csh
csh scripts/run_quickstart.csh3. Inspect outputs
reports/safety_report.mdreports/regression_summary.mddashboard/index.htmlpublic_data_validation.csv
4. Open dashboard
Open:
text
dashboard/index.htmlin a browser.
第一次成功体验非常重要。
如果用户无法在五分钟内运行或查看 demo,package 的影响力会明显下降。
---
## 14. csh Compatibility
对本系列来说,csh scripts 很重要,因为很多 legacy EDA environments 仍然使用 csh-style setup 和执行方式。
D20 应提供:
```text
scripts/run_quickstart.csh
scripts/validate_public_package.csh示例:
csh
#!/bin/csh -f
set ROOT = `cd "$0:h/.." && pwd`
echo "[INFO] Demo root: $ROOT"
cd "$ROOT"
echo "[INFO] Validating public package..."
python3 tools/safeic_package/validate_public_package.py \
--manifest reproducibility_manifest.yaml \
--policy docs/public_data_policy.yaml
echo "[INFO] Quickstart completed."同时提供 bash 和 csh 可以提高可移植性。
但对于旧 EDA 环境,csh 应被视为一等路径。
15. Public Demo 应包含什么?
应包含:
text
small synthetic RTL
small sample filelists
public-safe policy files
sample fault lists
sample fault outcomes
sample measured DC tables
sample FMEDA tables
sample evidence package
sample safety report
sample regression output
sample dashboard
scripts to validate and inspect package
README and quickstart目标是展示方法论,而不是暴露完整私有工具能力。
小而干净的 Demo 比大而有风险的 Demo 更好。
16. 应排除什么?
应排除:
text
raw commercial tool reports
license-protected logs
real customer RTL
real supplier FIT data
private absolute paths
internal project scripts that reveal proprietary flows
large waveform dumps
private screenshots
temporary run directories
unreviewed experimental files不确定时,排除,或者替换成 sanitized synthetic data。
Public package 在保密角度应该尽量"无聊"。
它的价值应来自结构和清晰度,而不是泄露真实项目细节。
17. Release Notes
RELEASE_NOTES.md 应描述:
text
release version
date
included demos
included reports
known limitations
known warnings
changes since previous release
validation status示例:
md
# Release Notes
Version: 0.1.0
Demo: D20_public_demo_package
## Included
- D01 input package preflight
- D11-D13 fault outcome, measured DC, and FMEDA sample outputs
- D14 evidence package summary
- D15 safety report
- D16 regression summary
- D18 dashboard static site
- D19 CI summary
## Known Limitations
- Synthetic toy design only
- Small sample fault campaign
- No production safety signoff claim
- Commercial comparison uses normalized sample data
## Validation
Public data validation: PASS with warningsRelease notes 可以帮助外部读者判断 maturity。
18. Demo Scope Document
DEMO_SCOPE.md 必须明确。
它应回答:
text
演示了什么?
没有演示什么?
使用哪个 design?
包含哪些 fault models?
计算哪些 metrics?
哪些 outputs 是 synthetic?
哪些 outputs 是 generated?
哪些 outputs 是 manually provided?示例 scope statement:
md
This package demonstrates a methodology for functional safety analysis and fault injection workflow organization using a synthetic `toy_counter` design.
It demonstrates artifact structure, evidence traceability, measured DC calculation, FMEDA update, regression tracking, CI orchestration, and dashboard presentation.
It does not claim production readiness, ISO 26262 compliance, or equivalence with any commercial tool.清晰的 scope document 可以避免误解。
19. Disclaimer
DISCLAIMER.md 应清楚说明:
text
methodology demo only
not safety certification
not legal or compliance advice
not production signoff
not a replacement for certified tools or qualified process
sample data may be synthetic or simplified
commercial tool comparison data may be normalized examples示例:
md
# Disclaimer
This repository is a functional safety methodology and engineering workflow demonstration.
The included examples, metrics, reports, and dashboards are not production safety signoff evidence and do not constitute ISO 26262 compliance certification.
Users must perform their own safety analysis, tool qualification, process review, and independent verification for real projects.这既保护可信度,也保护安全边界。
20. License and Usage
Release 应包含 license file。
选择哪种 license 取决于发布策略。
常见选择:
text
MIT
Apache-2.0
BSD-3-Clause
custom evaluation license如果 public demo 用于展示方法论并鼓励采用,permissive license 可以考虑。
如果工具未来可能商业化,可以选择:
text
open documentation
restricted tool code
binary-only demo tool
evaluation licenseD20 不决定法律策略。
但它应提供占位文件:
text
LICENSE
NOTICE
THIRD_PARTY_NOTICES.md不要包含未经许可可再分发的第三方文件。
21. Third-Party and Commercial Tool Boundaries
如果 public demo 提到商用工具,应保持边界清楚。
可接受的 public-safe 做法:
text
describe the comparison methodology
provide normalized synthetic sample tables
provide adapter interface
avoid raw report redistribution
avoid vendor-specific confidential content
avoid license-protected screenshots示例说明:
md
Commercial-tool comparison examples in this package use normalized sample data for methodology demonstration. Raw commercial reports are not included.这可以避免不必要的法律和 license 风险。
22. Package Build Policy
D20 应由 release policy 控制。
示例 package_policy.yaml:
yaml
package_policy:
default_action: exclude_unknown
include:
- README.md
- QUICKSTART.md
- DEMO_SCOPE.md
- DISCLAIMER.md
- reports/*.md
- dashboard/**
- data/toy_counter/**
- scripts/run_quickstart.*
exclude:
- "**/*.log.raw"
- "**/private/**"
- "**/commercial_raw/**"
- "**/license/**"
- "**/*.fsdb"
- "**/*.vcd"
- "**/tmp/**"
validation:
scan_private_paths: true
scan_license_strings: true
scan_customer_names: true
require_disclaimer: true
require_quickstart: truePolicy-driven package builder 可以减少 accidental mistakes。
23. Package Build Flow
D20 build flow:
Load Package Manifest
Load Package Policy
Select Candidate Artifacts
Classify Public Safety
Sanitize Files
Copy to Release Directory
Generate Artifact Index
Run Public Data Validation
Generate Release Notes
Generate Archive
图 4:D20 通过选择、脱敏、校验、索引和归档 artifacts 构建 public demo package。
Release builder 不应只是复制一个 folder。
它应该显式做 release decisions。
24. Public Package 的 Validation Gate
Public package 应通过 release gate。
建议 statuses:
text
RELEASE_READY
RELEASE_READY_WITH_WARNINGS
BLOCKED
MANUAL_REVIEW_REQUIRED示例:
text
RELEASE_READY:
all required files exist and validation passes
RELEASE_READY_WITH_WARNINGS:
minor warnings exist, but no privacy or required-file issue
MANUAL_REVIEW_REQUIRED:
unknown files or policy exceptions exist
BLOCKED:
private data, license strings, or missing disclaimer detected示例 public_release_status.json:
json
{
"release_status": "RELEASE_READY_WITH_WARNINGS",
"required_files_present": true,
"privacy_scan": "PASS",
"unknown_files": 2,
"manual_review_required": false,
"warnings": [
"sample commercial comparison data is synthetic",
"dashboard includes demo-only limitations"
]
}这让 release decisions 可审计。
25. GitHub README Structure
Repository README 应清楚。
推荐 sections:
text
Project Overview
What This Repository Demonstrates
Quickstart
Demo Flow
Repository Structure
Key Outputs
Dashboard
Public Data Policy
Limitations
License
Citation / Contact示例开头:
md
# Automotive Safe-IC Functional Safety and Fault Injection Practice
This repository demonstrates an engineering workflow for automotive chip functional safety analysis and fault injection practice using public-safe demo data.
It covers input packaging, fault outcome classification, measured diagnostic coverage, FMEDA update, evidence packaging, report generation, regression tracking, dashboard presentation, and CI-style automation.README 应在第一屏就说明价值。
26. Documentation Map
D20 应提供 documentation map。
示例:
text
README.md:
repository overview
QUICKSTART.md:
how to run or inspect the demo
DEMO_SCOPE.md:
what is and is not demonstrated
DISCLAIMER.md:
safety and compliance disclaimer
docs/methodology_notes.md:
flow-level explanation
docs/artifact_map.md:
mapping from artifacts to demos
reports/safety_report.md:
generated safety report
dashboard/index.html:
static dashboard entryPublic demo package 应容易导航。
读者不应该猜从哪里开始。
27. Artifact Map
docs/artifact_map.md 可以把 artifacts 与 demos 对应起来。
示例:
md
# Artifact Map
| Demo | Artifact | Purpose |
|---|---|---|
| D11 | `data/sample_fault_outcomes.csv` | classified fault outcomes |
| D12 | `data/measured_dc_by_failure_mode.csv` | measured diagnostic coverage |
| D13 | `data/fmeda_table.csv` | FMEDA update |
| D14 | `reports/evidence_package_summary.md` | evidence summary |
| D15 | `reports/safety_report.md` | review-ready report |
| D16 | `reports/regression_summary.md` | trend and regression result |
| D18 | `dashboard/index.html` | interactive dashboard |
| D19 | `reports/ci_summary.md` | CI run summary |Artifact map 可以帮助用户快速理解 package。
28. Release Archive
D20 可以生成 release archive:
text
automotive_safeic_practice_D20_public_demo_package_v0.1.0.zipArchive contents 应与 release/ 一致。
不要归档:
text
.git/
__pycache__/
temporary logs
private folders
license files from third-party tools
raw commercial reports
large waveform dumpsArchive 应足够小,便于下载和检查。
对于 public GitHub,保持 lightweight 很重要。
29. safeic-package 工具架构
通用工具 safeic-package 可以实现成 staged release builder。
manifest.yaml
safeic-package
package_config.yaml
package_policy.yaml
CI Run Artifacts
Public-Safe Source Data
Discover Artifacts
Classify Artifacts
Apply Sanitization
Copy Release Files
Generate Index and Manifests
Validate Public Data
Generate Release Notes
Create Archive
图 5:safeic-package 负责发现、分类、脱敏、索引、校验并归档 public demo artifacts。
建议内部模块:
text
safeic_package/
cli.py
manifest.py
load_config.py
artifact_discovery.py
classification.py
sanitizer.py
copy_release.py
artifact_index.py
validation.py
release_notes.py
archive.py
summary.py职责划分:
| Module | Responsibility |
|---|---|
artifact_discovery.py |
Find candidate release artifacts |
classification.py |
Classify include/exclude/public-safe status |
sanitizer.py |
Remove private paths and forbidden strings |
copy_release.py |
Copy approved artifacts into release directory |
artifact_index.py |
Generate public artifact index |
validation.py |
Run public data checks |
release_notes.py |
Generate release notes and scope docs |
archive.py |
Create release archive |
summary.py |
Generate packaging summary |
30. D20 目录结构
建议目录:
text
D20_public_demo_package/
README.md
run_demo.sh
run_demo.csh
manifest.yaml
inputs/
package_config.yaml
package_policy.yaml
public_data_policy.yaml
release_notes_template.md
demo_scope_template.md
disclaimer_template.md
source_artifacts/
ci_run/
ci_summary.md
ci_status.csv
ci_gate_result.json
reports/
safety_report.md
regression_summary.md
dashboard/
index.html
assets/
data/
sample_data/
toy_counter/
fmeda/
campaign/
metrics/
tools/
safeic_package.py
scripts/
run_package.csh
run_package.sh
validate_release.csh
validate_release.sh
release/
README.md
QUICKSTART.md
RELEASE_NOTES.md
DEMO_SCOPE.md
DISCLAIMER.md
reproducibility_manifest.yaml
public_artifact_index.csv
public_data_validation.csv
package_warnings.csv
demos/
data/
reports/
dashboard/
scripts/
docs/
outputs/
package_summary.md
public_release_status.json
package_validation.csv
package_warnings.csv
release_archive_manifest.csv这个结构把 inputs、candidate artifacts、generated release 和 packaging outputs 分开。
31. D20 Manifest
示例:
yaml
project:
name: automotive_safeic_practice
demo: D20_public_demo_package
top_module: toy_counter
inputs:
package_config: inputs/package_config.yaml
package_policy: inputs/package_policy.yaml
public_data_policy: inputs/public_data_policy.yaml
source_artifacts: source_artifacts
outputs:
release_dir: release
package_summary: outputs/package_summary.md
release_status: outputs/public_release_status.json
validation: outputs/package_validation.csv
warnings: outputs/package_warnings.csv
archive_manifest: outputs/release_archive_manifest.csvManifest 定义 release build。
32. D20 执行流程
Load Manifest
Load Package Config
Load Package Policy
Load Public Data Policy
Discover Source Artifacts
Classify Include/Exclude
Sanitize Approved Files
Copy to Release Directory
Generate Public Artifact Index
Run Public Data Validation
Generate Docs and Release Notes
Generate Reproducibility Manifest
Create Release Archive
Write Package Summary
图 6:D20 执行流程:加载 policy、发现 artifacts、分类、脱敏、复制、校验、生成文档、归档并总结。
示例 bash 脚本:
bash
#!/usr/bin/env bash
set -euo pipefail
safeic-package \
--manifest manifest.yaml \
--output-dir outputs示例 csh 脚本:
csh
#!/bin/csh -f
set DEMO = D20_public_demo_package
echo "Running $DEMO"
safeic-package \
--manifest manifest.yaml \
--output-dir outputs预期输出:
text
release/README.md
release/QUICKSTART.md
release/RELEASE_NOTES.md
release/DEMO_SCOPE.md
release/DISCLAIMER.md
release/reproducibility_manifest.yaml
release/public_artifact_index.csv
release/public_data_validation.csv
release/package_warnings.csv
outputs/package_summary.md
outputs/public_release_status.json
outputs/package_validation.csv
outputs/package_warnings.csv
outputs/release_archive_manifest.csv33. public_artifact_index.csv 示例
csv
artifact_id,path,type,source,classification,sha256
P001,README.md,doc,generated,include_public,abc001
P002,QUICKSTART.md,doc,generated,include_public,abc002
P003,data/toy_counter/rtl/toy_counter.v,rtl,D01,include_public,abc003
P004,reports/safety_report.md,report,D15,include_generated_summary,abc004
P005,reports/regression_summary.md,report,D16,include_generated_summary,abc005
P006,dashboard/index.html,dashboard,D18,include_public,abc006
P007,reports/ci_summary.md,ci_report,D19,include_generated_summary,abc007这个文件让 public release 透明化。
34. public_data_validation.csv 示例
csv
check,status,details
required_docs_present,PASS,README/QUICKSTART/DEMO_SCOPE/DISCLAIMER found
absolute_private_path_scan,PASS,no private paths found
license_string_scan,PASS,no license strings found
raw_commercial_report_scan,PASS,no raw commercial reports found
large_binary_scan,PASS,no unexpected binary files
unknown_artifact_scan,WARN,2 files require manual review
dashboard_links,PASS,site/index.html and data files found这个 validation result 应包含在 release package 中。
35. package_summary.md 示例
md
# D20 Public Demo Package Summary
Release: D20_public_demo_package
Profile: public_methodology_demo
Design: toy_counter
## Package Status
Status: RELEASE_READY_WITH_WARNINGS
## Included
- Public-safe toy counter demo data
- Safety report
- Evidence package summary
- Regression summary
- CI summary
- Static dashboard
- Quickstart scripts
- Public data validation report
## Warnings
- Two unknown files require manual review before final publication.
- Commercial comparison uses normalized sample data.
- Demo data is not production safety signoff evidence.
## Next Step
Review warnings, then publish the release folder or archive to GitHub.Packaging summary 帮助判断 release 是否 ready。
36. 校验规则
safeic-package 应校验:
text
manifest.yaml exists
package_config.yaml exists
package_policy.yaml exists
public_data_policy.yaml exists
required docs exist or are generated
release directory is writable
unknown files are not included by default
excluded patterns are honored
public artifact index is generated
public data validation is generated
disclaimer exists
quickstart exists
release notes exist
dashboard entry exists if dashboard is enabled
archive generation succeeds if enabled示例信息:
text
[PASS] package config loaded
[PASS] package policy loaded
[PASS] public data policy loaded
[PASS] 42 artifacts classified
[PASS] 35 artifacts included
[PASS] 7 artifacts excluded
[WARN] 2 unknown artifacts require manual review
[PASS] no private paths detected
[PASS] release README generated
[PASS] release archive generated如果检测到 private data,package builder 应停止。
37. 常见错误
37.1 直接上传整个 Workspace
Workspace 不是 release package。
它可能包含 private paths、temporary files 和不必要 artifacts。
37.2 公开 Raw Commercial Tool Outputs
除非明确允许再分发,否则不要公开 raw commercial reports。
Public methodology demos 应使用 normalized sample data。
37.3 缺少 Disclaimer
Functional safety demo 必须明确说明这不是 production safety signoff。
37.4 没有 Quickstart
如果用户不能快速运行或检查 demo,package 的价值会下降。
37.5 没有 Artifact Index
没有 index,用户不知道包含了哪些文件,以及为什么包含。
37.6 混合 Estimated 和 Measured Outputs 却不解释
Public readers 需要清晰标签。
37.7 Generated Files 中残留 Private Paths
Private paths 会降低专业性,也可能泄露信息。
38. D20 如何连接到后续 Demo?
D20 创建 public release boundary。
后续 Demo 可以构建 user trials、training packages 和 deployment profiles。
D20 Public Demo Package
D21 User Trial Flow
D22 Training Package
D23 Deployment Profile
D24 Documentation Website
External Evaluation
Workshop / Course
Customer or Internal Deployment
Public Knowledge Base
图 7:D20 为 user trials、training、deployment 和 documentation 提供 release package foundation。
一个干净的 public package 会让后续对外沟通变得容易很多。
39. 推荐实现阶段
D20 可以分阶段实现。
Stage 1:Manual Release Folder
手工创建一个经过筛选的 release folder。
交付物:
text
release/README.md
release/QUICKSTART.md
release/DEMO_SCOPE.md
release/DISCLAIMER.mdStage 2:Artifact Index and Validation
生成 artifact index 和 public data validation。
交付物:
text
public_artifact_index.csv
public_data_validation.csvStage 3:Policy-Based Packaging
使用 package_policy.yaml 选择和排除 files。
交付物:
text
safeic-package
package_summary.mdStage 4:Sanitization and Archive
执行 sanitization 并生成 release archive。
交付物:
text
release_archive.zip
release_archive_manifest.csvStage 5:GitHub Release Workflow
加入 release tagging、release notes 和 publication checklist。
交付物:
text
RELEASE_NOTES.md
github_release_checklist.md这个分阶段方法让 D20 立即有用,并且后续可以安全自动化。
40. 总结
Public demo packaging 把 internal CI artifacts 转换成可共享的 GitHub-ready release。
D20 Demo:
text
D20_public_demo_package引入通用工具:
text
safeic-package该工具消费:
text
CI run artifacts
safety reports
dashboard site
sample data
package_config.yaml
package_policy.yaml
public_data_policy.yaml并生成:
text
release/README.md
release/QUICKSTART.md
release/RELEASE_NOTES.md
release/DEMO_SCOPE.md
release/DISCLAIMER.md
release/reproducibility_manifest.yaml
release/public_artifact_index.csv
release/public_data_validation.csv
release/package_warnings.csv
outputs/package_summary.md
outputs/public_release_status.json
outputs/package_validation.csv
outputs/package_warnings.csv
outputs/release_archive_manifest.csv核心结论是:
Public demo package 是 release artifact,不是文件夹倾倒。它必须经过筛选、脱敏、索引、文档化、可复现,并且诚实说明 scope 和 limitations。
D20 让方法论适合 GitHub 发布、公司网站演示、外部评审和未来用户试用流程。
41. D20 Demo Checklist
对于 D20_public_demo_package,预期交付物如下:
text
[ ] README.md
[ ] run_demo.sh
[ ] run_demo.csh
[ ] manifest.yaml
[ ] inputs/package_config.yaml
[ ] inputs/package_policy.yaml
[ ] inputs/public_data_policy.yaml
[ ] inputs/release_notes_template.md
[ ] inputs/demo_scope_template.md
[ ] inputs/disclaimer_template.md
[ ] source_artifacts/ci_run/ci_summary.md
[ ] source_artifacts/ci_run/ci_status.csv
[ ] source_artifacts/ci_run/ci_gate_result.json
[ ] source_artifacts/reports/safety_report.md
[ ] source_artifacts/reports/regression_summary.md
[ ] source_artifacts/dashboard/index.html
[ ] source_artifacts/sample_data/toy_counter/
[ ] source_artifacts/sample_data/fmeda/
[ ] source_artifacts/sample_data/campaign/
[ ] source_artifacts/sample_data/metrics/
[ ] tools/safeic_package.py
[ ] scripts/run_package.csh
[ ] scripts/run_package.sh
[ ] scripts/validate_release.csh
[ ] scripts/validate_release.sh
[ ] release/README.md
[ ] release/QUICKSTART.md
[ ] release/RELEASE_NOTES.md
[ ] release/DEMO_SCOPE.md
[ ] release/DISCLAIMER.md
[ ] release/reproducibility_manifest.yaml
[ ] release/public_artifact_index.csv
[ ] release/public_data_validation.csv
[ ] release/package_warnings.csv
[ ] release/demos/
[ ] release/data/
[ ] release/reports/
[ ] release/dashboard/
[ ] release/scripts/
[ ] release/docs/
[ ] outputs/package_summary.md
[ ] outputs/public_release_status.json
[ ] outputs/package_validation.csv
[ ] outputs/package_warnings.csv
[ ] outputs/release_archive_manifest.csv一次成功的 D20 运行应该回答:
text
哪些 artifacts 被包含在 public package 中?
哪些 artifacts 被排除,原因是什么?
Package 是否包含 private paths 或 license strings?
所有 required public documents 是否存在?
另一个用户是否能快速运行或检查 demo?
Dashboard 是否包含并有效?
Generated reports 是否包含?
Limitations 和 disclaimers 是否清晰?
Release package 是否可复现?
Package 是否 ready for GitHub release 或 manual review?