Paper to Protools Alignment
How the BIS 2026 evidence-first reference model maps to the current AIJIM Protools runtime, RFCs, invariants, and verifier path.
Current interpretation
Four-Layer Research Stack
Reference model
Defines the domain-agnostic evidence-first class: Evidence, Claims, Runs, Artifacts, Governance Policies, and the paper-level I1-I5 invariants.
Boundary: Do not read this layer as a product architecture or as the current runtime implementation surface.
Runtime invariant projection
Maps the paper invariants into executable Core contracts, fail-closed run semantics, artifact validation, review gates, and deterministic replay boundaries.
Boundary: Do not cite user-facing LINA labels or UI badges as paper-authoritative definitions.
Scientific axis layer
Keeps ECAM-X, AEI-Delta, and TCA separate as attribution, stability, and reliance-calibration evidence rather than flattening them into one trust score.
Boundary: Do not introduce extra axes or a story-level super-score that masks honest absence.
Verifier and audit layer
Turns reference-model promises into portable verification: bundle hashes, signatures, sentence/provenance anchors, replay checks, and explicit failure reasons.
Boundary: Do not treat screenshots, UI state, or prose summaries as substitutes for verifier-readable artifacts.
Invariant Mapping
| Paper invariant | Protools projection | Runtime anchor | Scientific lift |
|---|---|---|---|
| I1 Evidence-bound outputs | Evidence-first integrity | Evidence canonicalization, input-pack admission, claim revision selection, sentence/provenance anchors, and bundle evidence hashes. | Protools are stronger than the chapter here because the runtime now treats missing or undecided claim inputs as fail-closed conditions. |
| I2 Artifact-mandatory runs | Audit trail and artifact completeness | Run contracts in Core define the exact artifact set per run kind; failed runs still persist manifests and reason codes. | AEI-Delta is now correctly stability-only: manifest plus stability artifact, with explain/trust artifacts forbidden for that run kind. |
| I3 Audit-safe traceability | Claim-evidence binding and audit-grade traceability | Run manifests bind workspace, story, claim revisions, evidence IDs, snapshots, provider profile, model revision hash, and audit bundle identity. | Portable verification and replayable failure reasons make traceability stronger than ordinary event logging. |
| I4 Oversight-preserving control | Human oversight and governance gating | Review gates, HITL summaries, policy denials, publication confirmation, and story-scoped trust disclosures remain explicit artifacts or Core-owned states. | The UI can guide review, but Core owns the authority boundary and rejects unsafe transitions. |
| I5 Governance separation | Deterministic replay plus governance separation | RFC-004 evaluates scientific validity, RFC-005 owns execution mechanics, RFC-006 owns non-scientific policy decisions, and run contracts preserve replay. | The current product adds a stronger replay/reproducibility spine without weakening the paper's separation claim. |
What Protools Must Preserve
| Docs | Keep this mapping page as the citation bridge between the BIS chapter and current Protools behavior. |
| Core | Continue treating RFC-003/004/005/006/009 as the executable source for run validity, connector selection, policy denial, and portable verification. |
| App | Keep user-facing invariant text human-readable, but label it as runtime/UI projection rather than paper authority. |
| Research | Use NamicGreen and one second-domain case as empirical demonstrations of the same reference model under different evidence regimes. |
No parallel invariant worlds