๐ EU Parliament Monitor โ Future Flowcharts
๐ From Static Intelligence Generation to AWS-Native Serverless OSINT Operations
๐ฏ Three Horizons: Enhanced Static (v2.0) โ AWS Serverless Platform (v3.0+) โ 10-Year AI Lookahead (2026-2037)
๐ Document Owner: CEO | ๐ Version: 4.1 | ๐
Last
Updated: 2026-05-31 (UTC)
๐ Review Cycle: Quarterly | โฐ Next Review: 2026-08-31 | ๐ท๏ธ Release: v1.0.1
๐ท๏ธ Classification: Public (Open Source European Parliament Monitoring Platform)
๐ Architecture Documentation Map
| Document | Focus | Description | Documentation Link |
|---|---|---|---|
| Architecture | ๐๏ธ Architecture | C4 model showing current system structure | View Source |
| Future Architecture | ๐๏ธ Architecture | C4 model showing future system structure | View Source |
| Mindmaps | ๐ง Concept | Current system component relationships | View Source |
| Future Mindmaps | ๐ง Concept | Future capability evolution | View Source |
| SWOT Analysis | ๐ผ Business | Current strategic assessment | View Source |
| Future SWOT Analysis | ๐ผ Business | Future strategic opportunities | View Source |
| Data Model | ๐ Data | Current data structures and relationships | View Source |
| Future Data Model | ๐ Data | Enhanced European Parliament data architecture | View Source |
| Flowcharts | ๐ Process | Current data processing workflows | View Source |
| Future Flowcharts | ๐ Process | Enhanced AI-driven workflows | This Document |
| State Diagrams | ๐ Behavior | Current system state transitions | View Source |
| Future State Diagrams | ๐ Behavior | Enhanced adaptive state transitions | View Source |
| Security Architecture | ๐ก๏ธ Security | Current security implementation | View Source |
| Future Security Architecture | ๐ก๏ธ Security | Security enhancement roadmap | View Source |
| Threat Model | ๐ฏ Security | STRIDE threat analysis | View Source |
| Classification | ๐ท๏ธ Governance | CIA classification & BCP | View Source |
| CRA Assessment | ๐ก๏ธ Compliance | Cyber Resilience Act | View Source |
| Workflows | โ๏ธ DevOps | CI/CD documentation | View Source |
| Future Workflows | ๐ DevOps | Planned CI/CD enhancements | View Source |
| Business Continuity Plan | ๐ Resilience | Recovery planning | View Source |
| Financial Security Plan | ๐ฐ Financial | Cost & security analysis | View Source |
| End-of-Life Strategy | ๐ฆ Lifecycle | Technology EOL planning | View Source |
| Unit Test Plan | ๐งช Testing | Unit testing strategy | View Source |
| E2E Test Plan | ๐ Testing | End-to-end testing | View Source |
| Performance Testing | โก Performance | Performance benchmarks | View Source |
| Security Policy | ๐ Security | Vulnerability reporting & security policy | View Source |
๐ ISMS Policy Alignment
This future flowchart is designed to implement all controls from Hack23 AB's ISMS framework as the EU Parliament Monitor platform evolves across its three horizons โ v2.0 enhanced static intelligence, v3.0+ AWS-native serverless OSINT operations, and the 10-year AI lookahead. The static front door remains the cheap, cacheable, auditable substrate; dynamic AWS-native features layer behind it without weakening provenance or neutrality guarantees.
Related ISMS Policies
| Policy Domain | Policy | Planned Implementation |
|---|---|---|
| ๐ Core Security | Information Security Policy | Overall security governance for enhanced monitoring & AWS workloads |
| ๐ค AI Governance | AI Policy | AI = proposal generator; human accountability; no autonomous deploy |
| ๐ ๏ธ Development | Secure Development Policy | Security-integrated SSDLC for Lambda/Step Functions pipelines |
| ๐ Network | Network Security Policy | CloudFront + AWS WAF + Shield, VPC isolation, private endpoints |
| ๐ Cryptography | Cryptography Policy | AWS KMS, TLS 1.3, SLSA provenance, content integrity verification |
| ๐ Access Control | Access Control Policy | Amazon Cognito, IAM least-privilege, API Gateway authorizers |
| ๐ท๏ธ Data Classification | Data Classification Policy | European Parliament PUBLIC open-data classification |
| ๐ Vulnerability | Vulnerability Management | CodeQL, OpenSSF Scorecard, GuardDuty, Security Hub automation |
| ๐จ Incident Response | Incident Response Plan | CloudWatch alarms, EventBridge-driven automated response |
| ๐พ Backup & Recovery | Backup Recovery Policy | S3 versioning, DynamoDB PITR, Aurora snapshots, Git provenance |
| ๐ Business Continuity | Business Continuity Plan | Multi-AZ serverless, CloudFront edge, static fallback |
| ๐ค Third-Party | Third Party Management | EP MCP, World Bank MCP, IMF REST, Bedrock model provider review |
| ๐ท๏ธ Classification | Classification Framework | Business impact analysis for platform |
Compliance Framework Mapping
| Framework | Version | Relevant Controls |
|---|---|---|
| ISO 27001 | 2022 | A.5.1, A.5.23, A.8.25, A.8.26, A.8.27, A.8.28 |
| NIST CSF | 2.0 | GV.OC, GV.RM, ID.AM, PR.AT, PR.DS, DE.CM |
| CIS Controls | v8.1 | Control 1-5, 8, 13, 14, 16 |
| GDPR | 2016/679 | Public MEP roles only; data minimization; purpose limitation |
๐ Executive Summary
This document maps the evolution of EU Parliament Monitor's process and data
flows across three strategic horizons. Today's platform (v1.0.x) is a
pure static-site generator โ gh-aw agentic workflows author Stage-B analysis
markdown, the deterministic src/aggregator/** pipeline renders 14-language HTML,
and the result is served from Amazon S3 + Amazon CloudFront. No servers, no
runtime database, no AI-authored HTML.
- ๐ข v2.0 โ Enhanced Static Intelligence (2026 H2 โ 2027): keep the static architecture. Deepen the political-landscape and party/political-group dashboards and the OSINT tradecraft (51-template catalog, ICD 203 confidence, Admiralty grading, Kent/WEP bands, 5-framework political threat methodology, 2-pass AI-first quality). All dashboard data is pre-computed at build time and delivered as static assets via CloudFront. The moat is analysis quality, not real-time infrastructure.
- ๐ต v3.0+ โ AWS-Native Serverless OSINT Platform (2028+): layer dynamic, event-driven intelligence behind the static edge using AWS Lambda, Step Functions, EventBridge, Kinesis, API Gateway, AppSync, Cognito, DynamoDB, Aurora Serverless v2, OpenSearch Serverless, Neptune Serverless, and Amazon Bedrock (foundation models, Knowledge Bases RAG, Bedrock Agents, Guardrails). Real-time EP event ingestion, natural-language query over the political knowledge graph, and an API ecosystem for journalists and researchers.
- โช 10-Year AI Lookahead (2026 โ 2037): annual major-model upgrades, competitor evaluation each release, model-agnostic routing via Bedrock, and resilience to paradigm shifts (quantum AI, neuromorphic computing) and AGI / post-AGI โ all governed by the Hack23 AI Policy (AI proposes, humans are accountable, no autonomous deploy).
Workflow Transformation Across Horizons
| Aspect | Current (v1.0.x) | v2.0 (Static-Enhanced) | v3.0+ (AWS Serverless) |
|---|---|---|---|
| Trigger | Scheduled gh-aw (cron) |
Scheduled + richer build matrix | EventBridge / Kinesis (real-time) |
| Compute | GitHub Actions runners | GitHub Actions runners | AWS Lambda + Step Functions |
| Authoring | LLM (Claude) โ markdown | LLM + 51-template OSINT catalog | Bedrock + Knowledge Bases RAG + Agents |
| Rendering | src/aggregator/** โ HTML |
Aggregator + richer dashboards | Aggregator (edge) + dynamic APIs |
| Dashboards | Chart.js 4 + D3 7 (in-article) | Pre-computed party/landscape datasets | Live datasets via AppSync/API Gateway |
| Data stores | Committed markdown + JSON | Committed artifacts + build cache | DynamoDB ยท Aurora ยท OpenSearch ยท Neptune |
| Delivery | S3 + CloudFront (static) | S3 + CloudFront (static) | CloudFront static edge + serverless APIs |
| Query | None (pre-rendered pages) | Faceted client-side filtering | NL query over knowledge graph (Bedrock) |
| Neutrality control | Style guide + 2-pass review | Style guide + ICD 203 + Admiralty | Bedrock Guardrails + human sign-off |
๐ Workflow Evolution Roadmap
gantt
title Workflow Evolution Roadmap (v2.0 to v3.0+)
dateFormat YYYY-MM
section v2.0 Enhanced Static Intelligence
Party landscape dashboards :v2a, 2026-07, 3M
Coalition mathematics visualizations :v2b, 2026-09, 2M
OSINT 51-template catalog hardening :v2c, 2026-08, 3M
ICD 203 + Admiralty quality gates :v2d, 2026-10, 2M
Seat projection + election cycle views :v2e, 2026-11, 3M
section v3.0 Serverless Foundation
EventBridge + Kinesis ingestion :v3a, 2028-01, 3M
Lambda + Step Functions orchestration :v3b, 2028-02, 3M
Neptune knowledge graph build :v3c, 2028-04, 4M
Cognito + API Gateway + AppSync :v3d, 2028-06, 3M
section v3.x Bedrock Intelligence
Bedrock Knowledge Bases RAG :v3e, 2028-09, 3M
Bedrock Agents OSINT workflows :v3f, 2028-11, 4M
NL query over knowledge graph :v3g, 2029-02, 3M
Guardrails neutrality + GDPR controls :v3h, 2029-01, 3M
section 10-Year AI Lookahead
Model-agnostic Bedrock routing :ai1, 2029-06, 6M
Autonomous agentic pipelines (assisted) :ai2, 2030-01, 12M
Multi-parliament expansion :ai3, 2031-01, 18M
๐ข HORIZON v2.0 โ Enhanced Static Intelligence Flows
Architecture unchanged: build-time generation,
gh-aw+ aggregator, pure static delivery on Amazon S3 + Amazon CloudFront. v2.0 adds depth โ better party/political-landscape dashboards and stronger OSINT tradecraft โ while every byte served remains a pre-computed static asset.
๐๏ธ Party & Political-Landscape Dashboard Generation Flow
Build-time flow producing pre-computed party / political-group dashboard datasets from European Parliament open data. All charts render client-side from JSON baked into the static bundle โ no server, no runtime query.
flowchart TD
Trigger([๐ gh-aw Scheduled Workflow<br/>GitHub Actions]) --> MCPFetch[๐ EP MCP Server Fetch<br/>get_meps, get_voting_records<br/>analyze_coalition_dynamics<br/>compare_political_groups]
MCPFetch --> Enrich[๐ Optional Context Enrichment<br/>World Bank MCP WDI<br/>IMF REST WEO/FM]
Enrich --> Analysis[๐ง Stage-A/B Analysis Artifacts<br/>significance-scoring, actor-mapping<br/>coalition-dynamics, voting-patterns<br/>51-template catalog]
Analysis --> Precompute[โ๏ธ Pre-compute Dashboard Datasets<br/>Party cohesion + defection rates<br/>Coalition mathematics<br/>Seat projections + election cycle<br/>Cross-party alliance edges]
Precompute --> Shape[๐ Shape Static JSON<br/>Heatmap matrices<br/>Network graph nodes/edges<br/>Time-series voting trends]
Shape --> AggRender[๐๏ธ Deterministic Aggregator<br/>src/aggregator/** renders HTML<br/>Embeds Chart.js 4 + D3 7]
AggRender --> Lang[๐ 14-Language Expansion<br/>Per-language static pages]
Lang --> Commit[๐พ Commit Artifacts + Provenance<br/>SLSA 3, signed, version-controlled]
Commit --> Deploy[๐ค Deploy Static Bundle<br/>Amazon S3 origin]
Deploy --> CDN[โก Amazon CloudFront<br/>Global edge cache<br/>Lambda@Edge headers/security]
CDN --> Client[๐ฅ๏ธ Browser Renders Dashboards<br/>Client-side Chart.js/D3<br/>Faceted filtering, no backend]
Client --> Done([โ
Static Party/Landscape Dashboard Live<br/>Cacheable, cheap, auditable])
style Trigger fill:#e8f5e9
style MCPFetch fill:#e1f5ff
style Precompute fill:#fff4e1
style AggRender fill:#e1f5ff
style CDN fill:#fff4e1
style Done fill:#d4edda
Dashboard Datasets Produced (v2.0)
| Dashboard | Source MCP Tools | Visualization | Delivery |
|---|---|---|---|
| Party / group landscape | generate_political_landscape, get_meps |
Seat-share treemap, group cards | Static JSON + Chart.js |
| Coalition mathematics | analyze_coalition_dynamics, compare_political_groups |
Stacked-bar majority calculator | Static JSON + D3 |
| Cohesion & defection | sentiment_tracker, detect_voting_anomalies |
Cohesion heatmap, z-score flags | Static JSON + Chart.js |
| Cross-party alliances | network_analysis, analyze_voting_patterns |
Force-directed network graph | Static JSON + D3 |
| Seat projection / election cycle | electoral-domain artifacts | Trend lines + projection bands | Static JSON + Chart.js |
| MEP / party scorecards | assess_mep_influence, analyze_legislative_effectiveness |
Radar + ranked tables | Static JSON + Chart.js |
๐ฌ Enhanced OSINT Quality Pipeline (v2.0)
The 2.0 moat. Every analysis artifact passes structured OSINT tradecraft โ ICD 203 confidence verbalization, Admiralty source grading, Kent/WEP probability bands, structured analytic techniques (ACH) โ and the mandatory 2-pass AI-first quality loop. STRIDE is explicitly rejected for political analysis in favour of the 5-framework political threat methodology (Political Threat Landscape 6D + Attack Trees + Kill Chain + Diamond Model + ICO Profiling).
flowchart TD
Raw([๐ฅ Raw EP Open Data<br/>MCP feeds, documents, votes]) --> Collect[๐๏ธ Collection & Provenance<br/>Source capture<br/>PUBLIC-only classification]
Collect --> Grade[๐ท๏ธ Admiralty Source Grading<br/>Reliability A-F<br/>Credibility 1-6]
Grade --> Template[๐ 51-Template Catalog Routing<br/>artifact-catalog.md maps<br/>artifact to methodology]
Template --> Pass1[โ๏ธ Pass 1 - Initial Analysis<br/>SWOT, actor-mapping<br/>coalition-dynamics, risk-matrix<br/>significance-scoring]
Pass1 --> Confidence[๐ ICD 203 Confidence Verbalization<br/>High / Moderate / Low<br/>Kent/WEP probability bands]
Confidence --> Threat[๐ฏ 5-Framework Threat Methodology<br/>Threat Landscape 6D, Attack Trees<br/>Kill Chain, Diamond, ICO<br/>STRIDE rejected]
Threat --> ACH[๐ Structured Analytic Techniques<br/>Competing hypotheses ACH<br/>Key assumptions check<br/>Devil's advocacy]
ACH --> Pass2[๐ Pass 2 - Full Read-Back<br/>Word-by-word improvement<br/>Expand shallow sections<br/>Add evidence citations]
Pass2 --> Gate{โ
Quality Gate<br/>Reference thresholds met?}
Gate -->|โ Below floor| Refine[๐ง Refine & Re-deepen<br/>Add cross-references<br/>Add confidence levels]
Refine --> Pass2
Gate -->|โ
Meets floor| Neutral{โ๏ธ Neutrality & GDPR Check<br/>Politically neutral?<br/>Public roles only?}
Neutral -->|Biased / PII risk| Adjust[๐จ Neutralize & Minimize<br/>Remove opinion<br/>Public MEP roles only]
Adjust --> Neutral
Neutral -->|โ
Neutral| Audit[๐งพ Self-Audit Artifacts<br/>workflow-audit<br/>methodology-reflection]
Audit --> Publish([โ
Committed Analysis Artifacts<br/>Feed aggregator + dashboards])
style Raw fill:#e8f5e9
style Gate fill:#fff4e1
style Neutral fill:#fff4e1
style Refine fill:#fff9c4
style Adjust fill:#fff9c4
style Publish fill:#d4edda
OSINT Tradecraft Standards Applied
| Standard | Purpose | Where Enforced |
|---|---|---|
| ICD 203 | Analytic confidence verbalization | Every assessment carries High/Moderate/Low |
| Admiralty System | Source reliability ร credibility grading | Collection stage, before analysis |
| Kent / WEP bands | Calibrated probability language | Forecast & scenario artifacts |
| ACH | Competing-hypothesis discipline | Significance & actor-mapping artifacts |
| 5-framework threat | Political threat analysis (not STRIDE) | political-threat-landscape artifact |
| 2-pass AI-first | Depth & evidence quality floor | All artifacts, Pass 1 + Pass 2 |
๐ต HORIZON v3.0+ โ AWS-Native Serverless OSINT Operations
All-in on AWS, fully serverless. The static CloudFront edge stays the public, cacheable front door; dynamic intelligence is layered behind it. No Kubernetes, no self-managed message bus, no self-hosted databases โ every component is a managed AWS service with IAM least-privilege and zero-ops scaling.
โก Real-Time EP Event Ingestion Flow
Event-driven pipeline replacing scheduled polling with near-real-time capture of plenary votes, committee activity, and document publication.
flowchart TD
EP([๐ European Parliament Events<br/>Plenary votes, committees, docs]) --> Ingest[๐ Ingestion Lambda<br/>EP MCP + Open Data Portal<br/>Poll/subscribe adapters]
Ingest --> Stream[๐ Amazon Kinesis Data Streams<br/>Ordered event shards<br/>Durable buffer]
Stream --> Bus[๐ก Amazon EventBridge<br/>Event bus + rules<br/>Schema registry]
Bus --> Route{๐ EventBridge Rule Routing<br/>detail-type}
Route -->|Plenary Vote| VoteSF[๐ณ๏ธ Vote Step Functions<br/>Enrich + score significance]
Route -->|Committee Activity| CommSF[๐ Committee Step Functions<br/>Activity + document linkage]
Route -->|Document Published| DocSF[๐ Document Step Functions<br/>Parse + classify + index]
Route -->|Anomaly Signal| AnomSF[๐จ Anomaly Step Functions<br/>detect_voting_anomalies]
VoteSF --> Persist[๐พ Persist & Index Lambda]
CommSF --> Persist
DocSF --> Persist
AnomSF --> Persist
Persist --> DDB[(๐ฆ DynamoDB<br/>Hot single-table state)]
Persist --> Aurora[(๐ฆ Aurora Serverless v2<br/>Voting history)]
Persist --> OS[(๐ฆ OpenSearch Serverless<br/>Full-text + vector)]
Persist --> Neptune[(๐ฆ Neptune Serverless<br/>Knowledge graph)]
Persist --> Notify[๐ฃ Amazon SNS / SQS<br/>Downstream fan-out]
Notify --> DLQ{Delivery OK?}
DLQ -->|โ Fail| DeadLetter[(๐ชฆ SQS Dead-Letter Queue<br/>Replay + alarm)]
DLQ -->|โ
OK| Trigger([โ๏ธ Triggers Generation Pipeline<br/>See Bedrock flow])
style EP fill:#e8f5e9
style Stream fill:#e1f5ff
style Bus fill:#e1f5ff
style Route fill:#fff4e1
style DLQ fill:#fff4e1
style DeadLetter fill:#ffcdd2
style Trigger fill:#d4edda
๐ง Bedrock-Backed Article & Intelligence Generation Flow
Managed generative pipeline using Amazon Bedrock foundation models, Knowledge Bases (RAG over the EP corpus + committed analysis artifacts), Bedrock Agents for agentic OSINT tool use, and Guardrails for neutrality, GDPR, and hallucination control. Output still flows through the deterministic aggregator โ AI proposes content; humans remain accountable for what publishes.
sequenceDiagram
autonumber
participant EB as EventBridge
participant SF as Step Functions
participant Agent as Bedrock Agent
participant KB as Bedrock Knowledge Base (RAG)
participant FM as Bedrock Foundation Model
participant GR as Bedrock Guardrails
participant Agg as Deterministic Aggregator
participant Rev as Human Editor
participant S3 as S3 + CloudFront
EB->>SF: Significant EP event detected
SF->>Agent: Invoke OSINT generation workflow
Agent->>KB: Retrieve EP corpus + analysis artifacts
KB-->>Agent: Grounded context + citations
Agent->>FM: Generate analysis proposal (model-agnostic)
FM-->>Agent: Draft intelligence artifact
Agent->>GR: Apply neutrality / PII / hallucination checks
GR-->>Agent: Pass or block with reasons
Agent->>SF: Return graded artifact + confidence
SF->>Rev: Route to human review queue
Rev-->>SF: Approve / request changes (accountable sign-off)
SF->>Agg: Approved markdown artifact
Agg->>S3: Render 14-language static HTML
S3-->>EB: Publish event (article.published)
Bedrock Layer Responsibilities
| Component | Role | Governance |
|---|---|---|
| Bedrock Foundation Models | Draft analysis (Claude, Nova; model-agnostic) | Routed by cost/quality/latency |
| Bedrock Knowledge Bases | Managed RAG grounding over EP corpus | Citations required; no ungrounded claims |
| Bedrock Agents | Agentic OSINT tool use / orchestration | Tool allow-list, least-privilege IAM |
| Bedrock Guardrails | Neutrality, PII/GDPR, hallucination control | Blocks biased or private-life content |
| Human Editor | Accountable approval before publish | Per AI Policy โ no autonomous deploy |
๐ API Request Flow (Journalists / Researchers / API Consumers)
Authenticated, serverless API layered behind the static edge. Amazon Cognito federates identity; API Gateway (REST/WebSocket) and AppSync (GraphQL) front Lambda resolvers that read the polyglot data layer.
flowchart TD
User([๐ค Journalist / Researcher / API Client]) --> Edge[โก Amazon CloudFront<br/>Static edge + API routing]
Edge --> WAF[๐ก๏ธ AWS WAF + Shield<br/>Rate limiting, OWASP rules]
WAF --> Auth[๐ Amazon Cognito<br/>User pools, federated auth<br/>JWT / OAuth2 tokens]
Auth --> AuthZ{โ
Token Valid + Scoped?}
AuthZ -->|โ Denied| Reject[๐ซ 401/403 Response]
AuthZ -->|โ
REST| APIGW[๐ Amazon API Gateway<br/>REST + WebSocket APIs<br/>Authorizer + throttling]
AuthZ -->|โ
GraphQL| AppSync[๐ AWS AppSync<br/>GraphQL + subscriptions]
APIGW --> Resolver[โ๏ธ Lambda Resolvers<br/>Business logic, least-privilege IAM]
AppSync --> Resolver
Resolver --> DDB[(๐ฆ DynamoDB<br/>Hot key-value + DAX cache)]
Resolver --> Aurora[(๐ฆ Aurora Serverless v2<br/>Relational voting history)]
Resolver --> OS[(๐ฆ OpenSearch Serverless<br/>Full-text + vector search)]
Resolver --> Neptune[(๐ฆ Neptune Serverless<br/>Political knowledge graph)]
DDB --> Compose[๐งฉ Compose Response<br/>Shape JSON / GraphQL payload]
Aurora --> Compose
OS --> Compose
Neptune --> Compose
Compose --> Trace[๐ CloudWatch + X-Ray<br/>Metrics, traces, CloudTrail audit]
Trace --> Return([โ
Response to Client<br/>Cached at edge where safe])
style User fill:#e8f5e9
style Auth fill:#e1f5ff
style AuthZ fill:#fff4e1
style Reject fill:#ffcdd2
style Return fill:#d4edda
๐ฌ Natural-Language Query Over the Knowledge Graph
Conversational OSINT access. A user asks a question in natural language; Bedrock translates intent into graph + search queries against Neptune and OpenSearch, grounds the answer via Knowledge Bases, and returns a cited, neutral response โ never an ungrounded opinion.
flowchart TD
Q([๐ฌ NL Question<br/>Which groups co-voted most<br/>on energy dossiers in 2028?]) --> Front[โก CloudFront + Cognito Auth]
Front --> NLU[๐ง Bedrock Agent<br/>Intent + entity extraction<br/>Amazon Comprehend NLP]
NLU --> Plan[๐บ๏ธ Query Planning<br/>Decompose to graph + search ops]
Plan --> GraphQ[๐ท Neptune Serverless<br/>Gremlin/openCypher traversal<br/>MEP-group-dossier-vote edges]
Plan --> SearchQ[๐ OpenSearch Serverless<br/>Vector + full-text retrieval]
Plan --> KBQ[๐ Bedrock Knowledge Base<br/>RAG over analysis artifacts]
GraphQ --> Fuse[๐งฉ Evidence Fusion<br/>Join graph + search + RAG<br/>Attach source citations]
SearchQ --> Fuse
KBQ --> Fuse
Fuse --> Generate[โจ Bedrock Foundation Model<br/>Compose grounded answer]
Generate --> Guard{โ๏ธ Bedrock Guardrails<br/>Neutral? Grounded? PII-safe?}
Guard -->|โ Block| Safe[๐ง Safe Fallback<br/>Decline + show raw evidence]
Guard -->|โ
Pass| Answer([๐ Cited Neutral Answer<br/>Links to dashboards + sources])
style Q fill:#e8f5e9
style NLU fill:#e1f5ff
style Guard fill:#fff4e1
style Safe fill:#ffcdd2
style Answer fill:#d4edda
๐ Event-Driven Continuous-Improvement Loop
Self-monitoring, human-governed. Quality and engagement signals feed model routing and prompt/template refinement. Per the AI Policy, model or prompt changes are proposals that require human approval and canary validation before promotion โ there is no autonomous production deploy.
flowchart TD
Observe[๐ Observe<br/>CloudWatch metrics<br/>Quality scores, citations<br/>User engagement] --> Lake[๐ชฃ S3 Data Lake<br/>Glue catalog + Athena<br/>QuickSight BI]
Lake --> Detect[๐ Pattern Detection<br/>SageMaker anomaly/quality models<br/>What drives quality?]
Detect --> Propose[๐ก Improvement Proposals<br/>Model routing tweaks<br/>Prompt + template updates<br/>Guardrail adjustments]
Propose --> Human{๐ค Human Review<br/>AI Policy gate}
Human -->|โ Reject| Archive[๐๏ธ Archive + Document<br/>Rationale captured]
Human -->|โ
Approve| Canary[๐ค Canary via Lambda Alias<br/>Weighted traffic shift<br/>Monitor X-Ray + alarms]
Canary --> Result{Canary Healthy?}
Result -->|โ Regress| Rollback[โฉ๏ธ Rollback Alias<br/>Revert weights, post-mortem]
Result -->|โ
Improve| Promote[๐ Promote<br/>Update routing + templates]
Promote --> Observe
Rollback --> Observe
Archive --> Observe
style Observe fill:#e8f5e9
style Human fill:#fff4e1
style Result fill:#fff4e1
style Rollback fill:#ffcdd2
style Promote fill:#d4edda
๐ Performance Targets
v2.0 โ Static-Enhanced Targets
| Metric | Target | Monitoring |
|---|---|---|
| Build-to-publish (full site) | <30 min per scheduled run | GitHub Actions timing |
| Dashboard dataset freshness | โค daily (per EP feed cadence) | Provenance timestamps |
| Page load (LCP) | <2.0 s on CloudFront edge | RUM / Lighthouse CI |
| Analysis quality floor | All artifacts meet reference thresholds | Stage-C quality gate |
| Accessibility | WCAG 2.1 AA | axe-core CI |
| Languages | 14 complete | Aggregator coverage check |
v3.0+ โ AWS Serverless Targets
| Metric | Target | Monitoring |
|---|---|---|
| Event ingestion latency | <30 s (event โ indexed) | CloudWatch + X-Ray |
| Breaking analysis (assisted) | <5 min event โ reviewed draft | Step Functions metrics |
| API response (P95) | <200 ms | API Gateway / AppSync metrics |
| NL query (P95) | <3 s grounded answer | Bedrock + X-Ray traces |
| Static edge availability | 99.99% (CloudFront + S3) | CloudWatch Synthetics |
| Guardrail block accuracy | >95% neutrality/PII enforcement | Bedrock Guardrails reports |
| Cost per 1k API calls | Within serverless budget envelope | Cost Explorer / Budgets |
๐ Workflow Comparison: Current vs v2.0 vs v3.0
| Process Step | Current (v1.0.x) | v2.0 (Static-Enhanced) | v3.0+ (AWS Serverless) |
|---|---|---|---|
| Event detection | Scheduled gh-aw cron |
Scheduled cron (richer matrix) | EventBridge + Kinesis (<30 s) |
| Compute substrate | GitHub Actions runners | GitHub Actions runners | Lambda + Step Functions |
| Data fetching | EP MCP batch | EP MCP + WB/IMF enrichment | Streaming ingestion adapters |
| Analysis authoring | LLM โ markdown | LLM + 51-template OSINT | Bedrock + KB RAG + Agents |
| Quality control | 2-pass review | ICD 203 + Admiralty + 2-pass | Guardrails + human sign-off |
| Dashboards | In-article Chart.js/D3 | Pre-computed party/landscape | Live AppSync/API Gateway data |
| Rendering | Aggregator โ HTML | Aggregator โ HTML | Aggregator (edge) + dynamic APIs |
| Data stores | Committed markdown/JSON | Committed artifacts + cache | DynamoDB ยท Aurora ยท OpenSearch ยท Neptune |
| Query | None (pre-rendered) | Client-side faceted filter | NL query over knowledge graph |
| Identity | None (public static) | None (public static) | Amazon Cognito federated auth |
| Delivery | S3 + CloudFront | S3 + CloudFront | CloudFront edge + serverless APIs |
| Observability | Actions logs | Actions logs + RUM | CloudWatch ยท X-Ray ยท CloudTrail |
๐ต๏ธ Intelligence-Cycle Capability Flows (2026 โ 2037)
The flows above cover analysis and delivery. These flows add the missing intelligence-cycle stages โ direction (PIR), indications and warning, adversarial review, integrity analytics, and counter-FIMI โ that turn the platform from an analysis pipeline into a full OSINT observatory. They are the process view of the capability roadmap in FUTURE_MINDMAP.md. Every flow ends at a human-accountability gate; none publishes autonomously.
Collection Management โ Priority Intelligence Requirements Flow
flowchart TD
REQ([๐ Intelligence Requirements<br/>standing + event-driven]) --> NAI[๐ฏ Define Named Areas of Interest<br/>contested dossier, fracturing group, election]
NAI --> EEI[๐งฉ Derive Essential Elements of Information<br/>what must be known to answer]
EEI --> TASK[๐ฐ๏ธ Task Agentic Collectors<br/>EP MCP, DOCEO, external, ASR]
TASK --> COV{๐ Coverage vs Gap?}
COV -->|Gap found| RETASK[๐ Re-task Collection<br/>add source, widen window]
RETASK --> TASK
COV -->|Sufficient| MANI[๐งพ Provenance Manifest<br/>collection-plan.json]
MANI --> HAND([โก๏ธ Hand to Processing + Analysis])
style REQ fill:#e7f0ff
style COV fill:#fff4e1
style RETASK fill:#fff9c4
style HAND fill:#d4edda
Indications and Warning โ Tripwire Flow
flowchart TD
WATCH([๐๏ธ Watchlist Indicators<br/>cohesion, attendance, abstention, rhetoric]) --> BASE[๐ Compare to Rolling Baseline]
BASE --> TRIP{๐จ Tripwire breached?}
TRIP -->|No| LOG[๐๏ธ Log Baseline Drift<br/>suppress false alarms]
TRIP -->|Yes| DRAFT[โ๏ธ Draft Warning<br/>WEP band + evidence chain]
DRAFT --> HUMAN{๐งโโ๏ธ Human confirms?}
HUMAN -->|No| LOG
HUMAN -->|Yes| EMIT([๐ฃ Graded Warning<br/>brief + alert + dashboard])
EMIT --> CAL[๐ฏ Record for Calibration]
LOG --> CAL
CAL -.feedback.-> BASE
style WATCH fill:#e7f0ff
style TRIP fill:#fff4e1
style HUMAN fill:#fff4e1
style DRAFT fill:#fff9c4
style EMIT fill:#d4edda
style LOG fill:#eceff1
Multi-Agent ACH and Red-Team Flow
flowchart TD
Q([โ Estimative Question<br/>will dossier X pass? will coalition hold?]) --> HYP[๐ง Generate Competing Hypotheses<br/>minimum two, mutually exclusive]
HYP --> EVID[๐ Map Evidence to Hypotheses<br/>cited PUBLIC sources only]
EVID --> ACH[๐ ACH Matrix<br/>diagnostic evidence weighting]
ACH --> RED[๐ Devil's Advocate Agent<br/>attack the leading hypothesis]
RED --> KAC[๐งพ Key Assumptions Check<br/>what would falsify this?]
KAC --> SPLIT{๐ค Analyst agreement?}
SPLIT -->|Dissent| RECORD[๐ Record Dissent<br/>preserve minority view]
RECORD --> ADJ[๐งโโ๏ธ Human Adjudication]
SPLIT -->|Converged| ADJ
ADJ --> EST([๐ WEP-Banded Estimate<br/>confidence + evidence chain])
style Q fill:#e7f0ff
style RED fill:#ffe0e0
style SPLIT fill:#fff4e1
style RECORD fill:#fff9c4
style EST fill:#d4edda
Integrity and Counter-FIMI Detection Flow
flowchart TD
PUB([๐๏ธ PUBLIC Sources<br/>declarations, register, roll-calls, media]) --> NORM[๐งน Normalize + Entity Resolve]
NORM --> INT[๐ Integrity Analytics<br/>lobby-to-vote, revolving-door overlap]
NORM --> FIMI[๐ฐ๏ธ Counter-FIMI Detection<br/>DISARM TTP tagging, coordination signals]
INT --> QUEST[โ Sourced Question<br/>NOT an accusation]
FIMI --> CTX[๐งญ Neutral Context<br/>sourced fact vs spin]
QUEST --> GATE{๐งโโ๏ธ Human Review<br/>neutral, sourced, public-role?}
CTX --> GATE
GATE -->|Needs work| REFINE[๐ง Re-source / Re-frame]
REFINE --> GATE
GATE -->|Approved| OUT([โ
Published with Evidence Chain])
style PUB fill:#e7f0ff
style FIMI fill:#ffe0e0
style INT fill:#ede7f6
style GATE fill:#fff4e1
style REFINE fill:#fff9c4
style OUT fill:#d4edda
Boundary reminder. Integrity findings are sourced questions for journalistic review, never adjudicated accusations. Counter-FIMI is detection and context only โ the platform never conducts influence operations and never targets individuals' private lives.
๐ฎ Visionary Workflow Roadmap: 2027-2037
The platform's workflows evolve from human-orchestrated gh-aw pipelines, through
AWS-native serverless OSINT operations, toward increasingly autonomous โ but always
human-accountable โ agentic intelligence. Three principles hold across the decade:
model-agnostic routing (no single-vendor lock-in via Amazon Bedrock),
neutrality and provenance by construction, and AI as a proposal generator
with humans accountable for every publish (per the
AI Policy).
AI Model Evolution โ DevSecOps & Development Perspective
| Year | AI Model | DevSecOps Capability Evolution |
|---|---|---|
| 2026 | Opus 4.6โ4.9 | ๐ข AI-assisted code review, automated test generation, agentic CI/CD workflows |
| 2027 | Opus 5.x | ๐ต Predictive vulnerability detection, intelligent dependency management |
| 2028 | Opus 6.x | ๐ฃ Multi-modal security analysis (code + architecture + runtime), automated threat modeling |
| 2029 | Opus 7.x | ๐ Autonomous security pipeline orchestration, self-healing build systems |
| 2030 | Opus 8.x | ๐ด Near-expert automated security review, AI-driven architecture validation |
| 2031โ2033 | Opus 9โ10.x / Pre-AGI | โช Autonomous secure development lifecycle management |
| 2034โ2037 | AGI / Post-AGI | โญ Transformative software engineering with built-in security assurance |
Assumptions: major AI model upgrades occur annually; competitors (OpenAI, Google, Meta, EU sovereign AI) are evaluated at each release; the architecture accommodates potential paradigm shifts (quantum AI, neuromorphic computing). Full cross-perspective analysis lives in the Hack23 Information Security Strategy ยง AI Model Evolution Strategy; governance per AI Policy.
Phase 5: Autonomous Agentic Pipelines โ Assisted (2027-2029)
- Self-Directing OSINT Workflows: Bedrock Agents propose which analyses to generate based on parliamentary-activity signals and significance scoring; humans approve scope. AI decides what to draft, not what to publish.
- Model-Agnostic Bedrock Routing: every generation task routed to the optimal foundation model (Opus 5.x, Amazon Nova, open-source) by cost, quality, and latency โ swappable without rewriting pipelines.
- Zero-Touch Drafting, Human Publish: routine summaries flow end-to-end to a reviewed draft automatically; a human editor remains the accountable gate before CloudFront publication.
Phase 6: Predictive Intelligence Workflows (2029-2032)
- Anticipatory Frameworks: Step Functions pre-stage analytical scaffolds for upcoming votes and committee sessions from the EP calendar in Neptune.
- Dynamic Workflow Composition: Bedrock Agents assemble optimal Step Functions graphs on demand by content type, urgency, and quality requirement.
- Cross-Parliament Synthesis: serverless fan-out detects related legislative activity across multiple parliaments for comparative, neutral analysis.
Phase 7: Cognitive Workflow Intelligence (2032-2035)
- Causal Analysis Pipelines: trace legislative impacts through economic (IMF/World Bank), social, and environmental indicators with cited evidence chains.
- Adaptive Guardrails: Bedrock Guardrails dynamically tune to content sensitivity and regulatory context while holding the neutrality floor.
- Global Event Correlation: Kinesis + Neptune correlate parliamentary events worldwide to surface emerging legislative trends.
Phase 8: AGI-Native Operations โ Governed (2035-2037)
- Continuous Democratic Monitoring: AGI-class systems monitor covered parliaments with real-time, evidence-cited analysis โ under standing human oversight and audit (CloudTrail, Security Hub).
- Natural-Language Workflow Definition: stakeholders describe desired analyses in plain language; systems design and execute optimal serverless workflows, subject to AI-Policy approval gates.
- Self-Evolving, Human-Accountable Pipelines: workflows propose their own efficiency and quality improvements; promotion always requires human sign-off and canary validation โ never autonomous production deploy.
๐ References
Current State (v1.0.x)
Future State
- Future Architecture
- Future Data Model
- Future State Diagram
- Future Mindmap
- Future SWOT
- Future Security Architecture
- Future Threat Model
- Future Workflows
AWS Services Referenced
- AWS Lambda โ https://aws.amazon.com/lambda/
- AWS Step Functions โ https://aws.amazon.com/step-functions/
- Amazon EventBridge โ https://aws.amazon.com/eventbridge/
- Amazon Kinesis โ https://aws.amazon.com/kinesis/
- Amazon API Gateway โ https://aws.amazon.com/api-gateway/
- AWS AppSync โ https://aws.amazon.com/appsync/
- Amazon Cognito โ https://aws.amazon.com/cognito/
- Amazon DynamoDB โ https://aws.amazon.com/dynamodb/
- Amazon Aurora Serverless v2 โ https://aws.amazon.com/rds/aurora/serverless/
- Amazon OpenSearch Serverless โ https://aws.amazon.com/opensearch-service/
- Amazon Neptune Serverless โ https://aws.amazon.com/neptune/
- Amazon Bedrock โ https://aws.amazon.com/bedrock/
- Amazon SageMaker โ https://aws.amazon.com/sagemaker/
- Amazon CloudFront โ https://aws.amazon.com/cloudfront/
Governance & Methodology
- Hack23 AI Policy
- OSINT Tradecraft Standards
- Artifact Catalog (51 templates)
- Political Threat Framework v4.0
Document Status: โ
APPROVED FOR PLANNING
Last Updated: 2026-05-31 (UTC) | Release: v1.0.1
Next Review: 2026-08-31 (Quarterly)
Classification: Public