Validation (Stage 4)
Validation runs after all migration units reach a terminal state. It compares translated output against the source, verifies compliance fingerprint preservation, and surfaces divergences for human review.
Equivalence Checking
The IDE runs equivalence checks on each approved unit. Checks compare the compliance fingerprint captured during Discovery (source) against the fingerprint of the translated output (target).
Fingerprint Thresholds
| Result | Threshold | Action |
|---|---|---|
| PASS | ≥90% similarity | Auto-approvable |
| WARNING | 70–89% similarity | Manual review recommended |
| FAIL | <70% similarity | Compliance officer sign-off required |
Fingerprint similarity is computed over the set of compliance patterns matched — regulated data patterns, GRC rules, API boundary patterns, and domain-specific constructs.
Divergence Types
When fingerprint comparison falls below PASS, the IDE categorises the divergence:
| Divergence | Description |
|---|---|
missing-pattern | A compliance pattern present in source is absent from translation |
extra-pattern | Translation introduces a pattern not in source (potential regression) |
semantic-shift | Pattern is present but with different semantics (e.g. blocking → non-blocking I/O) |
type-precision-loss | Numeric type narrowed in translation (e.g. COMP-3 → float) |
error-path-dropped | Error handling present in source is absent from translation |
access-control-gap | Authentication or authorisation check not translated |
audit-trail-gap | Audit logging present in source is absent from translation |
Compliance Sign-off Gating
For units in regulated domains (ASIL-rated, SIL-rated, or containing regulated data hits), a compliance officer sign-off is required before the unit proceeds to cutover.
Sign-off requirements by domain:
| Domain | Gate |
|---|---|
| Automotive (ISO 26262 ASIL-D) | Formal verification evidence required |
| Functional Safety (IEC 61508 SIL 3–4) | Independent verification review |
| Energy (IEC 61850 GOOSE path) | Protection engineer sign-off |
| Telecom (3GPP key material) | Security architect sign-off |
Validation Summary
After all units are validated, the Validation pane shows:
totalUnitsApproved Units with approved translations
totalUnitsSkipped Units excluded from cutover
passCount Units at ≥90% fingerprint similarity
warningCount Units at 70–89% similarity
failCount Units below 70% similarity
pendingSignOffs Units awaiting compliance officer approval
divergenceCount Total divergences detected across all unitsProceeding to Cutover
Validation is considered complete when:
- All approved units have been reviewed
- All required sign-offs are obtained
- No divergences are in an unresolved state
The Cutover stage unlocks when all 4 blocking readiness checks pass (see Cutover).
Last edited