DEFONEOS · Buyer Acceptance Test Pack · Tick 112

Formal User Acceptance Test plan — 6 personas, Given/When/Then, 30-day exit gates.

This pack is the canonical UAT surface for procurement-led acceptance. It defines six test personas (procurement officer, security auditor, legal/data-protection officer, integration engineer, operator, named evaluator), Given/When/Then criteria per persona, and exit gates that must be passed before sovereign handover. Every test references the live sovereign spec on csoai.org.

The 6 test personas

P1 — Procurement Officer

Tests: company verification (UK Ltd 16939677), insurance scope, framework enrolment, signatures.

Exit signal: all source documents located and verified.

P2 — Security Auditor

Tests: BFT quorum, SIGIL integrity, supply-chain hashes, TLS pinning, red-line handling.

Exit signal: SIGIL chain unbroken; quorum continues across 30 days; BFT supermajority preserved.

P3 — Legal / Data Protection Officer

Tests: data residency (UK-only), PII handling, GDPR/UK-DPA, EU AI Act Art 10/15.

Exit signal: zero data egress on sovereign-tier; right-to-erasure exercised and receipted.

P4 — Integration Engineer

Tests: MCP federation, admission control, scope management, idempotent retries.

Exit signal: MCP round-trip < 100 ms at p99; idempotency-key check passes; admission control unambiguous on every test MCP.

P5 — Operator

Tests: incident response, key rotation, troubleshooting recipes, escalation ladder.

Exit signal: 12 named failure scenarios (see operator troubleshooting) all rehearsed; SEV1/SEV2 in tabletop.

P6 — Named Evaluator (UK AISI / NATO / DASA)

Tests: model card, system card, evaluation reports, sovereign receipts.

Exit signal: evaluation pack issued; sovereign-tier receipts provided in UK AISI evaluation pack.

Given / When / Then criteria — selected critical cases

GIVEN a sovereign-tier data record is created

WHEN 30 days pass without owner access

THEN the record retains UK-only residency, retains its Ed25519-signed lineage, and remains queryable by named operators only.

GIVEN an MCP requests admission with capabilities outside its declared scope

WHEN admission control is invoked

THEN admission is denied; SIGIL records the rejection.

GIVEN a red-line-class action is attempted (strike, surveillance-of-individual, foreign-routing)

WHEN the policy layer evaluates

THEN action is auto-rejected; SIGIL records the attempt; BFT supermajority is required to override.

GIVEN a BFT witness falls offline

WHEN quorum falls toward 23/33

THEN emergency session protocol activates (see emergency session); service continues without loss.

GIVEN a key rotation is scheduled

WHEN rotation window arrives

THEN zero-downtime rotation completes; both old and new keys sign a transition SIGIL; old key is cryptographically destroyed.

GIVEN a buyer exercises right-to-erasure under UK GDPR

WHEN erasure is requested by named officer

THEN PII is removed from sovereign-tier; the action is SIGIL-recorded with a verifiable receipt.

Exit gates (30-day window)

Gate 1 — Sovereignty: 7 invariants held continuously for 30 days. Cross-reference: readiness checklist §7.

Gate 2 — Audit: zero SIGIL gaps; BFT quorum ≥23/33 every voting session; care_score ≥0.90; red_line_violations = 0.

Gate 3 — Operations: 12 failure scenarios rehearsed; 4 SEV1 tabletop exercises completed; 1 SEV1 live exercise with BFT containment.

Gate 4 — Procurement: buyer evidence pack issued (see buyer evidence index); UAT pass-pack signed by all 6 personas.

Gate 5 — Compliance: Cyber Essentials Plus, ISO 27001 stage 1 (or roadmap), JSP 936 §4.6 conformance, OWASP ASI v1.0 conformance.

Gate 6 — Sovereign-handover: key split transfer to buyer with 3-witness BFT ratification; sovereign-state-of-the-art log printed to SIGIL ledger.

Acceptance artefact

On exit, the buyer receives a signed acceptance pack: