Aegis 365 -- Testing & Quality Assurance
| Test Level | Coverage | Tool | Target |
|---|---|---|---|
| Unit | L0--L7 components; crypto, encoding | xUnit, Moq, FluentAssertions | > 85% coverage |
| Integration | L0--L7 pipeline; DB, cache, SLM | TestContainers, In-Memory DB | > 80% scenario coverage |
| Security | Injection, re-ID risk, encryption | OWASP ZAP, custom exploit suites | 100% known attacks detected |
| Resilience | Failover, latency, fail-closed | Chaos Monkey, load tests, fault injection | RTO/RPO met |
| Compliance | Audit completeness, Break Glass, immutability | Manual + automated verification | Zero audit gaps |
| Performance | L0--L7 < 2.5s (human), < 5s (agentic) | JMeter, BenchmarkDotNet | 450ms aspirational |
| Penetration | Red-team, supply-chain | External firm (Phase 5) | No critical findings |
Unit Testing Strategy
Every layer component is tested in isolation with mocked dependencies:
- L0: Action taxonomy classification, HITL routing logic, session state transitions
- L1: SLM confidence scoring (known-attack corpus must block), transparency model routing
- L2: Regex + NER + SLM consensus paths, Private Semantic Map matching
- L3: Token generation collision tests, SDG plausibility verification
- L4: Re-hydration hierarchy (clearance checks, Hard Mask enforcement), mask-on-hover audit trigger
- L5: Compliance registry lookup, sovereignty precedence ordering
- L6: ZKP generation correctness, Break Glass dual-key enforcement, immutable chain integrity
- L7: Semantic hash stability, vector distance thresholds, inference-attack suppression
Integration Testing Strategy
End-to-end pipeline tests run with TestContainers (Redis, PostgreSQL) and an in-memory SLM stub:
- Ingest a prompt with known PII
- Verify L0 action classification, L1 intent score, L2 sensitivity tile
- Verify L3 anonymization produces expected token pattern
- Verify L5 routing respects data classification
- Verify L4 re-hydration returns real value (with clearance) or mask (without)
- Verify L6 audit log contains immutable chain entry with ZKP witness
- Verify L7 cache stores anonymized response only, with correct TTL
Security Testing Strategy
| Attack Vector | Test Method | Success Criteria |
|---|---|---|
| Prompt injection / jailbreak | Known-attack corpus (100+ patterns) | > 99% blocked by L1 |
| Indirect prompt injection | Poisoned external content ingestion | L1 Instruction Integrity Check flags |
| Mosaic / drip-feed exfiltration | Multi-session aggregation probe | L0 temporal detection triggers freeze |
| Re-identification attempt | Token combination analysis | L3 collision-risk guard triggers generalisation |
| Inference de-masking | LLM response probing | L4 post-inference redaction intercepts |
| Admin plaintext bypass | Single-credential decryption attempt | MPC quorum required; alert generated |
| Memory-wipe evasion | Controlled node crash simulation | Synchronous replication preserves state |