Requirements¶
System-level requirements. The spec is organised under three peer top-level features:
PLC runtime heart on iceoryx2 (FEAT_0010) “PLC runtime heart on iceoryx2” — taktora-executor framed as the runtime heart of a soft-real-time PLC. See Soft-RT PLC runtime heart.
Connector framework (FEAT_0030) “Connector framework” — the general-purpose framework for bridging taktora-executor applications to external protocols. See Connector framework.
Bounded global allocator (FEAT_0040) “Bounded global allocator” — workspace infrastructure providing a static, pre-allocated, fixed-block
#[global_allocator]for taktora binaries that require compile-time guarantees on memory usage. See Bounded global allocator.Device-driver codegen toolc... (FEAT_0050) “Device-driver codegen toolchain” — build-time layered crates that translate EtherCAT ESI XML into strongly-typed Rust device drivers, consumed by
taktora-connector-ethercatand any other ethercrab user. See Device-driver codegen.CANopen device-driver codeg... (FEAT_0060) “CANopen device-driver codegen toolchain” — build-time layered crates that translate CANopen EDS (CiA 306) files into strongly-typed Rust device drivers, with a shared
fieldbus-od-coreOD IR co-owned by the EtherCAT toolchain. See CANopen device-driver codegen.Shared logging base library (FEAT_0070) “Shared logging base library” — a workspace-wide logging facade (
taktora-log) with a default AUTOSAR DLT backend (taktora-log-dlt) and a clean swap path forlog4rs/env_logger/ bespoke loggers. See Logging — DLT base library with swappable backends.EtherCAT network-config cod... (FEAT_0080) “EtherCAT network-config codegen toolchain” — build-time layered crates that translate an integrator-authored
network.yaml(bus topology + channel wiring) into the&'staticbus tablestaktora-connector-ethercatconsumers hand-write today, composing on top of the ESI device toolchain. See EtherCAT network-config codegen.Real-time motion control (FEAT_0090) “Real-time motion control” — soft-real-time, allocation-free trajectory generation (profiles, electronic gearing, camming, flying saw) feeding CiA 402 drives in CSP mode, layered on the taktora runtime. See Motion — real-time trajectory generation for CSP drives.
Runtime diagnostics (SOVD-a... (FEAT_0100) “Runtime diagnostics (SOVD-aligned)” — a clean-room Rust take on the ros2_medkit diagnostic contract: a SOVD entity tree + DTC/fault model served over a drop-in-compatible REST surface, sourced from taktora’s runtime through off-control-path hooks. See Runtime diagnostics (SOVD-aligned).
Message-plane interface-des... (FEAT_0110) “Message-plane interface-description codegen” — build-time layered crates that translate interface descriptions (CAN
.dbctoday) into strongly-typed Rust message (de)serializers, with ano_std,serde-free wire runtime. The message-plane twin of the device-plane ESI/EDS toolchains. See Message-plane interface-description codegen.Workspace test-coverage mea... (FEAT_0120) “Workspace test-coverage measurement” — repo-wide developer tooling: a repeatable
cargo-llvm-coventrypoint (scripts/coverage.sh) so line coverage is a standing verification artifact. See Workspace tooling.
Each req directive :satisfies: one feat parent; each
capability-cluster feat :satisfies: its top-level umbrella feature.
- Soft-RT PLC runtime heart
- Connector framework
- Bounded global allocator
- Device-driver codegen
- CANopen device-driver codegen
- Logging — DLT base library with swappable backends
- EtherCAT network-config codegen
- Motion — real-time trajectory generation for CSP drives
- Runtime diagnostics (SOVD-aligned)
- Message-plane interface-description codegen
- Workspace tooling
Requirements at a glance¶
ID |
Title |
Status |
Satisfies |
|---|---|---|---|
Configurable scan period |
implemented |
||
One execution per scan period |
implemented |
||
Scan-cycle execution observability |
implemented |
||
Subscriber-triggered ingestion |
implemented |
||
Publisher-driven emission |
implemented |
||
Zero-copy IPC transport |
implemented |
||
Notification-drop visibility |
implemented |
||
Sequential chain execution |
implemented |
||
Parallel DAG execution |
implemented |
||
Abort propagation |
implemented |
||
Conditional inclusion |
implemented |
||
Subscriber deadline detection |
implemented |
||
Per-execute timing visibility |
implemented |
||
Core-affinity assignment |
implemented |
||
SCHED_FIFO priority on Linux |
implemented |
||
Signal-driven shutdown |
open |
||
Programmatic shutdown wakeup |
implemented |
||
No heap allocation in dispatch |
implemented |
||
Statically-sized task pool |
open |
||
Pre-allocated error slot |
implemented |
||
Wait-free completion signalling |
open |
||
Per-task overrun fault transition |
implemented |
||
Executor-wide overrun fault transition |
implemented |
||
Fault-handler item dispatch |
implemented |
||
Fault state observability |
implemented |
||
Mode lifecycle |
open |
||
Mode transition triggers |
open |
||
Per-mode task gating |
open |
||
Mode change observability |
open |
||
Process-restart persistence |
open |
||
Memory-mapped backing |
open |
||
Crash-atomic checkpoints |
open |
||
Recovery status reporting |
open |
||
Per-task latency percentiles |
implemented |
||
Per-task maximum jitter |
implemented |
||
Per-task overrun counter |
implemented |
||
Statistics query API |
implemented |
||
Allocation-free telemetry update |
implemented |
||
Per-task exact min/max execute duration |
implemented |
||
Per-task deadline lateness |
implemented |
||
Per-task scan index and faulted-scan emission |
implemented |
||
Documented worst-case jitter |
draft |
||
Cyclictest-style benchmark harness |
draft |
||
Documented reproducer procedure |
draft |
||
Harness consumes runtime telemetry |
draft |
||
Adapter-driven I/O |
open |
||
Out-of-tree driver crates |
open |
||
Protocol-neutral runtime |
open |
||
Framework-invariant violation triggers fail-fast |
draft |
||
User-item panic is contained, not a fail-fast |
implemented |
||
User-registered fatal handler |
draft |
||
ConnectorEnvelope is a POD type |
open |
||
Per-channel max payload size |
approved |
||
Sequence number monotonically increasing |
implemented |
||
Timestamp recorded at send |
implemented |
||
Correlation id is a passive carrier |
implemented |
||
Zero-copy publish via iceoryx2 loan |
implemented |
||
One iceoryx2 service per channel direction |
implemented |
||
PayloadCodec trait |
implemented |
||
Codec is a generic parameter on connectors |
open |
||
JsonCodec is the default codec |
implemented |
||
Codec encode error variant |
open |
||
Codec decode error variant |
open |
||
Fixed-width binary codec |
implemented |
||
Connector trait |
open |
||
ChannelDescriptor carries typed routing |
implemented |
||
Routing is a marker trait with bounds |
open |
||
create_writer / create_reader return concrete handles |
open |
||
Connector ships its own routing struct |
approved |
||
ConnectorHealth state machine |
approved |
||
subscribe_health returns a Channel of HealthEvent |
approved |
||
ReconnectPolicy trait |
open |
||
ExponentialBackoff default policy |
open |
||
HealthEvent emitted on every transition |
approved |
||
Stack-internal-reconnect connectors emit health uniformly |
approved |
||
Same envelope contract for both deployments |
approved |
||
In-process gateway is a tokio task |
open |
||
Separate-process gateway is a self-contained binary |
open |
||
Clean exit on SIGINT / SIGTERM on both sides |
open |
||
No app↔gateway control-plane envelopes |
approved |
||
MqttConnector implements Connector |
implemented |
||
MqttRouting carries topic, qos, retained |
implemented |
||
QoS 0 and 1 supported |
implemented |
||
Retained-message publish supported |
implemented |
||
Wildcard subscriptions supported |
implemented |
||
Username/password authentication |
implemented |
||
TLS is optional via cargo feature |
implemented |
||
MQTT 3.1.1 baseline |
implemented |
||
Tokio sidecar inside the gateway crate |
implemented |
||
Bridge channels are bounded |
implemented |
||
Outbound bridge saturation surfaces as BackPressure |
implemented |
||
Inbound bridge saturation drops frames and signals Degraded |
implemented |
||
Wire-round duration statistics |
draft |
||
Working-counter quality counter |
draft |
||
Freshness and staleness statistics |
draft |
||
Connector statistics query API |
draft |
||
Cycle-phase wait (slack) statistics |
draft |
||
Connector push fault semantics |
draft |
||
Absolute-grid cyclic dispatch (bounded long-run lateness) |
implemented |
||
Run-loop immunity to spurious wait interruptions |
implemented |
||
ConnectorHost builder API |
approved |
||
ConnectorGateway builder API |
approved |
||
Host registers connector items with the executor |
approved |
||
Optional Observer adapter for tracing |
open |
||
Tight dispatch-thread timer slack |
implemented |
||
NO request/response matching by the framework |
rejected |
||
NO app↔gateway control plane |
rejected |
||
NO persistent outbox or durable buffering |
rejected |
||
NO schema/contract enforcement across the boundary |
rejected |
||
NO protocol-portable Channel<T> |
rejected |
||
NO multi-broker / multi-tenant gateway |
rejected |
||
NO supervision / panic recovery |
rejected |
||
Pre-allocated fixed-block arena |
implemented |
||
Fail-closed on cap overrun |
implemented |
||
Lock-after-init panic mode |
implemented |
||
Allocation accounting API |
implemented |
||
Thread-safe allocation |
implemented |
||
EthercatConnector implements Connector |
approved |
||
EthercatRouting carries SubDevice and PDO addressing |
implemented |
||
Single MainDevice per gateway instance |
approved |
||
Bus reaches OP before serving traffic |
approved |
||
Static PDO mapping per SubDevice |
approved |
||
PDO mapping applied during PRE-OP to SAFE-OP transition |
implemented |
||
Cycle time configurable with millisecond resolution |
implemented |
||
Missed cycle ticks are skipped not queued |
implemented |
||
Distributed Clocks bring-up is opt-in |
approved |
||
Working-counter-based health policy |
implemented |
||
Working-counter mismatch degrades health |
approved |
||
Tokio sidecar contained inside the connector crate |
approved |
||
Bridge channels are bounded |
approved |
||
Outbound bridge saturation surfaces as BackPressure |
approved |
||
Inbound bridge saturation drops PDUs and signals Degraded |
implemented |
||
Linux raw socket required on gateway host |
approved |
||
Outbound payload written to PDI bit slice per routing |
implemented |
||
Inbound payload read from PDI bit slice per routing |
implemented |
||
Per-channel routing registry on the gateway |
approved |
||
Asymmetric working counter declared per SubDevice |
implemented |
||
Distributed Clocks cycle path uses tx_rx_dc |
open |
||
Bus-level recovery on cycle error |
implemented |
||
Reconnect policy factory in connector options |
implemented |
||
Health transitions during recovery |
implemented |
||
ZenohConnector implements Connector |
approved |
||
ZenohRouting carries key_expr and pub/sub QoS fields |
open |
||
JsonCodec is the default codec for Zenoh |
approved |
||
Tokio sidecar contained inside the Zenoh connector crate |
implemented |
||
Zenoh bridge channels are bounded |
approved |
||
Outbound bridge saturation surfaces as BackPressure |
approved |
||
Inbound bridge saturation drops samples and signals Degraded |
open |
||
Zenoh zero-copy publish via iceoryx2 loan |
approved |
||
Zenoh gateway is byte-only on the inbound publish path |
approved |
||
ZenohConnector exposes create_querier and create_queryable |
implemented |
||
ZenohQuerier maps QueryId to envelope correlation_id |
approved |
||
ZenohQueryable correlates replies via correlation_id |
implemented |
||
Multi-reply per query supported |
implemented |
||
Reply stream end-of-stream framed in payload |
approved |
||
Query timeout sourced from options, overridable per-querier |
approved |
||
terminate(id) finalizes the upstream zenoh::Query |
implemented |
||
Codec applied to Q on send and to R on reply |
approved |
||
Reply-side inbound saturation drops chunks and signals Degraded |
open |
||
Zenoh session mode is a config knob |
implemented |
||
NO ReconnectPolicy on Zenoh session loss |
rejected |
||
HealthEvent emitted on every Zenoh session transition |
implemented |
||
Connect and listen locators surfaced to zenoh::Config |
open |
||
zenoh-integration cargo feature gates the real zenoh dep |
implemented |
||
MockZenohSession ships unfeature-gated |
implemented |
||
Linux, macOS, and Windows are supported host operating systems |
implemented |
||
Pure parse function with no I/O |
implemented |
||
no_std + alloc compatible |
rejected |
||
quick-xml + serde backend |
implemented |
||
Parser does not depend on ethercrab or codegen |
implemented |
||
IR carries identity, PDO maps, mailbox, DC, and OD |
implemented |
||
Vendor-specific extensions captured as opaque blobs |
implemented |
||
Parse errors carry line and column |
implemented |
||
CodegenBackend trait shape |
open |
||
Naming policy is owned by codegen, not the backend |
open |
||
Revision collision handled deterministically |
open |
||
Common PDO entry types deduplicated |
open |
||
Emission target is proc_macro2 TokenStream |
open |
||
Backend crate is the sole ethercrab dependency |
open |
||
One device struct per ESI device entry |
open |
||
Identity const emitted per device |
open |
||
Selectable PDO assignments emitted as a joint per-device OpMode enum |
implemented |
||
Each OpMode variant carries a per-mode inputs/outputs data struct |
implemented |
||
Generated module root exposes a registry |
open |
||
Generated code compiles under no_std + alloc |
open |
||
Default PDO assignment derived from Sm/Mandatory, not Fixed |
implemented |
||
Per-active-mode Rx/Tx PDO-index lists exposed for 0x1C12/0x1C13 |
implemented |
||
AlternativeSmMapping captured faithfully, never resolved |
implemented |
||
EsiDevice trait shape |
open |
||
EsiConfigurable trait shape for preop bring-up |
open |
||
Traits live in ethercat-esi-rt, not taktora-connector |
open |
||
Object dictionary emission is a default-off cargo feature |
open |
||
Process image access via bitvec BitSlice |
open |
||
SdoWrite abstraction keeps ethercrab out of the trait crate |
open |
||
Builder API shape |
open |
||
Output written to OUT_DIR |
open |
||
Cargo rerun-if directives emitted per ESI input |
open |
||
Generated output passes through prettyplease |
open |
||
cargo esi expand emits one device's generated code |
open |
||
cargo esi list enumerates devices in a glob |
open |
||
CLI shares the parser and codegen crates |
open |
||
Verifier ingests ESI XML plus SII binary |
open |
||
Diagnostic output names the differing field |
open |
||
Verifier reuses the parser |
open |
||
Verifier exits non-zero on mismatch |
open |
||
NO CAN / CANopen / EDS support in this round |
rejected |
||
NO proc-macro front-end |
rejected |
||
NO unification of EtherCAT and CANopen runtime traits |
rejected |
||
NO runtime XML parsing |
rejected |
||
NO modification of taktora-connector-ethercat runtime |
rejected |
||
NO automatic vendor library scraping |
rejected |
||
CanConnector implements Connector |
approved |
||
CanRouting carries iface, can_id, mask, kind, fd_flags |
approved |
||
Linux is the supported host OS for real I/O |
open |
||
socketcan-integration cargo feature gates the real socketcan dep |
approved |
||
MockCanInterface ships unfeature-gated |
approved |
||
Tokio sidecar contained inside the CAN connector crate |
approved |
||
CAN bridge channels are bounded |
approved |
||
Outbound bridge saturation surfaces as BackPressure |
approved |
||
Inbound bridge saturation drops frames and signals Degraded |
open |
||
Classical CAN frames supported |
approved |
||
CAN-FD frames supported |
approved |
||
Channel payload sizing keyed on frame kind |
open |
||
Outbound payload serialised to socketcan frame |
approved |
||
Inbound gateway is byte-only on the publish path |
approved |
||
CAN ID extended flag preserved end-to-end |
approved |
||
Multiple interfaces per gateway |
approved |
||
Routing identifies the interface |
open |
||
Per-interface filter is the union of channel masks |
approved |
||
Filter recomputed on channel add/remove |
approved |
||
Inbound demux to all matching readers |
approved |
||
Per-iface routing registry has stable iteration order |
approved |
||
ConnectorHealth aggregates per-iface state via worst-of |
approved |
||
Error frames consumed internally |
approved |
||
error-passive transitions to Degraded |
approved |
||
bus-off transitions to Down and triggers reconnect |
approved |
||
ReconnectPolicy reused; ExponentialBackoff default |
approved |
||
HealthEvent emitted on every transition |
approved |
||
Error frames not exposed to plugin |
approved |
||
NO DBC parsing or typed signal extraction in taktora-connector-can |
rejected |
||
NO ISO-TP or J1939 support in taktora-connector-can |
rejected |
||
NO CAN-XL support |
rejected |
||
NO plugin-visible error-frame channel |
rejected |
||
NO can-restart-ms management from the gateway |
rejected |
||
No transport-specific types in fieldbus-od-core |
open |
||
no_std + alloc, no mandatory serde |
open |
||
OD type surface |
open |
||
ethercat-esi re-exports lifted types |
open |
||
canopen-eds uses fieldbus-od-core types |
open |
||
Pure parse function with no I/O |
open |
||
no_std + alloc, no upstream coupling |
open |
||
serde-derive INI backend |
open |
||
Parse errors carry line and column |
open |
||
Unknown sections captured as RawSection |
open |
||
Liberal parsing — warn and continue on quirks |
open |
||
IR carries identity, OD, PDO comm + maps |
open |
||
CodegenBackend trait shape |
open |
||
Naming policy is owned by codegen, not the backend |
open |
||
Revision collision handled deterministically |
open |
||
Common PDO entry types deduplicated |
open |
||
Emission target is proc_macro2 TokenStream |
open |
||
One EDS file equals one device |
open |
||
Backend crate is the sole canopen-eds-rt dependency |
open |
||
One device struct per EDS file |
open |
||
Identity const emitted per device |
open |
||
PDO declarations emitted as sum types |
open |
||
Dummy entries skipped in PDO payload structs |
open |
||
Generated module root exposes a registry |
open |
||
Bring-up SDO writes emitted from EDS |
open |
||
Object dictionary emission is a default-off cargo feature |
open |
||
Generated code compiles under no_std + alloc |
open |
||
CanOpenDevice trait shape |
open |
||
CanOpenConfigurable trait shape for bring-up |
open |
||
Traits live in canopen-eds-rt, not taktora-connector-can |
open |
||
Frame payloads use heapless::Vec<u8, 8> |
open |
||
Frame-per-PDO dispatch shape |
open |
||
CanOpenError variant surface |
open |
||
RPDO rejected outside Operational state |
open |
||
Builder API shape |
open |
||
Output written to OUT_DIR |
open |
||
Cargo rerun-if directives emitted per EDS input |
open |
||
Generated output passes through prettyplease |
open |
||
Parser warnings surface as cargo warnings |
open |
||
cargo eds expand emits one device's generated code |
open |
||
cargo eds list enumerates devices in a glob |
open |
||
CLI shares the parser and codegen crates |
open |
||
Verifier ingests EDS plus JSON SDO-dump |
open |
||
Diagnostic output names the differing field |
open |
||
Verifier reuses the parser |
open |
||
Verifier exits non-zero on mismatch |
open |
||
SDO-dump JSON schema versioned |
open |
||
NO DCF support this round |
rejected |
||
NO CAN-FD payload support in PdoOut |
rejected |
||
NO proc-macro front-end |
rejected |
||
NO unification of EtherCAT and CANopen runtime traits |
rejected |
||
NO runtime EDS parsing |
rejected |
||
NO modification of taktora-connector-can runtime |
rejected |
||
NO automatic vendor library scraping |
rejected |
||
NO live-bus verifier this round |
rejected |
||
Single facade for all taktora crates |
implemented |
||
taktora-log re-exports log macros |
implemented |
||
LogSink trait defines backend extension surface |
implemented |
||
One-shot init builder selects the backend |
implemented |
||
Integrator may install any log::Log implementation |
implemented |
||
tracing-log bridge installed at init |
implemented |
||
AUTOSAR Classic DLT R20-11 encoding via dlt-core |
implemented |
||
UDS (default) and TCP transports to a local dlt-daemon |
implemented |
||
4-character DLT App ID and Context ID per emitting crate |
implemented |
||
log::kv pairs encoded as DLT verbose arguments |
implemented |
||
Set-Log-Level and Set-Default-Log-Level control messages |
implemented |
||
Production default level is INFO |
implemented |
||
Emission shall not block the calling thread |
implemented |
||
ERROR and FATAL emission shall not heap-allocate |
approved |
||
Bounded in-memory ring buffers records while daemon is down |
implemented |
||
Drop-oldest overflow policy with summary record on reconnect |
approved |
||
Console fallback installed when no daemon and no other logger |
approved |
||
YAML parse to typed network IR |
open |
||
IR carries bus config, device instances, and channel bindings |
open |
||
One file describes exactly one bus |
open |
||
Devices referenced by stable label, not address |
open |
||
Parser depends on ethercat-esi, never on the connector runtime |
open |
||
Emit static SubDeviceMap PDO tables |
open |
||
Emit named routing and channel-name constants |
open |
||
Configured addresses assigned by bus position |
open |
||
Working-counter expectation derived, never overridden |
open |
||
Generated output is byte-deterministic |
open |
||
Generate into OUT_DIR for include |
open |
||
Rebuild on config or ESI change |
open |
||
Expand subcommand prints generated module |
open |
||
Fetch subcommand vendors and pins remote ESI |
open |
||
Build resolves ESI from local files only |
open |
||
ESI references pinned by content hash and revision |
open |
||
Hard build errors for derivable faults |
open |
||
Warn on unmapped process-image gaps |
open |
||
Emit bring-up assertions for physical-bus facts |
open |
||
No runtime parsing, no connector-runtime modification |
open |
||
Per-task skipped-slot count |
implemented |
||
SAFE-OP to OP transition exchanges cyclic process data |
implemented |
||
Bring-up failure is observable via health |
implemented |
||
ESI model exposes per-SM watchdog-trigger enable |
implemented |
||
Resolve and emit each output device's SM-watchdog registers |
implemented |
||
Validate the SM-watchdog bound and enable at config time |
implemented |
||
Master programs the SubDevice SM-watchdog registers |
implemented |
||
Health subscriptions are independent broadcast streams |
implemented |
||
FMMU declarations captured in the IR |
implemented |
||
EEPROM (SII source) data captured without interpretation |
implemented |
||
MDP module catalog and slot constraints captured, never resolved |
implemented |
||
Exact-extreme SLO conformance gate |
implemented |
||
Sub-octave percentile precision |
implemented |
||
Operator-declared startup SDOs applied before PDO assignment |
implemented |
||
At-most-one borrowed-job submit per barrier phase |
implemented |
||
UiConnector implements Connector |
implemented |
||
ViewModel published as one struct-per-service with latest-value |
implemented |
||
UiRouting carries ViewModel/command name and kind |
implemented |
||
ViewModel fields restricted to a closed POD type set |
draft |
||
Derive macro computes the envelope payload size |
implemented |
||
Producer writes a seqlock latest-value cell, RT-safe |
implemented |
||
Non-RT publisher pump encodes and publishes at a configurable cadence |
implemented |
||
Publisher pump skips zero-subscriber ViewModels |
implemented |
||
Hot-scalar opt-out promotes a field to its own service |
implemented |
||
Client reconstructs per-field PropertyChanged by diffing |
implemented |
||
Commands use acceptance-ack request-response |
implemented |
||
CanExecute is a published boolean property |
implemented |
||
Command delivery is at-most-once via correlation-id dedupe |
implemented |
||
Idempotent commands are flagged for opt-in auto-retry |
implemented |
||
Rejected carries a closed reason-code set |
implemented |
||
Command handler runs off the RT thread |
implemented |
||
Command channel is bounded and surfaces BackPressure |
implemented |
||
Single instance-namespaced manifest service |
implemented |
||
Manifest enumerates all services, schemas and signatures |
implemented |
||
Manifest carries a contract hash |
implemented |
||
Closed self-describing schema type system |
implemented |
||
Contract-hash mismatch fails closed with read-only fallback |
implemented |
||
Multi-application discovery via the iceoryx2 registry |
implemented |
||
Derive macro emits the manifest contribution |
implemented |
||
Mandatory SystemViewModel heartbeat with epoch |
implemented |
||
Per-ViewModel staleness from the envelope |
implemented |
||
UI restart is stateless |
implemented |
||
Application restart bumps epoch and triggers rebind |
implemented |
||
Connector health reflects local publish health |
implemented |
||
OS-mediated trust for v1 |
implemented |
||
Slice-typed variable-length channel |
implemented |
||
Loans sized at send time |
implemented |
||
Segment grows by PowerOfTwo |
implemented |
||
Growth bounded by a configurable ceiling |
implemented |
||
Single-publisher topology and metadata parity |
implemented |
||
29-bit ID decode and PGN routing |
implemented |
||
J1939Routing declares transport class; N validated |
implemented |
||
BAM reassembly and segmentation |
implemented |
||
RTS/CTS connection-mode reassembly and segmentation |
implemented |
||
ETP over the slice channel, bounded |
implemented |
||
TP timers enforced and surfaced as health |
implemented |
||
Concurrent TP sessions bounded per interface |
implemented |
||
Full J1939-81 address claiming |
implemented |
||
Claim state maps onto health; TX gated until claimed |
implemented |
||
Reuse the CAN driver layer; provide MockJ1939Interface |
implemented |
||
NO replacing ConnectorEnvelope with the slice channel |
rejected |
||
NO kernel CAN_J1939 socket family in taktora-connector-j1939 |
rejected |
||
NO J1939/DBC parsing or typed PGN payloads in taktora-connector-j1939 |
rejected |
||
NO unbounded ETP reassembly |
implemented |
||
Off-path / freedom from interference |
open |
||
Drop-in client compatibility |
implemented |
||
Worst-wins health rollup |
open |
||
Callback-hooks-only attach in v1 |
open |
||
SOVD entity-tree model |
implemented |
||
DTC / fault model with freeze-frames |
implemented |
||
Extractable diagnostic core |
open |
||
Read-diagnostic core HTTP surface |
implemented |
||
Deferred families decline with a contract-shaped 501 |
implemented |
||
Baseline transport hardening, off the control path |
implemented |
||
Mandatory Area/Component grouping manifest |
implemented |
||
Merge pipeline applies the manifest |
implemented |
||
Empty or absent manifest falls back to flat grouping |
implemented |
||
Executor liveness and timing from the hook seam |
implemented |
||
Executor binding exposed through the provider seam |
implemented |
||
Non-blocking, bounded hook write path |
implemented |
||
Connector health maps to a SOVD Component and DTCs |
implemented |
||
DTC lifecycle and occurrence bookkeeping |
implemented |
||
Last-sample freeze-frame at confirmation |
implemented |
||
Freeze-frame surfaced through the SOVD fault-detail endpoint |
implemented |
||
Off-path refresh-and-diff loop |
implemented |
||
Diff-derived fault change events |
implemented |
||
Health-transition change events |
implemented |
||
Trigger subscription surface |
implemented |
||
SSE event stream framed per the captured contract |
implemented |
||
Auth-light token endpoints preserve the client login flow |
implemented |
||
Permissive dev-mode authenticator is the default |
implemented |
||
Authentication flows through a substitutable Authenticator seam |
implemented |
||
Resource routes run enforcement = none in v1 |
implemented |
||
Full client login-to-read flow over the live gateway |
implemented |
||
Diagnostic lock lifecycle — acquire, extend, release |
implemented |
||
Lock TTL expiry auto-releases |
implemented |
||
break_lock supervisor override |
implemented |
||
X-Client-Id lock ownership |
implemented |
||
Locks are diagnostic-coordination-only QM metadata |
implemented |
||
NO runtime description parsing |
rejected |
||
Boundedness is unrepresentable to violate |
implemented |
||
Structural validation before sizing |
implemented |
||
Plane-generic, policy-free IR |
implemented |
||
WireType trait surface |
implemented |
||
no_std, allocation-free, serde-free path |
implemented |
||
CAN signal bit-packing primitives |
implemented |
||
DBC parse to a typed model |
implemented |
||
DBC lower to IR plus layout sidecar |
implemented |
||
Deterministic naming policy with collision detection |
implemented |
||
MessageBackend trait and resolve/generate entry point |
implemented |
||
CAN backend emits WireType impls via the wire runtime |
implemented |
||
Build-time generation proof-of-life |
implemented |
||
NO additional frontends this round |
rejected |
||
NO bool or float CAN fields this round |
rejected |
||
NO J1939 application-layer consumer this round |
rejected |
||
Global fault SSE stream |
implemented |
||
Entity-scoped triggers |
implemented |
||
Lock read endpoints |
implemented |
||
Global fault clear-all |
implemented |
||
Honest capability advertisement |
implemented |
||
SSE keep-alive and reconnect replay |
implemented |
||
Health telemetry shape |
implemented |
||
Auth disable parity |
implemented |
||
Write/action seam |
implemented |
||
Operations family with async executions |
implemented |
||
Configurations family |
implemented |
||
Bulk-data family |
implemented |
||
Scripts family |
implemented |
||
Software-update family |
implemented |
||
Lifecycle-status family |
implemented |
||
Logs family |
implemented |
||
Cyclic-subscriptions family |
implemented |
||
Provider-sourced health telemetry |
implemented |
||
Single-entity capability catalogue |
implemented |
||
Connection state maps to ConnectorHealth |
implemented |
||
Reconnect backoff is configurable |
implemented |
||
Auth-rejected CONNACK transitions to Down |
implemented |
||
Reconnect-attempt ceiling transitions to Down |
implemented |
||
Clean session on CONNECT |
implemented |
||
SUBSCRIBE replay on reconnect |
implemented |
||
Broker subscriptions are deduplicated and reference-counted |
implemented |
||
Inbound PUBLISH is matched locally and fanned out |
implemented |
||
JsonCodec is the default codec |
implemented |
||
MessagePack codec |
implemented |
||
Build identity in the version catalogue |
implemented |
||
Coverage entrypoint script |
draft |
||
All-features instrumentation |
draft |
||
Serial test execution |
draft |
||
Denominator excludes generated code and dev tooling |
draft |
||
Report outputs |
draft |
||
Missing-tool diagnostic |
draft |
||
Contributor documentation |
draft |