Theme
IIO Terminology Map — Industry Standard Mapping
Classification: own
Audience: Enterprise engineers, architects, new operators
Purpose: Map IIO-specific terminology to established industry equivalents. IIO is architecturally rigorous — the concepts are standard, only the names differ.
Quick Reference
| IIO Term | Industry Equivalent | Standard/Source |
|---|---|---|
| Seed | Golden image / Master template | GitOps, Backstage |
| Node | Tenant environment / Workspace instance | Multi-tenant SaaS |
| Seed → Node Projection | Template instantiation / Environment provisioning | Terraform, Helm |
| Premises | Invariants / Governance contracts / Policies | Formal methods, ISO 42001 |
| Fail-closed | Secure-by-default / Deny-by-default | OWASP, NIST, Zero Trust |
| HITL gate | Human review checkpoint / Approval gate | CI/CD, SOC 2, ISO 27001 |
| Thin-through-path | Single piece flow / Single active lane | Lean, Kanban, Theory of Constraints |
| Space Kernel | Unified composition model / Actor system | Actor model (Erlang/Akka) |
| Actor | Agent / Principal / Service identity | RBAC, IAM, Actor model |
| Composite Actor | Composed system / Cluster / Federation | Kubernetes, Akka Cluster |
| Drift | Configuration drift / State deviation | GitOps (Flux, ArgoCD) |
| Evidence | Audit artifact / Compliance record | SOC 2, ISO 27001, ISO 42001 |
| Evidence chain | Audit trail / Immutable log | SIEM, blockchain audit |
| Thin layer | Separation of concerns / Single responsibility | Clean Architecture, SOLID |
| Phase gate | Stage gate / Release milestone | PRINCE2, SAFe, ISO 42001 |
| Processing state | Workflow state / Pipeline state | Temporal, Airflow DAG |
| Reflection skill | Circular dependency detection | Dependency analysis |
| Anti-contamination | Environment isolation / Namespace separation | Docker, Kubernetes namespaces |
| Release-operator role | Release manager / Deployment owner | ITIL, DevOps |
| Governance-reviewer role | Compliance officer / Risk reviewer | GRC, ISO 27001 |
| Orchestrator role | Platform engineer / SRE | SRE, Platform Engineering |
| Session start/closeout | Pre/post-flight checklist | Aviation, surgical checklists |
| Premises codex | Policy engine / Compliance rulebook | OPA (Open Policy Agent) |
| Skill | Tool / Capability / Plugin | MCP, Backstage plugins |
| Skill registry | Tool catalog / Plugin registry | Backstage, MCP registry |
| Manual portal | Developer portal / Internal docs | Backstage, Confluence |
| Projection manifest | Deployment manifest / Release descriptor | Kubernetes manifests, Helm values |
| Tenant | Customer / Organization / Workspace | Multi-tenant SaaS |
| Wave | Release wave / Migration cohort | Large-scale migrations |
| Layer discipline | Layered architecture / Dependency rule | Clean Architecture, Hexagonal |
| Boundary | Trust boundary / Security perimeter | Zero Trust Architecture |
| Transaction | Atomic operation / State transition | ACID transactions, Event sourcing |
| check-operations-health | Health check / Readiness probe | Kubernetes liveness probe |
| dispatch-operations | Workflow dispatch / Job runner | GitHub Actions, Temporal |
| run-release-gate-chain | Pre-release checklist / Gate chain | ITIL change management |
| session-start.sh | Pre-flight check / Environment validation | Aviation, DevOps runbooks |
| session-closeout.sh | Post-flight check / Session audit | Aviation, ITIL |
Deep Mappings — Core Concepts
Premises Catalog → Open Policy Agent (OPA)
IIO's iio/specs/governance/layer-premises-catalog.yaml (102 premises, 8 layers) is conceptually equivalent to OPA's Rego policies, but:
- IIO premises are human-readable YAML (OPA uses Rego DSL)
- IIO premises are versioned in git (OPA policies can be, but rarely are)
- IIO premises are structured by layer (P-CORE, P-ARCH, P-SKILL, etc.)
- IIO premises are evidence-linked (each has source artifact references)
Advantage: IIO premises are simultaneously machine-checkable AND understandable by non-engineers.
Seed → Node Projection → Helm / Terraform
IIO's seed→node projection is conceptually similar to:
- Helm: chart (seed) → release (node) with values override
- Terraform: module (seed) → workspace (node) with variable override
- Backstage: software template → component instance
IIO advantage: Projection includes governance inheritance. A new node doesn't just copy files — it inherits all 102 premises, evidence requirements, and gate definitions. No Helm/Terraform equivalent exists.
Fail-Closed → OWASP Secure-by-Default
IIO's fail-closed principle (P-SAFE-003: missing input → BLOCK, not proceed) maps to:
- OWASP: "Fail securely" principle
- NIST SP 800-53: Least privilege + deny-by-default
- Zero Trust: Never trust, always verify
IIO extends this: fail-closed applies not just to security but to all operational layers — governance, publishing, deployment, team coordination. No other platform does this universally.
HITL Gate → ISO 42001 + SOC 2 Controls
IIO's approve-hitl-gate.sh + gate-status.yaml + GATE-OWNERSHIP.md maps to:
- ISO 42001 Clause 8.3: Risk treatment — human oversight controls
- SOC 2 CC6.6: Logical access controls with approval workflows
- ISO 27001 A.9.4: Access control with authorization
IIO advantage: Gates produce signed evidence artifacts automatically. SOC 2/ISO auditors require exactly this documentation — IIO generates it as a byproduct of normal operation.
Space Kernel → Actor Model (Erlang/Akka)
IIO's Space Kernel (Actor, Role, Composition, Boundary, Transaction) maps to:
- Erlang/OTP: processes (actors), supervisors (compositions), message passing (transactions)
- Akka: actors, actor systems, cluster sharding
- Microsoft Orleans: grains (actors), silos (compositions)
IIO extension: The Actor model applies equally to humans and AI agents — no existing Actor framework does this.
Thin-Through-Path → Theory of Constraints
IIO's "exakt ein aktiver Thin-through-path gleichzeitig" maps to:
- Theory of Constraints: Single constraint focus, one piece flow
- Kanban: WIP limits, single active lane
- Lean: Single piece flow, no batch processing
Industry name: "Sequential Execution Model" or "Single Active Lane constraint"
Processing State → POMDP / Temporal Workflow State
IIO's processing-state.yaml maps to:
- Temporal: Workflow state (durable, crash-safe, queryable)
- Airflow: DAG run state
- POMDP: Partially Observable Markov Decision Process (theoretical)
Gap: IIO's state is YAML (not durable execution). See IIO-AGT-019 for crash-safe improvement.
Positioning Against Industry Products
IIO vs. Backstage (Spotify/CNCF)
| Feature | Backstage | IIO |
|---|---|---|
| Software catalog | ✅ Full | ✅ orchestration/workspace.yaml |
| Developer portal | ✅ Full | ✅ manual/ portal |
| Software templates | ✅ Full | ✅ Seed→Node projection |
| Governance enforcement | ❌ None | ✅ 102 premises, fail-closed |
| Evidence artifacts | ❌ None | ✅ Every operation |
| AI/Agent support | ❌ None | ✅ Core design |
| Multi-tenant | ⚠️ Partial | ✅ Full (seed→node) |
IIO wins on: Governance, evidence, AI-native design, fail-closed defaults.
IIO vs. Temporal (Durable Execution)
| Feature | Temporal | IIO |
|---|---|---|
| Durable execution | ✅ Full | ❌ Scripts only |
| Workflow orchestration | ✅ Full | ⚠️ Shell scripts |
| State persistence | ✅ Full | ⚠️ YAML files |
| Governance | ❌ None | ✅ Full |
| Evidence artifacts | ❌ None | ✅ Every operation |
| Multi-tenant governance | ❌ None | ✅ Full |
IIO wins on: Governance, evidence, multi-tenant.
Temporal wins on: Crash-safe execution, DAG orchestration.
Future: IIO + Temporal = optimal (see IIO-AGT-019).
IIO vs. Open Policy Agent (OPA)
| Feature | OPA | IIO |
|---|---|---|
| Policy enforcement | ✅ Runtime | ⚠️ Pre/post-session |
| Policy language | Rego (DSL) | YAML (human-readable) |
| Policy versioning | ⚠️ Optional | ✅ Git-native |
| Evidence generation | ❌ None | ✅ Automatic |
| Human-readable policies | ❌ Rego is technical | ✅ Premises are prose |
| AI governance | ❌ None | ✅ Core design |
IIO wins on: Human-readable governance, evidence generation, AI-native design.
OPA wins on: Runtime enforcement, mature ecosystem.
Future: IIO premises → OPA Rego compilation = both worlds.
For Enterprise Briefings
When presenting IIO to enterprise architects, use these mappings:
"IIO is a multi-tenant agentic infrastructure platform. Think of it as: Backstage (developer portal + software catalog) + OPA (governance policy enforcement) + ISO 42001 (AI management system) + GitOps (git as source of truth) — all unified in a single architecture, with evidence artifacts generated automatically for every operation, and AI/human agents treated identically under the same governance rules."
References
- OPA (Open Policy Agent): openpolicyagent.org
- Backstage: backstage.io
- Temporal: temporal.io
- ISO/IEC 42001:2023: iso.org/standard/81230.html
- MCP (Model Context Protocol): modelcontextprotocol.io
- Actor Model: Hewitt, Bishop, Steiger (1973)
- Theory of Constraints: Goldratt (1984)
- Zero Trust: NIST SP 800-207
- IIO ISO-42001-COMPLIANCE-MAP.md
- IIO RESEARCH-FRONTIERS-2026.md