Horizontal domains are ALWAYS ENTERPRISE (#63) — 6 governance checks. No shortcuts. Safety and security are never optional.
| Domain | Scope | Tier | Status |
|---|---|---|---|
| SAFETY | Safety-critical system governance | ENTERPRISE (#63) — always | Governed |
| SECURITY | Information/cyber security governance | ENTERPRISE (#63) — always | Governed |
`` VERTICAL(V) × SAFETY = V-specific safety standard VERTICAL(V) × SECURITY = V-specific security standard
Examples: MEDICINE × SAFETY = IEC 62304 (medical device software safety) MEDICINE × SECURITY = HIPAA Security Rule AEROSPACE × SAFETY = DO-178C / ARP4761 AEROSPACE × SECURITY = DO-326A (airworthiness security) AUTOMOTIVE × SAFETY = ISO 26262 AUTOMOTIVE × SECURITY = ISO/SAE 21434 ENERGY × SAFETY = IEC 61511 (process safety) ENERGY × SECURITY = NERC CIP MANUFACTURING × SAFETY = OSHA / IEC 61508 MANUFACTURING × SECURITY = IEC 62443 FINANCE × SAFETY = Business continuity (ISO 22301) FINANCE × SECURITY = PCI-DSS / SOC 2 EDUCATION × SAFETY = Campus safety (Clery Act) EDUCATION × SECURITY = FERPA (student data protection) LOGISTICS × SAFETY = Hazmat transport (IMDG/ADR/49 CFR) LOGISTICS × SECURITY = C-TPAT / AEO ``
To add a new horizontal domain:
Create directory under HORIZONTAL/[NAME]/ Write CANON.md inheriting canonic-canonic/INDUSTRIES/HORIZONTAL Tier MUST be ENTERPRISE (#63) — no negotiation Define how the domain composes with every registered vertical Run magic validate — 255 or reject
| *HORIZONTAL | SPEC | INDUSTRIES* |