POSA_LEAKSMS/docs/superpowers/plans/2026-05-20-operational-security-completion.md

Operational Security Completion Implementation Plan

참고: 이 문서는 누수감지 시절의 기록(레거시)이며, 현재 시스템은 SHT30 온습도 전용으로 전환되었습니다.

For agentic workers: REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (- [ ]) syntax for tracking.

Goal: Turn the v2605 leak monitoring project into a submission-ready and field-operable system with concrete security evidence, operational diagnostics, and review-friendly reports.

Architecture: Keep the current procedural PHP/Cafe24 structure. Extract reusable operational checks into a small PHP helper, add a login-protected evidence report page, add a Pi-side sanitized evidence collector, and update documentation so security controls map to actual code and captured evidence.

Tech Stack: PHP 7+/PDO/MySQL on Cafe24, Apache .htaccess, Raspberry Pi Python 3, systemd, Markdown documentation.

---

Origin

Source requirements: docs/superpowers/specs/2026-05-20-operational-security-completion-design.md

This plan intentionally avoids implementing fire detection, power anomaly detection, multi-tenant productization, or HWP binary editing. Those remain outside the current scope.

File Structure

Create:

• php/ops_checks.php
  Shared server-side operational/security checks used by setup and evidence pages.

• php/security_evidence.php
  Login-protected evidence report page for security review attachments. Supports browser view and Markdown download.

• raspberry_pi/collect_evidence.py
  Sanitized Pi-side evidence collector that prints service, network, camera, and API test evidence without exposing secrets.

• docs/OPERATIONS_SECURITY_CHECKLIST.md
  Operator checklist for monthly security/operation review.

• docs/SECURITY_EVIDENCE_PACKAGE.md
  Submission package index: what to attach, where it comes from, and what it proves.

Modify:

• php/setup_wizard.php
  Use shared checks and link to security_evidence.php.

• php/dashboard.php
  Add clearer links/status hints for evidence, SMS failures, and offline state without changing its core flow.

• php/monthly_report.php
  Add print-friendly metadata and evidence-oriented summary rows.

• docs/README.md
  Link the new evidence and operations checklist docs.

• docs/SECURITY_PLAN_ATTACHMENT_GUIDE.md
  Narrow the user-provided items now that code-based evidence is generated locally.

• docs/SOURCE_SECURITY_EVIDENCE.md
  Point to the new evidence page and Pi collector.

• CHANGELOG.md
  Record the operational/security completion improvements.

Verification:

• PHP lint for all changed PHP files.
• Python compile for Raspberry Pi scripts.
• Static secret/stale-value search excluding _backup.
• Manual browser verification on deployed Cafe24 remains an operator step, documented but not locally provable.

---

Task 1: Extract Shared Operational Checks

Files:

• Create: php/ops_checks.php

• Modify: php/setup_wizard.php

• Test: PHP lint plus manual inclusion through setup_wizard.php

• Step 1: Create php/ops_checks.php with reusable checks

Create a small helper that returns normalized check rows. Use this structure:

<?php
// =============================================================================
// ops_checks.php - 운영/보안 점검 공통 헬퍼 (v2605)
// =============================================================================

require_once __DIR__ . '/config.php';

function ops_table_exists(PDO $db, string $table): bool {
    $stmt = $db->prepare("
        SELECT COUNT(*)
        FROM information_schema.TABLES
        WHERE TABLE_SCHEMA = DATABASE()
          AND TABLE_NAME = :table
    ");
    $stmt->execute([':table' => $table]);
    return (int)$stmt->fetchColumn() > 0;
}

function ops_column_exists(PDO $db, string $table, string $column): bool {
    $stmt = $db->prepare("
        SELECT COUNT(*)
        FROM information_schema.COLUMNS
        WHERE TABLE_SCHEMA = DATABASE()
          AND TABLE_NAME = :table
          AND COLUMN_NAME = :column
    ");
    $stmt->execute([':table' => $table, ':column' => $column]);
    return (int)$stmt->fetchColumn() > 0;
}

function ops_check(string $category, string $label, bool $ok, string $detail, string $fix = '', string $severity = 'warn', string $evidence = ''): array {
    return [
        'category' => $category,
        'label' => $label,
        'ok' => $ok,
        'detail' => $detail,
        'fix' => $fix,
        'severity' => $severity,
        'evidence' => $evidence,
    ];
}

function collect_ops_checks(): array {
    $checks = [];

    try {
        $db = get_db();
        $checks[] = ops_check('서버', 'DB 연결', true, DB_NAME . ' 연결 성공', '', 'critical', 'setup_wizard.php 또는 security_evidence.php 화면');

        $required_tables = ['sensor_log', 'sensor_status', 'sms_log', 'leak_photo', 'leak_incident'];
        foreach ($required_tables as $table) {
            $exists = ops_table_exists($db, $table);
            $checks[] = ops_check(
                'DB',
                "테이블 {$table}",
                $exists,
                $exists ? '확인됨' : '누락됨',
                $table === 'leak_incident' ? 'sql/migration_incident_response.sql 또는 sql/schema_v2605.sql 실행' : 'sql/schema_v2605.sql 실행',
                $table === 'leak_incident' ? 'critical' : 'warn',
                'DB 테이블 목록 또는 설치 점검 화면'
            );
        }

        if (ops_table_exists($db, 'leak_photo')) {
            foreach (['sequence_no', 'photo_stage'] as $column) {
                $exists = ops_column_exists($db, 'leak_photo', $column);
                $checks[] = ops_check('DB', "사진 타임라인 컬럼 {$column}", $exists, $exists ? '확인됨' : '누락됨', 'sql/migration_photo_timeline.sql 실행', 'warn', 'leak_photo 컬럼 목록');
            }
        }

        $recent_sms_fail_stmt = $db->query("
            SELECT COUNT(*)
            FROM sms_log
            WHERE status = 'fail'
              AND sent_at >= DATE_SUB(NOW(), INTERVAL 30 DAY)
        ");
        $recent_sms_fail = (int)$recent_sms_fail_stmt->fetchColumn();
        $checks[] = ops_check('SMS', '최근 30일 SMS 실패', $recent_sms_fail === 0, "{$recent_sms_fail}건", 'Cafe24 SMS 계정, 잔액, 발신번호, 수신자 확인', 'warn', 'sms_log 최근 실패 건수');
    } catch (Throwable $e) {
        $checks[] = ops_check('서버', 'DB 연결', false, '연결 실패: ' . $e->getMessage(), 'config.local.php DB 설정 확인', 'critical', 'DB 연결 오류 화면');
    }

    $default_recipients = count(SMS_RECIPIENTS) === 1 && preg_replace('/\D+/', '', SMS_RECIPIENTS[0]) === '01000000000';
    $checks[] = ops_check('설정', 'API 키', API_KEY !== 'change-this-api-key', 'API_KEY 운영값 설정 여부', 'config.local.php와 /etc/leak-sensor.env의 API 키를 동일하게 설정', 'critical', 'config.local.php 원문 미공개 설정 확인');
    $checks[] = ops_check('설정', '관리자 비밀번호', ADMIN_PASSWORD_HASH !== '', 'ADMIN_PASSWORD_HASH 설정 여부', 'php setup_hash.php "새비밀번호" 실행 후 config.local.php에 반영', 'critical', '관리자 해시 설정 확인');
    $checks[] = ops_check('개인정보', 'SMS 수신자', !empty(SMS_RECIPIENTS) && !$default_recipients, count(SMS_RECIPIENTS) . '명 설정', 'config.local.php의 SMS_RECIPIENTS 현행화', 'critical', '수신자 목록 현행화 확인표');
    $checks[] = ops_check('파일', '사진 저장 폴더', is_dir(PHOTO_UPLOAD_DIR) && is_writable(PHOTO_UPLOAD_DIR), PHOTO_UPLOAD_DIR, 'uploads/photos 생성 및 쓰기 권한 확인', 'warn', '폴더 권한 화면');
    $checks[] = ops_check('파일', '상태 파일 폴더', is_dir(__DIR__ . '/var') && is_writable(__DIR__ . '/var'), __DIR__ . '/var', 'php/var 생성 및 쓰기 권한 확인', 'warn', '폴더 권한 화면');

    return $checks;
}

function ops_failed_count(array $checks): int {
    return count(array_filter($checks, fn($check) => !$check['ok']));
}

• Step 2: Replace duplicate setup check functions in php/setup_wizard.php

Remove setup_table_exists(), setup_column_exists(), and setup_check() from setup_wizard.php. Add:

require_once __DIR__ . '/ops_checks.php';

Replace the current manual $checks construction with:

$checks = collect_ops_checks();

Keep the existing SMS test POST handling unchanged.

• Step 3: Update setup wizard rendering for new check fields

Where checks render, preserve the existing UI but read the new fields:

<h2><?= htmlspecialchars($check['category']) ?> · <?= htmlspecialchars($check['label']) ?> · <?= $check['ok'] ? '정상' : '확인 필요' ?></h2>
<p><?= htmlspecialchars($check['detail']) ?></p>
<?php if (!$check['ok'] && $check['fix'] !== ''): ?>
<div class="fix">조치: <?= htmlspecialchars($check['fix']) ?></div>
<?php endif; ?>
<?php if (($check['evidence'] ?? '') !== ''): ?>
<div class="fix">증적: <?= htmlspecialchars($check['evidence']) ?></div>
<?php endif; ?>

• Step 4: Add evidence page link to setup wizard

In the header link area, add a link:

<a href="security_evidence.php">보안 증적</a>

If the header currently has a single link, convert it to a small flex group matching dashboard.php.

• Step 5: Verify PHP syntax

Run:

php -l php\ops_checks.php
php -l php\setup_wizard.php

Expected: both commands print No syntax errors detected.

---

Task 2: Add Login-Protected Security Evidence Report

Files:

• Create: php/security_evidence.php

• Modify: php/.htaccess

• Test: PHP lint and login-protected manual browser check

• Step 1: Create php/security_evidence.php

Create a login-required report page that uses collect_ops_checks() and supports Markdown download using ?format=md.

Core structure:

<?php
// =============================================================================
// security_evidence.php - 보안대책서 첨부 증적 보고서 (v2605)
// =============================================================================

require_once __DIR__ . '/config.php';
require_once __DIR__ . '/ops_checks.php';

ini_set('session.cookie_httponly', 1);
ini_set('session.cookie_secure', 1);
ini_set('session.cookie_samesite', 'Strict');
ini_set('session.use_strict_mode', 1);
session_start();

if (empty($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
    header('Location: login.php');
    exit;
}

$checks = collect_ops_checks();
$failed_count = ops_failed_count($checks);
$generated_at = date('Y-m-d H:i:s');

$control_rows = [
    ['사업 범위', '1차 구축 범위를 누수·오프라인·사진·SMS·대시보드로 한정', '보안대책서 사업개요', 'SECURITY_PLAN_PASS_READINESS.md'],
    ['전송구간', 'HTTPS/TLS 사용, API 서명 검증', 'sensor_data.php, photo_upload.php, leak_sensor.py', 'SOURCE_SECURITY_EVIDENCE.md'],
    ['API 인증', '공유 API 키와 요청 서명 검증', 'config.php, leak_sensor.py', '403 테스트 결과'],
    ['비밀값', 'config.local.php와 /etc/leak-sensor.env로 분리', 'config.php, config.py', '설정 파일 권한 화면'],
    ['관리자 인증', '비밀번호 해시, CSRF, 세션 보호, 실패 제한', 'login.php', '로그인 화면'],
    ['사진정보', 'JPEG 검증, 로그 ID 검증, 업로드 실행 차단', 'photo_upload.php, uploads/photos/.htaccess', '사진 업로드 결과'],
    ['로그관리', '센서/SMS/사진/사고 로그 저장', 'MySQL', '월간 보고서'],
    ['장애대응', '미확인 사고 재알림, 장비 오프라인 감지', 'incidents.php, cron_heartbeat.php', 'SMS 로그, 사고 이력'],
];

if (($_GET['format'] ?? '') === 'md') {
    header('Content-Type: text/markdown; charset=utf-8');
    header('Content-Disposition: attachment; filename="security-evidence-' . date('Ymd-His') . '.md"');
    echo "# 누수감지 시스템 보안 증적 보고서\n\n";
    echo "- 생성시각: {$generated_at}\n";
    echo "- 버전: " . APP_VERSION . "\n";
    echo "- 점검 결과: " . ($failed_count === 0 ? "전체 통과" : "확인 필요 {$failed_count}건") . "\n\n";
    echo "## 운영 점검 결과\n\n";
    echo "| 분류 | 항목 | 결과 | 상세 | 조치 | 증적 |\n";
    echo "|---|---|---|---|---|---|\n";
    foreach ($checks as $check) {
        echo '| ' . $check['category'] . ' | ' . $check['label'] . ' | ' . ($check['ok'] ? '정상' : '확인 필요') . ' | ' . str_replace('|', '/', $check['detail']) . ' | ' . str_replace('|', '/', $check['fix']) . ' | ' . str_replace('|', '/', $check['evidence']) . " |\n";
    }
    echo "\n## 보안통제 매트릭스\n\n";
    echo "| 영역 | 보안대책 | 구현 위치 | 확인 증적 |\n";
    echo "|---|---|---|---|\n";
    foreach ($control_rows as $row) {
        echo '| ' . implode(' | ', $row) . " |\n";
    }
    exit;
}
?>

Render the HTML body with:

• title: 보안 증적 보고서

• summary card: generated time, APP_VERSION, failed count

• operational checks table

• security control matrix table

• download link: security_evidence.php?format=md

• print button: window.print()

• Step 2: Ensure helper files remain directly blocked

Modify php/.htaccess FilesMatch to include ops_checks:

<FilesMatch "^(config|config\.local|config\.local\.example|sms_send|incidents|ops_checks|setup_hash|test_mobile)\.php$">

Do not block security_evidence.php; it is a login-protected page.

• Step 3: Verify PHP syntax

Run:

php -l php\security_evidence.php

Expected:

• security_evidence.php passes PHP lint.

• .htaccess is not PHP; do not lint it. Instead visually confirm ops_checks is in the FilesMatch rule.

• Step 4: Manual browser test after deployment

Expected behavior:

• Unauthenticated security_evidence.php redirects to login.php.
• Authenticated access displays checks and control matrix.
• ?format=md downloads Markdown without secrets.

---

Task 3: Add Raspberry Pi Evidence Collector

Files:

• Create: raspberry_pi/collect_evidence.py

• Modify: docs/INSTALL_PI_SERVER.md

• Test: Python compile and dry-run on development machine

• Step 1: Create raspberry_pi/collect_evidence.py

The script must not print API keys, passwords, or SMS secrets. It should report whether required env vars exist, not their values.

Implementation outline:

#!/usr/bin/env python3
"""Sanitized Raspberry Pi evidence collector for security review attachments."""

import argparse
import json
import os
import shutil
import subprocess
import time
from pathlib import Path


ENV_FILE = Path("/etc/leak-sensor.env")


def run_command(command, timeout=10):
    try:
        result = subprocess.run(command, capture_output=True, text=True, timeout=timeout)
        return {
            "command": " ".join(command),
            "returncode": result.returncode,
            "stdout": result.stdout.strip()[:4000],
            "stderr": result.stderr.strip()[:2000],
        }
    except Exception as exc:
        return {"command": " ".join(command), "returncode": -1, "stdout": "", "stderr": str(exc)}


def env_presence():
    keys = [
        "LEAK_API_URL",
        "LEAK_PHOTO_UPLOAD_URL",
        "LEAK_API_KEY",
        "LEAK_DEVICE_ID",
        "LEAK_DEVICE_LOCATION",
        "LEAK_CAMERA_ENABLED",
        "LEAK_PHOTO_TIMELINE_ENABLED",
        "LEAK_PHOTO_TIMELINE_DELAYS",
    ]
    return {key: bool(os.environ.get(key)) for key in keys}


def collect():
    evidence = {
        "generated_at": time.strftime("%Y-%m-%d %H:%M:%S"),
        "hostname": run_command(["hostname"])["stdout"],
        "env_file_exists": ENV_FILE.exists(),
        "env_file_permission": run_command(["ls", "-l", str(ENV_FILE)]) if ENV_FILE.exists() else None,
        "env_presence": env_presence(),
        "service_status": run_command(["systemctl", "status", "leak-sensor", "--no-pager"], timeout=15),
        "service_enabled": run_command(["systemctl", "is-enabled", "leak-sensor"], timeout=10),
        "listening_ports": run_command(["ss", "-lntup"], timeout=10),
        "camera_tools": {
            "rpicam-still": shutil.which("rpicam-still") is not None,
            "libcamera-still": shutil.which("libcamera-still") is not None,
        },
        "recent_logs": run_command(["journalctl", "-u", "leak-sensor", "-n", "80", "--no-pager"], timeout=15),
    }
    return evidence


def print_markdown(evidence):
    print("# Raspberry Pi 보안/운영 증적")
    print()
    print(f"- 생성시각: {evidence['generated_at']}")
    print(f"- 호스트명: {evidence['hostname']}")
    print(f"- 환경파일 존재: {'예' if evidence['env_file_exists'] else '아니오'}")
    if evidence["env_file_permission"]:
        print(f"- 환경파일 권한: `{evidence['env_file_permission']['stdout']}`")
    print()
    print("## 환경변수 설정 여부")
    print()
    print("| 항목 | 설정 여부 |")
    print("|---|---|")
    for key, present in evidence["env_presence"].items():
        print(f"| {key} | {'설정됨' if present else '미설정'} |")
    print()
    print("## 서비스 상태")
    print()
    print("```text")
    print(evidence["service_status"]["stdout"] or evidence["service_status"]["stderr"])
    print("```")
    print()
    print("## 수신 포트")
    print()
    print("```text")
    print(evidence["listening_ports"]["stdout"] or evidence["listening_ports"]["stderr"])
    print("```")


def main():
    parser = argparse.ArgumentParser()
    parser.add_argument("--format", choices=["json", "md"], default="md")
    args = parser.parse_args()
    evidence = collect()
    if args.format == "json":
        print(json.dumps(evidence, ensure_ascii=False, indent=2))
    else:
        print_markdown(evidence)


if __name__ == "__main__":
    main()

• Step 2: Document Pi evidence command in docs/INSTALL_PI_SERVER.md

Add under the Pi final verification section:

cd /home/pi/leak_sensor
source venv/bin/activate
python3 collect_evidence.py --format md > pi-security-evidence.md

Note that the output intentionally does not include raw API keys.

• Step 3: Verify Python syntax

Run:

python -m py_compile raspberry_pi\collect_evidence.py

Expected: exit code 0 and no output.

• Step 4: Dry-run on non-Pi development machine

Run:

python raspberry_pi\collect_evidence.py --format json

Expected:

• JSON output is produced.
• systemd/camera commands may show errors on Windows; this is acceptable if the script does not crash.
• No API key value is printed.

---

Task 4: Improve Report and Dashboard Evidence Quality

Files:

• Modify: php/monthly_report.php

• Modify: php/dashboard.php

• Test: PHP lint and visual/manual verification after deployment

• Step 1: Add report metadata to php/monthly_report.php

Add near the existing $summary block:

$report_generated_at = date('Y-m-d H:i:s');
$report_scope = '누수 감지, 장비 오프라인, SMS, 사진, 사고 대응';

Render above the summary cards:

<section class="card" style="margin-bottom:18px">
    <span>보고서 생성</span>
    <strong style="font-size:1rem"><?= htmlspecialchars($report_generated_at) ?></strong>
    <p style="color:#64748b;font-size:.84rem;margin-top:8px">범위: <?= htmlspecialchars($report_scope) ?></p>
</section>

This makes printed/PDF reports usable as evidence.

• Step 2: Extend monthly CSV with evidence metadata

Before existing CSV rows, add:

fputcsv($out, ['generated_at', $report_generated_at]);
fputcsv($out, ['scope', $report_scope]);

Expected CSV begins with month, generated time, and scope.

• Step 3: Add dashboard link to evidence page

In php/dashboard.php header links, add:

<a href="security_evidence.php" style="color:#fff;font-size:.85rem;text-decoration:none;background:rgba(255,255,255,.15);padding:6px 14px;border-radius:6px;">보안 증적</a>

Keep existing setup_wizard.php, monthly_report.php, and logout links.

• Step 4: Add a short evidence hint near dashboard diagnostics

In the operational diagnostics section, add one concise sentence:

<p style="color:#64748b;font-size:.84rem;margin-top:8px">보안대책서 첨부용 점검표는 상단의 보안 증적 화면에서 내려받을 수 있습니다.</p>

• Step 5: Verify PHP syntax

Run:

php -l php\monthly_report.php
php -l php\dashboard.php

Expected: both commands print No syntax errors detected.

---

Task 5: Finalize Documentation Package

Files:

• Create: docs/OPERATIONS_SECURITY_CHECKLIST.md

• Create: docs/SECURITY_EVIDENCE_PACKAGE.md

• Modify: docs/README.md

• Modify: docs/SECURITY_PLAN_ATTACHMENT_GUIDE.md

• Modify: docs/SOURCE_SECURITY_EVIDENCE.md

• Modify: CHANGELOG.md

• Test: Markdown link/path sanity checks

• Step 1: Create docs/OPERATIONS_SECURITY_CHECKLIST.md

Include this structure:

# 운영·보안 점검 체크리스트

## 월간 점검

| 점검 항목 | 기준 | 증적 |
|---|---|---|
| 대시보드 로그인 | 관리자만 접근 가능 | 로그인 화면, 접근통제 확인 |
| 설치 점검 | 확인 필요 항목 없음 또는 조치 계획 존재 | setup_wizard.php 캡처 |
| 보안 증적 | 점검 결과와 보안통제 매트릭스 확인 | security_evidence.php 캡처 또는 MD 다운로드 |
| Pi 서비스 | leak-sensor active 상태 | collect_evidence.py 결과 |
| SMS 발송 | 최근 실패 건수 확인 | monthly_report.php 또는 sms_log |
| 사진 저장 | 사진 타임라인 확인 | dashboard.php 캡처 |
| 백업 | DB/사진/설정 백업 확인 | 백업 파일 목록 |
| 보관기간 | 사진/로그 기간 초과분 정리 | 삭제/정리 기록 |

## 사고 발생 시

1. 대시보드에서 사고 상태와 사진 타임라인을 확인한다.
2. SMS 수신 여부와 `sms_log` 실패 여부를 확인한다.
3. 현장 조치 후 사고 상태를 `조치 완료` 또는 `오탐`으로 기록한다.
4. 월간 보고서에 사고 처리 내역이 반영됐는지 확인한다.

• Step 2: Create docs/SECURITY_EVIDENCE_PACKAGE.md

Include:

# 보안대책서 첨부자료 패키지

## 필수 첨부

| 첨부자료 | 생성 위치 | 증명하는 것 |
|---|---|---|
| 보안 증적 보고서 | `php/security_evidence.php?format=md` | 보안통제와 운영 점검 연결 |
| 설치 점검 화면 | `php/setup_wizard.php` | DB/권한/SMS/설정 상태 |
| 대시보드 화면 | `php/dashboard.php` | 현재 위험, 사고, 사진, 장비 상태 |
| 월간 보고서 | `php/monthly_report.php` | SMS/사진/사고 처리 현황 |
| Pi 증적 보고서 | `raspberry_pi/collect_evidence.py --format md` | Pi 서비스, 포트, 환경파일 상태 |
| HTTPS 접속 화면 | 운영 도메인 브라우저 | 전송구간 보호 적용 |

## 제출 전 마스킹

- API 키 원문 제거
- DB 비밀번호 제거
- SMS secure key 제거
- 관리자 비밀번호 원문 제거
- 담당자 휴대전화번호는 필요 시 뒷자리 마스킹

• Step 3: Update docs/README.md

Add the new documents under folder structure:

  OPERATIONS_SECURITY_CHECKLIST.md # 월간 운영·보안 점검표
  SECURITY_EVIDENCE_PACKAGE.md     # 보안대책서 첨부자료 패키지

Add an operations section that points to:

• setup_wizard.php

• security_evidence.php

• monthly_report.php

• raspberry_pi/collect_evidence.py

• Step 4: Update security guide docs

In docs/SECURITY_PLAN_ATTACHMENT_GUIDE.md, add that API/source evidence is generated by:

php/security_evidence.php
raspberry_pi/collect_evidence.py
docs/SOURCE_SECURITY_EVIDENCE.md

In docs/SOURCE_SECURITY_EVIDENCE.md, add:

운영 서버 반영 후 `security_evidence.php?format=md`를 내려받으면 코드 기반 보안통제와 운영 점검 결과를 하나의 증적 파일로 보관할 수 있다.

• Step 5: Update CHANGELOG.md

Add under v2605:

- 보안대책서 첨부용 증적 보고서 계획과 운영·보안 체크리스트를 추가했습니다.
- Pi 증적 수집 스크립트 계획을 추가해 API 키 원문 없이 서비스/포트/환경파일 상태를 확인할 수 있게 했습니다.

• Step 6: Verify Markdown paths

Run:

Get-ChildItem docs -Recurse -File | Where-Object { $_.Extension -eq '.md' } | Select-String -Pattern 'security_evidence.php|collect_evidence.py|OPERATIONS_SECURITY_CHECKLIST|SECURITY_EVIDENCE_PACKAGE'

Expected: new docs and links appear in README/security docs.

---

Task 6: Full Verification Pass

Files:

• All changed PHP, Python, Markdown files

• Step 1: Run PHP lint

Run:

$files = @(
  'php\config.php',
  'php\ops_checks.php',
  'php\setup_wizard.php',
  'php\security_evidence.php',
  'php\dashboard.php',
  'php\monthly_report.php',
  'php\api\sensor_data.php',
  'php\api\photo_upload.php',
  'php\login.php',
  'php\sms_send.php',
  'php\incidents.php',
  'php\cron_heartbeat.php'
)
foreach ($file in $files) { php -l $file }

Expected: every file reports No syntax errors detected.

• Step 2: Run Python compile checks

Run:

python -m py_compile raspberry_pi\config.py raspberry_pi\leak_sensor.py raspberry_pi\test_connection.py raspberry_pi\collect_evidence.py scripts\generate_security_plan_images.py

Expected: exit code 0 and no output.

• Step 3: Search for stale secrets and legacy values

Run:

Get-ChildItem -Recurse -File |
  Where-Object { $_.FullName -notlike '*\_backup\*' } |
  Select-String -Pattern '<legacy-patterns-redacted>' -CaseSensitive:$false

Expected: no matches outside intentional documentation examples.

• Step 4: Confirm no Python cache remains

If py_compile creates cache files, remove them after verifying the resolved path is inside the workspace:

$target = Resolve-Path -LiteralPath 'raspberry_pi\__pycache__' -ErrorAction SilentlyContinue
if ($target) {
    $workspace = (Resolve-Path -LiteralPath '.').Path
    if ($target.Path.StartsWith($workspace)) {
        Remove-Item -LiteralPath $target.Path -Recurse -Force
    }
}

• Step 5: Manual deployment verification checklist

After uploading to Cafe24 and Pi:

• Visit login.php; verify login is required.
• Visit setup_wizard.php; capture the result.
• Visit security_evidence.php; capture the result.
• Download security_evidence.php?format=md; confirm no secrets are present.
• Visit dashboard.php; confirm evidence link and diagnostics.
• Visit monthly_report.php; print/PDF preview includes generated time and scope.
• Run python3 collect_evidence.py --format md on Pi; confirm no API key is printed.
• Run python3 test_connection.py on Pi; confirm unsigned request is rejected and signed request succeeds.

Expected: these items produce the minimum security evidence package.

---

Task 7: Completion Notes

Files:

• Modify: docs/SECURITY_PLAN_PASS_READINESS.md

• Modify: docs/SECURITY_PLAN_HWP_REVIEW.md

• Step 1: Point final security docs to the new evidence outputs

In docs/SECURITY_PLAN_PASS_READINESS.md, add references to:

• php/security_evidence.php

• php/security_evidence.php?format=md

• raspberry_pi/collect_evidence.py --format md

• docs/SECURITY_EVIDENCE_PACKAGE.md

• Step 2: Clarify remaining user-provided evidence

Keep the remaining user-provided list short:

1. 실제 서버 도메인과 HTTPS 화면
2. Pi 네트워크 분리 또는 방화벽 정책 확인
3. 설치 위치 사진과 자산 정보
4. 백업 주기와 담당자
5. SMS 수신자 현행화 확인

• Step 3: Verify final docs contain no over-claim

Search:

Select-String -Path docs\SECURITY_PLAN_*.md,docs\SOURCE_SECURITY_EVIDENCE.md -Pattern '국정원.*통과|완벽|보장|반드시 통과'

Expected: no text claims guaranteed approval.

---

Coverage Map

Requirement	Implemented by
심사 대응 패키지	Tasks 1, 2, 5, 7
코드 기반 보안근거	Tasks 2, 5, 7
운영 실패 가시화	Tasks 1, 3, 4
대시보드/보고서 증적 품질	Task 4
자동 증적 생성	Tasks 2, 3
확장 범위 분리	Task 7 plus existing security docs
비밀값 미노출	Tasks 2, 3, 6

Execution Notes

• This workspace currently has no .git directory, so commit steps are skipped in this workspace.
• Do not put real API keys, DB passwords, SMS secure keys, or administrator passwords into Markdown.
• If a deployed Cafe24 behavior cannot be verified locally, document it as an operator evidence requirement instead of claiming it as verified.