BMB Blueprint Miro Buddy
DECK · 5 SLIDES

Tier 0 + Cascade Slides

EverDriven · Architecture Framework Capabilities · 15 across 4 bands

Present →
Built 1 day ago
SLIDE 1 OF 5 · CAPABILITY OVERVIEW
EVERDRIVEN · TIER 0 · ARCH FRAMEWORK CAPABILITIES

15 capabilities across 4 risk-and-investment bands

Owned by Architecture · evergreen, not time-boxed · surfaced in Portfolio Review only when status flips off Healthy
Data & Multi-Tenancy
Architecture · Karol
At Risk 4 components
Auth / RBAC Runtime
Architecture · Karol / Owain
Watch — sfdsdfsdff 4 components
PII Protection
Architecture · Karol
Healthy 4 components
Health Checks
Architecture + DevOps
Healthy 3 components
Resilience
Architecture · Karol
Healthy 2 components
Diagnostics & Startup
Architecture · Karol
Healthy 3 components
Observability & Telemetry
Architecture + DevOps
Healthy 4 components
Messaging Backbone
Architecture · Karol / Alex
Healthy 4 components
Outbox & Reconciliation
Architecture · Karol / Alex
Healthy 4 components
Feature Flags
Architecture · Karol
Watch — Compliance 2.0 cutover 4 components
Workflow Orchestration (Conductor)
Architecture · Karol
Healthy 4 components
Case Management Platform
Architecture · Karol
Healthy 4 components
Domain & Application Building Blocks
Architecture · Karol
Healthy 4 components
Testing Platform
Architecture · Karol
Healthy 4 components
Caching & Read Models
Architecture · Karol
Healthy 4 components
SLIDE 2 OF 5 · BAND 01 · SECURITY & COMPLIANCE
EVERDRIVEN · TIER 0 · BAND 01 OF 04

Security & Compliance

3 capabilities

Data & Multi-Tenancy

At Risk
Architecture · Karol
  • Composite Tenant Provider
  • Domain Event Publishing DbContext
  • Row-Level Security (RLS)
  • Scope-Aware EF Query Filters
Consumed by Every BC · required by RBAC for tenant isolation

Auth / RBAC Runtime

Watch — sfdsdfsdff
Architecture · Karol / Owain
  • FusionAuth (identity provider + token issuance)
  • Traefik Application Gateway (edge routing + auth termination)
  • User Authorization Service + ForwardAuth (jwt-zAuth)
  • Authorization Cache + Claims Cache (TTL strategy resolved per D-decision Apr 30)
Consumed by Every BC requiring authentication or authorization · prerequisite for district user onboarding (Jun 7)
Distinct from the Tier 1 RBAC enabler. Tier 1 RBAC is the project building this runtime; this is the runtime itself once it lands.

PII Protection

Healthy
Architecture · Karol
  • [PiiField(Standard|Restricted)] attribute + level taxonomy
  • Format-preserving masking primitives (email, phone, SSN, name)
  • Serilog enricher + sanitized logger (auto log redaction)
  • MVC redaction filter + document filter (auto HTTP response redaction)
Consumed by Every BC handling PHI/PII — Trip Operations, Enrollment, Compliance/Supply, EverWatch
EverDriven compliance control surface. Carved out per readiness review D3 (Apr 29).
SLIDE 3 OF 5 · BAND 02 · RELIABILITY
EVERDRIVEN · TIER 0 · BAND 02 OF 04

Reliability

4 capabilities

Health Checks

Healthy
Architecture + DevOps
  • Service Bus Health Check
  • Cross-Service Health Check
  • Conductor Health Check
Consumed by All initiatives — anything depending on real-time service availability

Resilience

Healthy
Architecture · Karol
  • Polly Policies (retry · circuit breaker · timeout · bulkhead)
  • Circuit Breaker primitive (also referenced by Tier 1 Data Sync Engine)
Consumed by All outbound HTTP clients · Service Bus / RabbitMQ subscribers · Conductor workers

Diagnostics & Startup

Healthy
Architecture · Karol
  • Stub Mode Detector
  • Reconciliation Alerting
  • Startup Configuration Validator
Consumed by All initiatives during dual-write phase · critical for Data Sync rollouts

Observability & Telemetry

Healthy
Architecture + DevOps
  • Catalyst Activity Sources + Activity Enricher (distributed tracing, OpenTelemetry)
  • Catalyst Metrics + State Gauge Collector (domain + infra metrics, OTLP export)
  • Serilog Pipeline + Metrics HTTP Message Handler
  • Metrics Behavior (MediatR command/query latency + outcome metrics)
Consumed by Every BC · feeds DevClarity dashboard (Tier 3) · prerequisite for Jon West's metrics work
Distinct from Tier 3 DevClarity — this is the production telemetry plane.
SLIDE 4 OF 5 · BAND 03 · INTEGRATION
EVERDRIVEN · TIER 0 · BAND 03 OF 04

Integration

3 capabilities

Messaging Backbone

Healthy
Architecture · Karol / Alex
  • Service Bus Publisher + Subscriber (Azure Service Bus — primary)
  • RabbitMQ Publisher + Subscriber + Connection Holder (secondary / on-prem)
  • Event Idempotency Service + Scope-Aware Event Handler (exactly-once, tenant scoping)
  • DLQ Monitor + Topic Name Resolver
Consumed by Every BC publishing/consuming integration events · prerequisite for Data Sync Engine

Outbox & Reconciliation

Healthy
Architecture · Karol / Alex
  • Outbox Pattern Writer (persists events transactionally with primary write)
  • Outbox Dispatcher / Polling Worker (reads outbox, publishes to Service Bus)
  • Reconciliation Service (compares primary state vs projection)
  • Dead-Letter Queue + Retry Policy
Consumed by Every BC writing to primary store + publishing events · foundation for dual-write phase
EasyStart, Compliance, EverWatch all depend on this landing reliably during cutover windows.

Feature Flags

Watch — Compliance 2.0 cutover
Architecture · Karol
  • LaunchDarkly Service
  • Fallback Feature Flag Service
  • Feature Flag Registry
  • Feature Flag Router (routes traffic legacy ↔ Catalyst — Strangler Fig)
Consumed by All gated rollouts — Compliance 2.0 cutover, EverWatch internal-100%, EasyStart, FlexFare
SLIDE 5 OF 5 · BAND 04 · ORCHESTRATION & FOUNDATIONS
EVERDRIVEN · TIER 0 · BAND 04 OF 04

Orchestration & Foundations

5 capabilities

Workflow Orchestration (Conductor)

Healthy
Architecture · Karol
  • Conductor Bootstrap + Configuration + Async Worker Host
  • Worker Idempotency Service + Idempotent Worker Decorator
  • Workflow Versioning (manager, selector, store, migration)
  • Workflow DLQ Service + Retry Processor + Alerting + Health Monitor
Consumed by Trip Ops, Compliance, Enrollment, Settlement — 15+ workflow providers shipping or in-flight
One of the largest single Architecture investments; supports DMV 2.0, FlexFare, Settlement, Rescue, all of Compliance/Supply.

Case Management Platform

Healthy
Architecture · Karol
  • Case Management HTTP Client + Correlation Handler + Tenant Handler
  • Case Management Metrics Service
  • Support Case + Note + Correspondence + Link (domain primitives)
  • Case Management Events (domain events for case lifecycle)
Consumed by Every BC that escalates exceptions to a human — Trip Ops, Compliance, Enrollment, Settlement

Domain & Application Building Blocks

Healthy
Architecture · Karol
  • Result Pattern + Domain Exceptions
  • State Machine Primitive (generic FSM for ST/PT/VR lifecycles)
  • Entity Base + Audit Entry + IScoped / IProviderOwned / IProviderScoped
  • Validation Behavior (MediatR pipeline, FluentValidation integration)
Consumed by Every BC's Domain layer — VR/PT, ST, DMV 2.0 all build on these primitives

Testing Platform

Healthy
Architecture · Karol
  • Shadow Mode Test Infrastructure (middleware, processing queue, result comparer)
  • Tenant Isolation Test Helper + Well-Known Test IDs
  • E2E + Integration Fixtures + Test Permission Service
  • Feature Flags Test Doubles + Workflows Test Stubs
Consumed by Every BC's test suite · enforces tenant isolation invariants in CI · drives shadow-mode validation

Caching & Read Models

Healthy
Architecture · Karol
  • Distributed Cache Service (Redis, tenant-scoped key prefixing)
  • Read Model Projection Pipeline (event-driven from Service Bus)
  • Cache Invalidation Events (typed cache-key registry + invalidation-on-write)
  • Cache-Aside Read Primitive (negative caching + jittered TTL)
Consumed by Every BC reading high-volume data — Trip Ops, Compliance, EverWatch, Mobile
Foundation for sub-second read paths. Drives EverWatch real-time UX latency budget.