lv-civdef-drone-threat-public-address/docs/00-incident-chronology.md

# 00 — Incident Chronology (7 May 2026, Rezekne)

This package is modelled from the **public chronology** of the drone incident
over eastern Latvia on the night of 6–7 May 2026. No classified or operational
source was used.

## Public-source timeline

| Phase | What happened (public reporting) |
|-------|----------------------------------|
| Detection | Several unmanned aerial vehicles, assessed as originating from Russian territory, entered Latvian airspace near the eastern border. |
| Tracking | NBS surveillance tracked the objects; at least two drones came down on Latvian territory, one near Rezekne. |
| Impact | A drone struck near a fuel-storage facility in the Rezekne area; no casualties were publicly reported. |
| Public notification | The public cell-broadcast early-warning message reached the Rezekne population **approximately 40 minutes** after the threat was apparent — the central failure this package addresses. |
| Aftermath | The Ministry of Defence publicly committed to **revising the inter-institutional notification algorithms** so that a public alert is issued without comparable delay. |

## Why this is modelled as a UAPF package

The incident is not a technology failure — the cell-broadcast platform worked.
It is a **process and decision-rights failure**: the algorithm that converts
"NBS sees a threat" into "VUGD dispatches a public broadcast" was slow and
under-specified. That is exactly the class of problem UAPF exists to make
explicit, inspectable and improvable: a BPMN process, the DMN decisions inside
it, the CMMN follow-up case, and the resource bindings that say who does what.

## Scope boundary

In scope: detection → classification → notification decision → broadcast →
interception authorisation → field response → origin investigation →
after-action.

Out of scope: NBS internal sensor doctrine, NATO BAP internal procedures,
and the criminal investigation, which are referenced only as handoffs.