We present Hu-GTVA, a framework for human-grounded test case generation, validation, and acceptance designed to create contextual ground truths for the evaluation of retrieval-augmented generation (RAG) systems in high-stakes public-sector contexts. The framework addresses the challenge of aligning RAG system evaluations with expert-grounded domain knowledge by combining automated test case generation, structured expert annotation, and dual-review protocols. We demonstrate its application in collaboration with the Swedish National Financial Management Authority (ESV), where it supports the evaluation of Konsekvenshjälpen, a RAG-LLM system for regulatory impact assessment assistance. Hu-GTVA takes conceptual motivation from both the principle of Oversight by Design and the regulatory requirement of Human Oversight under Article 14 of the EU AI Act. Oversight by Design emphasizes integrating oversight considerations already during the design phase, while Human Oversight defines who, when, and what must be governed to ensure accountable AI use. Drawing from both, Hu-GTVA introduces structured expert review, acceptance criteria, and quantitative agreement metrics to bring human judgment into the evaluation process before deployment. Designed for modularity and domain adaptability, the framework can be extended to other high-risk settings such as healthcare or critical infrastructure. Hu-GTVA offers a reproducible and human-centered pre-hoc RAG-LLM evaluation pipeline.

In this work, we propose an explainable intrusion detection framework for Controller Area Network bus traffic using the ROAD dataset. By segmenting raw traffic into fixed-size chunks, we extract features that capture timing behavior, entropy, payload statistics, and CAN ID survival rates. We evaluate three classifiers, Decision Tree, Random Forest (with TreeSHAP), and Feedforward Neural Network (with KernelSHAP). The framework extracts multi-level features from CAN traffic, revealing through explainability that tree models detect protocol anomalies while neural networks capture signal-level distortions, underscoring the role of model choice in explainable IDS design.

The Citcom.AI RISE testing approach is a step towards structured AI system evaluation and testing under the AI Act's regulatory framework. It establishes a definition of context in the scenario of different AI application domains, AI subfields, and use cases. In particular, a systematic evaluation, from defining the context and application to detailed risk assessments, linking each AI application to corresponding testing standards and methodologies, is presented. The approach translates AI Act’s high level regulatory requirements for different AI system risk levels to appropriate technical testing techniques for achieving trustworthiness across different domains and AI subfields, promoting responsible AI deployment and fostering trust in AI applications.