Appendix C. References and Further Study

This appendix points readers to the sources that deepen the formal, practical, and workflow dimensions of the book. It is intentionally selective. Each reference is included because it extends one concrete part of the manuscript rather than because it is historically comprehensive.

Chapter guide

This section connects the selective bibliography to the body chapters so readers can deepen one chapter at a time instead of treating the appendix as a detached reading dump.

Chapter	Best first references	Why these sources fit
Introduction	Fong and Spivak; Software Architecture in Practice; NIST AI RMF	They connect composition, architecture views, and governance language without forcing a proof-first start.
Chapter 01	Software Architecture in Practice; NIST SSDF 1.1; NIST SP 800-218A	They keep responsibility boundaries tied to concrete delivery controls and evidence expectations.
Chapter 02	Awodey; Riehl; Fong and Spivak; Evans	They support the move from basic categorical vocabulary to stable artifact and interface selection.
Chapter 03	Fong and Spivak; Software Abstractions; NIST SSDF 1.1	They support diagrammatic reasoning, counterexample discipline, and reviewable control points.
Chapter 04	Riehl; Fong and Spivak; Software Architecture in Practice	They support structure-preserving translation across views and architecture artifacts.
Chapter 05	Awodey; Riehl; Evans	They support natural transformations while clarifying why this book uses engineering-facing view names.
Chapter 06	Mac Lane; Fong and Spivak; Evans	They support products, coproducts, and disciplined variation selection in software design.
Chapter 07	Riehl; Mac Lane; Software Architecture in Practice; Evans	They support governed integration, migration, and shared-boundary design.
Chapter 08	Fong and Spivak; ReAct; Software Architecture in Practice	They support monoidal reasoning while contrasting explicit orchestration with looser agent loops.
Chapter 09	Mac Lane; Awodey; NIST AI RMF; NIST SP 800-218A; ReAct	They support effect handling, operational governance, and tool-mediated execution boundaries.
Chapter 10	NIST SSDF 1.1; NIST SP 800-218A; NIST AI RMF; NIST AI 600-1; SWE-bench	They support the case study’s delivery control model, acceptance evidence, and real repository evaluation pressure.

Terminology bridges back to the literature

This section flags the main places where the book intentionally prefers software-engineering wording over standard textbook phrasing.

responsibility boundary is the book’s reader-facing synthesis term for the point where authority, review obligation, and evidence expectations become explicit.
reviewer view and runtime view are engineering-facing names for alternative coherent views of the same underlying design claim.
effect boundary is the book’s practical label for the point where tool calls, writes, or dispatch steps stop behaving like pure artifact transformations.
decision packet is a canonical artifact name in the running example rather than a conventional formal term from the cited theory texts.

Foundational texts

This section groups the mathematical and conceptual sources that support the formal core of the book.

Introductory category theory references

Steve Awodey, Category Theory is a compact first formal text once you want a mathematically serious pass over categories, functors, natural transformations, adjunctions, and monads after Chapters 02 through 05.
Emily Riehl, Category Theory in Context is the best follow-up when you want richer examples, stronger coverage of limits and adjunctions, and a legally hosted free PDF from the author.

Texts on universal constructions and monoidal reasoning

Saunders Mac Lane, Categories for the Working Mathematician remains the canonical long-term desk reference for universal constructions, adjoint functors, monoidal structure, and coherence.
Brendan Fong and David I. Spivak, An Invitation to Applied Category Theory: Seven Sketches in Compositionality is the closest match to this book’s goals because it connects categorical structure to databases, collaborative design, circuits, and compositional modeling.

Engineering practice references

This section groups sources on architecture, design review, and verification-oriented software engineering.

Architecture and interface design references

Len Bass, Paul Clements, and Rick Kazman, Software Architecture in Practice, 4th ed. is the strongest architecture companion for readers who want to connect this book’s artifact-oriented reasoning to views, quality attributes, and decision documentation.
Eric Evans, Domain-Driven Design: Tackling Complexity in the Heart of Software is the most useful extension when you need sharper vocabulary for canonical models, bounded contexts, and interface language discipline.

Verification, testing, and traceability references

Daniel Jackson, Software Abstractions is the most relevant reference here for readers who want lightweight formal methods that improve design review early rather than proof obligations late.
National Institute of Standards and Technology, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities is a practical control vocabulary for traceable, reviewable, and repeatable software delivery.

AI-assisted systems and verification references

This section groups sources on agentic systems, tool orchestration, and governance of automated work.

Human-in-the-loop engineering references

Shunyu Yao et al., ReAct: Synergizing Reasoning and Acting in Language Models is a useful comparison point when you want to contrast the book’s orchestration artifacts with a widely cited agent pattern that interleaves reasoning and action.
National Institute of Standards and Technology, Secure Software Development Practices for Generative AI and Dual-Use Foundation Models: An SSDF Community Profile is the most directly operational reference in this appendix when you need control guidance for AI model and system development inside a broader delivery lifecycle.

Safety, auditability, and evaluation references

National Institute of Standards and Technology, Artificial Intelligence Risk Management Framework (AI RMF 1.0) is the right place to map the book’s governance language onto a broader organizational risk-management framework.
National Institute of Standards and Technology, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile gives more concrete generative-AI risk categories, testing themes, and disclosure expectations than the base framework alone.
Carlos E. Jimenez et al., SWE-bench: Can Language Models Resolve Real-World GitHub Issues? is the most relevant evaluation reference here when you want benchmark pressure from real repository issues rather than synthetic coding prompts.

Suggested study paths

This section gives readers multiple routes for continuing after the main text.

Path for readers who need stronger mathematical depth

Read Awodey for a compact re-pass over the formal core.
Move to Riehl when you want richer examples and stronger practice with limits, colimits, and adjunctions.
Use Mac Lane as the long-term reference once you need canonical statements and proofs.
Return to Chapters 06 through 09 and compare your new formal vocabulary against the repository artifacts in the running example.

Path for readers who need stronger implementation and operations depth

Read Software Architecture in Practice together with the running example’s artifact map and workflow files.
Pair Domain-Driven Design with Chapters 01, 04, and 07 when refining responsibility boundaries, canonical models, and shared boundaries.
Use Software Abstractions and SSDF to strengthen verification and delivery controls before adding more automation.
Finish with AI RMF, the Generative AI Profile, ReAct, and SWE-bench so agent capabilities, control requirements, and evaluation pressure are considered together rather than in isolation.