fix(status-codes): correct BadDeviceFailure from 0x80550000 to 0x808B0000

Driver.Cli.Common-007 + Driver.Cli.Common-008 resolution.

Driver.Cli.Common-007 (High, Correctness):
  0x80550000 is the canonical OPC UA spec value for BadSecurityPolicyRejected,
  not BadDeviceFailure. The correct spec value for BadDeviceFailure is
  0x808B0000 (verified against OPC Foundation Opc.Ua.StatusCodes;
  corroborated locally by Driver.Galaxy.Runtime.StatusCodeMap and both
  Wonderware historian quality mappers which all hand-pin the correct
  value).

  The bug was duplicated across six driver modules:
    - FocasStatusMapper.BadDeviceFailure
    - AbCipStatusMapper.BadDeviceFailure
    - AbLegacyStatusMapper.BadDeviceFailure
    - TwinCATStatusMapper.BadDeviceFailure
    - ModbusDriver.StatusBadDeviceFailure
    - S7Driver.StatusBadDeviceFailure
  Plus the SnapshotFormatter shortlist that named 0x80550000 as
  BadDeviceFailure, and three downstream Modbus tests that asserted
  against the wrong value (so CI was blind).

  This commit fixes all six native-mapper constants, the formatter
  shortlist, and the three Modbus tests in one pass. Added a regression
  guard to FormatStatus_does_not_apply_pre_fix_wrong_names that pins
  0x80550000 never renders as BadDeviceFailure (mirroring the existing
  -001 wrong-name guards).

  Behavior change: OPC UA clients consuming the native drivers now see
  the canonical BadDeviceFailure (0x808B0000) on device-fault paths
  instead of the misnamed BadSecurityPolicyRejected (0x80550000). Wire-
  level status semantics now match operator-facing CLI labels.

Driver.Cli.Common-008 (Low, Testing):
  Deleted the redundant FormatStatus_names_native_driver_emitted_codes
  Theory — its five InlineData rows were already covered by the
  well-known Theory in the same commit (5a9c459), and used a weaker
  ShouldContain vs the well-known Theory's ShouldBe (exact match).

Verification:
  - Driver.Cli.Common.Tests: 43/43 pass (was 48 after the -008 deletion).
  - Driver.Modbus.Tests: 263/263 pass.
  - Driver.AbCip.Tests: 262/262.
  - Driver.AbLegacy.Tests: 157/157.
  - Driver.FOCAS.Tests: 178/178.
  - Driver.S7.Tests: 112/112.
  - Driver.TwinCAT.Tests: 131/131.
  Total: 1146 tests across the affected modules, all green.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

code-reviews/Driver.Cli.Common/findings.md

@@ -7,7 +7,7 @@
 | Review date | 2026-05-23 |
 | Commit reviewed | `a9be809` |
 | Status | Reviewed |
-| Open findings | 2 |
+| Open findings | 0 |
 
 ## Checklist coverage
 
@@ -251,7 +251,7 @@ added to the `DriverCommandBase` class-summary driver enumeration in commit `7ff
 | Severity | High |
 | Category | Correctness & logic bugs |
 | Location | `src/Drivers/Cli/ZB.MOM.WW.OtOpcUa.Driver.Cli.Common/SnapshotFormatter.cs:129` |
-| Status | Open |
+| Status | Resolved |
 
 **Description:** Commit `5a9c459` added `0x80550000u => "BadDeviceFailure"` to the
 `FormatStatus` shortlist, but `0x80550000` is the canonical OPC UA spec value for
@@ -302,6 +302,30 @@ original recommendation again: add a CI test that cross-checks every shortlist
 entry against `Opc.Ua.StatusCodes` reflection so this class of bug stops
 recurring.
 
+**Resolution:** Resolved 2026-05-23 — corrected `SnapshotFormatter.FormatStatus`
+to map `0x808B0000u => "BadDeviceFailure"` (was `0x80550000u`). Updated the
+`InlineData` row in the well-known Theory accordingly; the redundant native-
+emitted Theory was deleted entirely per Driver.Cli.Common-008. Added a regression
+row to `FormatStatus_does_not_apply_pre_fix_wrong_names` pinning that
+`0x80550000` no longer renders as `BadDeviceFailure` (mirroring the
+Driver.Cli.Common-001 wrong-name guards). The underlying constant was also
+corrected in all six native-protocol mappers as part of the same commit:
+`FocasStatusMapper.BadDeviceFailure`, `AbCipStatusMapper.BadDeviceFailure`,
+`AbLegacyStatusMapper.BadDeviceFailure`, `TwinCATStatusMapper.BadDeviceFailure`,
+`ModbusDriver.StatusBadDeviceFailure`, `S7Driver.StatusBadDeviceFailure` — all
+moved from `0x80550000u` to `0x808B0000u`. The three downstream Modbus tests
+(`ModbusExceptionMapperTests` 3 InlineData rows + 1 ShouldBe assertion;
+`ExceptionInjectionTests.StatusBadDeviceFailure` constant) updated to expect
+the corrected code. **Behavior change:** OPC UA clients consuming the native
+drivers now see the canonical `BadDeviceFailure` (0x808B0000) instead of the
+misnamed `BadSecurityPolicyRejected` (0x80550000) on device-fault paths —
+operator-facing CLI output and machine-readable status semantics now agree.
+Suite totals after fix: Driver.Cli.Common.Tests 43 green (was 48 — minus 5
+redundant rows); Modbus.Tests 263; AbCip.Tests 262; AbLegacy.Tests 157;
+FOCAS.Tests 178; S7.Tests 112; TwinCAT.Tests 131; all green. The Opc.Ua.StatusCodes
+cross-check the recommendation suggested is recorded as a follow-up worth
+considering but is out of scope for this fix.
+
 ### Driver.Cli.Common-008
 
 | Field | Value |
@@ -309,7 +333,7 @@ recurring.
 | Severity | Low |
 | Category | Testing coverage |
 | Location | `tests/Drivers/Cli/ZB.MOM.WW.OtOpcUa.Driver.Cli.Common.Tests/SnapshotFormatterTests.cs:50-64` |
-| Status | Open |
+| Status | Resolved |
 
 **Description:** Commit `5a9c459` adds a new
 `FormatStatus_names_native_driver_emitted_codes` `[Theory]` whose five
@@ -332,3 +356,9 @@ it but switch to `ShouldBe($"0x{status:X8} ({expectedName})")` so its
 assertion strength matches the rest of the file. Option (a) is cleaner: the
 commit's "operator workflow" intent is documented well enough in the
 well-known Theory comment block; the redundant Theory is dead weight.
+
+**Resolution:** Resolved 2026-05-23 — took option (a): deleted the
+`FormatStatus_names_native_driver_emitted_codes` Theory entirely. Its five
+`InlineData` rows are covered by the well-known Theory's `ShouldBe` (strict
+exact-match assertion), which is the authoritative shortlist test. Landed
+alongside the Driver.Cli.Common-007 fix in the same commit.