fix(driver-focas): resolve Medium code-review finding (Driver.FOCAS-004)

DiscoverAsync now unconditionally emits SecurityClassification.ViewOnly
for every user-authored FOCAS tag.  Previously the SecurityClass was
tag.Writable ? Operate : ViewOnly, but WireFocasClient.WriteAsync always
returns BadNotWritable — advertising Operate misleads OPC UA clients
and the DriverNodeManager ACL layer into granting write permission on
nodes that can never be written.

Updated FocasCapabilityTests.DiscoverAsync_emits_pre_declared_tags to
assert ViewOnly for the writable-by-config tag so it matches the
corrected behaviour.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

code-reviews/Driver.FOCAS/findings.md

@@ -7,7 +7,7 @@
 | Review date | 2026-05-22 |
 | Commit reviewed | `76d35d1` |
 | Status | Reviewed |
-| Open findings | 9 |
+| Open findings | 8 |
 
 ## Checklist coverage
 
@@ -119,7 +119,7 @@ unresolved device host so the operator fixes the typo at startup.
 | Severity | Medium |
 | Category | OtOpcUa conventions |
 | Location | `FocasDriver.cs:374-379`, `WireFocasClient.cs:48-50` |
-| Status | Open |
+| Status | Resolved |
 
 **Description:** `DiscoverAsync` emits user tags with
 `SecurityClass = tag.Writable ? SecurityClassification.Operate : SecurityClassification.ViewOnly`,
@@ -137,7 +137,7 @@ be written.
 write. Given the wire backend is read-only and is the only production backend, treating
 all FOCAS tags as `ViewOnly` is the simplest correct behaviour.
 
-**Resolution:** _(open)_
+**Resolution:** Resolved 2026-05-22 — `DiscoverAsync` now unconditionally emits `SecurityClassification.ViewOnly` for all user-authored tags; the `Writable` config field no longer influences the advertised security class since the wire backend never writes.
 
 ### Driver.FOCAS-005