(a)
Risk-classified condition
Class-specific risk classification produced by the multi-modal sensor-fusion encoder.
Verify · LLM Trust Governance · Pillar 03
The model proposing the claim
cannot decide whether to trust it.
A separate verifier — not the model — decides what to trust. A four-condition response gate that fails closed by construction. The bug class that ships in every other LLM-agent codebase, structurally closed.
S402-AERO POC · 8/8 hypotheses PASS
8/8
hypotheses PASS
incl. FAA AC 25.1309 Takeoff envelope rule
0
false-positive shutdowns
across 1000 ticks · 3 fault modes
467 µs
p99 tick latency
p95 428 µs · max 525 µs
2551 Hz
real-time capability
2× headroom for 1000 Hz flight-control loop
01 · The structural failure mode
Every LLM-agent stack has the same bug class.
The model that proposes a claim also signals — through its own output — whether the claim should be trusted. Pipelines routinely ship with checks that ask whether evidence references exist, but never whether those references actually support the claim. The proposing agent has, in effect, granted itself trust authority.
This is not a coding mistake that one careful PR-review will fix. It is an architectural failure mode that recurs in every LLM-agent codebase we have audited — internal and competitor. The cause is structural: the claim data structure carries a trust-state field that the proposing pipeline is permitted to set. The cure must also be structural.
02 · The structural remedy
Verifier-monopoly, enforced at compile time.
The Claim-Proposal data structure is defined, at the type level, with no field of the trust-state enum type. The strongly-typed compiler refuses to accept a claim that carries its own trust-state, making it structurally impossible for the proposing pipeline to assert trust.
A single code path — the Verifier-Orchestrator — is the sole authorized writer of trust state. It consumes the system's structural knowledge graph as its only ground-truth source. For each evidence reference it returns exactly one of five mutually exclusive status values:
- Supportedverifier confirms evidence supports the claim
- Contradictedverifier finds evidence contradicts the claim
- Unrelatedevidence exists but does not bear on the claim
- Missingreferenced evidence does not resolve
- Verifier errorinternal failure (fail-closed: treated as unverified)
The claim's final trust-state is a pure function of those status values. A build-time bug-pattern check blocks reintroduction of the original failure mode in future code revisions.
Production-hardened: STRONG PASS · 17/17 tests · independently reviewable under NDA.
03 · Multi-Condition Response-Authorization Gate
Four predicates. Fail-closed by construction.
Critical actuator action requires the conjunction of all four predicate inputs. Failure of any single condition causes the gate to degrade gracefully to a lower-severity outcome (Monitor-Only / Advisory / Operator-Review-Required) — never to block silently.
(b)
Persistence-streak ≥ 3 ticks
Configurable streak threshold prevents single-tick mis-classifications from authorizing highest-severity action.
(c)
Cross-sensor independent confirmation
Confirmation derived from a sensor source independent of the primary detection path; fails closed when sources disagree.
(d)
Operator authorization fresh
Operator-authorization signal received within a configurable freshness window; expires automatically.
The encoder consumes multi-modal sensor streams and produces a compact, content-addressable address for sub-millisecond class lookup. Byte-identical WAL replay produces a regulatory-defensible per-decision record. Mechanism details available under NDA-Full with strategic buyers and counsel.
S402-AERO POC · 8/8 hypotheses PASS · includes FAA AC 25.1309 Takeoff envelope rule (enforced in simulation).
04 · Substrate pattern · cross-domain validation
The same architecture, three domains.
The verifier-monopoly and four-predicate response gate are a generic substrate. One realization runs in production inside our own LLM agent stack. Two POC implementations demonstrate that the same pattern transfers cleanly into industrial control and aerospace health-monitoring contexts — each card below states honestly what is production and what is sprint-POC.
Application 01
LLM Agent Verifier
In production · internal AQEA stack
AI Trust Governance
5-status verifier · 4-predicate gate
17/17 tests PASS · compile-time bug-pattern check · byte-identical WAL replay
Trust decisions move from the proposing pipeline to a single authorized verifier path. A compile-time test blocks reintroduction of the original bug pattern in future revisions.
Request the verifier POCApplication 02
Industrial Control Pattern
Sprint POC · S400
Multi-sensor anomaly gate · pump / valve class
0 false-positive shutdowns
8/8 hypotheses PASS · anomaly-streak gate · sub-millisecond tick
Multi-sensor anomaly-streak gate prevents single-tick mis-classification from triggering protective shutdown. Byte-identical WAL replay produces a per-decision audit record.
Industrial pilot brief (NDA)Application 03
Aircraft Engine Health Monitoring
Sprint POC · S402-AERO
Turbofan HUMS · DO-178C-compatible architecture
FAA AC 25.1309 Takeoff envelope rule (enforced in simulation)
8/8 hypotheses · p99 467 µs (Apple M-series) · audit-replay capability
Phase-aware engine health monitoring. During the Takeoff phase the safety gate refuses an automated engine shutdown — pilot decision is preserved. Sub-millisecond tick budget compatible with 1000 Hz flight-control loops.
Aerospace pilot brief (NDA)Get the response-gate POC under NDA.
Reproducible test fixtures, byte-identical WAL replay artifacts, and governance-whitepaper draft. For engineering, investor, and counsel review. Mechanisms covered by USPTO Provisional applications; full IP portfolio available under NDA-Full.