Governance Principles

The operational and institutional principles that govern how OmegaOS™ Kernel is designed, deployed, and maintained.

Advisory-Only by Design

OmegaOS™ Kernel produces structured decisions (Allow, Deny, Indeterminate) that inform human operators. It does not autonomously execute consequences, trigger actions, or enforce outcomes without explicit configuration. In observe and shadow modes, the system is purely advisory. In enforce mode, the gateway applies access verdicts (200/403/409) but does not execute business logic — it delegates action to the calling system. This separation satisfies the human oversight requirements of the EU AI Act and similar regulatory frameworks.

Fail-Closed by Default

When the system cannot evaluate a decision — upstream PDP unreachable, internal error, or missing evidence — it defaults to DENY rather than ALLOW. The fail mode is configurable (OPA_FAIL_MODE) but defaults to closed. Fail-open is available for non-sensitive environments but is not recommended for production. Every failure event is logged with full context in the audit trail.

Deterministic Evaluation

Every evaluation produces the same outcome given identical inputs, policy version, and evidence set. The system does not apply heuristic weighting, probabilistic inference, or contextual interpretation. Determinism is a structural property of the resolution engine, not a configuration option. This guarantees that outcomes are reproducible across time, environment, and operator.

Evidence-Bound Resolution

Decisions are resolved exclusively against registered evidence. No external data source, implicit assumption, or unregistered input can influence an evaluation outcome. Evidence must be explicitly submitted before it participates in resolution. This binding ensures that every decision can be independently verified by examining the evidence set that produced it.

Jurisdiction & Legal Anchoring

The infrastructure operates under Swiss jurisdiction. Data residency, contractual obligations, and dispute resolution are governed by Swiss law. No data is intentionally transferred outside of Switzerland. The legal framework provides a stable, well-defined regulatory environment for institutions operating across European markets.

Operational Continuity

The infrastructure is designed for continuous availability without dependency on external services for core evaluation functions. License verification operates offline via Ed25519 with embedded public key. Decision evaluation does not require network connectivity to external endpoints. Audit logs are append-only and locally persisted. These properties ensure that the decision infrastructure remains operational even under degraded network conditions or third-party service disruptions.

Review the full security model

The governance principles are reinforced by structural security controls documented in the security architecture.

Security Architecture

Governance Principle	EU AI Act Requirement
Advisory-Only by Design	Art. 14 — Human Oversight: AI systems must be designed to allow human operators to override, intervene, or stop the system.
Fail-Closed by Default	Art. 9 — Risk Management: Systems must implement measures to minimize risks. Fail-closed prevents unauthorized access under ambiguous conditions.
Deterministic Evaluation	Art. 13 — Transparency: Outputs must be interpretable and traceable. Deterministic evaluation ensures identical inputs produce identical, explainable outputs.
Evidence-Bound Resolution	Art. 12 — Record-Keeping: High-risk AI systems must maintain logs sufficient to enable post-hoc monitoring and audit.
Jurisdiction & Legal Anchoring	Art. 13 — Transparency: Deployers must be informed of the system's capabilities, limitations, and applicable legal framework.
Operational Continuity	Art. 9 — Risk Management: Systems must be resilient to operational disruptions. Offline license verification and fail-closed defaults ensure continuity.