Critical Infrastructure Research Platform

BLADE-INFRA Governance Node

BLADE-INFRA = Authority-Governed Critical Infrastructure Protection for ICS/SCADA

A ruggedized, authority-governed edge computing platform for critical infrastructure protection, ICS/SCADA monitoring, and industrial process control. Integrates Dempster-Shafer trust fusion, four-level authority with hysteresis, Byzantine fault-tolerant consensus, deliberation windows, and deterministic recovery — all enforced through a SIL-3 safety relay circuit driving a normally-open Pilz PNOZ S7.1 safety relay.

Published on Zenodo · DOI: 10.5281/zenodo.19277887

This platform demonstrates that authority-governed autonomy is domain-agnostic: the same governance pipeline demonstrated in defense (BLADE-EDGE) applies directly to critical infrastructure systems under SIL 3 / IP65, NERC CIP, FIPS 140-2 Level 3, and IEC 62443 requirements.

Launch Governance Simulator Zenodo Record Repository Evaluation Protocol SDK Integration

Type: Critical Infrastructure Research Focus: ICS/SCADA Governance · SIL 3 · NERC CIP Status: Design Complete · Simulation Validated DOI: 10.5281/zenodo.19277887

Key Contributions

9-module authority-governed pipeline: SATA → ADARA → IFF → HMAA → MAIVA → FLAME → CARA → BDA → EFFECTOR
Formal Dempster-Shafer trust fusion with binary frame Θ = {anomalous, nominal} with power quality, process, and environmental per-sensor mass functions
SIL-3 dual-channel safety relay: Zynq PASS + Jetson APPROVE → Pilz PNOZ S7.1 (SIL 3, Cat. 4) dual-channel safety relay
Dual-compute: NVIDIA Jetson Orin NX 16GB (AI/perception) + Zynq UltraScale+ ZU7EV (FPGA governance)
Three ICS/SCADA governance scenarios with vintage CRT terminal live mode (v6.0, 98KB)
IP65 / SIL 3 / NERC CIP target architecture with MIL-spec power chain (300W Vicor DCM5614, 32% margin)
Cross-domain portability validated against BLADE-EDGE defense variant

Zenodo Publication: Oktenli, B. (2026). BLADE-INFRA Governance Node: Authority-Governed Critical Infrastructure Protection Node for ICS/SCADA Systems (v6.0). Zenodo. https://doi.org/10.5281/zenodo.19277887

Hardware Nodes

ICS Scenarios

Pipeline Modules

~$12K

Prototype BOM

SIL 3

Safety Rating

BLADE-INFRA Governance Node: IP65 DIN-rail industrial enclosure with M12 circular connectors, thermoelectric cooling, and Zynq UltraScale+ FPGA governance. 92 components, $11,590 BOM.

Strategic Context

National Importance

U.S. critical infrastructure — power grids, water treatment plants, oil and gas pipelines — is increasingly connected to networked ICS/SCADA systems vulnerable to cyberattack. Presidential Policy Directive 21 identifies 16 critical infrastructure sectors requiring protection. The 2021 Oldsmar water treatment attack demonstrated that adversaries can remotely manipulate industrial process controls. Current SCADA systems lack formal governance mechanisms that continuously evaluate sensor trust and enforce graded authority over actuator commands. A compromised PLC can overdose chemicals, trip breakers, or open valves without proportional authority reduction.

The BLADE-INFRA Governance Node addresses this gap by applying the SATA-HMAA-MAIVA-FLAME-CARA pipeline demonstrated in defense weapons systems governance (BLADE-EDGE) to critical infrastructure ICS/SCADA governance, targeting SIL 3 functional safety (IEC 61508), NERC CIP cybersecurity compliance (CIP-003 through CIP-009), IP65 environmental protection, and IEC 62443 industrial cybersecurity requirements.

Research Motivation

Research Problem

Critical infrastructure control systems operate in environments where cyberattacks can cause physical harm — chemical overdoses in water treatment, cascading blackouts in power grids, and pipeline ruptures in oil and gas. Three challenges distinguish the ICS/SCADA domain: legacy protocols (Modbus RTU, DNP3) lack authentication, safety-instrumented systems operate independently from cybersecurity monitoring, and multi-protocol environments require unified governance across IEC 61850 GOOSE, Modbus TCP, PROFINET IO, and 4-20mA analog signals.

Compromised PLCs can overdose chemicals (Oldsmar-class attack) without authority gate

Legacy Modbus RTU/DNP3 protocols lack authentication — commands execute without verification

Power grid faults cascade without graded authority reduction on breaker control

Multi-protocol environments lack unified governance across IEC 61850/Modbus/PROFINET

No standardized hardware-enforced governance architecture bridging IT cybersecurity and OT safety-instrumented systems

Framework Extension

Cross-Domain Pipeline Portability

The BLADE-INFRA governance pipeline is architecturally identical to the BLADE-EDGE defense variant (DOI: 10.5281/zenodo.19177472). This cross-domain portability demonstrates that authority-governed autonomy — continuous sensor trust fusion, graded authority with hysteresis, deliberation windows, and deterministic recovery — is a domain-agnostic safety principle applicable wherever autonomous systems exercise physical authority.

BLADE-EDGE (Defense)

Directed-energy weapon governance. EFFECTOR = weapons release relay. MIL-STD-810G. Beam suitability (β_beam). Multi-effector WTA. ~$139K.

BLADE-INFRA (Critical Infrastructure)

ICS/SCADA governance. EFFECTOR = Pilz PNOZ S7.1 SIL-3 safety relay. IP65. IEC 61850 + Modbus + PROFINET. NERC CIP. $12K.

Core Innovation

9-Module Governance Pipeline

Every infrastructure governance decision passes through nine sequential modules. The pipeline targets sub-second end-to-end latency. Each stage can independently prevent commands from reaching actuators.

Sensor Inputs

4× CT sensors (100A), 3× PT sensors (480V), ADE9000 power analyzer, 2× ultrasonic flow, 2× pressure transducers, 4× RTD Pt100, 2× humidity, multi-gas detector, radar level sensor

1. SATA — Sensor Trust Attestation

Dempster-Shafer fusion over power quality, process, and environmental sensor channels. Weighted BPA from ADE9000 THD, flow differential, and gas concentration. Zynq FPGA.

2. ADARA — Adversarial Deception-Aware Risk Assessment

Anomaly detection across ICS protocol channels (Modbus, IEC 61850, PROFINET). Pattern recognition for Stuxnet-class command injection. Jetson Orin NX.

3. IFF — Identity Verification

SCADA master station authentication via ATECC608B. IEC 62351 certificate verification for IEC 61850 GOOSE messages. Zynq FPGA.

4. HMAA — Authority Computation

Trust scalar → graded authority over actuator commands (breaker trip, valve shutoff, pump control). SIL-3 safety relay gating. Zynq FPGA.

5. MAIVA — Byzantine Consensus

2-of-3 Byzantine fault-tolerant consensus on authority level. Zynq FPGA.

6. FLAME — Deliberation Windows

Mandatory deliberation window before safety-critical actuator commands (breaker trip, valve closure). Prevents flash-override attacks. Zynq FPGA.

7. CARA — Deterministic Recovery

GREP phases: Govern → Restrict → Execute → Persist. Mutual exclusion verified. Zynq FPGA.

8. BDA — Post-Maneuver Assessment

Post-event trust revalidation and incident reporting. NERC CIP event logging. Jetson Orin NX.

9. EFFECTOR — Safety Relay Gate

Pilz PNOZ S7.1 SIL-3 safety relay (dual-channel, Cat. 4). Actuator commands pass ONLY when Zynq PASS ∧ Jetson APPROVE. Watchdog-independent hard reset.

Governance Model

Authority State Machine

Four-level authority with asymmetric hysteresis: immediate downgrade, 5-15s delayed upgrade. CARA GREP phases provide graduated operational restrictions within authority levels.

A3: Full Autonomy

T_fused ≥ 0.80. Full autonomous authority. All actuator commands (breakers, valves, pumps) authorized. Operator advisory only.

A2: Constrained

0.50 ≤ T_fused < 0.80. Constrained operations. Non-critical actuators only. Safety-critical commands require operator confirmation.

A1: Limited

0.15 ≤ T_fused < 0.50. All actuator commands blocked except emergency shutdown. CARA Restrict phase.

A0: Safe Stop

T_fused < 0.15. Safety relay de-energizes. All actuators safe-state. Emergency shutdown. CARA Execute/Persist.

Hardware Design

Hardware Architecture

92 components across a dual-compute platform. Jetson Orin NX runs AI perception (ADARA, IFF, BDA). Zynq UltraScale+ FPGA runs deterministic governance (SATA, HMAA, MAIVA, FLAME, CARA) and relay control. PCIe Gen3 x4 inter-processor governance bus.

Subsystem	Component	Interface	Role
AI Compute	NVIDIA Jetson Orin NX 16GB	PCIe Gen3×4	ADARA, IFF, BDA inference; anomaly detection
Governance FPGA	Zynq UltraScale+ ZU7EV SoM	PCIe / SPI / UART	SATA, HMAA, FLAME, CARA RTL governance
Power Grid	4× CT (100A) + 3× PT (480V)	Analog → ADE9000	3φ + N current/voltage monitoring
Power Quality	ADE9000 Power Analyzer	SPI 20 MHz	THD, power factor, harmonics (IEC 61000)
Pipeline	2× Ultrasonic Flow + 2× Pressure	4-20mA / HART	Non-invasive flow; SIL-2 pressure transducers
Environment	4× RTD Pt100 + 2× Humidity + Gas	ADC / I²C / UART	Temp, humidity, H₂S/CH₄/CO/O₂ detection
Industrial Protocols	Anybus B40 + netX 90 + RS-485	SPI / DPRAM	Modbus/EtherNet/IP/PROFINET/IEC 61850
Safety Relay	Pilz PNOZ S7.1 (SIL 3, Cat. 4)	Safety I/O 24V	Dual-channel actuator authority gate
Crypto / Auth	ATECC608B + TPM 2.0 + nShield HSM	I²C / SPI / PCIe	ECDSA, secure boot, FIPS 140-2 Level 3
Timing	ZED-F9T GNSS + OCXO + PTP NIC	UART / PPS / RGMII	IEEE 1588 PTPv2, sub-μs sync, GPS holdover
Comms	LTE Cat-M1 + Iridium SBD + ESP32-S3	USB / UART / SPI	Cellular + satellite + local WiFi/BLE
Power	24V PSU (redundant) + PoE++ + LiFePO₄	24V / 48V DC	Redundant power, 30-min battery backup

Full 92-component BOM available as downloadable CSV. Total platform cost: ~$11,589.70. All COTS components, no GFE required.

Resilience Engineering

Power & Redundancy Architecture

The BLADE-INFRA power architecture provides industrial-grade redundant power with AC mains, PoE++, and LiFePO₄ battery backup for uninterrupted critical infrastructure monitoring.

Primary Power

240V AC mains → 24V DIN-rail PSU (primary) + redundant 24V PSU (Phoenix Contact QUINT4). PoE++ input module for network-powered deployment. All rails fused and surge-protected.

Backup / Redundancy

LiFePO₄ battery pack with BMS for ~30 min backup. Vibration-dampened bracket mounting. Automatic switchover on mains loss.

Power Protection

Dual surge protection devices (SPD-1, SPD-2) on AC input. Reverse polarity and overvoltage protection on DC bus. DIN-rail mounted circuit protection.

Thermal Management

Thermoelectric cooler with heatsink bolted to DIN-rail enclosure for external heat rejection. Thermal paste on Jetson and Zynq modules. Rated for −40°C to +70°C industrial environments.

Security Architecture

Defense-in-Depth Security

Three-layer security architecture meeting FIPS 140-2 Level 3, NERC CIP, and IEC 62443 requirements for critical infrastructure protection.

Layer 1: Hardware Root of Trust

Microchip ATECC608B secure element (I²C). Infineon Optiga TPM 2.0 (SPI). Thales nShield Edge HSM (PCIe Gen2 x1) for FIPS 140-2 Level 3 key management. JTAG isolation switch with physical keyed lockout.

Layer 2: Governance Enforcement

Pilz PNOZ S7.1 SIL-3 safety relay with dual-channel safety I/O. Zynq FPGA governance pipeline. Hardware watchdog timer (2-stage). Tamper-evident seals on all access points.

Layer 3: Audit Chain

SATA τ-chain attestation signed by ATECC608B + nShield HSM. NERC CIP event logging. IEC 62351 certificate verification for IEC 61850 GOOSE messages.

Cost Analysis

Bill of Materials: $11,590

Subsystem	Cost	% of Total
Compute Core (Jetson Orin NX + Zynq ZU7EV + carrier PCB)	$3,800	33%
Sensors (CT/PT sensors + flow + pressure + RTD + humidity + gas)	$2,450	21%
Industrial Protocols (Anybus B40 + netX 90 + RS-485 transceivers)	$1,200	10%
Security (ATECC608B + TPM 2.0 + nShield HSM + JTAG isolation)	$850	7%
Communications (LTE Cat-M1 + Iridium SBD + ESP32-S3 + PTP NIC)	$620	5%
Power (redundant PSU + PoE++ + LiFePO₄ + SPDs)	$580	5%
Safety (Pilz PNOZ S7.1 + watchdog + safety digital output)	$320	3%
Enclosure & Mechanical (DIN-rail + TEC heatsink + connectors + seals)	$1,770	15%

Total platform cost: $11,589.70. All COTS components, no GFE required. Full 92-component BOM available as downloadable CSV.

Specifications

Physical Specifications

Parameter	Value
Operating temperature	−40°C to +70°C (industrial grade)
Enclosure rating	IP65 DIN-rail industrial enclosure
Power input	240V AC mains + PoE++ (48V) + LiFePO₄ backup
Safety standard	SIL 3 (IEC 61508); NERC CIP (CIP-003 through CIP-009)
Security	FIPS 140-2 Level 3 (nShield HSM); IEC 62443
Thermal	Thermoelectric cooler with bolted-flange heat rejection
Industrial protocols	IEC 61850 GOOSE · Modbus TCP/RTU · PROFINET IO · 4-20mA HART
Timing	IEEE 1588 PTPv2 (sub-μs sync) + GPS-disciplined OCXO holdover
Governance pipeline	SATA → ADARA → IFF → HMAA → MAIVA → FLAME → CARA → BDA → EFFECTOR
Safety relay	Pilz PNOZ S7.1 (SIL 3, Cat. 4), dual-channel safety I/O

Safety Architecture

SIL-3 Dual-Channel Safety Relay

The Pilz PNOZ S7.1 SIL-3 safety relay provides dual-channel, Category 4 actuator authority gating. Both governance processor (Zynq) and AI inference engine (Jetson) must independently assert authority via isolated safety I/O channels. Any single channel de-assertion de-energizes the relay and forces all actuators to safe-state — breakers open, valves close, pumps stop.

Channel 1: Zynq Governance PASS

Zynq UltraScale+ safety I/O → Pilz Channel 1. SATA/HMAA/CARA pipeline asserts PASS when sensor trust verified and authority computed.

Channel 2: Jetson AI APPROVE

Jetson Orin NX safety I/O → Pilz Channel 2. ADARA/IFF/BDA anomaly detection confirms no adversarial activity detected.

Watchdog: Independent Reset

Hardware watchdog timer monitors both processors. Timeout → both safety channels de-assert → relay de-energizes → all actuators safe-state.

Zynq PASS ∧ Jetson APPROVE → Pilz PNOZ S7.1 (SIL 3, Cat. 4) energized → Actuator commands authorized | De-assertion → safe-state (breakers open, valves close)

Electrical Design

System Schematic

92 components, 82 electrical connections, 67 mechanical connections. Color-coded by node type.

Download Schematic (SVG) Download Blueprint (PDF)

Interactive Demonstration

Governance Simulation Environment

The BLADE-INFRA simulator (v6.0, 98KB) executes the complete 9-module governance pipeline with three ICS/SCADA scenarios (power grid fault, water treatment overdose, pipeline leak), vintage CRT SCADA terminal live mode with animated SVG pipe-game schematics, sensitivity analysis, fault tree analysis, and MITRE ATT&CK for ICS threat mapping.

3 ICS Scenarios

Power grid fault (IEC 61850 GOOSE, 340% overcurrent), water treatment overdose (Modbus TCP, Oldsmar-class), pipeline leak (Modbus RTU, H₂S + flow differential)

SCADA Terminal

Vintage CRT SCADA terminal with animated SVG pipe-game schematics. Sensitivity analysis and MITRE ATT&CK for ICS mapping.

Statistical Rigor

G*Power justified (α=0.05, power=0.80, d=0.80). Bonferroni correction. Shapiro-Wilk normality tests.

Launch Governance Simulator (v6.0)

Evidence

Validation Metrics

Hardware components

ICS/SCADA scenarios

Industrial protocols integrated

Electrical connections

Mechanical connections

SIL-3 safety relay channels

Research Methodology

ICS/SCADA Governance Scenarios

ICS Scenario	Protocol	Trigger	SATA Response	HMAA Action	Actuator Action
Power Grid Fault	IEC 61850 GOOSE	Phase B 340% overcurrent + THD spike	τ: 0.92→0.31	α=0.98 ≥ 0.90	Breaker trip via SIL-3 relay
Water Treatment Overdose	Modbus TCP	Chlorine pump 280% overdose (Oldsmar-class)	pH dropping to 5.8	α=0.95 ≥ 0.80	Pump shutoff authorized
Pipeline Leak	Modbus RTU	15% flow differential + H₂S 28.5 ppm	Pressure 65→41 bar	α=0.92 ≥ 0.85	Valve shutoff authorized

Scenarios based on real-world ICS/SCADA threat patterns. Power grid fault models IEC 61850 GOOSE messaging. Water treatment overdose models the 2021 Oldsmar attack vector. Pipeline leak models multi-sensor differential analysis.

Current Status

Project Status

System architecture (92 components)

Electrical design (82 connections)

Mechanical design (67 connections)

BOM verified (~$11,590)

Governance simulator v6.0 (3 ICS scenarios)

Zenodo publication (DOI assigned)

Pilz PNOZ S7.1 SIL-3 safety relay design

Cross-domain portability validated

Custom carrier board fabrication

SIL 3 functional safety assessment

TLA+/UPPAAL formal verification

ICS/PLC connectivity + HIL integration

Current Limitations: Simulation-only evidence (no physical data). SIL 3 assessment pending. Invariants simulation-checked but not formally proven. Custom carrier PCB not yet fabricated. Synthetic parameters uncalibrated against physical sensors. Browser JS engine provides no real-time guarantees.

Downloads

Project Documentation

Complete engineering documentation for the BLADE-INFRA Governance Node. All files are original work by Burak Oktenli. Published under CC BY 4.0.

Governance Simulator (v6.0) — 3 ICS scenarios Full Blueprint (PDF) Schematic (SVG) Bill of Materials (CSV) Electrical Connections (JSON) Mechanical Connections (JSON) System Configuration (JSON) Assembly Guide (MD)

Open Research

Reproducible Research Artifacts

All data, simulation code, engineering artifacts, and the interactive governance simulator are openly available at DOI: 10.5281/zenodo.19277887 under CC BY 4.0. No access restrictions apply.

System Design

Project documentation, blueprint PDF, schematic SVG, 92-component BOM, electrical/mechanical JSON. Full engineering specification.

Simulation

v6.0 simulator with 3 ICS/SCADA scenarios, seeded PRNG (Mulberry32), SIL-3 safety relay model, SHA-256 + ECDSA P-384 audit chain, HSM/TPM latency. 3 ICS scenarios with vintage CRT SCADA terminal mode.

Statistical Methodology

G*Power sample size justification, Bonferroni correction, Shapiro-Wilk normality tests, paired t-tests, Wilcoxon signed-rank for non-normal data.

Standards Compliance

IP65 / SIL 3 / NERC CIP / FIPS 140-2 Level 3 design targets. FIPS 140-2 key storage. M12 circular industrial connectors.

Research Roadmap

Future Work

ICS/PLC Connectivity Testing

Live PLC connectivity testing with Siemens S7 and Allen-Bradley ControlLogix via PROFINET IO and EtherNet/IP

Formal Verification

TLA+/UPPAAL full verification of all design invariants and safety properties across all configurations

Carrier Board Fabrication

4-layer controlled-impedance PCB design, fabrication, and integration testing with all 92 components

Safety Certification

SIL 3 functional safety assessment (IEC 61508), NERC CIP compliance audit, FIPS 140-2 Level 3 validation at accredited facility

Research Integration

Role in the Governance Stack

The BLADE-INFRA Governance Node is the fourth domain instantiation of the BLADE governance pipeline. The same architectures demonstrated in defense (BLADE-EDGE, ~$139K), automotive (BLADE-AV, ~$16K), and maritime (BLADE-MARITIME, ~$43K) apply to critical infrastructure governance (~$12K) under SIL 3 / NERC CIP / FIPS 140-2 regulatory frameworks.

Related platforms: Rover Testbed (~$484) · UAV Platform (~$4,200) · BLADE-EDGE (defense, ~$139K) · BLADE-AV (automotive, ~$16K) · BLADE-MARITIME (maritime, ~$43K) · BLADE-INFRA (infrastructure, ~$12K). Six platforms demonstrating governance stack portability across four domains.

Governance Middleware

SDK Integration

The BLADE Governance SDK provides a unified API across all four domains. The same blade_governance library drives defense weapons governance (BLADE-EDGE), autonomous vehicle authority (BLADE-AV), maritime surveillance (BLADE-MARITIME), and critical infrastructure protection (BLADE-INFRA). Only the domain configuration file changes.

blade_infra.yaml Critical Infrastructure (ICS/SCADA)

domain: infrastructure
pipeline: SATA → ADARA → IFF → HMAA → MAIVA → FLAME → CARA → BDA → EFFECTOR

sensors:
  - id: power_quality
    type: ade9000_3phase_meter
    weight: 0.25
    cross_validate: [ct_pt_transducers]
  - id: ct_pt_transducers
    type: rogowski_coil_array
    weight: 0.25
    cross_validate: [power_quality]
  - id: process_sensors
    type: 4_20mA_hart_loop
    weight: 0.20
    cross_validate: [flow_meter, pressure]
  - id: flow_meter
    type: rosemount_8750w
    weight: 0.15
    cross_validate: [process_sensors]
  - id: env_monitor
    type: gas_temp_humidity
    weight: 0.15
    cross_validate: [process_sensors]

effector:
  type: pilz_pnoz_s7_1_sil3
  relay: safety_relay_sil3_rated
  safety_standard: IEC_61508_SIL_3
  compliance: [NERC_CIP, FIPS_140_2_L3]
  protocols: [IEC_61850_GOOSE, Modbus_TCP, PROFINET]
  fail_safe: safe_state_hold

authority:
  A3_threshold: 0.80  # Normal automated control
  A2_threshold: 0.55  # Reduced automation
  A1_threshold: 0.30  # Manual override required
  A0_action: safe_state  # SIL 3 relay de-energizes
  hysteresis_up_s: 20  # Very conservative for infra
  hysteresis_down_s: 0
  nerc_cip_logging: true
  event_retention_days: 365

integration_example.py Python

import blade_governance as bg

# Initialize with infrastructure domain config
pipeline = bg.GovernancePipeline("blade_infra.yaml")

# In your SCADA control loop (10Hz):
while plant_operational:
    sensors = get_ics_readings()
    
    result = pipeline.evaluate(sensors)
    # result.trust          → 0.84
    # result.authority      → "A3"
    # result.scada_anomaly  → 0.02
    # result.sil3_relay     → True (energized)
    
    if result.authority == "A0":
        # Pilz PNOZ de-energizes → safe state
        pipeline.cara_recover()
        pipeline.log_nerc_cip_event("CIP-007")

ROS 2 Topic Map

# ROS 2 Topic Map — Infrastructure
/blade/sata/fused_trust          # Float64 τ ∈ [0,1]
/blade/sata/power_quality_trust  # Float64 grid channel
/blade/sata/process_trust        # Float64 process channel
/blade/hmaa/authority_level      # UInt8 {A3,A2,A1,A0}
/blade/hmaa/actuator_envelope    # ActuatorLimits
/blade/adara/scada_anomaly       # Float64 P(intrusion)
/blade/cara/grep_phase           # String {GUARD,REDUCE,...}
/blade/effector/sil3_relay       # Bool (Pilz energized)
/blade/audit/nerc_cip_event      # AuditEvent (CIP-007)

Unified API Surface SAME ACROSS ALL 4 DOMAINS

# Core API — domain-agnostic
pipeline = bg.GovernancePipeline(config)
result   = pipeline.evaluate(sensors)
recovery = pipeline.cara_recover()

# result object — universal fields
result.trust          # Float64  τ ∈ [0,1]
result.authority      # String   {A3,A2,A1,A0}
result.deception_p    # Float64  P(adversarial)
result.flame_hold_ms  # UInt32   deliberation window
result.execute        # Bool     action permitted
result.relay_state    # Bool     hardware interlock
result.grep_phase     # String   CARA state

# Lifecycle
pipeline.get_audit_chain()   # Hash-chained log
pipeline.export_forensics()  # BLADE-BLACKBOX
pipeline.get_config()        # Current domain cfg

Cross-Domain Portability: The blade_governance SDK uses the same evaluate() → result API across all four domains. Switching from defense weapons governance to autonomous vehicle authority requires changing only the YAML configuration file — not the application code. This is how the same governance pipeline operates under DoDD 3000.09, ISO 26262 ASIL-D, MIL-STD-810G, and SIL 3 / NERC CIP simultaneously.

Researcher

About This Project

The BLADE-INFRA Governance Node is part of the authority-governed autonomy research program by Burak Oktenli at Georgetown University (M.P.S. Applied Intelligence). It demonstrates four-domain pipeline portability — the same governance architectures demonstrated in defense weapons governance (BLADE-EDGE), automotive safety (BLADE-AV), and maritime surveillance (BLADE-MARITIME) apply to critical infrastructure protection.

Related architectures: SATA · HMAA · CARA · MAIVA · FLAME · ADARA

View full research portfolio →