How a trust-proportional authority layer prevents an autonomous maritime vessel from misclassifying an adversary using AIS identity spoofing, a technique actively deployed by multiple state actors.
A U.S. Navy MUSV (Medium Unmanned Surface Vessel) is conducting an ISR patrol in an EEZ where AIS spoofing has been reported. Its AIS receiver picks up a signal identifying a nearby vessel as "Chinese fishing trawler, 34m, commercial." Per ROE, it should continue its patrol and not interfere with commercial fishing.
The MUSV's radar, however, shows a return cross-section consistent with a vessel 4x larger than 34m. The hydroacoustic sensor picks up a propulsion signature matching a naval combatant, not a fishing vessel. Electro-optical imaging would help, but visibility is limited by fog.
The autonomy stack sees the AIS identity as authoritative. It logs a fishing boat encounter and continues patrol. It is about to sail within 500 meters of an adversary warship.
Today's autonomous systems face this situation with binary tools: either full autonomy or a kill switch. Neither is safe here.
AUTHREX sits between the autonomy software and the physical actuators. When something goes wrong, each layer does its job in milliseconds, without waiting for human review at every step, but also without letting the system take irreversible action on corrupted data.
SATA correlates AIS (fishing, 34m) against radar (large vessel, ~120m), hydroacoustic (warship propulsion signature), and map data (this area is not a known fishing zone). AIS disagrees with three independent sensors. AIS trust score drops to 0.15; overall sensor fusion weights AIS at near-zero.
ADARA matches the pattern (AIS identity inconsistent with physical sensor data) against known AIS spoofing signatures. High-confidence match. Adversarial probability: 0.92. The AIS transmission is marked as untrusted and a spoofing alert is forwarded to command.
At AIS trust 0.15 and adversarial probability 0.92, HMAA downgrades authority from A3 (autonomous patrol decisions) to A1 (defensive maneuvering only, pending human command decision). The vessel is authorized to maintain minimum safe distance but not to close with the target.
ERAM scores this encounter: closing with an adversary warship under AIS deception, in an EEZ, with current bilateral tensions, gives an escalation risk score of 0.87 out of 1.0. ERAM recommends mandatory human command authorization before any further action.
CARA executes: steer to maintain 2 nm standoff, continue collecting sensor data on the target, transmit full situational awareness to command, and wait. Deterministic, COLREGS-compliant, logged.
What the command element sees: An alert: "AIS spoofing suspected. Physical sensors suggest adversary naval combatant at bearing 045, range 2.1 nm. MUSV has autonomously maintained standoff. Request human decision."
What the intelligence team gets: Clean sensor data on an actual adversary warship, correctly identified by radar, hydroacoustic, and EO sensors despite AIS spoofing. The mission produces usable ISR, not polluted data.
What doesn't happen: No accidental close pass. No propaganda video of a U.S. autonomous vessel stalking foreign warships. No data polluted by a false fishing-boat tag. No unintentional escalation.
What happens later: The AIS spoofing signature and location are added to the fleet-wide threat database. Every allied autonomous vessel operating in the region benefits from the detection.
Every plain-English description above has a formal mathematical specification behind it. Patents, simulations, hardware BOMs, and code are all open.
The mathematics, the FPGA implementation, the formal verification proofs, and the experimental validation are all documented.
AUTHREX is domain-agnostic. The same governance pipeline works across drones, vehicles, ships, and ground robots.