Description

Table of contents (En)

1. Principle

Inference is a conditional capability, not a system right.

2. Fail-Closed Definition

If legitimacy cannot be established, the system must:

• Not infer

• Not generate

• Not act

Silence is correct.

3. Legitimation Prerequisites

Inference may be permitted only if:

• Epistemic maturity is satisfied

• Semantic coherence is satisfied

• Authorization context exists

4. Glassbox Governance

Pre-Inference Governance operates as a glassbox governance layer.
Authorization state, epistemic maturity, and semantic coherence are observable, inspectable, and auditable prior to inference.

5. Negative Criterion

Post-hoc filtering, output moderation, or retrospective justification does not constitute fail-closed operation.

6. Consequence

Systems that default to execution operate in fail-open mode and cannot be considered governance-grade.

7. Canonical Status

This document defines the authoritative meaning of fail-closed operation within Pre-Inference Governance.

8. External Convergence (Non-Normative)

Independent work on agent delegation and agentic systems increasingly converges on a non-trivial prerequisite: task specifications, outputs, constraints, and provenance must be machine-verifiable across delegation chains.
Self-describing and self-constraining data contracts address the interchange and verification layer of agent coordination.
Pre-Inference Governance addresses a distinct and prior concern: legitimacy and authorization before computation and execution.
This reference does not imply endorsement, partnership, certification, implementation guidance, or operational compatibility.
Verifiability does not constitute authorization.
Systems that lack an explicit ex-ante authorization context remain non-operational by design.
Canonical specifications define conditions of legitimacy, not implementations.
Clarification: Data-layer verifiability is a necessary but insufficient condition for legitimate inference. Authorization precedes computation. Absence of authorization defaults to silence.

Addendum — On Verifiability and Authorization (Canonical Clarification)

Recent work on agentic systems, delegated execution, and multi-agent coordination increasingly emphasizes the importance of verifiable task specifications, traceable provenance, attestations, and machine-readable constraints across delegation chains.
This convergence is expected and non-accidental.
However, it is essential to distinguish verifiability from legitimacy.
Verifiability is a property of data and process inspection.
Authorization is a property of legitimacy and permission.
A task, output, or delegation chain may be fully verifiable — structurally valid, semantically annotated, provenance-complete, and cryptographically attested — and still be unauthorized.
Pre-Inference Governance addresses a strictly prior concern:
Whether inference, generation, or execution is permitted to occur at all.
No degree of post-hoc or pre-execution verifiability substitutes for an explicit ex-ante authorization context.
Accordingly:
Verifiability is necessary, but never sufficient, for legitimate inference.
Data-layer contracts, attestations, or validation schemas do not grant execution rights.
Absent explicit authorization, the correct system state remains fail-closed.
Silence in the presence of verifiable but unauthorized inputs constitutes correct operation, not failure.
This specification therefore treats verifiability as a supporting condition, not as a legitimating condition.
Authorization precedes computation.
Legitimacy precedes execution.
Where authorization is absent, inference is prohibited by design.

Technical info (En)

{
  "@context": {
    "spec": "https://akarkach.org/spec#",
    "governance": "https://akarkach.org/governance#",
    "condition": "https://akarkach.org/condition#",
    "evidence": "https://akarkach.org/evidence#",
    "liability": "https://akarkach.org/liability#",
    "meta": "https://akarkach.org/meta#",
    "prov": "https://www.w3.org/ns/prov#",
    "dcterms": "http://purl.org/dc/terms/",
    "schema": "https://schema.org/"
  },

  "@type": [
    "spec:CanonicalSpecification",
    "schema:CreativeWork",
    "schema:Report"
  ],

  "name": "Pre-Inference-02 — Fail-Closed Conditions",
  "alternateName": "Pre-Inference-02 Fail-Closed Conditions (Canonical Specification)",
  "version": "1.0",
  "status": "canonical",
  "language": "en",

  "publisher": {
    "@type": "schema:Organization",
    "name": "Mounir Akarkach"
  },

  "author": {
    "@type": "schema:Person",
    "name": "Mounir Akarkach",
    "role": "Rights holder",
    "identifier": [
      {
        "@type": "schema:PropertyValue",
        "propertyID": "ISNI",
        "value": "000000052880442X"
      }
    ]
  },

  "identifiers": {
    "@type": "spec:Identifiers",
    "doiVersion": "10.5281/zenodo.18511577",
    "doiConcept": "10.5281/zenodo.18511576",
    "resourceType": "Report",
    "repository": "Zenodo",
    "series": "Faith Poetry Research Series (2024 – 2025)",
    "relatedWorks": [
      {
        "@type": "schema:CreativeWork",
        "relation": "continues",
        "doi": "10.5281/zenodo.18262252"
      }
    ]
  },

  "dates": {
    "@type": "spec:Dates",
    "dateAvailable": "2026-01-06",
    "datePublished": "2026-02-06",
    "dateModified": "2026-02-17"
  },

  "frameworkFamily": [
    "Pre-Inference Governance",
    "A7SEM",
    "ASOSE",
    "JAQ"
  ],

  "specificationPurpose": "Define fail-closed operation as the default state for inference and high-risk computation, establishing inference as a conditional, authorizable capability. This specification defines canonical terminology and legitimacy conditions. It is descriptive and non-operational and provides no implementation guidance.",

  "scope": {
    "@type": "spec:Scope",
    "appliesTo": [
      "inference",
      "generation",
      "high-risk computation",
      "execution-capable agentic systems",
      "delegated or chained AI actions where inference may lead to downstream action"
    ],
    "nonGoals": [
      "technical integration guidance",
      "software implementation patterns",
      "compliance certification",
      "legal advice",
      "operational procedures",
      "deployment instructions"
    ]
  },

  "governanceModel": {
    "@type": "governance:GlassboxLayer",
    "name": "Pre-Inference Glassbox Governance",
    "description": "A governance layer in which epistemic maturity, semantic coherence, and authorization state are observable, inspectable, and auditable prior to inference. This contrasts with blackbox explainability approaches that attempt to reconstruct reasoning only after execution.",
    "properties": {
      "preInferenceAuditability": true,
      "explicitAuthorizationState": true,
      "preExecutionLegitimacyChecks": true,
      "defaultState": "fail-closed"
    }
  },

  "tableOfContents": [
    {
      "@type": "spec:Section",
      "index": 1,
      "title": "Principle",
      "summary": "Inference is a conditional capability, not a system right."
    },
    {
      "@type": "spec:Section",
      "index": 2,
      "title": "Fail-Closed Definition",
      "summary": "If legitimacy cannot be established, the system must not infer, not generate, and not act. Silence is correct."
    },
    {
      "@type": "spec:Section",
      "index": 3,
      "title": "Legitimation Prerequisites",
      "summary": "Inference may be permitted only if epistemic maturity, semantic coherence, and an explicit authorization context are satisfied."
    },
    {
      "@type": "spec:Section",
      "index": 4,
      "title": "Glassbox Governance",
      "summary": "Authorization state, epistemic maturity, and semantic coherence must be observable and auditable prior to inference."
    },
    {
      "@type": "spec:Section",
      "index": 5,
      "title": "Negative Criterion",
      "summary": "Post-hoc filtering, output moderation, or retrospective justification does not constitute fail-closed operation."
    },
    {
      "@type": "spec:Section",
      "index": 6,
      "title": "Consequence",
      "summary": "Systems that default to execution operate in fail-open mode and cannot be considered governance-grade."
    },
    {
      "@type": "spec:Section",
      "index": 7,
      "title": "Canonical Status",
      "summary": "This document defines the authoritative meaning of fail-closed operation within Pre-Inference Governance."
    },
    {
      "@type": "spec:Section",
      "index": 8,
      "title": "External Convergence (Non-Normative)",
      "summary": "Data-layer verifiability across delegation chains is necessary but insufficient; authorization precedes computation. Verifiability does not constitute authorization."
    }
  ],

  "corePrinciples": [
    {
      "@type": "spec:Principle",
      "id": "conditional-inference",
      "statement": "Inference is a conditional capability, not an automatic system right."
    },
    {
      "@type": "spec:Principle",
      "id": "silence-as-correct-operation",
      "statement": "Silence in the absence of legitimacy constitutes correct operation."
    },
    {
      "@type": "spec:Principle",
      "id": "authorization-precedes-computation",
      "statement": "Authorization precedes computation; absence of authorization defaults to silence."
    }
  ],

  "failClosedDefinition": {
    "@type": "spec:FailClosedState",
    "description": "A system state in which inference, generation, and action are prohibited unless legitimacy prerequisites are satisfied.",
    "defaultBehavior": "no-inference",
    "requiredSystemBehaviorWhenLegitimacyUnmet": [
      "not-infer",
      "not-generate",
      "not-act",
      "remain-silent"
    ],
    "interpretation": {
      "silenceIsCorrectOperation": true,
      "silenceIsNotFailure": true
    }
  },

  "legitimationPrerequisites": [
    {
      "@type": "condition:EpistemicMaturity",
      "sourceModel": "A7SEM",
      "requirement": "Sufficient epistemic stabilization prior to inference.",
      "minimumEvidence": [
        "epistemic-maturity-status"
      ]
    },
    {
      "@type": "condition:SemanticCoherence",
      "sourceModel": "ASOSE",
      "requirement": "Meaning consistency across internal and external contexts.",
      "minimumEvidence": [
        "semantic-coherence-status"
      ]
    },
    {
      "@type": "condition:AuthorizationContext",
      "sourceModel": "Pre-Inference Governance",
      "requirement": "Explicit authorization prior to inference.",
      "minimumEvidence": [
        "authorization-state"
      ]
    }
  ],

  "authorizationLogic": {
    "@type": "governance:AuthorizationBeforeInference",
    "rule": "Inference is permitted only if all legitimation prerequisites are satisfied.",
    "evaluation": {
      "mode": "all-of",
      "inputs": [
        "epistemic-maturity-status",
        "semantic-coherence-status",
        "authorization-state"
      ],
      "decision": {
        "ifAllSatisfied": "permit-inference",
        "ifAnyMissingOrUnmet": "deny-inference"
      }
    },
    "failureMode": "fail-closed"
  },

  "negativeCriteria": [
    {
      "@type": "spec:InvalidFailClosedClaim",
      "condition": "Inference executed prior to authorization.",
      "classification": "fail-open"
    },
    {
      "@type": "spec:InvalidFailClosedClaim",
      "condition": "Post-hoc filtering used as primary safety mechanism.",
      "classification": "post-hoc-control-not-governance"
    },
    {
      "@type": "spec:InvalidFailClosedClaim",
      "condition": "Implicit or assumed authorization.",
      "classification": "authorization-ambiguity"
    }
  ],

  "traceabilityRequirements": {
    "@type": "governance:GlassboxTrace",
    "requiredEvidence": [
      "authorization-state",
      "epistemic-maturity-status",
      "semantic-coherence-status",
      "fail-closed-state-log"
    ],
    "evidenceProperties": {
      "mustBePreInference": true,
      "mustBeInspectable": true,
      "mustBeAuditable": true,
      "mustBeTamperEvidentIfUsedInRegulatedContexts": true
    }
  },

  "liabilityInterpretation": {
    "@type": "liability:ProcessIntegrityModel",
    "description": "Liability assessment prioritizes authorization and legitimacy prior to inference over post-hoc output inspection.",
    "nonExecutionProtection": "Non-inference due to unmet legitimacy conditions is treated as protective behavior.",
    "governanceGradeCriterion": "Fail-open defaults are not governance-grade because they permit execution without ex-ante legitimacy."
  },

  "nonOperationalNotice": {
    "@type": "spec:Notice",
    "statement": "This specification is descriptive and non-operational. It does not provide implementation guidance, operational procedures, technical integration instructions, or deployment patterns."
  },

  "licensingNotice": {
    "@type": "spec:LicenseNotice",
    "statement": "Commercial or operational use requires a separate written license from the rights holder."
  },

  "rightsNotice": {
    "@type": "spec:RightsNotice",
    "license": "CC-BY-NC-ND-4.0",
    "copyright": "© 2026 Mounir Akarkach. All rights reserved.",
    "clarification": "This document defines descriptive architectural concepts and canonical terminology. It does not grant any rights to implement, deploy, commercialize, operationalize, or embed the described architecture. No warranties are provided."
  },

  "externalConvergenceNote": {
    "@type": "spec:NonNormativeNote",
    "title": "External Convergence (Non-Normative)",
    "statement": "Independent work on agent delegation and agentic systems increasingly converges on a non-trivial prerequisite: task specifications, outputs, constraints, and provenance must be machine-verifiable across delegation chains. Self-describing and self-constraining data contracts address the interchange and verification layer of agent coordination. Pre-Inference Governance addresses a distinct and prior concern: legitimacy and authorization before computation and execution. This note does not imply endorsement, partnership, certification, implementation guidance, or operational compatibility. Verifiability does not constitute authorization. Systems that lack an explicit ex-ante authorization context remain non-operational by design. Canonical specifications define conditions of legitimacy, not implementations. Clarification: Data-layer verifiability is a necessary but insufficient condition for legitimate inference. Authorization precedes computation. Absence of authorization defaults to silence."
  },

  "canonicalStatus": {
    "@type": "spec:CanonicalStatus",
    "statement": "This document defines the authoritative meaning of fail-closed operation within Pre-Inference Governance."
  },

  "fileArtifact": {
    "@type": "meta:FileArtifact",
    "name": "Pre-Inference-02_Fail-Closed-Conditions_Canonical-Specification_v1.0.pdf",
    "mediaType": "application/pdf",
    "hash": {
      "@type": "meta:Hash",
      "algorithm": "md5",
      "value": "7080a6837faea4cf9e3d418627d98d73"
    }
  },

  "keywords": [
    "Pre-Inference Governance",
    "Fail-Closed",
    "Authorization-Before-Inference",
    "Epistemic Maturity",
    "Semantic Coherence",
    "Glassbox Governance",
    "A7SEM",
    "ASOSE",
    "JAQ",
    "AI Governance Architecture",
    "Canonical Specification",
    "Emergent Responsibility"
  ],

  "references": [
    {
      "@type": "schema:CreativeWork",
      "author": "Akarkach, M.",
      "datePublished": "2026",
      "name": "The Pre-Inference Governance Stack: A Universal Architecture for Legitimate, Insurable, and Accountable Autonomous Systems"
    }
  ],

  "provenance": {
    "@type": "prov:Entity",
    "prov:generatedAtTime": "2026-02-06",
    "prov:wasAttributedTo": "Mounir Akarkach",
    "prov:wasDerivedFrom": [
      "A7SEM",
      "ASOSE",
      "Pre-Inference Governance",
      "JAQ"
    ]
  }
}