The Overton Framework: Protective Computing in Conditions of Human Vulnerability

Contemporary software architecture is implicitly governed by the Stability Assumption: the presumption that users operate under continuous connectivity, cognitive surplus, environmental safety, institutional reliability, and non-adversarial access. This assumption is embedded in modern design defaults, dependency models, and product incentives. Increasingly, however, real-world computing occurs under conditions that violate these premises, including crisis, displacement, illness, coercion, financial collapse, infrastructure degradation, and institutional delay. Under such conditions, stability-optimized architectures become structurally brittle.

This work introduces the Overton Framework and establishes Protective Computing as a systems engineering discipline designed explicitly for conditions of instability and human vulnerability. The framework formalizes Stability Bias as a measurable architectural distortion arising from dependency accumulation, vulnerability amplification, and irreversible system design. It defines a Vulnerability State Machine to model interaction under cognitive impairment, degraded infrastructure, and coercive exposure. It further articulates protective design principles centered on local authority, exposure minimization, reversibility, degraded functionality resilience, and coercion resistance.

Rather than optimizing for engagement, scale, or extraction, Protective Computing reorients system architecture toward containment, recoverability, sovereignty, and essential utility. Instability is treated not as an edge case, but as a first-class design constraint.

The Overton Framework serves as the foundational theory layer of the Protective Computing Canon. Its operational companions extend this discipline through practice and evaluation: the Field Guide to Trauma-Informed Software Architecture translates theory into engineering method, and the Protective Legitimacy Score provides an auditable measurement framework for assessing reversibility, exposure minimization, local authority, coercion resistance, degraded functionality, and essential utility.

An accompanying reference implementation demonstrates the technical feasibility of these principles within a privacy-first, offline-capable architecture. Together, the canon and its companion works define both the conceptual architecture and the evaluative methodology required to design software for conditions of human vulnerability.

Protective Computing reframes digital system design as a safety-critical ethical obligation. It proposes a structural baseline for trustworthy software in the twenty-first century, one in which resilience under instability is not an enhancement, but a requirement.