AxoDen Defence Refusal-capable autonomy

Refusal-capable autonomy under contested conditions.

AxoDen Defence

Most defence-AI stacks degrade. AxoDen Defence refuses, then emits the refusal as signed, replayable evidence. The product line covers admissibility, action permission, jam-tolerant flight and mission control, and audit-grade replay.

Pilot-stage runtime. The Defence runtime is currently pilot-stage and intentionally DSP-light. Engagements are scoped as bounded pilots, not production deployments. Procurement or safety-critical use requires source review, integration testing and claim verification.

Discuss a defence pilot Research record

What we defend

Four parallel commitments. Every claim, threat model and benchmark on this page reduces to one of them.

1. AI input integrity

Only profile-bound, physically valid, source-attested data reaches the AI.

Admissibility. RF, GNSS and sensor evidence is gated by structure, provenance and freshness predicates before it can enter the reasoning graph.
No Zombie Intent. Stale or replayed signatures are inadmissible. Write-side check, not post-hoc filter.

2. Action permission

AI and planner outputs do not execute unless authority, policy and evidence conditions remain valid at the point of execution.

Class-S safety-preserving actions authorised by override.
Class-H hazard-increasing actions require live, intact predicates.

3. JRAF under jamming

Survival and mission split when RF, GNSS or AI evidence is refused.

Survival continuity. Bounded flight and control preserved when admission fails.
Mission continuity. Mission fragments continue only if their assumptions remain certified.

4. Audit and replay

Every admission, refusal, degradation and action is recorded once and bit-for-bit replayable from genesis.

Cryptographic hash chain; integrity verifiable by any holder.
Replayable by any party who holds the ledger.

Technical differentiators to test

Five differentiators for engineering due diligence. Each should be tested against the selected pilot use case and evidence corpus.

Refusal as evidence

Refusals are signed evidence events, recorded once and replayable as first-class outputs.

Separated survival and mission logic

Survival continuity and mission continuity are handled as distinct control questions when RF, GNSS or AI evidence is refused.

Hash-chain replay

Admissions, refusals, degradations and permitted actions are recorded so the decision path can be replayed from the ledger.

Write-side admission

Evidence gates run before downstream reasoning, so inadmissible inputs do not silently enter the graph.

Explicit status discipline

Claims are separated by status, including Established results, Claimed results and proof-obligation-bound work.

Threat surface and honest status

The current internal register tracks eight defence-relevant threats. Five are marked closed in the current status record; three remain open with named proof obligations or pilot validation paths. These statuses should be verified against the current engineering record before procurement or safety-critical use.

AxoDen Defence threat register: status as of current internal review.
#	Threat	Status
T1	Hallucinated perception under jamming	Closed
T2	Buffer / overload pressure	Closed
T3	Replay / injection / stale intent	Closed
T4	Single-vendor / monoculture compromise	Closed at L4
T5	Zombie Intent	Closed; PO2 validated at L1
T6	Forged negative evidence	Open: PO6, bounded sprint
T7	Predicate-burn race	Open: PO3, bounded sprint
T8	Control-kernel root leak	Open: PO1, pilot programme

Candidate deployments

AxoDen Defence is most relevant where AI confidence can be detached from signal reality and where refusal is a safer outcome than action.

GNSS-denied or GNSS-contested autonomy.
Counter-UAS and cooperative drone operations under jamming.
Maritime, aviation and ATC integrity monitoring.
5G and 6G base-station integrity.
Space-domain awareness and anomalous emission review.

Engineering pilot shape

A defence pilot is bounded, scoped to one contested-signal use case and one decision point where refusal is acceptable or required.

Input

A defined contested-signal use case, known platform or mission boundary, available RF/GNSS/sensor evidence, and a decision point where refusal is acceptable or required.

Build

Admission predicates, authority-binding model, refusal cascade, replay ledger and failure-mode test harness.

Output

Threat model, evidence boundary design, pilot findings, open proof obligations and a recommendation on whether the use case should proceed, narrow or stop.