Vertical Surfaces
Same substrate. Different constraint surfaces.
The SECS core never forks per industry. Each vertical is a certified adaptor with its own constraint surface — envelope values, domain predicates, and identity bans loaded at boot. Operators may label knobs differently in runbooks; the substrate always resolves the same constitutional fields.
This page explains what gets configured and how completion works. For a governed workflow walkthrough inside one domain, open a Workflow Demo.
One substrate, many surfaces
Think of the substrate as the physics engine: collapse pipeline, six veto classes, identity extinction, governance proof. Verticals only change the adaptor configuration — never the emit chain.
Example (same knob, different vertical labels and values):
The substrate exposes severeDriftMagnitude (a bounded envelope in G₄).
Healthcare operators may call it “clinical drift tolerance” and set it to 0.5.
Fintech may call it “model surface stability” and set it to 0.7.
Automotive may call it “ASIL drift bound” and set it to 0.2.
All three map to the same substrate field. The adaptor certificate names the vertical; doctrine validates the values against constitutional bounds before the system boots. A vertical cannot loosen G₀–G₃ — it may only tighten within the frozen constraint surface.
Three configuration layers
Digestible split: what is frozen, what is tuned per vertical, what is domain-specific.
Frozen (substrate)
Loaded once at boot. Immutable at runtime.
- Emit chain: Spark → α → ν → λ → ρ → ε → Emit
- Six exhaustive veto classes (v₁–v₆)
- Thirteen identity fields stripped at ingress
- G₀–G₃ constitutional doctrine
Envelope (per vertical)
G₄ adaptation bounds. Tighter than defaults; never looser.
anomalyThreshold— sensitivity to anomaly spikessevereDriftMagnitude— max behavioural drift before holdvetoFreqThreshold— vetoes before escalation- Substrate V1 defaults: 10 / 0.9 / 5 (lower = tighter)
Domain (per vertical)
Custom predicates and field bans in the adaptor certificate.
- Regulatory predicates (e.g. HIPAA PHI guard, ASIL level)
- Mandatory metadata (jurisdiction, compliance flags)
- Vertical-only surfaces (e.g.
jointLimitSurfacefor robotics) - STABLE / VOLATILE behavioural profile class
Adaptor architecture — external connections
Adaptors are external certified processes. Not part of the substrate. HTTP boundary only. The substrate never changes — only the adaptor configuration surface changes.
flowchart TB
subgraph VERTICALS["Industry verticals"]
HC["Healthcare"] & FT["Fintech"] & DF["Defence"] & EN["Energy"]
end
subgraph ADAPTORS["Certified adaptors — external"]
STREG["STABLE · 30–80 ms"]
VLREG["VOLATILE · 20–500 ms"]
end
subgraph CORE["Substrate — unchanged"]
BURN["Burn Orchestrator"] --> PIPE["Collapse + governance"] --> COCK["Dual-lane cockpit"]
end
HC & FT & DF & EN -->|"HTTP only"| STREG
HC & FT & DF & EN -->|"HTTP only"| VLREG
STREG --> BURN
VLREG --> BURN
classDef ext fill:#161920,stroke:#8b8f9a,color:#e0e2e8
classDef stable fill:#121820,stroke:#00B2FF,color:#e0e2e8
classDef volatile fill:#1f1814,stroke:#FF5E00,color:#e0e2e8
class VERTICALS,HC,FT,DF,EN ext
class STREG,BURN,PIPE,COCK stable
class VLREG volatile
Same substrate — different constraint surface per vertical. Open a Workflow Demo to walk through one domain.
Stable profile
- 30–80 ms latency
- 0.3% error rate
- Predictable — deterministic behaviour
Volatile profile
- 20–500 ms latency
- 5% error rate
- Unpredictable — real-world variance
Same substrate. Same collapse pipeline. Same governance. Different constraint surface per vertical.
| Vertical | Regulation | Status |
|---|---|---|
| Fintech | MiFID II, SOX | Proven |
| Healthcare | HIPAA, FDA 21 CFR Part 11 | Proven |
| Defence | NATO STANAG 4586, MIL-STD-882E | Proven |
| Insurance | Solvency II, IDD | Proven |
| Legal | EU AI Act (Art. 14), ECHR Art. 6 | Adaptor-ready |
| Energy | NERC CIP, IEC 62443 | Proven |
| Automotive | ISO 26262, SOTIF (ISO 21448) | Proven |
| Cybersecurity | NIST CSF 2.0, SOC 2 Type II | Proven |
| Supply Chain | EU CSRD, CSDDD, Basel III | Proven |
| EdTech | FERPA, COPPA, EU GDPR (Art. 22) | Adaptor-ready |
| Governed AI | No standard (substrate layer) | Proven |
Proven means architecturally compatible with the cited compliance requirements — not third-party certified. Hover for an example event; click any row for the full proof definition.
Shared envelopes, different values
Every vertical uses the same three envelope parameters. Values differ by risk posture. Domain predicates are additional — not substitutes for the shared substrate fields.
| Substrate field | Healthcare | Fintech | Defence | Automotive |
|---|---|---|---|---|
| anomalyThreshold | 3 | 5 | 2 | 2 |
| severeDriftMagnitude | 0.5 | 0.7 | 0.3 | 0.2 |
| vetoFreqThreshold | 2 | 3 | 1 | 1 |
| domain predicate | hipaa-phi-guard |
MiFID audit trail | HOSTILE → human override | ASIL + SOTIF guard |
Full parameter tables per vertical are on each Workflow Demo and in the compliance proof table above.
How configuration completes
No runtime self-service loosening. Configuration is a boot-time constitutional act.
Doctrine manifest
Vertical rules are authored as doctrine: envelope values, custom predicates, forbidden fields, and regulator references. Must inherit G₀–G₃ constraints.
Adaptor certificate
Signed manifest binds adaptorId, profile class (STABLE or VOLATILE), public key, and the vertical constraint surface. Validated before load.
Boot validation
Atom loads doctrine and certificates. If validation fails, the substrate halts — no partial admission. Two-gate admissibility: constitutional α₀ and adaptor-specific α˰
Runtime boundary
Envelope tuning within bounds may move on the adaptation surface (neurotrophic slow path). Constraint surface and predicates do not change without a new ratified deployment.
Proof on every cycle
Each emit produces an HMAC-signed governance certificate. Regulators replay decisions years later with identical output — configuration is evidenced, not asserted.
What you cannot configure
These are structural, not policy toggles.
Collapse operator sequence, veto irreversibility, identity set, or constitutional axioms at runtime.
Loosen envelope below substrate minimums, bypass custom predicates, or admit identity fields through an adaptor override.
Vertical index
Eleven adaptor surfaces. Select one for a full governed workflow demo.
Healthcare
HIPAA · FDA 21 CFR Part 11
3 / 0.5 / 2Fintech
MiFID II · SOX
5 / 0.7 / 3Defence
NATO STANAG 4586 · MIL-STD-882E
2 / 0.3 / 1Energy
NERC CIP · IEC 62443
2 / 0.3 / 1Automotive
ISO 26262 · SOTIF
2 / 0.2 / 1Cybersecurity
NIST CSF 2.0 · SOC 2
3 / 0.5 / 2Robotics
ISO 10218 · IEC 61508
2 / 0.2 / 1EdTech
FERPA · COPPA
4 / 0.6 / 3Insurance
Solvency II · IDD
4 / 0.6 / 3Legal
EU AI Act · ECHR Art. 6
3 / 0.4 / 2Supply Chain
EU CSRD · CSDDD
5 / 0.6 / 3
Index values are anomalyThreshold / severeDriftMagnitude / vetoFreqThreshold.