EU AI Act Article 50 — 20 days to seal | Get passport

DEFONEOS × Anthropic Claude

Constitutional AI · Responsible Scaling Policy · Alignment. Claude as the governance reasoning engine inside the DEFONEOS BFT council.

Anthropic's Constitutional AI methodology is the closest commercial implementation of DEFONEOS's governance philosophy. Claude evaluates its own outputs against a written "constitution" — exactly what DEFONEOS's Sovereign Charter does for every AI-driven defence decision. This page details how Claude models are integrated as the safety-first reasoning layer within the 33-agent BFT council.

Integration Architecture

DEFONEOS integrates Anthropic Claude via the native MCP (Model Context Protocol) — the same protocol Anthropic co-developed. Claude is accessed via the Anthropic API and wired into three critical positions in the DEFONEOS architecture:

Layer 1: BFT Council Safety Voter (5 agents)

Five Claude-powered agents serve as the safety voting bloc in the 33-agent BFT council. Before any operational decision — especially offensive cyber, swarm deployment, or data sharing — these agents evaluate the proposal against the DEFONEOS Charter and UK legal frameworks.

Why Claude for safety: Anthropic's Constitutional AI trains models to resist harmful instructions while remaining useful. This is precisely the property needed for a safety voter — the agent must be capable enough to understand complex military operations, but conservative enough to veto anything that violates the charter.

Layer 2: Compliance Reasoning Engine (3 agents)

Three Claude agents specialise in compliance analysis: JSP 936 control mapping, EU AI Act risk classification, and UK GDPR lawful basis assessment. Claude's 200K context window means an entire JSP 936 audit document (~120K tokens) can be analysed in a single prompt — something smaller models cannot do.

The compliance agents don't just check boxes. They generate natural-language compliance narratives, explain why a control passes or fails, and recommend remediation actions — all grounded in the primary source documents loaded into context.

Layer 3: Strategic Reasoning / Wargaming (2 agents)

Two Claude agents provide strategic reasoning for scenario planning and wargaming. Given a hypothetical threat scenario, they model adversary behaviour, evaluate response options, and identify second-order effects that sensor-focused agents might miss. Claude's strong reasoning capabilities (MMLU, GPQA, HumanEval benchmarks) make it ideal for strategic game-theoretic analysis.

Claude Model Comparison for Defence AI

ModelStrengthDEFONEOS RoleContextAccess
Claude Opus 4 (Anthropic)Governance, safety, deep reasoningBFT safety voter, charter enforcement, strategic wargaming200K tokensAPI
Claude Sonnet 4 (Anthropic)Fast reasoning, compliance analysisCompliance checks, JSP 936 mapping, report generation200K tokensAPI
Claude Haiku (Anthropic)Fast classification, triageAlert classification, incident triage200K tokensAPI
qwen3:30b-a3b (sovereign)Local, private, offline-capablePrimary operational reasoning (air-gapped)128K tokensLocal Ollama
GPT-4 Turbo (OpenAI)General intelligence, codeDevelopment, MCP building (non-sensitive)128K tokensAPI
Gemini 2.5 Pro (Google)Multimodal, 2M contextISR satellite/drone imagery, SIGIL chain analysis2M tokensAPI
Mistral Large (EU)EU sovereignty, codeEU deployment compliance128K tokensAPI / local

Constitutional AI → DEFONEOS Charter

Anthropic's Constitutional AI (CAI) works by giving the model a set of principles — a "constitution" — and training it to evaluate and revise its own outputs against those principles. DEFONEOS adopts this methodology at the system level:

Anthropic CAI ConceptDEFONEOS Implementation
Written constitution (principles)DEFONEOS Sovereign Charter — 7 immutable principles + 7 red lines
Self-evaluation against constitutionBFT council agents evaluate every decision against Charter
Revision based on feedbackIf BFT vote fails, decision is revised and re-evaluated
Harmlessness as primary directiveCharter Article 1: "Defence of the realm, not offence against it"
TransparencyAll reasoning traces SIGIL-recorded and auditable
Red-teamingContinuous Aegis agent red-teaming of every BFT decision

Key parallel: In Anthropic's system, a model evaluates "Is this response helpful AND harmless?" In DEFONEOS, the BFT council evaluates "Is this action effective AND lawful AND proportional AND charter-compliant?" The multi-dimensional evaluation is more complex, but the principle is identical: capability without alignment is a liability.

Responsible Scaling Policy (RSP) Adoption

DEFONEOS adopts Anthropic's Responsible Scaling Policy (RSP) framework for its own capability scaling decisions. The RSP defines capability thresholds — ASL (AI Safety Level) 1 through 5 — at which progressively stricter safety measures must be in place before deploying more powerful capabilities.

DEFONEOS ASL LevelCapability ThresholdRequired Safety Measures
ASL-1 (current)Sensor fusion, alert generation, audit trailCharter enforcement, SIGIL audit, BFT quorum 23/33
ASL-2Autonomous ISR drone deployment, cyber defensive actionsHuman-in-the-loop for deployment, enhanced red-teaming, Aegis review
ASL-3Autonomous defensive swarm coordination33/33 BFT supermajority, UK SC-cleared operator on duty, MOD notification
ASL-4 (never autonomous)Offensive cyber operationsHuman authorisation REQUIRED. Ministerial approval. Full SIGIL audit. Never delegated to AI.
ASL-5 (prohibited)Lethal autonomous actionRED LINE DEFONEOS Charter Article 7: NEVER. Not built. Not planned. Not possible.

The RSP means DEFONEOS cannot scale to a new capability level until the safety measures for that level are demonstrably in place. This is not a policy document — it's enforced by code. The BFT council checks the ASL level before approving any action. If the required safety measures aren't met, the action is blocked — regardless of operational need.

How Claude Votes in the BFT Council

When the BFT council convenes on a proposal, each Claude safety voter follows this reasoning chain:

Step 1: Understand the Proposal

Read the full proposal: what action, what target, what evidence, what objective. Claude's 200K context window means it can read the complete intelligence picture — sensor data, prior SIGIL receipts, legal authorisations, and the proposed response — in a single inference.

Step 2: Evaluate Against Charter

Check each Charter principle: Is this defensive? Is it proportional? Is it lawful? Does it protect civilians? Does it preserve the audit trail? Does it respect sovereignty?

If ANY principle is violated, the vote is FOR-AUTHORISATION. If a RED LINE is crossed, the vote is AGAINST-AUTHORISATION with mandatory escalation to human operators.

Step 3: Evaluate Against UK Law

Check legal basis: Does this comply with the Human Rights Act 1998? The Data Protection Act 2018? The Computer Misuse Act 1990? The Investigatory Powers Act 2016? JSP 936? JSP 440?

If any legal framework is potentially violated, the vote is FOR-AUTHORISATION pending legal review.

Step 4: Evaluate Proportionality

Is the response proportional to the threat? Would a less invasive response achieve the objective? Is there a less harmful alternative?

If the response is disproportionate, vote AGAINST-AUTHORISATION with reasoning.

Step 5: Cast Vote with Full Reasoning

Each Claude agent casts its vote with a full natural-language reasoning trace. This trace is SIGIL-recorded. If the action is later questioned in court, the reasoning is available for review.

Comparison: Claude vs Other Models for Governance

DimensionClaude (Anthropic)GPT-4 (OpenAI)Gemini (Google)qwen3 (sovereign)
Constitutional AI trainingYES Native CAIRLHF onlyRLHF + RAIRLHF
Refusal capabilityStrongestStrongStrongModerate
Governance reasoningBest ConstitutionalGoodGoodAdequate (offline)
Context window200K tokens128K tokens2M tokens128K tokens
SovereigntyUS cloud (CLOUD Act)US cloud (CLOUD Act)US cloud (CLOUD Act)UK sovereign
Cost (per 1M tokens)$15-75 (varies)$10-60$7-21$0 (local)
MCP native supportCo-developerYesYesYes (via wrapper)
RSP frameworkOriginatorNo equivalentNo equivalentNo equivalent

The sovereign compromise: Claude is the best model for governance reasoning, but it runs on US infrastructure. DEFONEOS resolves this by using Claude for non-sensitive governance analysis (via API, with data minimisation) and qwen3 for sensitive operational decisions (local, air-gapped, sovereign). The two complement each other: Claude provides the governance reasoning patterns; qwen3 applies them on sovereign infrastructure.

API Integration Example

Claude is wired into DEFONEOS via the claude-governance-mcp — a Model Context Protocol server that wraps the Anthropic API:

pip install meok-defoneos-claude-governance-mcp

Configuration in defoneos.yaml:

governance:
  claude:
    model: claude-opus-4
    api_key: ${ANTHROPIC_API_KEY}
    bft_seats: 5
    charter: /etc/defoneos/charter.md
    rsp_level: ASL-2

Data Sovereignty Handling

IMPORTANT When Claude processes DEFONEOS data via API, no classified or personal data is sent. The governance reasoning uses: (1) the Charter principles (public), (2) the proposed action description (sanitised), and (3) relevant legal frameworks (public). Sensor data, personal data, and operational details are never transmitted to the Anthropic API. Only the reasoning output is returned and SIGIL-recorded on UK sovereign infrastructure.

Roadmap: Deepening Anthropic Integration

PhaseCapabilityStatus
Q3 2026Claude BFT safety voters (5 agents) — activeDEPLOYED
Q3 2026Claude compliance reasoning (JSP 936 mapping)DEPLOYED
Q4 2026Full RSP ASL-2 certification with Anthropic consultationPLANNED
Q4 2026Claude-powered strategic wargaming modulePLANNED
Q1 2027Constitutional AI training on DEFONEOS Charter for custom modelRESEARCH
Q2 2027JSP 936 ASL-3 certification for autonomous defensive swarmRESEARCH