EU AI Act Article 50 — 20 days to seal | Get passport
🐉

Training Academy & Certification

5 tracks · 47 modules · 120 hours · Hands-on labs · DEFONEOS-CERT credentials · BFT-governed certification issuance

v1.0.0 OPEN ENROLLMENT
5
Cert Tracks
47
Modules
120h
Total Duration
23
Hands-on Labs
5
Cert Levels
£0
Open Source

🎖️ Certification Tracks

DEFONEOS offers 5 certification tracks, from field operator to strategic commander. All certifications are BFT-council verified, SIGIL-anchored, and portable across UK defense and allied organizations.

🥉DEFONEOS-CERT Operator (DFO-CO)
🥈DEFONEOS-CERT Developer (DFO-CD)
🥇DEFONEOS-CERT Architect (DFO-CA)
🔐DEFONEOS-CERT Security (DFO-CS)
DEFONEOS-CERT Commander (DFO-CC)

📡 Track 1: DEFONEOS Operator (DFO-CO)

🥉 Operator Certification LEVEL 1 8 MODULES 16 HOURS

For field operators, ISR analysts, and mission specialists who use DEFONEOS to conduct operations. No programming required. Focus on real-time tool usage, COP management, and ISR tasking.

Prerequisites

Basic computer literacy. UK BPSS clearance minimum. Familiarity with TAK/ATAK concepts preferred.

Modules

DFO-CO-01: DEFONEOS Overview & Mission1.5h · Theory
Architecture overview, 7-layer stack, mission context, UK sovereign design principles, red lines (kinetic/surveillance), BFT governance overview, SIGIL audit chain introduction.
DFO-CO-02: COP Operations (Cesium 3D Globe)2h · Lab
Navigating the Common Operating Picture. Layer management (satellite/AIS/ADS-B/sensor feeds). Entity tracking. Time slider. Measurement tools. Export COP snapshots for briefing.
DFO-CO-03: ISR Tasking & Detection Review2h · Lab
Tasking YOLOv8 ISR detections. Reviewing automated detections. Confidence threshold adjustment. False positive management. Sensor tasking orders via FreeTAKServer CoT.
DFO-CO-04: Multi-Sensor Fusion2h · Lab
Correlating detections across video/RF/AIS/ADS-B/satellite feeds. Fusion confidence scoring. Track lifecycle management. Intelligence reporting from fused tracks.
DFO-CO-05: C2 & Tasking via FreeTAKServer2h · Lab
Creating and managing CoT (Cursor on Target) events. Tasking orders. Team coordination. TAK client configuration. AAR (After Action Review) generation from SIGIL chain.
DFO-CO-06: Alert Management & Escalation1.5h · Theory
Configuring alert thresholds. Escalation chains. BFT council notifications. Red-line proximity alerts. Automated response protocols (within DEFONEOS-Charter rules).
DFO-CO-07: SIGIL Audit & Reporting1.5h · Lab
Reading SIGIL chain events. Generating compliance reports (JSP 936). Exporting audit trails for regulators. Chain verification. Tamper detection.
DFO-CO-08: Practical Assessment3.5h · Exam
Live scenario: Yorkshire flood response. Operate DEFONEOS for 3-hour simulated mission. Task ISR, manage COP, generate AAR, export compliance pack. Pass = 80% competency.

Assessment & Certification

PRACTICAL Hands-on scenario exam (80% pass) + THEORY Written test 30 questions (75% pass). Certification valid 2 years. BFT-council co-signs DEFONEOS-CERT.

💻 Track 2: DEFONEOS Developer (DFO-CD)

🥈 Developer Certification LEVEL 2 12 MODULES 32 HOURS

For software engineers building MCP servers, extending DEFONEOS capabilities, or integrating external systems. Python proficiency required.

Prerequisites

Python 3.12+ proficiency. Git. Docker. REST API design. DFO-CO certification recommended.

DFO-CD-01: MCP Protocol Deep Dive3h · Lab
JSON-RPC 2.0 spec. MCP server lifecycle. Tool registration. Discovery handshake. Error handling. Federation topology. Building your first MCP server from scratch.
DFO-CD-02: Building MCP Servers (Mavis Pattern)4h · Lab
The 7-file slim MCP pattern (mavis). server.py, tools.py, README.md, pyproject.toml, Dockerfile, docker-compose.yml, tests/. Ship a complete MCP from zero to federation in one session.
DFO-CD-03: SIGIL Integration2h · Lab
Ed25519 signing. Chain append. Verification. How every MCP tool call produces a SIGIL receipt. Building auditable tools.
DFO-CD-04: YOLOv8 Fine-Tuning Pipeline3h · Lab
Dataset preparation (COCO format). 5-fold cross-validation. Training loop with Ultralytics. Export to ONNX/TensorRT/CoreML. Deployment to edge (Jetson Orin). mAP evaluation.
DFO-CD-05: Cesium Integration3h · Lab
Entity management on 3D globe. Custom data sources. CZML feeds. GeoJSON ingestion. Real-time track updates. Heatmap layers. COP export.
DFO-CD-06: FreeTAKServer Integration2h · Lab
CoT event schema. Creating/managing CoT events. Team channels. Data packages. TAK bridge to DEFONEOS MCP federation.
DFO-CD-07: REST API Development3h · Lab
FastAPI service layer. OAuth2 + JWT (Ed25519). WebSocket streams. Rate limiting (4-tier). OpenAPI generation. 87-endpoint DEFONEOS API.
DFO-CD-08: Testing (5-Layer Pyramid)2h · Lab
L0 Static (ruff+mypy+bandit). L1 Unit (pytest-xdist). L2 Property-based (hypothesis). L3 Contract (schemathesis). L4 E2E (playwright). 90.6% coverage target.
DFO-CD-09: Docker & Kubernetes Deployment2h · Lab
Distroless containers. Multi-arch builds (ARM64 + x86_64). RKE2 manifests. Helm charts. Health checks. Rolling updates.
DFO-CD-10: Edge Deployment (Jetson)2h · Lab
Jetson Orin NX/ Nano setup. JetPack 6.0. TensorRT INT8 quantization. Power management. Air-gap deployment. Offline SIGIL sync.
DFO-CD-11: CI/CD Pipeline (10-Gate)2h · Lab
GitHub Actions. 10-gate pipeline: lint → type-check → unit → integration → security scan → contract → E2E → build → deploy → verify. Auto-rollback.
DFO-CD-12: Capstone Project4h · Project
Build a complete new MCP server: register in federation, SIGIL-integrated, tested at 85%+ coverage, deployed to edge, documented. Reviewed by BFT council technical reviewers.

🏗️ Track 3: DEFONEOS Architect (DFO-CA)

🥇 Architect Certification LEVEL 3 9 MODULES 24 HOURS

For solution architects designing DEFONEOS deployments, integrating with enterprise systems, and defining operational architectures. Requires DFO-CD.

DFO-CA-01: 7-Layer Architecture Mastery3h · Theory
Deep dive into each of the 7 layers. Inter-layer contracts. Deployment topology design. Trade-off analysis (latency vs. coverage vs. cost).
DFO-CA-02: Federation Design3h · Lab
Designing multi-domain MCP federations. Domain decomposition. Tool composition patterns. Federation scaling (single → 4-node → N-node).
DFO-CA-03: Cloud Architecture (UK Sovereign)2h · Theory
5 UK sovereign cloud regions. Terraform IaC patterns. RKE2 cluster design. GPU pool management. Network segmentation. Disaster recovery.
DFO-CA-04: Edge Architecture2h · Lab
Field node design (Jetson Orin NX). Drone payload design (Orin Nano). Disconnected operations. SIGIL chain sync on reconnect. Power/thermal management.
DFO-CA-05: C2 Architecture (FreeTAKServer)2h · Lab
TAK server federation. CoT routing. Multi-team C2. Bridge to legacy systems (Link 16 simulation, JADC2 concepts). AAR architecture.
DFO-CA-06: Multi-Sensor Fusion Architecture3h · Lab
Sensor taxonomy. Fusion algorithms (JDL Level 0-5). Track management. Association rules. Confidence propagation. COP architecture.
DFO-CA-07: BFT Governance Architecture2h · Theory
33-agent council design. Quorum engineering. Byzantine tolerance math. Charter enforcement. DEFONEOS-SEAL issuance flow.
DFO-CA-08: Partner Integration Architecture3h · Lab
5 integration paths (MCP Federation, REST, WebSocket, C2 Bridge, SIGIL Sync). OAuth2 flows. SDK design. Onboarding patterns.
DFO-CA-09: Architecture Review Board4h · Assessment
Present a complete DEFONEOS deployment architecture for a real-world scenario (e.g., UK brigade-level ISR + C2). Defended before panel of 3 certified architects + 2 BFT council members.

🔐 Track 4: DEFONEOS Security (DFO-CS)

🔐 Security Certification LEVEL 3 10 MODULES 28 HOURS

For security professionals responsible for DEFONEOS hardening, compliance, and audit. Requires DFO-CD. UK SC clearance required for certification issuance.

DFO-CS-01: Zero-Trust Architecture3h · Lab
SPIFFE workload identity. mTLS all services. Service mesh (Istio). Network policies. Secrets in GPG-encrypted vault. Air-gap design.
DFO-CS-02: Ed25519 & PQC Cryptography2h · Theory
Ed25519 signing (SIGIL chain). PQC readiness: ML-DSA-65 (Dilithium), ML-KEM-768 (Kyber). Quantum threat timeline. Migration path.
DFO-CS-03: Morris-II Worm Defense3h · Lab
AI-agent worm propagation vectors. Prompt injection scanner. Tool-call sandboxing. SIGIL chain quarantine. Outbreak response playbooks.
DFO-CS-04: Supply Chain Security2h · Lab
SBOM generation (CycloneDX). Dependency scanning (pip-audit, safety). Container scanning (Trivy). Signed images (Cosign). Reproducible builds.
DFO-CS-05: JSP 936 Compliance Engineering3h · Lab
JSP 936 requirements decomposition. Auto-generation of compliance artifacts. Evidence collection from SIGIL chain. Regulator replay.
DFO-CS-06: 14-Framework Compliance Map2h · Theory
EU AI Act, UK AI Bill 2025, GDPR, DPA 2018, ISO 42001, ISO 27001, SOC 2, NIST CSF, JSP 936, JSP 440, JSP 604, National Security Act 2023, Cyber Essentials, AUKUS ITAR.
DFO-CS-07: Penetration Testing DEFONEOS4h · Lab
OWASP testing. API fuzzing. MCP protocol fuzzing. Prompt injection attempts. Chain tamper attempts. Privilege escalation. Report writing.
DFO-CS-08: Incident Response & Forensics3h · Lab
SIGIL chain forensics. Tamper detection. Timeline reconstruction. Evidence preservation. CISO escalation matrix (Green/Yellow/Orange/Red).
DFO-CS-09: Air-Gap Security2h · Lab
Air-gap deployment procedures. Media transfer protocols. Virus scanning. Integrity verification. Compartment separation.
DFO-CS-10: Security Assessment4h · Exam
Hands-on: harden a DEFONEOS deployment from scratch. Pass all 6 security scanners (bandit/pip-audit/safety/ZAP/semgrep/Morris-II). Generate full JSP 936 compliance pack. Pass = 85%.

⭐ Track 5: DEFONEOS Commander (DFO-CC)

Commander Certification LEVEL 5 8 MODULES 20 HOURS

For strategic leaders commanding DEFONEOS-enabled operations. Focus on decision-making, governance, ethics, and strategic capability employment. Requires DFO-CA + DFO-CS. UK SC clearance mandatory.

DFO-CC-01: Strategic Capability Employment3h · Theory
When to deploy DEFONEOS capabilities. ISR-to-decision cycles. Swarm employment doctrine. Fusion-driven intelligence. Competitive advantage vs. adversary systems (Palantir, CCP DORADO).
DFO-CC-02: BFT Governance & Charter2h · Theory
The 33-agent council. Charter articles. Red lines (immutable). DEFONEOS-SEAL credential. How governance constrains and enables operations. Escalation protocols.
DFO-CC-03: Legal & Ethical Frameworks3h · Theory
International humanitarian law. UK AI Bill 2025. JSP 936 operational compliance. NATO AI Strategy. AUKUS principles. Distinction/proportionality/military necessity in AI-enabled operations.
DFO-CC-04: Multi-Domain Operations2h · Theory
DEFONEOS across land/sea/air/space/cyber. Sensor-to-shooter timelines (sensor-to-decision only — DEFONEOS is NOT a kinetic targeting system). Coalition interoperability.
DFO-CC-05: Decision Exercises (Wargaming)4h · Lab
3 scenario-based decision exercises: (1) Yorkshire flood response, (2) maritime ISR in the North Atlantic, (3) coalition peacekeeping ISR. Real-time DEFONEOS operation under pressure.
DFO-CC-06: After Action Review & Continuous Improvement2h · Lab
SIGIL-driven AAR. Performance metrics analysis. Lessons learned integration. Capability gap identification. Feedback to development pipeline.
DFO-CC-07: Partner & Coalition Integration2h · Theory
Five-Eyes interoperability. AUKUS data sharing. NATO STANAG compliance. Coalition SIGIL chain sharing. Sovereignty preservation in coalition ops.
DFO-CC-08: Commander's Assessment2h · Exam
Oral board before 5 BFT council members + 1 external UK defense reviewer. Strategic scenario discussion. Ethical reasoning. Capability employment rationale. Pass = unanimous.

🗺️ Recommended Learning Path

Week 1-2
DFO-CO: Operator Certification
Start here. Learn to USE DEFONEOS before building or commanding it. 16 hours. No prerequisites.
Week 3-4
DFO-CD: Developer Certification
Learn to BUILD. MCP servers, APIs, integrations, testing. 32 hours. Requires Python + DFO-CO.
Week 5-6
DFO-CA: Architect OR DFO-CS: Security
Choose specialization. Architecture (24h) or Security (28h). Both require DFO-CD. Can pursue both.
Week 7-8
DFO-CC: Commander Certification
Strategic level. Requires DFO-CA + DFO-CS + SC clearance. 20 hours. Oral board assessment.
Ongoing
Continuing Education
Annual recertification. New module releases each DEFONEOS version. BFT-council verified CPD tracking.

🧪 Sample Lab: DFO-CD-02 — Build Your First MCP

Lab Objective

Build a complete DEFONEOS MCP server from zero to federation in one 4-hour session.

Lab Steps

1
Scaffold — Create the 7-file Mavis pattern: mkdir defoneos-weather-mcp && cd defoneos-weather-mcp. Create pyproject.toml, server.py, tools.py, README.md, Dockerfile, docker-compose.yml, tests/test_tools.py.
2
Implement Tools — Write 3 tools: get_weather(lat, lon), get_wind_direction(lat, lon), get_visibility(lat, lon). Each returns JSON + SIGIL receipt.
3
SIGIL Integration — Import from defoneos.sigil import sign_and_log. Wrap each tool call: result = sign_and_log(tool_name, params, result). Every call is now auditable.
4
Test — Write pytest tests for all 3 tools. Use hypothesis for property-based tests (input ranges, output schema). Target 85%+ coverage. pytest --cov=defoneos_weather_mcp --cov-report=term-missing
5
Dockerize — Distroless base image. Multi-stage build. ARM64 + x86_64. docker buildx build --platform linux/arm64,linux/amd64 -t defoneos-weather-mcp:latest .
6
Register in Federationpython -m defoneos.federation register --server defoneos-weather-mcp --port 8721. Federation hub auto-discovers your 3 tools.
7
Verify — Call your tool through the federation: curl -X POST http://localhost:3101/mcp -d '{"method":"tools/call","params":{"name":"get_weather","arguments":{"lat":53.8,"lon":-1.5}}}'. Confirm SIGIL receipt in response.
8
Document — Write README with installation, tool descriptions, examples, SIGIL verification instructions. Submit for BFT technical review.

📋 Certification Process

How Certification Works

StepActionWhoTime
1Complete all modules in trackCandidate (self-paced)Track-dependent
2Pass practical assessment (hands-on scenario)Candidate2-4 hours
3Pass theory test (30-50 questions)Candidate1 hour
4Assessment reviewed by technical reviewers5 BFT Technical Reviewers48 hours
5Council vote on certification issuanceBFT-33 Council (quorum 23/33)5 minutes
6DEFONEOS-CERT credential issued (Ed25519-signed)System (auto on vote pass)Instant
7Credential registered on SIGIL chainSystemInstant
8Candidate notified + credential portableSystemInstant

Credential Verification

# Anyone can verify a DEFONEOS-CERT credential:
curl https://defoneos.vercel.app/api/v1/verify-cert?cert_id=DFO-CC-2026-0042

# Response:
{
  "cert_id": "DFO-CC-2026-0042",
  "holder": "[REDACTED - BPSS minimum]",
  "track": "Commander",
  "level": 5,
  "issued": "2026-07-15T10:30:00Z",
  "expires": "2028-07-15T10:30:00Z",
  "bft_vote": {"for": 31, "against": 0, "abstain": 2, "quorum_met": true},
  "sigil_ref": "S|cert-issue|DFO-CC-2026-0042|ed25519:8a4cc85da8dbba21...",
  "valid": true
}

Recertification

All DEFONEOS certifications are valid for 2 years. Recertification requires: (1) completion of delta modules for new versions, (2) passing refresher assessment, (3) BFT council re-vote. CPD tracking is automatic via SIGIL chain.

🎓 Delivery Modes

📹 Online Self-Paced

All 47 modules available as video + interactive labs. Free. Open source. Complete at your own pace. Hands-on labs via cloud sandbox (Jetson Orin simulator).

🏫 Instructor-Led

5-day intensive courses. UK-based. Maximum 12 students per cohort. Hands-on with real Jetson Orin hardware. Delivered by DFO-CC certified instructors. £2,400/person.

🏕️ On-Site (Unit)

Customized training at your unit/brigade HQ. Full deployment setup. Scenario-based exercises tailored to your operational context. Minimum 8 students. POA.

❓ Certification FAQ

Is DEFONEOS training free?

Yes. All 47 modules are open source and free online. The DEFONEOS-CERT assessment has a £150 admin fee (covers BFT council compute + credential issuance). Instructor-led courses are £2,400/person.

Do I need security clearance?

DFO-CO and DFO-CD: BPSS minimum. DFO-CA and DFO-CS: SC clearance required for certification issuance. DFO-CC: SC clearance mandatory, DV preferred for certain modules.

Is the certification recognized outside DEFONEOS?

DEFONEOS-CERT is an open credential. The BFT-council verification and SIGIL chain anchoring provide audit-grade proof of competency. Recognition by UK MOD, NATO, and Five-Eyes partners is being pursued through the DASA and NATO DIANA channels.

Can I take modules out of order?

Within a track, modules are sequential (each builds on the previous). You can take tracks in any order, but the recommended path is CO → CD → CA/CS → CC.

What happens if DEFONEOS updates?

Each major version release adds delta modules. Certified professionals complete delta modules + refresher quiz to maintain certification. No full re-examination needed for minor versions.