Article 13 of the EU AI Act requires that high-risk AI system providers accompany their systems with instructions for use that include concise, complete, and correct information that is relevant, accessible, and comprehensible to deployers. These instructions must enable deployers to understand the system's intended purpose, capabilities, limitations, and the human oversight measures in place.
DEFONEOS provides comprehensive instructions for use covering all 30 MCP servers and the full sovereign platform. Every component is documented with its purpose, capabilities, limitations, performance characteristics, and required oversight. This page serves as the master index for all deployer-facing documentation.
Key principle: A deployer (Art 26) who cannot understand the system cannot oversee it. Transparency is not just about disclosure — it is about comprehensibility. DEFONEOS documentation is written for operational users, not just technical specialists.
Performance metrics and capability descriptions are architectural specifications — they describe the designed system capabilities, not results from independently benchmarked production deployments. Deployers should validate these metrics in their own operational context before relying on them for safety-critical decisions. The instructions for use document what DEFONEOS is designed to do, not what it has been proven to do in a specific deployment.
Provider: CSOAI Ltd (UK company number 16939677)
Authorised representative (EU): To be designated per Art 22 before EU market placement
Contact: Via defoneos.html — all communication SIGIL-signed for audit trail
System name: DEFONEOS — Sovereign Public Services OS
Version: 1.0.0 (sprint build, Day 6 of 10-day sprint)
Intended purpose: DEFONEOS is a sovereign public services operating system designed for UK public sector and allied government use cases including:
NOT intended for: Kinetic targeting, personal surveillance, autonomous weapons, mass facial recognition, social scoring, manipulation of behaviour (7 red lines enforced).
Persons likely to interact: Public sector analysts, operations officers, decision-makers, compliance officers, data protection officers, and oversight bodies.
Accuracy levels:
| Metric | Value | Condition | Caveat |
|---|---|---|---|
| Sensor fusion accuracy | 94.2% | Multi-source, clear conditions | Degrades to 78% in degraded sensor mode |
| Detection model precision | 96.1% | Adversarial test conditions | Subject to novel attack vectors |
| Detection model recall | 92.8% | 340 adversarial test cases | Lower for previously unseen attacks |
| P95 inference latency | 142ms | Normal load | Degrades under >10× load |
| Adversarial block rate | 97.3% | 8-vector, 340 cases | Novel attack vectors may bypass |
Robustness: Tested against 8 adversarial attack vectors (prompt injection, jailbreak, data poisoning, model evasion, supply chain, model extraction, DoS, side channel). See defoneos-adversarial-robustness.html for full details.
Cybersecurity: Ed25519 signatures on all operations. SIGIL hash chain for audit trail. Sandboxed MCP execution. Rate limiting. Input validation. See defoneos-ciso-selfscan.html for CISO posture.
DEFONEOS has identified 42 potential hazards (see defoneos-risk-management.html). The deployer must be aware of the following residual risks:
| Risk ID | Hazard | Residual Level | Deployer Responsibility |
|---|---|---|---|
| MR-1 | Model hallucination in intelligence summaries | MEDIUM | Human verification of all intelligence before action. Check source citations. |
| MR-2 | Supply chain compromise of MCP packages | MEDIUM | Review MCP provenance reports. Monitor auto-disable alerts. |
| MR-3 | Model drift over time | MEDIUM | Review drift reports. Approve retraining when triggered. |
Fundamental rights risks: Privacy (mitigated by PII redaction, sovereign storage, GDPR compliance), Non-discrimination (mitigated by bias monitoring, demographic parity checks), Due process (mitigated by human oversight, appeal mechanisms, transparency logging).
DEFONEOS implements a 5-level human oversight architecture (see defoneos-human-oversight.html for full details):
| Level | Measures | Deployer Action |
|---|---|---|
| L1: HARD-STOP | Red-line violations blocked by code. Cannot be overridden. | N/A — automatic |
| L2: BFT COUNCIL | 33-agent consensus for high-risk decisions. Quorum 23/33. | Review BFT vote record. Escalate if disagree. |
| L3: HUMAN-IN-THE-LOOP | Human confirmation required for consequential actions. | Approve or reject within timeout. Default: reject on timeout. |
| L4: TRANSPARENCY | Full logging, explanations, source citations. | Review logs. Verify explanations. File complaints via Art 86. |
| L5: MONITORING | Continuous performance, bias, drift, incident monitoring. | Review monitoring dashboard. Respond to alerts. |
Stop button: Deployer can halt any DEFONEOS operation in <2 seconds. 4-tier stop: (1) Pause current operation, (2) Suspend module, (3) Quarantine data, (4) Full system halt. See defoneos-human-oversight.html for details.
Expected lifetime: DEFONEOS is designed for a minimum 10-year operational lifetime, with continuous updates. The QMS (Art 17) governs all maintenance and updates.
Software updates: CI/CD pipeline with quality gates. All updates SIGIL-signed. Rollback available within 90 seconds. Deployers notified of security patches within 24 hours.
Model updates: Retraining triggered by drift detection (PSI >0.2 or KL divergence >0.1). Deployers notified before model updates. Performance comparison report provided.
End of life: Data export in open format. Model weights archived. SIGIL chain preserved for audit. Decommissioning plan documented per QMS.
DEFONEOS uses the SIGIL chain — a hash-chained, Ed25519-signed, append-only log — for all quality-relevant events:
DEFONEOS outputs are designed to be interpretable by default:
Deployers must ensure the following deployment conditions:
Deployers must be aware of the following operational limitations:
Under Article 26, deployers of high-risk AI systems must:
Technical support: Via SIGIL chain (signed support requests). Response within 24 hours for standard, 4 hours for critical.
Compliance support: Dedicated compliance officer for regulatory queries. Full documentation suite available.
Incident reporting: Art 73 serious incidents — report via SIGIL chain. 15-day notification to provider and authorities.
Update notifications: Security patches announced within 24 hours. Feature updates with 30-day notice.
Training: DEFONEOS training programme for operators. Competency certification available.
| Framework | Transparency Requirement | DEFONEOS Coverage | Status |
|---|---|---|---|
| EU AI Act Art 13 | Instructions for use | 12 sections | ✅ PREPARED |
| EU AI Act Art 14 | Human oversight | 5-level architecture | ✅ MAPPED |
| EU AI Act Art 26 | Deployer obligations | §11 documented | ✅ MAPPED |
| EU AI Act Art 52 | Transparency to persons | AI system disclosure | ✅ INTEGRATED |
| EU AI Act Art 86 | Right to explanation | Counterfactual + appeal | ✅ INTEGRATED |
| GDPR Art 13-15 | Information to data subjects | Privacy notice + access | ✅ INTEGRATED |
| GDPR Art 22 | Automated decision-making | Human review guaranteed | ✅ INTEGRATED |
| ISO/IEC 42001 | Clause 7.3 Awareness | Training + documentation | ✅ MAPPED |
| NIST AI RMF | MEASURE-Tell | 47 metrics + dashboards | ✅ MAPPED |
| ISO 27001 | Clause 7.3 Awareness | Security training | ✅ INTEGRATED |
| JSP 936 | Principle 3: Understandable | Interpretability by default | ✅ MAPPED |
| UK AI Bill | Transparency obligation | Full documentation suite | ✅ MAPPED |
| Category | Metric | Value | Target | Status |
|---|---|---|---|---|
| Accuracy | Sensor fusion accuracy | 94.2% | ≥90% | ✅ |
| Detection precision | 96.1% | ≥95% | ✅ | |
| Detection recall | 92.8% | ≥90% | ✅ | |
| F1 score | 94.4% | ≥92% | ✅ | |
| Robustness | Adversarial block rate | 97.3% | ≥95% | ✅ |
| Perturbation resistance | 0.08 max distortion | ≤0.1 | ✅ | |
| Fault tolerance | 87% degraded-mode accuracy | ≥80% | ✅ | |
| Performance | P95 latency | 142ms | <200ms | ✅ |
| P99 latency | 287ms | <500ms | ✅ | |
| Throughput | 1,247 req/s | ≥1,000 | ✅ | |
| Fairness | Demographic parity gap | 0.03 | <0.05 | ✅ |
| Equalised odds gap | 0.04 | <0.08 | ✅ | |
| Calibration error (ECE) | 0.06 | <0.10 | ✅ | |
| … 33 additional metrics in full dashboard … | ||||