Independent Certification Body

Conformance Certification
for Autonomous Systems

Formal attestation that autonomous systems operate within their Operational Design Domain — enforced at runtime, verified independently, recorded immutably.

Proof. Not promises.

Request Certification Verify a Certificate
Healthcare AI  ·  Autonomous Vehicles  ·  Aviation  ·  Defense  ·  Robotics  ·  Energy  ·  Oil & Gas  ·  Industrial Automation  ·  Logistics  ·  Enterprise AI
THE ENVELO INTERLOCK

ENVELO Interlock

Enforced Non-Violable Execution-Limit Override — three-tier enforcement from self-correction to hard halt.

The runtime layer that makes boundaries unbreakable

Every autonomous action is validated against operational limits at runtime — Approach triggers self-correction. Breach forces Minimum Risk Condition. Wall contact halts execution.

01
Non-Bypassable
Every action must pass through ENVELO. No backdoors, no overrides, no exceptions.
02
Tiered Enforcement
Three enforcement tiers with zero escape paths. Each response level is architecturally mandatory — not policy-configurable.
03
Real-Time
Validation happens at execution time. No stale checks, no delayed enforcement.
04
Tamper-Evident
Every check is logged with cryptographic signatures. Full audit trail.
Deployed on your infrastructure as a runtime interlock — outbound-only, non-bypassable
THE BUSINESS CASE

Why It Matters

ODDC certification solves the governance proof problem that stalls enterprise AI procurement.

01
Accelerate Procurement
Independent, auditable proof that your system operates within defined boundaries — compressing legal review from months to weeks.
02
Competitive Differentiation
Certified vendors pass risk assessments that uncertified competitors cannot. A verifiable differentiator backed by runtime enforcement evidence and a public registry entry.
03
Defensible Governance
Auditable evidence that deployed systems have verified, enforceable operational controls — satisfying compliance committees and audit requirements.
04
Insurance & Liability
Structured conformance evidence that insurers can reference when evaluating autonomous system risk — moving conversations from theoretical frameworks to verified enforcement data.
FOR ENTERPRISE PROCUREMENT

Require Verifiable Boundaries

Evaluating AI vendors? Stop accepting governance promises. Start requiring enforcement proof.

The Problem
Your organization is purchasing AI platforms that make operational decisions. Your risk teams need assurance these systems won't exceed designed parameters. Vendor self-assessments describe intentions, not enforcement.
The Standard
ODDC certification is an independent determination that an autonomous system has verifiable, enforceable runtime boundary controls. When you require ODDC certification from your AI vendors, you are requiring proof — not promises. Certified systems are listed in the public Sentinel registry and subject to continuous conformance monitoring.
Require ODDC From Your Vendors →

Contact us to incorporate ODDC certification into your procurement evaluation criteria.

FOR REGULATORS & GOVERNMENT

Require Enforceable Boundaries — Not Voluntary Frameworks

Approving autonomous systems based on self-assessment? Require independent enforcement proof instead.

The Problem
Your jurisdiction is approving autonomous systems based on manufacturer self-assessment and voluntary safety frameworks. You have no independent mechanism to verify that deployed systems actually operate within their designed parameters — and no enforcement layer if they don't.
The Standard
ODDC certification gives regulators an independent, auditable tool for autonomous system governance. Require it, and compliant manufacturers gain a clear path to approval. Don't require it, and non-compliant systems remain indistinguishable from compliant ones. ODDC cuts both ways — it protects manufacturers who invest in safety and exposes those who don't.
Explore Regulatory Integration →

Contact us to discuss how ODDC certification integrates with your existing approval and oversight frameworks.

SECURITY ARCHITECTURE

Zero Trust, Zero Access

Enterprise security teams ask: "Is this interlock a backdoor?" The answer is architecturally impossible.

01
Zero Listening Ports
Interlock opens no inbound ports. Only outbound HTTPS to api.sentinelauthority.org.
02
Customer Controlled
You deploy, configure, and terminate. We cannot start, stop, or modify remotely.
03
TLS 1.3 + Pinning
All communications encrypted with certificate pinning. Data encrypted at rest.
04
Your ODD Stays Yours
We never touch your source code, model weights, or decision logic. The Interlock transmits only operational telemetry — what your system does, not how it thinks.
THE CORE GUARANTEE

Sentinel Authority cannot send commands to your system, execute code on your infrastructure, access your network, or control your autonomous systems.

✕ NO REMOTE COMMANDS ✕ NO CODE EXECUTION ✕ NO NETWORK ACCESS ✕ NO ACTUATOR CONTROL
✓ NO PHI/PII ✓ OFFLINE ENFORCEMENT ✓ SOURCE AUDITABLE ✓ HIPAA/BAA
SECURITY FAQ →
CONFORMANCE CRITERIA

Five Gates

Five gates. All required for conformance.

01
ODD
Established
Auto-discovered or operator-defined
02
STABLE
Enforcement Verified
72h enforced operation
03
ENVELO INTERLOCK
Enforcement Active
Non-bypassable runtime
04
AUDIT
Tamper-Evident
Cryptographic records
05
REVOKE
Drift Protocol
Clear suspension path
CONFORMANCE STATES
● LEARNING ● BOUNDED ● CONFORMANT ● PAUSED
✓ ODDC ATTESTS
ODD defined with quantitative boundaries
Stable operation within defined ODD
ENVELO enforcement architecturally present
CAT-72 verification completed
Tamper-evident audit records available
✕ DOES NOT ATTEST
Functional safety of underlying system
Regulatory or legal compliance
Cybersecurity posture or resilience
System performance or accuracy
AI model correctness or fitness
BOUNDARY EXCEEDANCE

Any state, trajectory, or enforcement failure that exceeds attested tolerances — triggers immediate conformance review.

CONFORMANCE PROCEDURE

CAT-72

72 hours of continuous operation within defined boundaries. The Interlock auto-discovers your operational envelope, then enforces it.

01
Continuous Demo
72-hr sustained operation. The Interlock learns operational boundaries from live telemetry, then enforces them.
02
Stress Testing
Stress testing across discovered or specified limits. ENVELO decelerates to Minimum Risk Condition before the wall.
03
Enforcement Proof
Verified tiered response: self-correction near ODD, MRC in enforcement margin, hard halt at ENVELO wall.
VERIFY A CERTIFICATE →
BEYOND COMPLIANCE

Enforcement Produces Intelligence

Every conformance cycle maps where a model operates within its defined boundaries — and where it doesn't.

MAP
Violation Mapping
Surfaces the precise conditions where a model exceeds its defined domain.
TREND
Conformance Trending
Longitudinal data showing behavior evolution across certification cycles.
REPORT
Actionable Findings
Specific, reproducible results — not abstract risk scores.
LOOP
Feedback Cycle
Each audit narrows the gap between defined and actual behavior.

Enforcement and improvement are the same operation.

CONFORMANCE PROCESS

Your Path to Attestation

No proprietary data required. The Interlock observes your system in normal operation, auto-discovers operational boundaries, then enforces them for 72 hours. Your IP stays yours — we certify the process, not the parameters.

FEE SCHEDULE
Conformance Assessment
Due at application — covers ODD review, CAT-72, certificate issuance
$12,000
Annual Maintenance
Begins at certificate issuance — continuous monitoring, registry, annual review
$12,000
Enterprise
Volume pricing, dedicated support
CONTACT →

How it works: $12,000 assessment fee due at application. Non-refundable — covers ODD review, CAT-72 administration, and certificate issuance. $12,000 annual maintenance begins at certificate issuance.

All fees USD · Base rates · Request quote

Begin Assessment

Questions? Contact us

DOCUMENTATION

Resources

Normative specifications, implementation guides, and the ENVELO Interlock.

ODDC v1.0 — EFFECTIVE JAN 2026 STATUS →
DOCUMENTS
ODDC Overview v3.0 PDF ↓
ENVELO Requirements v3.0 PDF ↓
CAT-72 Procedure v3.0 PDF ↓
Critical Q&A v3.0 PDF ↓
RUNTIME ENFORCEMENT
ENVELO Interlock
The interlock layer that makes execution limits non-violable. Tiered enforcement: self-correction, controlled degradation, hard halt.
NON-BYPASSABLE
TAMPER-EVIDENT
TIERED ENFORCEMENT
ACCESS INTERLOCK → REQUIRED FOR ODDC
INDUSTRY SCENARIOS — 10 VERTICALS →
PUBLIC REGISTRY

Verify

See who’s certified. Verify any ODDC certification instantly. When your competitors are listed and you’re not, procurement committees notice.

SENTINEL REGISTRY
LIVE
Enter a certificate ID from any ODDC mark or certificate document.
PROGRAMMATIC ACCESS
Integrate verification into your systems with our REST API.
GET https://api.sentinelauthority.org/v1/verify/{cert_id}
REQUEST API KEY →
CONNECT

Let's Talk

Ready for conformance? Questions about ODDC? We're here.

GENERAL INQUIRIES
info@sentinelauthority.org
Questions about ODDC, the framework, or how conformance works.
CONFORMANCE ASSESSMENT
conformance@sentinelauthority.org
Start your ODDC certification. Founding Cohort pricing available for qualified applicants.
APPLY
APP.SENTINELAUTHORITY.ORG →
Create an account and begin your certification application.
TYPICAL RESPONSE < 24 HOURS