ABSTRACTDeployed AI systems in clinical and operational environments may drift from their validatedstate through configuration change, environmental shift, or adversarial interference.Regulators increasingly mandate post-deployment monitoring and immutable audit trails, butexisting frameworks define the obligation without prescribing a concrete implementationarchitecture. This paper presents ILAS — Integrity Layer for Agentic Systems — a candidatearchitectural specification addressing one bounded problem: detecting runtime configurationdrift from a validated baseline and maintaining a tamper-evident record of that state over time.ILAS defines five non-negotiable architectural elements, three telemetry assurance tiers, eightconditional monitoring modules, and a five-state verdict engine with explicit human oversightrequirements. Scope boundaries are hard: ILAS applies only to systems with boundedbehavior, an attested baseline, and a trusted telemetry path. The specification was developedthrough six rounds of structured adversarial review, with AI compliance bias documented as aparallel research finding. Human expert review in trusted computing, safety engineering, andproduct liability law is required before any deployment claim.
Frank Böhm (Thu,) studied this question.