When AI systems begin to drive motors, brakes, steering, and robotic arms, a hallucinated or hijacked command no longer produces merely a wrong sentence — it produces real-world kinetic harm. As artificial general intelligence (AGI) and large-language-model-driven agentic systems move into humanoid robots, L4+ autonomous driving, and other embodied-AI settings, the boundary of AI safety has crossed from the informational domain into the cyber-physical domain. This paper argues that software alignment, semantic filtering, RTOS scheduling, and software watchdogs are structurally insufficient to guarantee kinetic safety, because the safety interruption itself must traverse the same software stack that can be delayed, bypassed, or misled. We propose an auditable physical safety shell that is independent of the AI planner and anchors trust at the physical boundary through physical-layer provenance, inertial continuity, dissipation traces, and a hardware interruption path. Three mechanisms are introduced: Causal Vacuum Detection (CVD) audits whether an actuation command carries an explainable physical dissipation trace; Spatial-Inertial phase Identification (SII) checks continuity with the machine's current inertial state; and a Zeno-Triggered Joule Latch (ZTJ-L) provides a de-energize-to-trip fail-safe below the operating system. The key contribution is to relocate high-integrity safety responsibility away from unverifiable model weights toward a smaller, third-party-testable physical component, and to map this shell onto IEC 61508, ISO 26262, ISO 13849, and ISO/PAS 8800:2024 — including a concrete defense against the "substantial modification trap" under Machinery Regulation (EU) 2023/1230. The result is a governance pattern in which, even when the model errs, hallucinates, or is jailbroken, human control remains verifiable at an auditable physical boundary.
Chin-Yu Hsu (Thu,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: