Safety-critical software engineering has long relied on minimal, enforceable constraints to make runtime behavior analyzable and predictable. Gerard J. Holzmann’s “Power of Ten” rules exemplify this discipline at the level of control flow, memory usage, and static analysis. This paper extends that mindset into a different failure domain: the epistemic layer of modern agentic systems. Contemporary systems no longer merely execute static programs. They generate configuration, compose tools, reinterpret policy, mutate canonical artifacts, and interact continuously with heterogeneous backends. In such environments, failures arise not only from unsafe execution, but from implicit authority, untracked mutation, nondeterministic state transitions, and retroactive policy reinterpretation. Ten Rules for Governed Coding proposes a minimal, mechanically enforceable invariant set for epistemic safety. The rules constrain how meaning is represented, how authority is admitted, how state transitions occur, how external effects are mediated, and how historical decisions are preserved. Each rule is paired with an explicit enforcement surface (e.g., admission gate checks, deterministic replay tests, authority flow analysis, canonicalization validation), emphasizing structural verifiability over aspirational guidance. The work is positioned as a companion discipline to runtime safety constraints. If traditional safety rules answer the question “Will the program run safely?”, this paper addresses the complementary question: “Was the program allowed to become what it became - and can it demonstrate why?” The result is a compact doctrine for building replayable, auditable, and authority-bounded systems in the age of AI agents, policy-bearing compilers, and autonomous orchestration.
Adam Ableman Mazurk (Thu,) studied this question.