AI Capability Governance for Autonomous Systems

This paper introduces capability governance as a foundational architectural layer for autonomous systems, defining how system capabilities are specified, authorized, and controlled across their lifecycle. It establishes a capability-centric governance model that explicitly addresses adaptive and learning-based system behavior, ensuring that AI-driven capabilities remain controllable, auditable, and aligned with predefined operational and safety constraints. Related works: - A Governance Architecture for Safe and Bounded Autonomous Systems- Capability Lifecycle Governance in Autonomous Systems- Non-Bypassable Execution Control in Autonomous Systems- Safety-Bounded Autonomy in Distributed Autonomous Systems Autonomous systems increasingly integrate artificial intelligence capabilities operating in dynamic and safety-critical environments. As distributed systems and robot fleets scale and learning-based behaviors are deployed in real-world contexts, traditional governance approaches—based on static configuration or implicit system behavior—become insufficient to ensure safe capability deployment and operational compliance. This paper proposes a capability-governed system architecture in which all executable actions must be derived from explicitly defined and authorized capabilities. The framework introduces a lifecycle-based capability management model enabling controlled specification, validation, authorization, activation, monitoring, and revocation of capabilities across autonomous systems. Capability governance operates independently of execution control mechanisms and does not directly enforce system behavior. Instead, it defines the admissible capability space within which execution control mechanisms operate. This establishes a clear architectural separation between capability definition (what is allowed), execution control (what is executed), and runtime safety enforcement (what is safe). The architecture introduces a formal capability governance model comprising a lifecycle state model, an authorization function, and a structured representation of capability constraints. This enables consistent governance of capabilities across distributed systems and multi-agent environments, including coordinated capability management at fleet level. By structuring capability management as an explicit and enforceable architectural layer, the framework enables scalable governance of AI-driven systems while maintaining policy compliance, operational integrity, and safety constraints in dynamic environments. The architecture may be realized through different system-level mechanisms, including software-based control logic, hardware-assisted enforcement, or distributed governance structures. The formulation remains intentionally implementation-agnostic and focuses on architectural principles rather than specific technical realizations. The work contributes to the emerging intersection of autonomous systems architecture, AI governance, and cyber-physical systems engineering, and provides a foundation for scalable governance of learning-enabled autonomous systems. This work is part of a broader research program on governance and execution control in autonomous systems, including capability governance, safety-bounded autonomy, and non-bypassable execution control architectures.