SentinelOps
BY INOCODE
UTC --:--:--DTG ------Z --- --
06 · INTEGRATION READINESS

System architecture

How SentinelOps ingests, reasons, and exposes decisions to operators and partner systems.

ARCH-01

DATA & DECISION FLOW

┌───────────┐   ┌──────────────┐   ┌──────────────┐   ┌─────────────────┐   ┌──────────────┐
│ Multi-    │ → │ Event        │ → │ Anomaly      │ → │ AI / RAG        │ → │ COA          │
│ source    │   │ normalization│   │ scoring      │   │ reasoning layer │   │ generation   │
│ ingestion │   │              │   │              │   │                 │   │              │
└───────────┘   └──────────────┘   └──────────────┘   └─────────────────┘   └──────┬───────┘
                                                                                   │
          ┌────────────────────┐   ┌──────────────────────┐   ┌──────────────┐    │
          │ API-ready          │ ← │ Explainability &     │ ← │ Simulation   │ ←──┘
          │ deployment         │   │ immutable audit trail│   │ engine       │
          └────────────────────┘   └──────────────────────┘   └──────────────┘
The reasoning and decision layers are isolated from ingestion: new sources or models can be swapped in without changing operator workflows, audit records, or partner APIs.
01

Multi-source data ingestion

SIMULATED

Streaming adapters normalise heterogeneous feeds into a single event bus. New sources are added via typed adapters without touching the reasoning layer.

  • AIS · radar · UAV detection nets
  • MET · OPS-NET patrol logs · harbour APIs
  • Pluggable adapter SDK (TypeScript / gRPC)
02

Event normalization

LIVE IN DEMO

Schema mapping, deduplication, and time alignment produce a canonical event with provenance and source health attached.

  • Canonical event schema with provenance
  • Per-source latency & health monitoring
  • Time alignment across mixed clocks
03

Anomaly scoring

SIMULATED

A hybrid rule + ML pipeline produces severity and confidence per anomaly, with human-tunable sensitivity per category.

  • Rule-based detectors + ML classifiers
  • Confidence and severity per anomaly
  • Operator-tunable sensitivity
04

AI / RAG reasoning layer

SIMULATED

Retrieval-augmented reasoning over doctrine, prior incidents, and current weather produces grounded structured briefs with citations.

  • Doctrine and prior-incident retrieval
  • Grounded briefs with citations
  • Model cards and confidence breakdown
05

COA generation

LIVE IN DEMO

Three to four candidate courses of action are produced and ranked by riskReduction × confidence, each with downsides and resource cost.

  • Multiple candidates, ranked transparently
  • Per-COA downsides and resource cost
  • Regenerable with deterministic seed
06

Simulation engine

LIVE IN DEMO

Operators toggle scenario variables and immediately see how each COA's expected time, risk reduction, and confidence shift versus baseline.

  • Per-COA impact matrix vs baseline
  • Persistent per-COA scenario snapshots
  • Shared seed with COA comparator
07

Explainability & audit trail

LIVE IN DEMO

Every AI suggestion exposes the factors that drove it; every operator action is signed and written to an immutable audit log.

  • Factor weights per recommendation
  • Immutable, signed decision log
  • Two-person approval enforced
08

API-ready deployment

ROADMAP

REST and webhook surfaces with RBAC. Deployable to sovereign cloud, on-prem, or hybrid topologies; compatible with allied message envelope formats.

  • REST + webhooks · RBAC · OIDC / mTLS
  • Sovereign cloud · on-prem · hybrid
  • Allied message-envelope compatible
ARCH-09

DEPLOYMENT & STANDARDS

DEPLOYMENT
  • › Sovereign cloud (per-nation tenancy)
  • › On-prem / air-gapped option
  • › Hybrid edge + central reasoning
SECURITY
  • › OAuth2 / OIDC · MFA · RBAC
  • › mTLS between services
  • › Signed, immutable audit trail
INTEROPERABILITY
  • › REST + webhooks · gRPC adapters
  • › Allied message-envelope compatible
  • › Pluggable model providers
DEMO MODE · SIMULATED DATA · NO REAL OPERATIONAL INFORMATION
DEMO MODE · SIMULATED DATA
PORT · Harbour authority reports no scheduled maintenance activity in the area.OPS · Patrol unit Bravo-2 available within 24 minutes.MET · Weather window closing in 38 minutes (sea state 5 forecast).RADAR · UAV activity detected 7 km north-east of asset perimeter.AIS · AIS signal unavailable for 4 minutes (MMSI 273-XXXXXX).AIS · Unidentified vessel changed course near restricted infrastructure zone.PORT · Harbour authority reports no scheduled maintenance activity in the area.OPS · Patrol unit Bravo-2 available within 24 minutes.MET · Weather window closing in 38 minutes (sea state 5 forecast).RADAR · UAV activity detected 7 km north-east of asset perimeter.AIS · AIS signal unavailable for 4 minutes (MMSI 273-XXXXXX).AIS · Unidentified vessel changed course near restricted infrastructure zone.