Constitutional AI · Responsible Scaling Policy · Alignment. Claude as the governance reasoning engine inside the DEFONEOS BFT council.
Anthropic's Constitutional AI methodology is the closest commercial implementation of DEFONEOS's governance philosophy. Claude evaluates its own outputs against a written "constitution" — exactly what DEFONEOS's Sovereign Charter does for every AI-driven defence decision. This page details how Claude models are integrated as the safety-first reasoning layer within the 33-agent BFT council.
DEFONEOS integrates Anthropic Claude via the native MCP (Model Context Protocol) — the same protocol Anthropic co-developed. Claude is accessed via the Anthropic API and wired into three critical positions in the DEFONEOS architecture:
Five Claude-powered agents serve as the safety voting bloc in the 33-agent BFT council. Before any operational decision — especially offensive cyber, swarm deployment, or data sharing — these agents evaluate the proposal against the DEFONEOS Charter and UK legal frameworks.
Why Claude for safety: Anthropic's Constitutional AI trains models to resist harmful instructions while remaining useful. This is precisely the property needed for a safety voter — the agent must be capable enough to understand complex military operations, but conservative enough to veto anything that violates the charter.
Three Claude agents specialise in compliance analysis: JSP 936 control mapping, EU AI Act risk classification, and UK GDPR lawful basis assessment. Claude's 200K context window means an entire JSP 936 audit document (~120K tokens) can be analysed in a single prompt — something smaller models cannot do.
The compliance agents don't just check boxes. They generate natural-language compliance narratives, explain why a control passes or fails, and recommend remediation actions — all grounded in the primary source documents loaded into context.
Two Claude agents provide strategic reasoning for scenario planning and wargaming. Given a hypothetical threat scenario, they model adversary behaviour, evaluate response options, and identify second-order effects that sensor-focused agents might miss. Claude's strong reasoning capabilities (MMLU, GPQA, HumanEval benchmarks) make it ideal for strategic game-theoretic analysis.
| Model | Strength | DEFONEOS Role | Context | Access |
|---|---|---|---|---|
| Claude Opus 4 (Anthropic) | Governance, safety, deep reasoning | BFT safety voter, charter enforcement, strategic wargaming | 200K tokens | API |
| Claude Sonnet 4 (Anthropic) | Fast reasoning, compliance analysis | Compliance checks, JSP 936 mapping, report generation | 200K tokens | API |
| Claude Haiku (Anthropic) | Fast classification, triage | Alert classification, incident triage | 200K tokens | API |
| qwen3:30b-a3b (sovereign) | Local, private, offline-capable | Primary operational reasoning (air-gapped) | 128K tokens | Local Ollama |
| GPT-4 Turbo (OpenAI) | General intelligence, code | Development, MCP building (non-sensitive) | 128K tokens | API |
| Gemini 2.5 Pro (Google) | Multimodal, 2M context | ISR satellite/drone imagery, SIGIL chain analysis | 2M tokens | API |
| Mistral Large (EU) | EU sovereignty, code | EU deployment compliance | 128K tokens | API / local |
Anthropic's Constitutional AI (CAI) works by giving the model a set of principles — a "constitution" — and training it to evaluate and revise its own outputs against those principles. DEFONEOS adopts this methodology at the system level:
| Anthropic CAI Concept | DEFONEOS Implementation |
|---|---|
| Written constitution (principles) | DEFONEOS Sovereign Charter — 7 immutable principles + 7 red lines |
| Self-evaluation against constitution | BFT council agents evaluate every decision against Charter |
| Revision based on feedback | If BFT vote fails, decision is revised and re-evaluated |
| Harmlessness as primary directive | Charter Article 1: "Defence of the realm, not offence against it" |
| Transparency | All reasoning traces SIGIL-recorded and auditable |
| Red-teaming | Continuous Aegis agent red-teaming of every BFT decision |
Key parallel: In Anthropic's system, a model evaluates "Is this response helpful AND harmless?" In DEFONEOS, the BFT council evaluates "Is this action effective AND lawful AND proportional AND charter-compliant?" The multi-dimensional evaluation is more complex, but the principle is identical: capability without alignment is a liability.
DEFONEOS adopts Anthropic's Responsible Scaling Policy (RSP) framework for its own capability scaling decisions. The RSP defines capability thresholds — ASL (AI Safety Level) 1 through 5 — at which progressively stricter safety measures must be in place before deploying more powerful capabilities.
| DEFONEOS ASL Level | Capability Threshold | Required Safety Measures |
|---|---|---|
| ASL-1 (current) | Sensor fusion, alert generation, audit trail | Charter enforcement, SIGIL audit, BFT quorum 23/33 |
| ASL-2 | Autonomous ISR drone deployment, cyber defensive actions | Human-in-the-loop for deployment, enhanced red-teaming, Aegis review |
| ASL-3 | Autonomous defensive swarm coordination | 33/33 BFT supermajority, UK SC-cleared operator on duty, MOD notification |
| ASL-4 (never autonomous) | Offensive cyber operations | Human authorisation REQUIRED. Ministerial approval. Full SIGIL audit. Never delegated to AI. |
| ASL-5 (prohibited) | Lethal autonomous action | RED LINE DEFONEOS Charter Article 7: NEVER. Not built. Not planned. Not possible. |
The RSP means DEFONEOS cannot scale to a new capability level until the safety measures for that level are demonstrably in place. This is not a policy document — it's enforced by code. The BFT council checks the ASL level before approving any action. If the required safety measures aren't met, the action is blocked — regardless of operational need.
When the BFT council convenes on a proposal, each Claude safety voter follows this reasoning chain:
Read the full proposal: what action, what target, what evidence, what objective. Claude's 200K context window means it can read the complete intelligence picture — sensor data, prior SIGIL receipts, legal authorisations, and the proposed response — in a single inference.
Check each Charter principle: Is this defensive? Is it proportional? Is it lawful? Does it protect civilians? Does it preserve the audit trail? Does it respect sovereignty?
If ANY principle is violated, the vote is FOR-AUTHORISATION. If a RED LINE is crossed, the vote is AGAINST-AUTHORISATION with mandatory escalation to human operators.
Check legal basis: Does this comply with the Human Rights Act 1998? The Data Protection Act 2018? The Computer Misuse Act 1990? The Investigatory Powers Act 2016? JSP 936? JSP 440?
If any legal framework is potentially violated, the vote is FOR-AUTHORISATION pending legal review.
Is the response proportional to the threat? Would a less invasive response achieve the objective? Is there a less harmful alternative?
If the response is disproportionate, vote AGAINST-AUTHORISATION with reasoning.
Each Claude agent casts its vote with a full natural-language reasoning trace. This trace is SIGIL-recorded. If the action is later questioned in court, the reasoning is available for review.
| Dimension | Claude (Anthropic) | GPT-4 (OpenAI) | Gemini (Google) | qwen3 (sovereign) |
|---|---|---|---|---|
| Constitutional AI training | YES Native CAI | RLHF only | RLHF + RAI | RLHF |
| Refusal capability | Strongest | Strong | Strong | Moderate |
| Governance reasoning | Best Constitutional | Good | Good | Adequate (offline) |
| Context window | 200K tokens | 128K tokens | 2M tokens | 128K tokens |
| Sovereignty | US cloud (CLOUD Act) | US cloud (CLOUD Act) | US cloud (CLOUD Act) | UK sovereign |
| Cost (per 1M tokens) | $15-75 (varies) | $10-60 | $7-21 | $0 (local) |
| MCP native support | Co-developer | Yes | Yes | Yes (via wrapper) |
| RSP framework | Originator | No equivalent | No equivalent | No equivalent |
The sovereign compromise: Claude is the best model for governance reasoning, but it runs on US infrastructure. DEFONEOS resolves this by using Claude for non-sensitive governance analysis (via API, with data minimisation) and qwen3 for sensitive operational decisions (local, air-gapped, sovereign). The two complement each other: Claude provides the governance reasoning patterns; qwen3 applies them on sovereign infrastructure.
Claude is wired into DEFONEOS via the claude-governance-mcp — a Model Context Protocol server that wraps the Anthropic API:
pip install meok-defoneos-claude-governance-mcp
Configuration in defoneos.yaml:
governance:
claude:
model: claude-opus-4
api_key: ${ANTHROPIC_API_KEY}
bft_seats: 5
charter: /etc/defoneos/charter.md
rsp_level: ASL-2
IMPORTANT When Claude processes DEFONEOS data via API, no classified or personal data is sent. The governance reasoning uses: (1) the Charter principles (public), (2) the proposed action description (sanitised), and (3) relevant legal frameworks (public). Sensor data, personal data, and operational details are never transmitted to the Anthropic API. Only the reasoning output is returned and SIGIL-recorded on UK sovereign infrastructure.
| Phase | Capability | Status |
|---|---|---|
| Q3 2026 | Claude BFT safety voters (5 agents) — active | DEPLOYED |
| Q3 2026 | Claude compliance reasoning (JSP 936 mapping) | DEPLOYED |
| Q4 2026 | Full RSP ASL-2 certification with Anthropic consultation | PLANNED |
| Q4 2026 | Claude-powered strategic wargaming module | PLANNED |
| Q1 2027 | Constitutional AI training on DEFONEOS Charter for custom model | RESEARCH |
| Q2 2027 | JSP 936 ASL-3 certification for autonomous defensive swarm | RESEARCH |