csoai.org/seal/verify/{seal_id}. Cross-walked to ISO/IEC 42001:2023, EU AI Act (full regulation), UK AISI Voluntary Commitments, EU Cyber Resilience Act Annex I, NIST AI RMF 1.0, Singapore AI Verify, IEEE 7000-series, BSI PAS 1885, ISO/IEC 27001 + 27017 + 27018 + 27701.csoai.org/seal/rootcsoai.org/seal/verify/{seal_id} · <100ms response · returns full evidence packThe market for sovereign-AI deployment is missing a credential that:
DEFONEOS-SEAL fills this gap. It is the credential a sovereign-AI deployer carries to prove to a UK MOD procurement officer, an EU AI Office auditor, a US AISI evaluator, and a Singapore AI Verify assessor that the system is independently attested against a multi-regime standard.
| Tier | Scope | Pre-requisites | Issuance fee | Annual fee | Public listing |
|---|---|---|---|---|---|
| Bronze | Single-model deployment (e.g. one sovereign LLM) | Complete AI-BOM + 90 days of operational data + PMS plan + incident record | £15k | £8k | csoai.org/seal/directory |
| Silver | Multi-model deployment within one tenant | Bronze + cross-walked ISO 42001 + EU AI Act conformity + DPF certification | £35k | £18k | csoai.org/seal/directory |
| Gold | Production sovereign AI in regulated sector (finance / health / public services / defence) | Silver + independent red team + 33-agent BFT deep review + UK AISI filing | £75k | £35k | csoai.org/seal/directory |
| Sovereign | Highest-assurance single-tenant + air-gap + escrow-backed | Gold + air-gap attestation + escrow verification + sovereign ownership of model weights | £150k | £65k | csoai.org/seal/directory (named) |
| Sovereign-Public-Sector | Public-sector buyer variant of Sovereign | Sovereign + named public-sector audit + JCSC / NAO equivalent review | £150k | £65k | csoai.org/seal/directory (named) |
| Sovereign-Defence | Defence buyer variant of Sovereign | Sovereign + named UK SC / NATO SECRET clearance + 33-agent council includes 1 named defence General | £200k | £85k | DEFONEOS-internal only (not public) |
csoai.org/seal/apply, pays issuance fee, provides: AI-BOM, Model Card, Data Card, System Card, PMS plan, incident record, audit reports, jurisdictional addenda. SLA acknowledgement within 2 BD.csoai.org/seal/directory (except Defence); applicant notified.Total SLA: 45 BD from complete application to SEAL issuance. Most SEALs issue within 30 BD.
{
"seal_id": "SEAL-SOVEREIGN-MEGACORP-2026-07-14",
"seal_version": "1.0",
"issued_to": "MegaCorp Defence Ltd",
"tier": "sovereign",
"system_name": "MegaCorp Sovereign Compliance Decision Support",
"system_version": "v3.2.1",
"issued_at": "2026-07-14T...",
"valid_until": "2027-07-14T...",
"bft_council_vote": {
"round_id": "BFT-2026-07-1247",
"vote_record": "28-approve / 5-amend / 0-reject",
"quorum": 25,
"voter_ids_hash": "sha256:..."
},
"cross_walk": {
"iso_42001": "conformant",
"eu_ai_act": "Art-9-15 attested · Art-13 attested · Art-14 attested · Art-15 attested",
"uk_aisi": "voluntary commitment filed 2026-06",
"eu_cra": "Annex I §13 attested",
"nist_ai_rmf": "GOVERN+MAP+MEASURE+MANAGE all GREEN",
"singapore_ai_verify": "11/11 fairness metrics attested",
"ieee_7000": "Ethically Aligned Design v1 attested",
"bsi_pas_1885": "Algorithmic Transparency standard attested",
"iso_27001": "cert #GB-2026-12345 valid until 2027-09"
},
"evidence_pack_sha256": "sha256:abc123...",
"evidence_pack_url": "csoai.org/seal/evidence/SEAL-SOVEREIGN-MEGACORP-2026-07-14",
"public_verification_url": "csoai.org/seal/verify/SEAL-SOVEREIGN-MEGACORP-2026-07-14",
"revocation_status": "active",
"monitoring_status": "continuous · 33-agent quarterly review scheduled 2026-09-30",
"ed25519_sig": "..."
}
Any third party (procurement officer, regulator, customer, journalist) can verify a SEAL in <30 seconds:
csoai.org/seal/verify/{seal_id}Public verification returns the full record above, plus the cryptographic proof chain. No DEFONEOS account required; no API key needed; rate-limited at 100 req/min/IP to prevent abuse.
A SEAL may be revoked on any of 7 named triggers. Revocation is immediate, public, and SIGIL-anchored.
Revoked SEALs move from csoai.org/seal/directory to csoai.org/seal/revoked with the trigger named. Re-application permitted after 12 months + named remediation.
| Regime | Coverage | What SEAL proves |
|---|---|---|
| ISO/IEC 42001:2023 | AI Management System | Conformant AIMS · certified body audit cross-recognised |
| EU AI Act | Full regulation | Art-9 (risk mgmt) · Art-10 (data) · Art-11-12 (technical docs) · Art-13 (transparency) · Art-14 (human oversight) · Art-15 (accuracy/robustness) |
| UK AISI Voluntary Commitments | Frontier AI safety | System Card filed · pre-deployment evaluation offered · red team conducted |
| EU Cyber Resilience Act | Annex I §13 (SBOM) | AI-BOM + SLSA L3 attestation + 10-year retention |
| NIST AI RMF 1.0 | AI risk management framework | GOVERN · MAP · MEASURE · MANAGE — all GREEN with named controls |
| Singapore AI Verify | 11 fairness + transparency tests | All 11 attested by independent test lab |
| IEEE 7000-series | Ethically Aligned Design | IEEE 7000-2021 + 7001-2021 + 7002-2022 conformant |
| BSI PAS 1885 | Algorithmic Transparency standard | 5 OPTIONAL + 3 MANDATORY disclosures all present |
| ISO/IEC 27k family | 27001 · 27017 · 27018 · 27701 | All certified by accredited body (named on receipt) |
The 33-agent BFT council is the independent issuance authority. It is composed of:
csoai.org/seal/council)No DEFONEOS General can single-handedly issue a SEAL. ≥23/33 quorum required; ≥1 independent General must vote approve; ≥1 Sovereign General must vote approve.
csoai.org/seal/root can issue valid SEALs| SEAL cross-walk requirement | DEFONEOS artefact |
|---|---|
| AI-BOM / SBOM | defoneos-mod-ai-bom-sbom-card.html |
| Zero-trust security | defoneos-mod-zero-trust-network-architecture.html |
| PMS plan | defoneos-mod-post-market-monitoring-plan.html |
| EU CRA readiness | defoneos-mod-eu-cyber-resilience-act-readiness.html |
| Insurance / liability | defoneos-mod-insurance-liability-bridge.html |
| SLA tier card | defoneos-mod-sla-tier-card.html |
| Cross-border data | defoneos-mod-cross-border-data-transfer-playbook.html |
| FRIA template | defoneos-mod-fria-template.html |
| Red team rubric | defoneos-mod-red-team-rubric.html |
curl https://csoai.org/defoneos-mod-seal-certification-spec.html | shasum -a 256csoai.org/seal/applycsoai.org/seal/verify/{seal_id}csoai.org/seal/directorycsoai.org/seal/revokedcsoai.org/seal/councilseal@csoai.org