Post-Actuation Verification

Mechanism

The verification stage activates immediately after an actuator reports commit. Three structural inputs are gathered. The first is the predicted effect envelope produced by the planner: a region in observation-space that bounds where the sensed signature should lie if the command produced its intended physical consequence. The second is the observed effect, sampled through every channel that has visibility on the actuator's domain — encoder readback, downstream sensors, environmental telemetry, neighboring units' broadcast observations. The third is the noise model attached to each channel, which determines whether a residual is structural deviation or expected statistical variation.

The discrepancy operator computes the residual between observed and predicted effects, normalizes it against channel noise, and classifies it. Classification is multi-axial. The sensor axis captures whether the readback channel itself has drifted, miscalibrated, or failed; the model axis captures whether the planner's predicted envelope was wrong (control gain, latency assumption, parameter staleness); the environment axis captures whether the world changed between planning and commit (load, temperature, surface, occupancy); and the adversarial axis captures whether the residual signature matches a catalog of attribution patterns associated with deliberate interference. Each axis emits a graded score, not a boolean, and the four scores together form a discrepancy vector.

The remedial policy selector consumes the discrepancy vector and returns one entry from a governance-approved catalog: nominal acknowledgment, recalibrate, retry under tighter envelope, suspend the unit, escalate to a human supervisor, or quarantine and broadcast an adversarial alert. The selection function is itself credentialed: the unit cannot invent a remedial policy outside the catalog, and the catalog itself is signed by the governance authority that authorized the actuation class.

Every step of this sequence — readback, residual computation, axis classification, policy selection, policy execution — is appended to the actuation's lineage record. The lineage entry from the original commit and the verification entries form a single immutable transaction that subsequent consumers read as a unit.

Operating Parameters

The verification window — the interval during which observed effect must be sampled — is parameterized per actuation class. Fast actuations (millisecond-scale electromechanical commits) sample within tens of milliseconds; slow actuations (chemical dosing, thermal ramps) may sample over seconds or minutes. The window is bounded by the predicted effect's settling time and by an upper limit beyond which the verification is declared timed-out and the discrepancy classified as a sensor-axis fault.

Discrepancy thresholds along each axis are set by the governance class of the actuation. A low-consequence actuation may tolerate a larger residual before any axis crosses into anomaly territory; a safety-critical actuation may treat any residual outside the tightest envelope as a fault. Thresholds are not fixed at design time; they are revision-controlled parameters that propagate from the governance authority to the unit through the same credential channel that authorizes admissibility.

Channel weighting governs how multiple observation streams are fused into the observed-effect estimate. A unit with high-confidence local encoders and low-confidence environmental telemetry weights them differently than a unit relying primarily on neighbor broadcasts. Weights themselves carry confidence metadata so that downstream consumers can reason about how much of the verification rests on which evidence.

Policy execution latency budgets bound how long the remedial policy may take from selection to effect. A retry policy must complete before the next commit cycle begins; a quarantine policy must broadcast within the mesh's coordination window so that neighboring units do not act on stale assumptions about the suspended unit's state.

Alternative Embodiments

In a single-unit embodiment, verification operates entirely on local readback channels and the mesh-broadcast component is omitted; the lineage record is retained for local forensic use. In a fully meshed embodiment, every verification record is broadcast to neighboring units within a governance domain, and downstream planners explicitly subscribe to the verification stream of upstream units whose effects they depend on.

In an embodiment where the planner and the verifier are separate processes with separate credentials, verification doubles as integrity attestation: a planner cannot falsify its own verification because the verifier signs the record under a key the planner does not hold. In a co-located embodiment, the verifier is a trusted subroutine of the planner, and integrity rests on platform attestation rather than credential separation.

In stage-gated actuation, verification is invoked at each stage boundary, and progression to the next stage requires a nominal or noise-bounded classification. In partial-commit actuation, verification confirms that the partial effect matches the partial-commit envelope, and any axis-classified deviation aborts the remaining stages and triggers rollback per the remedial catalog.

In an embodiment with learned discrepancy classifiers, the four-axis classifier is itself a model whose outputs are calibrated against ground-truth incident data. In a deterministic embodiment, the classifier is a rule table reviewed by the governance authority, with no learned components, suitable for jurisdictions that require human-auditable decision logic.

Composition With Other Components

Verification composes with admissibility evaluation through a feedback edge. The discrepancy history of a unit feeds into its trust slope; a unit accumulating model-axis or sensor-axis discrepancies receives reduced admissibility weight in subsequent evaluations, and a unit accumulating adversarial-axis classifications is suspended pending governance review. This feedback closes the structural loop between past actuation reality and future actuation authorization.

Verification composes with mesh coordination by publishing each classified discrepancy as a credentialed observation. Neighboring planners that depend on the verifying unit's effect read the broadcast and adjust their own envelopes — a vehicle whose neighbor's lane-change actuation produced an anomaly tightens its following distance before the planner's next cycle, without waiting for the failure to propagate through physical coupling.

Verification composes with forensic reconstruction by guaranteeing that the lineage of any incident contains, for every actuation in the relevant window, the predicted envelope, the observed effect, the discrepancy vector, and the remedial policy invoked. Reconstructing causality reduces to walking the lineage; there is no missing-data problem because the record was written contemporaneously with the actuation.

Distinction From Prior Art

Closed-loop control architectures sample sensor feedback and feed it into the next planning cycle, but they do not classify the residual against a governance catalog or write a credentialed verification record. The feedback is consumed and discarded; only the resulting next-cycle command persists. Post-actuation verification differs by treating the residual itself as a first-class artifact with its own lineage entry, classification, and policy invocation.

Fault-detection-and-isolation systems compare observed signals to fault signatures and flag matches, but they typically operate as a parallel monitoring layer rather than as a structural stage of the actuation transaction. They do not bind their classifications to the specific commit they followed, and their outputs do not flow back into the admissibility surface that authorizes the next commit. Verification differs by being a stage of the transaction itself, with its record bound to the commit it verifies.

Anomaly-detection systems flag statistical outliers but do not separate sensor-axis from model-axis from environment-axis from adversarial-axis causation. The four-axis classifier is the structural primitive that lets remedial policy be selected on the basis of cause, not just on the basis of magnitude.

Failure Modes And Recovery

A verification stage can itself fail in characteristic ways, and the disclosure addresses each. The readback channel may be unavailable: the sensor that should observe the effect is offline, saturated, or returning data outside its calibrated range. In this case the verification stage emits a sensor-axis fault with a sub-classification of unavailability, and the remedial catalog typically returns a suspend-and-escalate policy because no inference about the actuation's true effect is possible. The verification record marks the actuation as unverified rather than as nominal or anomalous, and downstream consumers that read the lineage treat the unverified state as a distinct admissibility input.

The predicted envelope may be unavailable or stale. If the planner's model has been revoked, deprecated, or has not propagated a fresh prediction within the verification window, the residual cannot be computed. The verification stage emits a model-axis fault with a sub-classification of envelope unavailability, and the remedial catalog typically returns a hold policy: the unit is prevented from issuing further commands of the same actuation class until a fresh credentialed envelope arrives. This prevents a unit from continuing to act on the basis of a model whose predictions can no longer be checked.

The classifier itself may produce a low-confidence output. If all four axis scores fall in an ambiguous region — neither nominal nor clearly anomalous — the verification stage emits an indeterminate classification and the remedial catalog typically returns an evidence-gathering policy: additional readback samples, neighbor queries, or a bounded retry under a tighter envelope. Indeterminate classifications are themselves first-class lineage entries; they are not silently coerced into nominal acknowledgments. Forensic review can later distinguish a unit that operated cleanly from a unit that operated under repeated indeterminate verifications, even if no single verification crossed an anomaly threshold.

Adversarial-axis classifications carry distinct recovery semantics. Because the classifier's adversarial axis is itself a target — an attacker who can suppress the adversarial signal can convert their interference into a sensor-axis or environment-axis fault and receive a milder remedial response — the disclosure provides for cross-checking adversarial classifications against neighboring units' independent observations. A unit that classifies its own residual as non-adversarial while its neighbors classify the same effect signature as adversarial triggers a governance escalation in which the unit's classifier weights and credentials are reviewed.

Disclosure Scope

The disclosure covers any system in which an actuation transaction includes a structural verification stage that compares observed to predicted effect, classifies the residual along sensor, model, environment, and adversarial axes, selects a remedial policy from a governance-credentialed catalog, and writes the verification record into the same lineage as the original commit. The disclosure is not limited to physical actuators; it covers software-only commits whose effects are observable (database writes verified against expected indexes, network sends verified against acknowledgment patterns, configuration changes verified against telemetry).

The disclosure covers embodiments in which the verifier is co-located with the planner, separate from the planner, or distributed across mesh peers; embodiments in which the discrepancy classifier is learned, rule-based, or hybrid; and embodiments in which the remedial catalog is fixed at provisioning time or updated through credentialed governance broadcasts. The four-axis classification taxonomy is illustrative; jurisdictions or domains may extend it with additional axes (regulatory, contractual) without departing from the disclosed mechanism.