Security model
Offline by design.
The security model relies on constrained scope: local execution, model isolation, clinic-held physical custody, and no remote administrative access.
Offline by design
No cloud dependencies.
Network disabled at boot
System boots with network interfaces disabled. No telemetry, analytics, or third-party SDKs are present.
Air-gapped by default
Air-gapped operation is the default mode. Network connectivity is not required for any core function.
Signed media updates
Updates arrive as signed media packages installed manually under operator control.
No remote backup
Sealed export workflows replace any remote backup requirement.
Local hardware only
Performance targets assume single-GPU local workstations.
Model isolation
Versioned, local, explicit.
Local model loading
Weights live on encrypted storage. No remote fetches.
No dynamic updates
Models change only via signed releases with inspectable changelogs.
Explicit versioning
Every record embeds model and prompt versions for audit replay.
Models have no network access and cannot initiate external communication.
No remote administrative access is available after deployment.
Attack surface
Threats and mitigations.
Physical access
Tamper-evident seals and custody logs mitigate unauthorized hardware access.
Peripheral tampering
Pre-capture device checks and attestation block unknown peripherals.
Operator misuse
Training requirements, skip prompts, and audit trails reduce misuse risk.