Use Cases
AI Governance Use Cases for Regulated IndustriesAny actor. Any system. Any sector.
The TAO protocol does not care whether the actor is human or AI, the system is a LIMS or a SCADA controller, or the regulator is FDA, NERC, or SEC. The gate is at the persistence layer. It applies to everything.
Regulatory Mapping
One structural property. Every framework.
Seven sectors. Thirty-five specific regulatory requirements. One structural property that satisfies all of them: prove what was authorized before it happened, by whom, and that the record has not been altered since.
| Requirement | Citation | How TAO satisfies it |
|---|---|---|
| Pharma & Life Sciences | ||
| Audit trail with attribution | 21 CFR Part 11 §11.10(e) | TAO receipt encodes who, what, when — before the write. A signed artifact produced before the action, not a log entry reconstructed after. |
| Electronic signature manifestation and record linkage | 21 CFR Part 11 §11.50 / §11.70 | TAO encodes signer identity, meaning, and timestamp (§11.50) and is cryptographically bound to the specific record it authorized — inseparable from that record (§11.70). |
| Authority checks — role and privilege enforcement | 21 CFR Part 11 §11.10(g) | Governance Plane validates role and privilege before issuing a TAO. The Reasoning Plane actor cannot self-authorize. Authority is structurally enforced — not configured or bypassable. |
| ALCOA+ — Attributable, Contemporaneous, Original, Accurate, Complete | GxP · GAMP 5 | TAO is generated at authorization time (Contemporaneous), encodes the specific actor (Attributable), precedes the record (Original), encodes exact action context (Accurate), and the chain is unbroken (Complete). |
| Change control for validated systems | GAMP 5 Cat 4–5 | Every configuration or software change to a validated system requires a TAO. Pre-execution authorization is the change record. Validation evidence is a native output. |
| Reviewer independence — approver ≠ executor | GxP separation of duties | Governance Plane is architecturally separated from the Reasoning Plane. The system that proposes an action cannot issue its own authorization. Structural, not configured. |
| Manufacturing & MES | ||
| Software process and device authentication | ISA/IEC 62443 SR 1.2 | TAO applies equally to human operators, automated pipelines, and AI optimizers. Every actor passes through the same gate regardless of type. |
| Auditable events | ISA/IEC 62443 SR 2.8 | TAO ledger captures every write attempt — authorized and blocked — pre-execution. Unauthorized attempts are logged in the dead letter vault. |
| Configuration change management | ISA/IEC 62443 SR 2.8 · NERC CIP-010-4 | Every recipe, parameter, or configuration change requires a TAO before the write proceeds. The authorization receipt IS the change record — auditable, pre-execution, and cryptographically bound. |
| Separation of duties — production auth ≠ execution | ISA/IEC 62443 · GAMP 5 | Governance Plane issues TAOs; Reasoning Plane executes. An operator who requests a change cannot authorize it from the same plane. |
| BES Cyber System access control | NERC CIP-007-6 | TAO-gated writes to operational technology systems. Compromised credentials still cannot write without a TAO from the separated governance layer. |
| Financial Systems | ||
| Model governance — AI output accountability | SR 11-7 (Model Risk Management) | AI model outputs are TAO-gated before altering positions or ledger entries. The TAO is the pre-execution model risk receipt — attributable, timestamped, tamper-evident. |
| Internal controls over financial reporting | SOX §302 / §404 | Structural separation of authorization and execution. No write to a financial record without a TAO. The control is architectural — it cannot be misconfigured away. |
| Record alteration prohibition | SOX §802 | Append-only ledger with cryptographic hash chain. There is no write path that allows record alteration without breaking the chain and invalidating all subsequent TAOs. |
| Protection and prevention — ICT security controls | DORA Art. 9 / Art. 17 | TAO chain provides cryptographic evidence of every write to operational systems. Unauthorized or anomalous write attempts are captured in the dead letter vault before they reach persistent state. |
| Transaction record keeping | MiFID II Art. 16 / Art. 25 | Every ledger write carries a TAO issued before execution. The audit artifact is the pre-execution receipt, not a post-trade reconstruction. |
| Critical Infrastructure | ||
| Electronic security perimeter — access enforcement | NERC CIP-005-7 | TAO gate enforces at the persistence layer — below the application, below the network perimeter. Bypassing the perimeter does not bypass the TAO requirement. |
| Privileged account management | NERC CIP-007-6 R5 | Privileged actions on BES Cyber Systems require a TAO from the separated Governance Plane. A compromised privileged account cannot write without a valid TAO. |
| Detect anomalies and events | NIST CSF DE.AE | Every unauthorized TAO request is a logged anomalous event — before the attempted write completes. Detection is pre-execution, not post-incident. |
| Protect data security | NIST CSF PR.DS | Append-only, cryptographic ledger. No data can be altered without invalidating the hash chain. Integrity is structural. |
| Healthcare | ||
| Access controls — unique user identification | HIPAA §164.312(a)(2)(i) | TAO binds to a specific authenticated principal. Every write is attributable to the exact actor — human or AI — that obtained the authorization. |
| Audit controls | HIPAA §164.312(b) | TAO chain is pre-execution and tamper-evident. Every EHR access produces a signed receipt before the access completes — not a log reconstructed after. |
| Integrity controls | HIPAA §164.312(c)(1) | Append-only ledger with cryptographic hash chain. PHI cannot be altered without breaking the chain — structural integrity, not access control. |
| Information blocking prevention | 21st Century Cures §4004 | TAO proves what was accessed, by whom, when — before the access occurs. Not a log that could be selectively retained. A proof that precedes the record. |
| AI clinical decision support accountability | ONC HTI-1 / NIST AI RMF | AI-suggested diagnoses and automated protocol triggers require a TAO before entering the clinical record. Same gate as human physician orders. |
| Defense & Government | ||
| AI system governance — accountability | NIST AI RMF GOVERN 1 | Governance Plane enforces AI governance policies structurally. AI actors cannot bypass the authorization gate. Every AI action is attributable and receipted before execution. |
| AI trustworthiness — ongoing evaluation | NIST AI RMF MEASURE 2 | TAO produces a cryptographic pre-execution receipt for every AI action. Trustworthiness is measurable from the ledger — every action attributable, every receipt verifiable. |
| AI system operation controls | ISO/IEC 42001 Clause 8 | Every AI system action that touches persistent state requires a TAO. The authorization is the control — structural, not policy-based. |
| Least privilege — non-privileged account use | CMMC AC.L2-3.1.5 / AC.L2-3.1.6 | Privileged actions require a TAO issued by the Governance Plane. Credentials on the execution side cannot self-issue. Separation is architectural. |
| Audit logging — user accountability | CMMC AU.L2-3.3.1 / AU.L2-3.3.2 | TAO ledger produces pre-execution receipts. Every action is attributable. The audit artifact exists before the action executes — not reconstructed after. |
| Configuration change management | CMMC CM.L2-3.4.3 | Every write to system configuration requires a TAO. Configuration drift is structurally prevented — not detected after the fact. |
| DevOps & Software Supply Chain | ||
| Build provenance — signed attestation | SLSA L2–L3 | TAO chain provides build authorization trail. Every production mutation carries a signed receipt issued before the mutation proceeds — provenance is pre-execution, not reconstructed. |
| Security requirements for development pipelines | SSDF PO.1 / PO.2 | Every deployment, secrets rotation, and infrastructure change requires a TAO. Pipeline steps are governed actors — same gate as human engineers. |
| Logical access controls | SOC 2 CC6.1 / CC6.2 | TAO gate enforces at the persistence layer. Access is not just controlled — it is receipted. Every authorized write produces a cryptographic artifact before it completes. |
| Change management | SOC 2 CC8.1 | Every production change requires a TAO. The TAO is the change record — pre-execution, signed, tamper-evident. No separate change management ticket needed to prove authorization. |
| Continuous monitoring | SOC 2 CC7.2 | TAO ledger provides a continuous, unbroken stream of pre-execution authorization evidence. Gaps in the chain are anomalies — detectable structurally. |
Pharma & Life Sciences
FDA 21 CFR Part 11 · GAMP 5 Cat 4–5 · ALCOA+
Problem
Every LIMS write, batch record update, and deviation log is a regulated electronic record. Current systems log who made the change. They cannot prove that the change was authorized before it happened.
STS-001
Every write to a LIMS, eDMS, or batch record system requires a TAO. Electronic signatures become pre-execution authorization artifacts. Reviewer independence is structural: the approving plane is architecturally separated from the actor that requested the change. Validation evidence is a native output, not a retrofit.
- ›21 CFR Part 11 electronic signatures by construction
- ›ALCOA+ — Attributable, Legible, Contemporaneous, Original, Accurate, Complete
- ›Batch record integrity: TAO-gated before durable write
- ›Deviation and CAPA workflows: pre-execution authorization for every state transition
Manufacturing & MES
ISA/IEC 62443 · GAMP 5 · NERC CIP
Problem
Process parameter changes, recipe updates, and batch release decisions affect product quality and safety. Policy-based controls are bypassed by misconfiguration or privilege escalation.
STS-001
TAO-gated writes for MES and historian changes. Process engineers, automated pipelines, and AI optimizers all pass through the same authorization gate. No TAO, no setpoint change. The authorization receipt is produced before the action proceeds.
- ›Recipe and batch parameter changes: TAO-gated pre-execution
- ›Automated process optimization: AI agent writes subject to same gate as human operators
- ›Historian and audit trail: cryptographic receipts, not editable log entries
- ›Separation of duties: production authorization ≠ production execution
Financial Systems
SR 11-7 · SOX · DORA · MiFID II
Problem
Trade execution, ledger entries, and position changes require pre-trade authorization and post-trade auditability. Existing systems provide audit logs — records of what happened. They do not provide pre-execution certificates — proof that authorization preceded the action.
STS-001
Every ledger write carries a TAO issued before execution and recorded with the audit trail. The result is not just a log of what happened. It is proof that authorization preceded the action — the distinction regulators increasingly require.
- ›Pre-trade authorization certificates: TAO is the proof, not the log entry
- ›Write and receipt bound together: no replay path
- ›Model risk governance (SR 11-7): AI model outputs are TAO-gated before altering positions
- ›DORA operational resilience: tamper-evident ledger by construction
Critical Infrastructure
NERC CIP · IEC 62443 · NIST CSF
Problem
SCADA/ICS configuration changes, setpoint writes, and firmware pushes can cause physical harm. Existing access controls are application-layer — bypassable by compromised credentials or privilege escalation.
STS-001
The TAO gate sits below ordinary application policy. A compromised operator account with valid credentials still cannot write to a controller without a TAO issued by a separated governance plane.
- ›Setpoint and configuration writes: TAO-gated before reaching the controller
- ›Firmware and software updates: pre-execution certificate required
- ›Compromised credentials: cannot issue TAOs from the execution side
- ›Supply chain: every upstream write to configuration stores is ledger-anchored
Healthcare
HIPAA · HITECH · 21st Century Cures
Problem
EHR writes, order entry, and diagnostic record updates are high-stakes actions. AI-assisted clinical workflows introduce new actors — models, agents, decision-support tools — with no consistent pre-execution authorization framework.
STS-001
Every EHR write — from any actor, human or AI — requires a TAO. Physician orders, AI-suggested diagnoses, and automated protocol triggers pass through the same gate. Authorization is a receipt, not an access log. Audit is a proof, not a reconstruction.
- ›EHR writes: pre-execution authorization for human and AI actors alike
- ›AI clinical decision support: model outputs are TAO-gated before entering the record
- ›HIPAA access audit: cryptographic receipts, not reconstructed logs
- ›Order entry: authorization context is bound before the order is created
Defense & Government
NIST AI RMF · ISO/IEC 42001 · CMMC
Problem
Privileged actions on classified or sensitive systems require tamper-evident proof of authorization. Existing audit systems record what happened. They do not prove that authorization preceded the action — and they are frequently retrofitted rather than architecturally enforced.
STS-001
TAOs are issued before execution and recorded in a tamper-evident ledger. The audit artifact is produced before the action executes — it is not a reconstruction. The governance plane is architecturally isolated from the systems it governs.
- ›Privileged actions: TAO required before any write to sensitive systems
- ›Tamper-evident receipts by construction, not by policy
- ›Autonomous agent pipelines: AI actions subject to same gate as human operators
- ›Zero-trust alignment: continuous pre-execution verification, not perimeter trust
DevOps & Software Supply Chain
SLSA · SSDF · SOC 2 Type II
Problem
Deployments, configuration changes, secrets rotation, and infrastructure mutations affect production systems. CI/CD pipelines run as privileged actors with broad access. Audit logs record what pipelines did — not whether each action was individually authorized before it happened.
STS-001
Every production write — deployment, config change, secrets rotation — requires a TAO. Pipeline steps are actors subject to the same governance gate as human engineers. The TAO is the deployment authorization receipt, produced before the write.
- ›Deployments: TAO required before any production mutation
- ›Secrets rotation: pre-execution authorization, cryptographic receipt
- ›Infrastructure-as-code: every applied change TAO-gated
- ›SLSA provenance: TAO chain provides build-to-deploy authorization trail
Your industry. Your compliance requirement. Our architecture.
Get in Touch