Architecture
Inspect service boundaries, data flow, trust boundaries, dependency choices, and separation of concerns.
Engineering Proof Lab
Public reference implementations for healthcare and regulated AI. Review the architecture, control boundaries, tests, evaluation logic, audit evidence, and operational failure handling directly in the source.
Read these repositories as architecture samples. The strongest signals are not feature count; they are explicit boundaries, enforceable controls, verifiable behavior, and operational discipline.
Inspect service boundaries, data flow, trust boundaries, dependency choices, and separation of concerns.
Trace where identity, PHI handling, policy enforcement, approvals, and audit evidence enter the system.
Review test coverage, evaluation criteria, deterministic checks, failure cases, and evidence artifacts.
Evaluate observability, retries, cancellation, backpressure, deployment gates, and incident traceability.
These repositories contain no client code or protected data. They isolate reusable patterns for the engineering decisions that matter in production regulated AI.
Four systems carry the primary architecture signal: governed retrieval, model risk, validated delivery, and verifiable execution evidence.
Healthcare RAG reference architecture with PHI detection, retrieval guardrails, audit logging, and evaluation metrics.
Public reference implementation
10 tests passing
Model-governance controls for healthcare ML, including bias analysis, fairness metrics, model cards, and approval evidence.
Public control framework
18 tests passing
Regulated MLOps reference architecture with IQ/OQ/PQ validation patterns, MLflow integration, registry controls, and audit trails.
Public platform pattern
12 tests passing
Cryptographic receipts for agent traces using hash chains, Ed25519 signatures, and JCS canonicalization.
Public verification primitive
26 conformance vectors passing
These repositories isolate integration, runtime, policy, evaluation, and application concerns used by the flagship architecture.
HIPAA references, PHI validation, security controls, and traceability.
Tested component
2 tests passing
FHIR R4 resource handling, integration boundaries, and exchange patterns.
Tested component
4 tests passing
Receipt canonicalization, signature verification, and CLI ergonomics.
Verification primitive
2 tests passing
Deny-by-default policy gates, tool-boundary decisions, and receipt output.
Tested component
7 tests passing
Scenario gates, bypass resistance, deterministic behavior, and regression tests.
Tested component
41 tests + 8 scenarios passing
Trace-chain rendering, redaction handling, and evidence review UX.
Application scaffold
4 tests, type check, and build passing
Identity-scoped retrieval, safe explanations, and healthcare agent flow.
Application scaffold
38 tests and build passing
SSE streaming, backpressure, cancellation, retry, and observability.
Tested component
51 tests and build passing
Begin with the integrated architecture and its trade-offs, then inspect the four flagship repositories. Use supporting components to trace specific controls and failure behavior.