DoD AI Ethical Principles — ArgusAiTR Compliance#
The DoD's five AI Ethical Principles (Adopted 2020) are Responsible, Equitable, Traceable, Reliable, Governable. ArgusAiTR is designed against all five from the ground up — not bolted on. Specific implementation pointers are included so reviewers can audit the mapping by reading the code.
Responsible#
"DoD personnel will exercise appropriate levels of judgment and care while remaining responsible for the development, deployment, and use of AI capabilities."
ArgusAiTR posture: The operator owns every engagement decision. The system advises — it does not engage.
| Implementation | Where |
|---|---|
HITL hard gate: /op/engage_request is the only path that produces an "engage" event |
src/argus_aitr/hmi/server.py (POST /op/{action}) |
The frontend confirm() modal blocks accidental clicks |
src/argus_aitr/hmi/static/app.js |
No code path sends a CROWS slew command without an operator-recorded OperatorAction |
src/argus_aitr/integrate/crows_adapter.py (mock) |
| Operator handbook defines the responsibility chain | docs/operator-handbook.md |
Equitable#
"The Department will take deliberate steps to minimize unintended bias in AI capabilities."
ArgusAiTR posture: Threat assessment uses physical kinematics (range, closing speed, size envelope) — not appearance, identity, or demographic attributes. The system ingests no personal data.
| Implementation | Where |
|---|---|
| Threat rules are transparent and auditable; every verdict carries a reasoning string | src/argus_aitr/classify/threat_heuristic.py |
| Detector classes are flight-object proxies (airplane, bird, kite); no identity features | src/argus_aitr/detect/yolo_detector.py |
| Range priors are airframe categories, not personal characteristics | src/argus_aitr/range/monocular.py (DEFAULT_CLASS_PRIORS) |
| Post-award fine-tuning will use UAS imagery from licensed datasets; no biometric data | docs/roadmap.md |
Traceable#
"AI capabilities will be developed and deployed such that relevant personnel possess an appropriate understanding of the technology, development processes, and operational methods."
ArgusAiTR posture: Append-only structured audit log records every detection, classification, operator action, and CROWS command. Source code is public. Model lineage and training data sources are documented.
| Implementation | Where |
|---|---|
AuditLogger writes JSONL events for every notable pipeline transition |
src/argus_aitr/audit/log.py |
Every operator endpoint records an OperatorAction into the audit stream |
src/argus_aitr/hmi/server.py |
Threat verdicts include a human-readable threat_reasoning field |
src/argus_aitr/types.py (TrackedTarget) |
| Architecture, integration contract, and licensing documented for reviewers | docs/architecture.md, docs/integration-contract.md, docs/licensing.md |
| Repo is public Apache-2.0; OSS deps are catalogued with licenses | LICENSE, docs/licensing.md |
Reliable#
"AI capabilities will have explicit, well-defined uses, and the safety, security, and effectiveness of such capabilities will be subject to testing and assurance within those defined uses, across their entire life cycle."
ArgusAiTR posture: Defined use ("aided UAS detection and threat assessment against Group 1/2 UAS at 100–600 m, with mandatory human authorization for engagement"). Failsafe degradation. Test suite covers detection / track / range / perturbation / HMI handlers / failure paths.
| Implementation | Where |
|---|---|
SystemHealth.aitr_status exposes nominal / degraded / offline with quantitative notes |
src/argus_aitr/types.py, src/argus_aitr/pipeline.py |
| HMI banner flips to "AiTR DEGRADED — REVERT TO MANUAL" automatically on health change | src/argus_aitr/hmi/static/app.js |
| Pipeline auto-degrades on FPS below floor or repeated detector errors | src/argus_aitr/pipeline.py (_derive_status) |
| Perturbation simulator exercises the adverse-conditions branches deliberately | src/argus_aitr/stabilize/perturb.py |
Tests: 100+ in tests/ covering every module |
tests/ |
Governable#
"The Department will design and engineer AI capabilities to fulfill their intended functions while possessing the ability to detect and avoid unintended consequences, and the ability to disengage or deactivate deployed systems that demonstrate unintended behavior."
ArgusAiTR posture: Single-click /aitr/disable instantly takes the
AiTR pipeline offline; the operator continues with the raw video. The
system never sends CROWS commands autonomously.
| Implementation | Where |
|---|---|
/aitr/disable and /aitr/enable route flip the pipeline mode in a single call |
src/argus_aitr/hmi/server.py |
| HMI toggle button is always visible and always authoritative | src/argus_aitr/hmi/static/index.html (#aitr-toggle) |
| Mock CROWS adapter has no autonomous slew path — every command call is operator-attributed | src/argus_aitr/integrate/crows_adapter.py |
| Audit log records both disable and enable transitions | src/argus_aitr/audit/log.py |
| Production GVA adapter is stubbed pending governance review of the wire format | src/argus_aitr/integrate/crows_adapter.py (GVAAdapter) |
Summary#
ArgusAiTR's compliance posture is not an assertion — it is implemented in
code that reviewers can read. The audit log is the externally inspectable
artifact that ties every principle back to specific events. Post-award we
expand coverage with a formal ATO-style verification & validation plan
documented in docs/roadmap.md.