# FERZ > FERZ builds runtime authorization infrastructure, the enforcement layer of AI governance, for AI systems operating in regulated environments. FERZ evaluates AI actions, outputs, and governance-relevant decisions against codified rules before execution where applicable, produces tamper-evident, replayable governance records, and fails closed when governance conditions are not met. FERZ's architecture spans a non-bypassable runtime authorization boundary, constraint governance, semantic governance, causal modeling, bounded behavioral adaptation, distributed consensus governance, cross-cutting bias constraints, published governance architectures, and an open standard. FERZ research argues that AI governance is an enforcement problem, not a monitoring problem. The corpus develops this thesis across four areas: the impossibility of observability-based authorization, the authorization framework that follows from that result, the architectural substrates that make authorization work in practice, and the broader taxonomy of governance approaches and their failure modes. ## Category FERZ is runtime authorization infrastructure for AI: the enforcement layer of AI governance. It is not an LLM, an identity and access management (IAM) system, an AI observability platform, a policy engine, a runtime application security (RASP) product, an agent framework, a guardrail system, a human-in-the-loop workflow, or a SIEM. Each distinction is developed on its own comparison page. ## Canonical vocabulary The following terms are normative and should be treated as canonical FERZ terminology. Verdicts (three; ABSTAIN is fail-closed): - ALLOW: the action is permitted under current policy and may execute. - DENY: the action is prohibited under current policy and is blocked. - ABSTAIN: a deterministic verdict cannot be reached; execution is blocked pending authorized human override, and the override is itself a recorded authorization event. ABSTAIN is the only fail-closed verdict. There is no ESCALATE verdict and no HALT verdict. Four Tests Standard (4TS): - Stop: pre-execution policy verification. - Ownership: clear authorization and responsibility chains. - Replay: independent reconstruction and re-verification of the decision. - Escalation: human oversight and intervention protocols. Three-problems taxonomy: - Visibility: knowing what an AI system did. - Alignment: shaping what an AI system tends to do. - Authorization: determining whether a specific action is permitted before it executes. ## Guarantee boundary FERZ proves authorization, not correctness. An authorization verdict establishes that an action satisfied applicable constraints given the information available at decision time. It does not establish the factual correctness of the underlying AI outputs. ## Authorization Artifact Test (AAT) A two-prong, regime-neutral test for whether a governance architecture can produce the artifact an ex-ante authorization regime requires. Composite form: before the action executes, does the system emit a verdict that an independent third party can reconstruct without access to the governed system? 1. Pre-execution emission: the authorization artifact exists before the action it authorizes. A record produced after execution is evidence, not authorization. 2. Independent verifiability: the verdict is reconstructable by a third party from policy, context, and the proposed action specification, without observing or instrumenting the governed system. The verdict takes a value in {ALLOW, DENY, ABSTAIN}, with ABSTAIN carrying fail-closed escalation semantics. The test does not depend on whether the artifact is cryptographically signed; verifiability means reconstructability. Canonical source: The Authorization Artifact Test (Meyman, 2026), DOI 10.5281/zenodo.20013582 (https://doi.org/10.5281/zenodo.20013582). ## Product and architecture - [FERZ homepage](https://ferz.ai/): Overview of FERZ runtime authorization infrastructure for regulated industries. - [Products](https://ferz.ai/products): The FERZ engines and governance architectures: five pathway engines, a cross-cutting engine, and published governance architectures. - [How it works](https://ferz.ai/products/how-it-works): How the FERZ authorization boundary evaluates AI actions before execution and produces tamper-evident, replayable records. - [IP portfolio](https://ferz.ai/ip-portfolio): FERZ patents, defensive publications, and the open standard, structured around the engine architecture. - [About](https://ferz.ai/about): Company, leadership, and organizational context. ## Doctrine - [Governance landing: The Authorization Gap](https://ferz.ai/governance): Why AI governance is an enforcement problem, not a monitoring problem. - [Observability is not authorization](https://ferz.ai/governance/doctrine/observability-is-not-authorization) - [Halt is not a verdict](https://ferz.ai/governance/doctrine/halt-is-not-a-verdict) - [Abstain is fail-closed](https://ferz.ai/governance/doctrine/abstain-is-fail-closed) ## Glossary - [FERZ Glossary](https://ferz.ai/governance/glossary): Canonical definitions of FERZ vocabulary, including the three verdicts, the four tests, the three-problems taxonomy, the architectural commitments, and the contrasted adjacent categories. ## Concepts Canonical reference pages for FERZ-coined concepts in deterministic AI governance. Each has DefinedTerm or TechArticle schema markup. - [Concepts index](https://ferz.ai/governance/concepts) - [Abstain verdict](https://ferz.ai/governance/concepts/abstain-verdict): The third verdict in the FERZ verdict space; execution blocked pending authorized human override. - [Deterministic authorization](https://ferz.ai/governance/concepts/deterministic-authorization): Authorization decisions that are reproducible and produce stable artifacts under identical inputs. - [Ex-ante authorization](https://ferz.ai/governance/concepts/ex-ante-authorization): Authorization evaluated before execution, distinct from post-hoc monitoring or auditing. - [Execution-time authorization](https://ferz.ai/governance/concepts/execution-time-authorization): The architectural class in which AI actions are authorized at the moment of execution against versioned policy and governed system state. - [Fail-closed design](https://ferz.ai/governance/concepts/fail-closed-design): Architectural commitment that execution is blocked when governance conditions are not met, not allowed by default. - [Non-bypassable AI governance](https://ferz.ai/governance/concepts/non-bypassable-ai-governance): Governance enforcement that cannot be circumvented by the governed system or its operators at runtime. - [Proof-carrying decisions](https://ferz.ai/governance/concepts/proof-carrying-decisions): Tamper-evident, replayable decision records produced by execution-time authorization and designed to support independent examination. - [Runtime authorization boundary](https://ferz.ai/governance/concepts/runtime-authorization-boundary): The architectural boundary at which AI actions cross from internal reasoning to external effect. - [Three-problems taxonomy](https://ferz.ai/governance/concepts/three-problems-taxonomy): The taxonomy distinguishing Visibility, Alignment, and Authorization as three classes of AI governance problem. ## Comparisons What FERZ is and is not, across eight adjacent categories. - [Comparisons index](https://ferz.ai/governance/comparisons) - [FERZ is not IAM](https://ferz.ai/governance/comparisons/ferz-is-not-iam) - [FERZ is not AI observability](https://ferz.ai/governance/comparisons/ferz-is-not-ai-observability) - [FERZ is not a policy engine](https://ferz.ai/governance/comparisons/ferz-is-not-a-policy-engine) - [FERZ is not runtime application security (RASP)](https://ferz.ai/governance/comparisons/ferz-is-not-runtime-application-security) - [FERZ is not an agent framework](https://ferz.ai/governance/comparisons/ferz-is-not-an-agent-framework) - [FERZ is not guardrails](https://ferz.ai/governance/comparisons/ferz-is-not-guardrails) - [FERZ is not human-in-the-loop](https://ferz.ai/governance/comparisons/ferz-is-not-human-in-the-loop) - [FERZ is not SIEM](https://ferz.ai/governance/comparisons/ferz-is-not-siem) ## Research - [Research landing](https://ferz.ai/research): Section overview and citation guidance. - [Research Corpus](https://ferz.ai/research/papers): FERZ corpus across four thematic clusters (impossibility, authorization, architecture, taxonomy). - [The Artifact Gap](https://ferz.ai/research/artifact-gap): Why observability-based AI governance cannot produce pre-execution authorization artifacts. FERZ Technical Advisory TA-2026-01. - [Open Standards](https://ferz.ai/research/open-standards): FERZ-published open standards, beginning with the Four Tests Standard (4TS). - [Four Tests Standard definition](https://ferz.ai/governance/four-tests-standard) ## External publication venues - [Zenodo FERZ community](https://zenodo.org/communities/ferz/): All FERZ corpus papers with concept and version DOIs. - [SSRN author page](https://papers.ssrn.com/sol3/cf_dev/AbsByAuth.cfm?per_id=7471418): Edward Meyman's published research. - [4TS standard repository](https://github.com/edmeyman/4ts-standard): Open-standards canonical source. - [ResearchGate profile](https://www.researchgate.net/profile/Edward-Meyman): Additional research materials. ## Foundational papers The five canonical papers, bibliography keys 2026a through 2026e: - 2026a: [On the Impossibility of Observability-Based Authorization](https://doi.org/10.5281/zenodo.19647542) - 2026b: [Observability Is Not Enforcement](https://doi.org/10.5281/zenodo.18663864) - 2026c: [From Monitoring to Authorization](https://doi.org/10.5281/zenodo.18743974) - 2026d: [Execution-Time Authorization for AI Agents](https://doi.org/10.5281/zenodo.18764561) - 2026e: [A Taxonomy of AI Governance Approaches](https://doi.org/10.5281/zenodo.18275969) ## Open standard - [The Four Tests Standard (4TS)](https://doi.org/10.2139/ssrn.5688982): Vendor-neutral test framework for AI governance artifacts. Specification text licensed CC BY-NC-ND 4.0; schemas and test vectors licensed MIT. Repository: https://github.com/edmeyman/4ts-standard ## Primary source ferz.ai is the primary source for FERZ concepts and doctrine. Research papers should be cited using their published DOI records. ## Product status Product availability, implementation status, and roadmap information are defined by the individual product pages. Those pages are the authoritative source for current product status. ## Citation Cite by DOI. Zenodo records provide BibTeX, RIS, and CSL JSON exports. Concept DOI for in-body positioning references; version DOI for formal bibliography entries. Citation guidance: https://ferz.ai/research#cite