AI inside the perimeter your nation drew.
The procurement file asks where the model weights physically reside. The IT-Sicherheitsbeauftragter wants the air-gap diagram. Your minister has been briefed on hyperscaler exposure. None of these have soft answers any more.
Aethos is the AI deployment that has a defensible answer to every one of those questions — written, signed, and built that way from the first line.
You.
Ministry · agency · armed force · critical infrastructureAn organ of the state.
You are a federal or state ministry, a public agency, a defence procurement office, an armed-services IT command, an intelligence body, or the IT operator of a critical- infrastructure entity — energy, water, telecoms, transport, rail, hospitals. NIS2 is now law in your jurisdiction. The KRITIS-Verordnung — or its national equivalent — has named you. Your IT-Sicherheitsbeauftragter answers to the BSI or equivalent supervisor.
You watched the Schrems II ruling reshape your data-flow assumptions. You watched the EU AI Act enter force. You watched two consecutive coalitions arrive with the same conclusion: AI is now strategic and "where it runs" is now a clause in every procurement file. Aethos was built for that file, not retrofitted to it.
What's on your desk today.
Three pressures · all named in legislationThese pressures are no longer policy debates. They are statutory requirements with effective dates that have already passed.
Critical functions cannot depend on third-country processors.
NIS2 and the national KRITIS legislation require essential and important entities to manage supply-chain cybersecurity risk and report material incidents within 24 hours. A hyperscaler-hosted LLM serving citizen-facing or administrative functions is a supply-chain dependency that the BSI will ask about — and that needs an answer.
The model that holds the citizen data must answer to you.
Cloud AI services from the United States, China and other jurisdictions are subject to extraterritorial legal demands — the CLOUD Act, the National Intelligence Law. EU-cloud arrangements offer commercial reassurance but not statutory sovereignty. For sensitive workloads, the only defensible posture is processing under your own law, on your own soil, on your own steel.
The Bundesrechnungshof — or yours — will audit this.
Public-sector procurement and the audit court expect transparent pricing, defined exit conditions, technical sovereignty and no perpetual subscription that cannot be terminated without rebuilding. A per-token AI service does not survive the next audit court report — and your minister does not want to read about it in the press.
What Aethos changes.
Air-gap default · sovereign by constructionThree answers, mapped one-to-one to the three pressures above.
No exception. No allow-list. No outbound.
Aethos is built so the reference deployment requires zero outbound connectivity. Updates arrive as signed offline bundles verified against a pinned release key. There is no telemetry uplink, no licence phone-home, no model activation. The supply-chain risk question becomes: STK Engineering as a software vendor. One name. One contract.
Under your law, only.
Model weights, inference, embedding storage, vector indices, audit logs — all physically reside on infrastructure owned or leased by your organisation, in your country. No extraterritorial law touches the data. No EU-cloud arrangement is needed because there is no cloud.
One-time. Perpetual. Documented.
Aethos is sold under a one-time perpetual licence with an annual support contract. There is no per-user metering, no per-token charge, no consumption surprise. On termination of support the public body retains a perpetual right to continue running the last delivered version, with full access to weights, vector stores and audit logs. The exit clause is the contract, not a hope.
Sovereignty is not a slogan in procurement. It is a clause — and either the contract has it or it does not.
The modules that matter most for you.
Where public bodies startThree modules cover most public-sector and defence use cases. Coder and VR follow in specialised deployments.
The administration's institutional memory.
Statutes, regulations, ministerial decisions, parliamentary questions and answers, internal policy circulars, past correspondence with regulated entities — answered with the paragraph, date and reference cited. Access inherits the existing role-based permissions; classified material stays inside the classification it carries.
RAG module Module 02 · Aethos VoiceCitizen services and internal dictation.
Multilingual citizen hotlines, internal voice notes, dictation for ministerial replies — recognised, transcribed and spoken back on your hardware, in 30+ languages. Not a single second of audio leaves the building. The transcript lives in the file from the moment it is spoken.
Voice module Module 03 · Aethos AvatarCitizen-facing kiosks and official portals.
A multilingual digital agent on a kiosk in the registry office, on the ministry's portal, at the airport, on the national-museum entrance. Same craft that took two gold medals at BEA World 2024 — running on your hardware, under your accessibility standards, in your country's official languages.
Avatar moduleThe frameworks that bind.
What the rule asks · what Aethos providesThe instruments that bear directly on AI in the public sector and defence — and where Aethos plugs into each.
| Framework | What it requires of AI use | What Aethos provides |
|---|---|---|
| NIS2 directive | Supply-chain cybersecurity risk management, 24-hour incident reporting, board accountability, supplier-due-diligence evidence. | Single software vendor relationship (STK Engineering) · no cloud subprocessor · supplier due-diligence pack · incident-response runbook integrated with your CERT. |
| KRITIS-Verordnung / national equivalent | Critical-infrastructure operators must implement state-of-the-art protection; BSI orientation guides apply. | Air-gap deployment as default · BSI-aligned hardening guide · TLS 1.3 · AES-256-GCM · HSM/KMS integration via PKCS#11. |
| EU AI Act | Administration of justice, education, employment access, law enforcement, migration are high-risk (Annex III). Logging, oversight, transparency, technical documentation required. | Signed append-only audit log · per-skill human-in-the-loop · model card per deployed model · technical documentation shipped per release · classifier of high-risk vs limited-risk use cases. |
| GDPR Art. 6, 9 & national supremacy | Lawful basis, special categories, no extraterritorial third-country transfer for sensitive workloads. | No data egress. Per-tenant DEKs wrapped by your KMS. National law applies exclusively because no processing happens elsewhere. |
| BSI C5 / IT-Grundschutz / ISO 27001 | Documented information-security controls, risk management, evidence for accreditation. | Hardening guide aligned with BSI C5 catalogue · per-control evidence pack · audit-ready logging · supports IT-Grundschutz building blocks. |
| Public-sector procurement & audit-court oversight | Transparent pricing, defined exit, no perpetual lock-in, audit-court traceability of value-for-money. | One-time perpetual licence · published price book · contractual exit with weights retained · audit-trail of every release and acceptance. |
| Defence procurement (Vergaberecht für Verteidigung / equivalent) | National-treatment provisions, classification handling, no third-country subprocessing for sensitive workloads. | EU vendor · EU-only operations · air-gap deployment · weights and model artefacts physically remain in classified-handling perimeter. |
The next step.
One day · on your premises · written outcomeBook a one-day Architecture Workshop.
One day on your premises with Kristijan Stojanović — founder of STK Engineering — and the architect assigned to the public sector and defence. We work through the classification regime, the existing identity architecture, the priority use cases and the procurement file requirements, and produce a signed sizing & integration plan you can submit straight into the procurement process.