Continuous Agentworthiness™
AI agents act with speed, scale and autonomy. Like aircraft, they must be continuously monitored, maintained and governed to remain fit for their intended purpose — not certified once and trusted forever.
Continuous Agentworthiness is the ongoing process of ensuring that an AI agent remains authorized, secure, traceable, compliant, bounded and fit for its intended purpose throughout its operational lifecycle.
The eight pillars
Each pillar maps to something aviation already does well. Two — Agent Directives and Grounding / Return to Service — are where the framework earns its keep.
Agent Registration
≈ Aircraft RegistrationWho owns it, its business purpose, risk rating and approved use cases.
Identity & Credentials
≈ Certificate of AirworthinessIssued identity, secrets, certificates and API keys, securely managed.
Authorization & Config Control
≈ Part-21 Design ChangesEvery prompt, model, tool and RAG-source change is tracked.
Monitoring & Observability
≈ Continuing Airworthiness MonitoringIs behavior drifting, output degrading, permissions abused?
Agent Directives
≈ Airworthiness DirectivesMandatory directives with a deadline and proof of closure. Every affected agent must comply.
Incident Reporting
≈ Occurrence ReportingHallucination, unauthorized action, prompt injection, data leakage — captured and severity-classified.
Agent Grounding
≈ Aircraft GroundingBreach or dangerous behavior, and the agent is disabled immediately. No actions allowed.
Return to Service
≈ Certificate of Release to ServiceRoot cause fixed, security reviewed, tested, approved — only then back to active.
Latest writing
Findings and frameworks on AI governance and safety — drawn from a career keeping safety-critical systems fit for service.
Why aviation, why me
I spent 25 years keeping aircraft fit to fly. Aviation already solved this class of problem — with decades of regulatory rigor — and almost nobody is translating it into AI governance.