compile-time certification

The software is either certified or it does not compile.

Aether enforces safety, security, and reliability as structural invariants before a single byte of machine code is generated. A program that violates a declared property cannot be compiled. There is no runtime check. There is no advisory warning. The violation is architecturally impossible.

46patent tracks

39cert manifests

0.13msavg compile

request access see how it works

aether v7.3 — GENXR_V7.3 / STRICT_MODE

the problem

Three vectors. One compiler. Zero runtime.

In contested environments, adversaries exploit three software attack vectors. Aether eliminates all three structurally — before the binary exists.

attack vector

Binary tampering after certification

An adversary modifies firmware after it leaves the build environment. Existing toolchains have no mechanism to detect post-compilation modification at deployment.

→ Aether: cryptographic attestation token covers the complete manifest chain. Any modification invalidates the token. Detected before execution.

attack vector

Operator impersonation and privilege escalation

Captured or compromised hardware is operated by personnel without the required clearance. No existing compiler binds operator identity to the binary itself.

→ Aether: CCBP embeds a PKI challenge at compile time. Operator clearance below data classification is rejected. Cannot be bypassed at runtime.

attack vector

Information leakage across classification boundaries

Classified sensor data flows to unclassified telemetry channels. Timing side-channels leak cryptographic keys. No existing compiler enforces information flow at the type level.

→ Aether: Bell-LaPadula + Biba enforced at variable binding level. Classified data cannot flow to under-classified destinations. Constant-time execution enforced structurally.

what aether produces

39 certification manifests.One compilation.Sub-millisecond.

Every Aether binary carries machine-verifiable certification manifest blocks, each independently verifiable by the open BPC verifier — without the compiler or source code.

identity_manifest

Source fingerprint · tamper-evident chain

memory_manifest

MISRA-C Rule 20.4 · AUTOSAR M18-4-1

stack_manifest

MISRA-C Rule 17.2 · stack depth bound

wcet_manifest

DO-178C Level A · worst-case execution time

power_manifest

DO-160 · MIL-STD-461 · power envelope

interrupt_manifest

IEC 61508 SIL4 · ISO 26262 ASIL-D

mls_manifest

Bell-LaPadula + Biba · CC EAL6 · IEC 62443 SL4

smp_manifest

AUTOSAR AP · DO-178C partitioned systems

timing_manifest

FIPS 140-3 · NSA Suite B · CC EAL6+

network_manifest

NIST SP 800-53 SC-8 · NSA CNSSI 1253

verification_manifest

DO-333 FM · Common Criteria EAL7

attestation_manifest

NIST SP 800-193 · TCG TPM 2.0 · RFC 9334

operator_manifest

FIPS 201-3 · CCBP-v1.0 · NSA CNSSI 1253

tensor_manifest

ML tensor classification · DoD AI Strategy 2023

adversarial_manifest

Adversarial taint · Track X

federated_manifest

Federated learning · Bell-LaPadula gradient

quantum_manifest

NIST FIPS 203/204/205 · post-quantum

crypto_defense_manifest

Downgrade prevention · FIPS-140-3 · CNSA 2.0

sbom_manifest

SPDX / CycloneDX · EO 14028 · NTIA

rtos_manifest

Liu-Layland · POSIX 1003.1b · IEC 61508-3

temporal_manifest

LTL call-graph ordering · DO-178C §6.3.4

protocol_manifest

BFS reachability · ARINC 429 · DO-178C

standards_manifest

Cross-standard compatibility lattice

mte_manifest

ARM MTE v8.5-A · ISO 26262 ASIL-D

bpc_manifest

Magic 0x41455448 · BPC-1.0 · RFC 9334

privacy_manifest

Differential privacy · GDPR Art.5 · CCPA

residency_manifest

GDPR Art.44 · CLOUD Act · data residency

retention_manifest

GDPR Art.5(1)(e) · HIPAA · CCPA

model_card_manifest

EU AI Act Art.13 · NIST AI RMF 1.0

explainability_manifest

EU AI Act Art.17 · DoD AI Assurance

ai_output_manifest

Bell-LaPadula ML output · DoD AI Strategy

provenance_manifest

SLSA Level 3 · NIST SP 800-218 · EO 14028

dependency_manifest

EO 14028 · CISA SBOM · SLSA L3

evidence_manifest

DO-178C / DO-333 / CC clause mapping

inference_manifest

AI invariant inference · Track RR

gap_manifest

Structural gap detection · Track SS

correctness_certificate

Track TT · independently checkable

cxx_annotation_manifest

C/C++ sidecar · no source modification

infer_manifest

Track R · AI classification inference

standards coverage

Every standard. One compiler.

Aether's manifests map directly to the certification frameworks used across all NATO member nations and major regulatory jurisdictions.

DO-178C Level A

Aviation software · FAA · EASA

ISO 26262 ASIL-D

Automotive functional safety

IEC 62443 SL4

Industrial control system security

IEC 61508 SIL4

Functional safety E/E/PE systems

CC EAL6/7

IT security evaluation · formal verification

FIPS 140-3

Cryptographic module validation

NSA CNSA 2.0

Constant-time · post-quantum crypto

NIST FIPS 203–205

Post-quantum cryptography mandate

NIST SP 800-193

Platform firmware resilience

MIL-STD-461

EMC · defence systems

DO-333 FM

Formal methods supplement DO-178C

MISRA-C 2012

Embedded C · safety-critical

AUTOSAR AP

Adaptive platform · multi-core automotive

EO 14028 / SBOM

US software supply chain security

GDPR Art.5 / 44

EU data protection · residency

EU AI Act Art.13/17

AI transparency · explainability

SLSA Level 3

Build provenance integrity

ARM MTE v8.5-A

Memory tagging · spatial safety

The software is either certified or it does not compile.

Three vectors. One compiler. Zero runtime.

39 certification manifests.One compilation.Sub-millisecond.

Every standard. One compiler.

Your C code. Aether certification.No rewrites.

Your C code. Aether certification.
No rewrites.