Insight · AI

Controlled AI for mission-critical diagnostics

Every technical organisation is being told to adopt AI. In vehicles, defence platforms and industrial systems the question isn't whether AI creates value — it's whether an AI recommendation can be trusted when it matters. That trust has to be built on a provable foundation.

01

The gap the AI wave left open

Every OEM, Tier-1 and defence prime is now under board-level pressure to show AI in development, diagnostics and sustainment. But the systems these organisations build operate under UNECE R155/R156, ISO/SAE 21434, export control and classification — environments where a model that hallucinates, or a cloud service that trains on your data, is not a productivity tool. It is a liability.

The market is full of vendors who can talk fluently about efficiency and almost none who can talk credibly about control. The buyers we work with don't want to play with AI. They need to know exactly where AI creates value, what happens to their data, and whether a recommendation can be trusted when a decision actually has to be made. That is the gap.

02

Diagnostics is the provable foundation

Diagnostics is, by definition, the discipline of establishing ground truth: what the known-good state is, which software version is running on which unit, who approved it, and whether the system does what it is claimed to do. An AI recommendation is only ever as trustworthy as the reference truth it is measured against.

That is the property the AI era is short of, and it is exactly what a diagnostics and lifecycle foundation provides. Most AI entrants have models but no provable substrate. A diagnostics company has the provable substrate — and can add the models on top. That is a defensible position, and it is the one Diadrom builds from.

03

What controlled AI actually looks like

Controlled AI is not an AI-powered platform. It is a set of named methods, each grounded in the diagnostic data you already handle. Anomaly detection flags drift on CAN, UDS and DoIP telemetry before a fault code is set, and checks every flag against the known-good baseline. A diagnostic copilot retrieves from your own ODX, UDS definitions and service manuals, runs inside your perimeter, and cites its deterministic source for every answer — retrieval-grounded specifically to suppress hallucination and provide provenance.

Lifecycle drift detection surfaces which unit diverges from the approved baseline, which element in the software bill of materials changed, and where the field state no longer matches the release of record. Every one of these is human-in-the-loop by design: the AI recommends and ranks; a person signs off before anything changes on a platform or reaches a live feed. Who asked, what the model saw, what it answered and what happened next is a record you can defend.

04

Interoperable, not a black box

Controlled AI has to speak the interfaces your programmes already run on, or it is just another silo. On the diagnostics side that means UDS (ISO 14229), ODX (ISO 22901), DoIP (ISO 13400) and the service-oriented SOVD direction. On the defence side it means reasoning over the NATO Generic Vehicle Architecture data model — including its health and usage monitoring — and sitting at the fusion and decision node of a SAPIENT-aligned architecture, handing off to command and control over Link 16, the Multilateral Interoperability Programme data model and Federated Mission Networking.

The framing matters: this is interoperability by design, not a claim of certification or accreditation. AI that can prove where its inputs came from, and produce outputs a C2 system can consume, is worth far more in these environments than a model with a higher benchmark score and no provenance.

05

Sovereignty is the decisive feature

For a defence prime or an IP-sensitive OEM, the decisive feature is not the model — it is control over it. Controlled AI runs on-prem, in an EU-hosted environment, or fully air-gapped. Your diagnostics, your code and your prompts are never used to train anyone else's model — by contract, not by trust — and every answer is traceable and reversible.

This is the operational expression of a simple idea: your data, your models, your call. It is the reason AI can be brought into diagnostics and decision systems that genuinely cannot be wrong — without giving anything away.

Key takeaways

  • AI is only trustworthy in mission-critical systems when it sits on a provable foundation — the deterministic diagnostics layer that establishes ground truth.
  • Controlled AI is a set of named methods (anomaly detection, a provenance-citing copilot, drift detection), not a generic AI-powered platform.
  • Every recommendation is human-in-the-loop and traceable: the AI recommends and ranks; a person signs off before anything acts.
  • It has to interoperate with the open standards you already run — UDS/ODX/DoIP/SOVD, and on the defence side NGVA, SAPIENT, Link 16 and FMN — framed as integration, not certification.
  • Sovereignty is the decisive feature: on-prem, EU-hosted or air-gapped, with no training on your data.

All insights

Talk to Diadrom

Bringing AI into diagnostics or decision systems that can't be wrong? Let's talk it through — sincerely, and without the buzzwords.