IND-00Industry Hub

Defense & Security Drone Fleet Deployment

Lydos Air delivers closed-source, on-premise drone operations for sovereign defense and security contexts. Persistent ISR, perimeter patrol, and reconnaissance missions are structured around a cryptographically signed chain of command — every flight-impacting action authorized through an ML-DSA device-bound key that never leaves the operator's hardware. The platform's immune mode, hash-chained audit ledger, and geofence enforcement are designed from first principles for environments where operational security is non-negotiable.

MB-00

Mission Scenarios

MB-DEF-01Mission Brief
REV A

Perimeter Awareness

Continuous or scheduled 360° aerial surveillance of defense perimeters, borders, and sensitive installations. Automated flight plans execute without continuous operator input; live telemetry streams anomaly alerts to the command station. Every flight is logged in a hash-chained audit ledger signed with the operator's device-bound key.

Operational Flow
Define PerimeterRoute PlanPreflight ValidateAutonomous PatrolLive MonitorAlertLog
MB-DEF-02Mission Brief
REV A

Multi-Asset Mission Oversight

Simultaneous command and monitoring of multiple UAVs across a single operational area. Each vehicle streams telemetry independently; the command hub correlates status, detects deviations, and surfaces intervention options. All oversight actions are traceable through a role-based approval chain.

Operational Flow
Fleet AssignZone MapParallel LaunchCorrelated MonitorDeviation DetectInterventionMission Close
MB-DEF-03Mission Brief
REV A

Field Readiness & Preflight Validation

Structured pre-mission validation covering 13 automated checks: airspace conflict verification, geofence boundary confirmation, communications link test, battery state-of-health, sensor calibration status, and cryptographic signature readiness. Readiness approval is signed by a policy engine — the human operator confirms, not solely decides.

Operational Flow
Airspace VerifyGeofence ConfirmComms TestSensor CheckSignature ReadyPolicy ApproveLaunch Authorize
MB-DEF-04Mission Brief
REV A

Edge-Connected Forward Deployment

Forward operating positions with restricted or intermittent connectivity maintain full operational capability through the in-house edge companion unit. Local safety policy enforcement, offline telemetry buffering, and automatic command relay ensure mission continuity. Buffered data synchronises to the command layer when connectivity is restored.

Operational Flow
Edge Unit DeployLocal Mission LoadOffline PatrolTelemetry BufferConnectivity RestoreSyncReport
COMP-00

Regulatory Alignment

COMP-DEF-01

NIST FIPS 204 ML-DSA Command Signing

Every flight-impacting command — arm, takeoff, land, return-to-launch, emergency stop, mission abort — is signed with a device-bound ML-DSA (Module-Lattice Digital Signature Algorithm) key managed by the Key Sovereignty Layer. The private key never leaves the operator's device; the platform verifies the signature server-side without ever possessing the key. The command and audit chain are resistant to quantum cryptanalysis.

ACTIVE
COMP-DEF-02

Hash-Chained Audit Ledger (ASR)

The Autonomous Security Response engine maintains a hash-chained audit ledger of every decision, command, and anomaly event. Each entry extends the previous SHA-256 chain, making retrospective tampering detectable. The ledger is append-only; deletion is not an available operation.

ACTIVE
COMP-DEF-03

ICAO Annex 6 / Annex 11

Defense UAS operations in shared airspace must align with ICAO Annex 6 (Operation of Aircraft) and Annex 11 (Air Traffic Services). The platform's Remote ID metadata capture, geofence enforcement, and multi-operator approval chain support the coordination requirements imposed by national airspace authorities.

ACTIVE
COMP-DEF-04

EASA SORA Specific Category

European defense and security drone deployments targeting SAIL III–VI Specific category operations. The platform provides ConOps evidence materials, operational volume enforcement, ground risk class documentation support, and hash-chained proof-of-compliance for SORA submission workflows.

ACTIVE
COMP-DEF-05

Closed-Source / On-Premise Data Residency

Operational telemetry, mission records, command logs, and imagery references never transit third-party cloud infrastructure. The platform is deployable on-premise within the operator's security perimeter. Closed-source architecture prevents supply-chain exposure through dependency audits.

ACTIVE
FAQ-00

Sector Questions

FAQ-01

How does the sovereign signature chain prevent command injection?

Every flight-impacting command carries a cryptographic signature produced by the operator's hardware-bound ML-DSA key. The platform's Key Sovereignty Layer verifies the signature before executing any action. A command without a valid signature is rejected — there is no fallback path that accepts unsigned instructions. Because the private key never resides on the server, a server compromise does not yield the ability to forge commands.

FAQ-02

Can the platform operate in a fully offline, air-gapped environment?

The in-house edge companion unit handles local safety enforcement, offline telemetry buffering, and mission execution without a live connection to the central command layer. Missions are loaded onto the edge unit before forward deployment. Buffered telemetry synchronises when connectivity is restored. The key constraint is that KSL-signed commands require device-bound key material to be present on the edge unit — this is provisioned during the pre-deployment configuration step.

FAQ-03

What is the LSIA immune mode and when does it engage?

The Local Sovereign Immunity Architecture monitors the platform's operational state continuously. Under normal conditions the system operates in OPERATIONAL mode. Detected anomalies — abnormal telemetry patterns, failed signature verifications, geofence violations — transition the system through DEGRADED, SAFE_MODE, and CRITICAL_LOCKDOWN levels. In CRITICAL_LOCKDOWN, the LSIA issues a veto over all settlement, policy-change, and command-execution actions until a qualified operator resolves the incident.

XREF-00Other Sectors