ACGP-1011: Implementation Profiles¶
Status: Draft
Last Updated: 2026-01-08
Spec ID: ACGP-1011
Normative Keywords: MUST, SHOULD, MAY (per RFC 2119)
Abstract¶
This document defines standard implementation profiles for the Agentic Cognitive Governance Protocol (ACGP). Profiles provide pre-configured subsets of ACGP features optimized for specific use cases, reducing cognitive load for implementers and ensuring appropriate governance for different deployment scenarios.
Table of Contents¶
- Introduction
- Profile Definitions
- Minimal Profile
- Production-Lite Profile
- Regulated Profile
- Safety-Critical Profile
- Profile Selection Guide
- Conformance Requirements
- References
1. Introduction¶
ACGP is a comprehensive protocol with many optional features. Not all deployments need all features. Implementation profiles define canonical subsets that:
- Reduce complexity: Clear guidance on what to implement
- Ensure appropriateness: Match governance depth to risk level
- Enable interoperability: Common feature sets for similar use cases
- Support progressive adoption: Clear upgrade path between profiles
1.1 Requirements Language¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
1.2 Relationship to Conformance Levels¶
Implementation profiles are orthogonal to conformance levels (ACGP-1009):
- Conformance levels (Minimal/Standard/Complete) define implementation completeness
- Implementation profiles define feature subsets optimized for use cases
A Minimal conformance implementation MAY use any profile. A Standard conformance implementation MUST support at least the Production-Lite profile features.
2. Profile Definitions¶
2.1 Profile Overview¶
| Profile | Target Use Case | ACL Tiers | Eval Tiers | Trust Debt | Governance Contracts |
|---|---|---|---|---|---|
| Minimal | POC, development | 0-1 | 0-1 | No | No |
| Production-Lite | General production | 0-3 | 0-2 | Yes | Optional |
| Regulated | Finance, healthcare | 0-5 | 0-3 | Yes | Required |
| Safety-Critical | Autonomous systems | 0-5 | 0-3 | Yes + Enhanced | Required + Consensus |
2.2 Feature Matrix¶
| Feature | Minimal | Production-Lite | Regulated | Safety-Critical |
|---|---|---|---|---|
| Core Protocol | ||||
| Interventions (all 6) | OK, Block only | All | All | All |
| CTQ Calculation | Simplified | Full | Full + Audit | Full + Audit |
| Tripwires | Basic | All categories | All categories | All + Real-time |
| Trust Debt | — | Basic | Full + Recovery | Enhanced |
| Blueprint Inheritance | — | |||
| ReflectionDB | In-memory | Local | Distributed | Replicated |
| Registry | — | Optional | Required | Required + MPA |
| Governance Contracts | — | Optional | Required | Required |
| HITL (Eval-3) | — | — | Required | |
| Distributed Consensus | — | — | — | Required |
| HSM Integration | — | — | Optional | Required |
3. Minimal Profile¶
3.1 Overview¶
The Minimal profile is designed for learning, development, and batch processing. It provides basic governance without production overhead.
profile: minimal
version: "1.0"
target_use_cases:
- Learning ACGP concepts
- Development and testing
- Batch jobs and background processing
- Non-latency-sensitive workloads
not_suitable_for:
- Production interactive applications
- User-facing systems
- Latency-sensitive workloads
- Systems requiring SLAs
3.2 Required Components¶
minimal_profile:
acl_tiers: [0, 1]
interventions:
required: [ok, block]
optional: [nudge, flag, escalate, halt]
evaluation:
eval_tiers: [0, 1]
ctq_calculation: simplified # May use static scores
tripwires: basic # Standard severity only
storage:
type: in_memory
retention: session # No persistence required
security:
transport: use_existing # TLS optional for dev
signatures: optional
governance_contracts: disabled
trust_debt: disabled
3.3 Simplified CTQ Calculation¶
Minimal profile MAY use simplified CTQ:
def simplified_ctq(trace):
"""
Minimal profile CTQ calculation.
May return static scores or use simple heuristics.
"""
# Option 1: Static score based on ACL tier
if trace.acl_tier in ["ACL-0", "ACL-1"]:
return 0.8 # Assume low-risk agents are OK
# Option 2: Simple heuristic
if trace.reasoning and len(trace.reasoning) > 50:
return 0.75
return 0.5 # Default moderate score
3.4 Example Blueprint (Minimal)¶
id: dev/test-agent@1.0
version: "1.0.0"
description: "Development testing agent"
profile: minimal
scope:
agent_tier: [ACL-0, ACL-1]
# Minimal CTQ - use defaults
ctq:
profile: "minimal-defaults"
# Only essential tripwires
tripwires:
- id: prevent_production_access
condition: NOT environment == "production"
on_fail:
decision: block
reason: "Cannot access production from dev agent"
scoring:
thresholds:
ok: 0.40
block: 0.80
4. Production-Lite Profile¶
4.1 Overview¶
The Production-Lite profile is designed for general production deployments with balanced governance.
profile: production-lite
version: "1.0"
target_use_cases:
- Production web applications
- Customer service agents
- Content generation systems
- General enterprise automation
suitable_for:
- Moderate risk tolerance
- Interactive user-facing systems
- Standard compliance requirements
4.2 Required Components¶
production_lite_profile:
acl_tiers: [0, 1, 2, 3]
interventions:
required: [ok, nudge, flag, escalate, block, halt]
evaluation:
eval_tiers: [0, 1, 2]
eval_tier_2: async # LLM evaluation is async
ctq_calculation: full
tripwires: all_categories # Standard, Critical, Severe
trust_debt:
enabled: true
mode: basic # Accumulation + decay only
recovery: false # No active recovery
storage:
type: local_persistent # SQLite, PostgreSQL
retention: 90_days
security:
transport: tls_1_3
signatures: required_acl_3_plus
governance_contracts: optional
monitoring:
metrics: required
alerting: recommended
4.3 Evaluation Profile¶
Production-Lite uses a specific evaluation configuration:
evaluation_profile:
name: "production-lite-eval"
tier_0:
mode: synchronous
latency_budget_ms: 50
checks:
- schema_validation
- auth_verification
- critical_tripwires
tier_1:
mode: synchronous
latency_budget_ms: 200
checks:
- policy_evaluation
- rate_limiting
- pattern_matching
tier_2:
mode: asynchronous # Runs post-action
latency_budget_ms: 5000
checks:
- llm_reasoning_quality
- anomaly_detection
on_failure: log_and_flag # Don't block on async failure
tier_3:
mode: disabled # No HITL in production-lite
5. Regulated Profile¶
5.1 Overview¶
The Regulated profile is designed for financial services, healthcare, and other regulated industries.
profile: regulated
version: "1.0"
target_use_cases:
- Financial services
- Healthcare applications
- Legal document processing
- Insurance claims handling
- Regulatory compliance systems
requirements:
- Full audit trail
- Human review capability
- Compliance reporting
- Data retention (7+ years)
5.2 Required Components¶
regulated_profile:
acl_tiers: [0, 1, 2, 3, 4, 5]
interventions:
required: [ok, nudge, flag, escalate, block, halt]
evaluation:
eval_tiers: [0, 1, 2, 3] # Full tiers including HITL
ctq_calculation: full_audited # All decisions logged
tripwires: all_categories
trust_debt:
enabled: true
mode: full # All features
recovery: true # Active recovery enabled
severity_weights: required
storage:
type: distributed
retention: 7_years # Compliance retention
integrity: merkle_tree # Cryptographic audit trail
export: required # Compliance exports
security:
transport: tls_1_3_mutual
signatures: required_all # Sign all messages
hsm: optional
governance_contracts: required
human_in_the_loop:
enabled: true
timeout: 24_hours
escalation_path: required
registry:
enabled: true
min_trust_score: 0.7
monitoring:
metrics: required
alerting: required
siem_integration: recommended
5.3 Compliance Features¶
compliance:
audit_trail:
complete: true # Every trace, eval, intervention
tamper_evident: true # Merkle tree integrity
exportable: true # Standard formats (JSON, Parquet)
reporting:
real_time_dashboard: required
periodic_reports: daily
compliance_attestation: monthly
retention:
min_days: 2555 # 7 years
immutable: true
geo_redundant: recommended
6. Safety-Critical Profile¶
6.1 Overview¶
The Safety-Critical profile is for autonomous systems where failures have significant consequences.
profile: safety-critical
version: "1.0"
target_use_cases:
- Autonomous vehicles
- Industrial automation
- Critical infrastructure
- Medical devices
- High-value financial transactions
requirements:
- Defense in depth
- Distributed consensus
- Hardware security
- Real-time monitoring
- Fail-safe defaults
6.2 Required Components¶
safety_critical_profile:
acl_tiers: [0, 1, 2, 3, 4, 5]
interventions:
required: [ok, nudge, flag, escalate, block, halt]
default_on_failure: halt # Fail safe
evaluation:
eval_tiers: [0, 1, 2, 3]
mode: synchronous_all # All tiers sync for critical
ctq_calculation: full_audited
tripwires: all_real_time # Real-time evaluation
trust_debt:
enabled: true
mode: enhanced
recovery: true
severity_weights: required
real_time_tracking: true
storage:
type: replicated # Multi-region
retention: 7_years
integrity: merkle_tree
sync: strong_consistency
security:
transport: tls_1_3_mutual
signatures: required_all
hsm: required # Hardware security module
zero_trust: required
governance_contracts: required
distributed_consensus:
enabled: true
min_stewards: 3
quorum: 2 # 2/3 agreement required
byzantine_fault_tolerant: true
human_in_the_loop:
enabled: true
mandatory_for: [critical_risk, first_time_high_value]
timeout: 5_minutes # Shorter for critical
fail_safe:
default_decision: halt
on_steward_failure: deny
on_consensus_failure: halt
6.3 Distributed Consensus¶
Safety-critical actions require multiple steward agreement:
class DistributedConsensus:
"""
Byzantine fault-tolerant consensus for safety-critical.
"""
def evaluate(self, trace):
# Query multiple stewards
decisions = []
for steward in self.steward_pool:
try:
decision = steward.evaluate(trace, timeout=100)
decisions.append(decision)
except TimeoutError:
decisions.append(Decision.ABSTAIN)
# Require 2/3 agreement
quorum = len(self.steward_pool) * 2 // 3
if count(decisions, Decision.HALT) >= 1:
return Decision.HALT # Any halt is halt
if count(decisions, Decision.BLOCK) >= quorum:
return Decision.BLOCK
if count(decisions, Decision.OK) >= quorum:
return Decision.OK
# No consensus - fail safe
return Decision.HALT
7. Profile Selection Guide¶
7.1 Decision Tree¶
Start
|
+- Is this for production? --- No --► Minimal Profile
|
| Yes
|
+- Is this regulated industry? --- Yes --► Regulated Profile
| (finance, healthcare, legal)
|
| No
|
+- Are failures safety-critical? --- Yes --► Safety-Critical Profile
| (autonomous, infrastructure)
|
| No
|
+-► Production-Lite Profile
7.2 Profile Comparison¶
| Criteria | Minimal | Prod-Lite | Regulated | Safety-Critical |
|---|---|---|---|---|
| Setup Time | Minutes | Hours | Days | Weeks |
| Latency Overhead | <10ms | <50ms | <100ms | <500ms |
| Cost (monthly) | $0 | $100-500 | $1K-5K | $10K+ |
| Compliance Ready | No | Partial | Yes | Yes+ |
| Audit Trail | None | Basic | Full | Full + Tamper-proof |
| Recovery Options | None | Decay only | Full | Enhanced |
7.3 Upgrade Path¶
Minimal --► Production-Lite --► Regulated --► Safety-Critical
| |
| +-- Add: HITL, full registry,
| compliance features
|
+-- Add: Trust debt, all tripwires,
governance contracts, persistent storage
8. Conformance Requirements¶
8.1 Profile Conformance¶
Implementations claiming a profile MUST:
- Implement ALL required features for that profile
- Meet latency requirements for specified eval tiers
- Provide storage with required retention
- Support all specified intervention types
- Pass profile-specific conformance tests
8.2 Profile Declaration¶
Implementations MUST declare their supported profiles:
{
"implementation": "acme-steward",
"version": "2.1.0",
"profiles_supported": [
{"name": "minimal", "conformant": true},
{"name": "production-lite", "conformant": true},
{"name": "regulated", "conformant": true, "note": "Requires HSM addon"},
{"name": "safety-critical", "conformant": false}
]
}
8.3 Profile Validation¶
Each profile has a conformance test suite:
# Run profile conformance tests
acgp-conformance --profile=production-lite --endpoint=https://steward.example.com
# Expected output
Profile: production-lite
Tests: 47/47 passed
Latency: Tier-0: 23ms, Tier-1: 145ms, Tier-2: 2340ms (async)
Trust Debt: Enabled, decay verified
Status: CONFORMANT
9. References¶
Normative References¶
- ACGP-1000: Core Protocol Specification
- ACGP-1009: Conformance Requirements
- ACGP-1010: Governance Contracts
Informative References¶
- ACGP-1002: Architecture Specification
- ACGP-1004: Blueprint Specification
- ACGP-1007: Security Considerations
End of ACGP-1011