From Craft to Kernel: A Governance-First Execution Architecture and Semantic ISA for Agentic Computers
Summary: arXiv:2604.18652v1 Announce Type: cross
Abstract
The transition of agentic AI from brittle prototypes to production systems is currently hindered by a pervasive crisis of craft. The prevailing orchestration paradigm, which involves delegating the system control loop to large language models and merely patching the system with heuristic guardrails, has been identified as the root cause of this fragility. In response to these challenges, we propose Arbiter-K, a Governance-First execution architecture that reconceptualizes the underlying model as a Probabilistic Processing Unit encapsulated by a deterministic, neuro-symbolic kernel.
Key Features of Arbiter-K
Arbiter-K implements a Semantic Instruction Set Architecture (ISA) that transforms probabilistic messages into discrete instructions. This innovative approach offers several significant advantages:
- Security Context Registry: The kernel maintains a Security Context Registry, allowing it to keep track of security parameters and contexts in real-time.
- Instruction Dependency Graph: Arbiter-K constructs an Instruction Dependency Graph during runtime, enabling active taint propagation based on the data-flow pedigree of each reasoning node.
- Active Interdiction: By leveraging the aforementioned mechanisms, Arbiter-K can precisely interdict unsafe trajectories at deterministic sinks, such as high-risk tool calls or unauthorized network egress.
- Autonomous Execution Correction: The system enables autonomous execution correction and architectural rollback when security policies are triggered, enhancing overall system resilience.
Performance Evaluation
Evaluations conducted on two platforms, OpenClaw and NanoBot, demonstrate that Arbiter-K enforces security as a microarchitectural property. The results indicate an impressive range of 76% to 95% in unsafe interception rates, combined with a remarkable 92.79% absolute gain over native policies. This performance showcases the potential of Arbiter-K to provide robust security while maintaining functional integrity.
Conclusion
In summary, the Arbiter-K architecture represents a significant advancement in the field of agentic AI by addressing the current challenges of fragility and security. The implementation of a Governance-First execution architecture, along with the Semantic Instruction Set Architecture, allows for enhanced control and security in agentic systems. For researchers and practitioners interested in exploring this innovative approach, the code is publicly available at https://github.com/cure-lab/ArbiterOS.