UNCLASSIFIED
UNCLASSIFIED
ISS LLC · SDVOSB (cert in progress) · CAGE 9VKK3 · UEI C7YDV3P8EHL7 · Who we are · Watcher health · SHIELD/ATLAS home

SHIELD/ATLAS — CJADC2 Reference Architecture Alignment

Every ATLAS agent slots into one of the four CJADC2 lanes — Sense, Make Sense, Decide, Act — with explicit zero-trust posture per lane. This is the framing the integrator and SETA community (BAH and peers) operate in natively; it is also the framing OUSD(R&E) uses when scoring CJADC2 portfolio fit.

Why this page exists. When the program office runs an SoS engineering review, the first artifact requested is typically the CJADC2 lane mapping plus zero-trust posture per lane. ATLAS provides both, generated from the live agent metadata.

Sense 7 agents

  • intel-tag-watcher — Tag-Change Watcher
  • osint-collectors — OSINT Collector Swarm
  • feeds-natural-hazard — Natural-Hazard Watcher
  • sensor-fusion — Sensor Fusion Orchestrator
  • voice-tactical — Voice Tactical Translator
  • sam-watcher — SAM.gov Opportunity Watcher
  • device-security — Device Security Subagent
mTLS in transitRequired
ICAMService-account JWT (mapped to ICAM PIV/CAC for human-initiated calls)
Auditai-audit + per-source provenance row (NATO STANAG 2511 A–F × 1–6)
SBOMGenerated per build, attached to release
Lane notesCollectors are network-egress only; no callbacks accepted. Source URLs hashed and recorded for chain of custody.

Make Sense 8 agents

  • intel-synthesis — Intel Synthesis Cycle
  • intel-briefing — DIME / PMESII Briefing Emitter
  • intel-source-provenance — Source-Provenance Classifier
  • intel-backtest — Backtest Harness
  • intel-cub — Commander Update Brief (CUB) Builder
  • intel-rag-loop — RAG Self-Improvement Loop
  • ai-audit — AI Audit Engine
  • ai-provider-orchestrator — AI Provider Orchestrator (Government-cloud failover)
mTLS in transitRequired
ICAMService-account JWT + caller-identity propagation for AIP/Foundry-initiated synthesis
Auditai-audit logs provider, model, prompt hash, citation chain on every LLM call
SBOMGenerated per build, attached to release
Lane notesAll LLM calls run through the orchestrator; no agent can call an LLM directly. Citation enforcement gates emission.

Decide 1 agents

  • wez-engine — Weapons Engagement Zone (WEZ) Engine
mTLS in transitRequired
ICAMPIV/CAC required for any decision that escalates above threshold
AuditDecision row carries full input lineage + WEZ/CRAM math reproducibility hash
SBOMGenerated per build, attached to release
Lane notesThreshold-gated: low-confidence decisions hold for human-on-the-loop. AGOS authorisation gate for any kill-chain release.

Act 3 agents

  • intel-killchain-bridge — Kill-Chain Bridge
  • swarm-failsafe — Swarm Failsafe Orchestrator
  • tak-bridge — TAK Bridge
mTLS in transitRequired
ICAMPIV/CAC required for kinetic; service-account permitted for non-kinetic CoT and TAK pushes
AuditCoT message id + dispatcher recorded; reconnection-guard ensures DDIL replay is idempotent
SBOMGenerated per build, attached to release
Lane notesOutbound only. ATLAS never receives unauthenticated CoT. Swarm-failsafe enforces RTB/hold/handoff per platform doctrine on comms loss.

How the lanes compose into the kill chain

A complete kill-chain pass touches all four lanes in order: Sense (sensor-fusion / OSINT collectors) → Make Sense (intel-synthesis / source-provenance) → Decide (WEZ engine / human-on-the-loop gate) → Act (kill-chain bridge / TAK push). The trace at /vertical-loop shows this composition end-to-end with curl-able endpoints.
JSON: GET /api/atlas/cjadc2 · ATLAS Posture v1.0.0-2026.05.20
PRESENCE
⚠ SANDBOX / TRAINING MODE — Live read-only data. Write commands are inhibited (train as you fight, missile button safed).