AGF

Reference Architecture

A composable governance
framework for agentic systems

AGF synthesizes NIST, OWASP, CSA, EU AI Act, and academic research into a single coherent architecture for building safe, secure, auditable, and observable agentic systems.

Read the frameworkStart with your role

We did not invent these patterns. We sorted the pieces and showed how they fit together.

Integrates & maps to

NIST AI RMFOWASP ASI Top 10OWASP MCP Top 10CSA MAESTROEU AI ActISO/IEC 42001MITRE ATLASOpenTelemetrySingapore IMDANIST 800-53
The Rings Model — Governed Agentic Systems: Ring 0 (Execution) through Ring 3 (Learning) with cross-cutting fabric

The Rings Model — four concentric rings, one fabric, one substrate. Learn more

Start with your role

Five domain profiles, each with the depth your function needs.

Security & Threat ModelingCISOs, security architects, red teamsThree-level security model, OWASP mappings, incident responseRead profilePlatform & InfrastructurePlatform engineers, DevOps/MLOpsDeployment modes, MCP integration, cost of governanceRead profileGovernance, Risk & ComplianceCompliance officers, auditors, DPOsEU AI Act mapping, control crosswalks, evidence guidesRead profileAI EngineeringAI/ML engineers, agent developers19 primitives, composition patterns, implementation priorityRead profileObservability & OperationsSREs, SOC analysts, detection engineersEvent architecture, correlation engine, operational playbooksRead profile

Core concepts

The architectural foundations of the framework.

The Rings Model

Four concentric rings — Execution, Verification, Governance, Learning — plus cross-cutting fabric.

Learn more

19 Primitives

Named patterns for governed agentic systems. Not invented — connected from established practice.

Learn more

Trust Ladders

Agents earn autonomy through demonstrated performance. Start expensive, get cheaper.

Learn more

Composition Patterns

From Minimum Viable Control to Full Governed System — each phase independently valuable.

Learn more

Humility before authority

We synthesize, we don't decree. Every pattern is credited to the communities that developed it.

Rigor before opinion

Every claim grounded in evidence or clearly marked as an informed proposal. Confidence levels throughout.

Community over credit

If this framework helps one organization build a safer agentic system, it has served its purpose.