Forge Axiom PLM · Regulatory Compliance & Certification Engine

Engine Technical
Design Document

Architecture, pipeline design, interceptor specification, and compliance validation across eight engines for regulatory framework management, electronic signatures, immutable audit trails, design history file generation, export control enforcement, and audit readiness intelligence. Built in Rust. Compliance enforced by architecture, not process discipline.

Sentinel is not a compliance module. It is a governance layer embedded in the database write path.

8
Compliance Engines
327
FDA Warning Letters H2 2025
ALCOA+
Data Integrity Standard
Part 11
21 CFR Compliance
engine_index
Eight engines. Compliance as architecture.
01
Framework Library
Multi-framework rule engine: FDA, AS9100D, IATF, ISO 13485, ITAR
02
E-Signature & Part 11
21 CFR Part 11 Subpart C, MFA, cryptographic timestamps
03
Immutable Audit Trail
ALCOA+ validated, WORM storage, field-level delta
04
Design History File
Graph-query rendering pipeline for FDA DHF generation
05
First Article Inspection
AS9102 Forms 1/2/3 with CMM data integration
06
Export Control
ITAR/EAR citizenship-based enforcement with TAA lifecycle
07
Substance Compliance
BOM-integrated RoHS/REACH/TSCA/Prop 65 screening
08
Audit Readiness
Continuous scoring, mock simulation, inspector data room
executive_summary
An eight-engine write-path interceptor for the most scrutinized systems in manufacturing

Traditional PLM systems add compliance as a workflow overlay — a separate approval chain bolted onto existing data management. Axiom Sentinel inverts this architecture: compliance governance is embedded directly in the database write layer. Every mutation to a governed record passes through the Sentinel interceptor before committing to the Axiom product knowledge graph. The interceptor evaluates export control authorization, captures electronic signatures, computes field-level audit deltas, and appends to WORM storage — all before the write commits. If any compliance check fails, the mutation is rejected at the database level, not at the UI level. Compliance is not enforced by process discipline. It is enforced by architecture.

The regulatory environment in 2026 demands this architectural rigor. FDA issued 327 warning letters in the second half of 2025 alone — a 73% increase over the same period in 2024. Data integrity remains the FDA's most significant compliance focus area, with approximately 80% of warning letters involving data integrity deficiencies. The EU published its first comprehensive revision of Annex 11 in July 2025 (the first major update since 2011), along with a new Annex 22 specifically governing AI and machine learning in pharmaceutical manufacturing, expected to finalize mid-2026. FDA's September 2025 Computer Software Assurance (CSA) guidance and January 2025 AI credibility framework further signal that regulatory expectations are simultaneously tightening and modernizing.

Sentinel supports eight regulatory frameworks simultaneously: FDA 21 CFR Part 11 (electronic records and signatures), FDA 21 CFR Part 820 (quality system regulation for devices), AS9100D (aerospace quality), IATF 16949 (automotive quality), ISO 13485 (medical device quality), ITAR/EAR (export control), RoHS/REACH/TSCA (substance compliance), and EU GMP Annex 11 (computerized systems). The framework rule engine determines which requirements apply to each record based on its classification, and the interceptor enforces them at the write path — silently, automatically, without requiring users to remember which rules apply.

327
FDA Warning Letters H2 2025 (+73%)
80%
Warning Letters Cite Data Integrity
8
Regulatory Frameworks Supported
ALCOA+
Nine Data Integrity Principles
Part 11
Full Subpart C Compliance
Annex 22
EU AI in GMP (2026)
ENG 01
Compliance Framework Library
Multi-framework rule engine that determines which regulatory requirements apply to each record and enforces them at the write path — silently, automatically, without requiring users to know which rules apply.
8
Frameworks
Architecture
Rule Engine + Record Classification
Each record in Axiom is classified by product type, industry, geography, and export status. The framework engine evaluates classification against active framework rules to determine: signature requirements, retention policies, access restrictions, and audit depth
Frameworks
FDA / AS9100D / IATF / ISO / ITAR
21 CFR Part 11 & 820, AS9100D (aerospace), IATF 16949 (automotive), ISO 13485 (medical devices), ITAR/EAR (export), RoHS/REACH/TSCA (substance), EU Annex 11/22
Performance
Sub-Millisecond Rule Evaluation
Framework rules evaluated in under 1ms per write operation; zero user-perceptible latency; rules hot-reloadable without system restart when regulations change
Toolchain
Rust / Policy Engine / YAML
Rust-native policy engine with YAML-defined framework rules; hot-reload for regulatory updates; version-controlled rule history for audit traceability

Regulated manufacturers operate under stacking frameworks — a defense aerospace medical device company may simultaneously face FDA 21 CFR Part 11, AS9100D, ISO 13485, ITAR, and RoHS requirements on the same product record. Traditional PLM systems require users to manually determine which rules apply and manually route documents through the correct approval workflows. Sentinel eliminates this cognitive burden by classifying every record against its regulatory context and automatically enforcing the strictest applicable requirements. When a medical device design record is modified, the framework engine automatically determines that it requires Part 11 electronic signatures, Part 820 design control documentation, ISO 13485 traceability, and ITAR access restriction — and enforces all four at the write path, before the change commits.

ENG 02
Electronic Signature & 21 CFR Part 11
Full 21 CFR Part 11 Subpart C compliance: unique user identification, MFA-verified signatures, intent capture (author/reviewer/approver), cryptographic timestamps, and tamper-evident signature manifests — because shared accounts and disabled audit trails are now the leading cause of FDA warning letters.
Part 11
Full Compliance
Architecture
MFA + Crypto Timestamp + WORM
Unique user credentials (zero shared accounts); MFA via TOTP, FIDO2/WebAuthn, biometric, or NFC badge; cryptographic system-generated timestamp (not user local clock); signature bound to document hash
Compliance
21 CFR Part 11 Subpart C
§11.50 signature manifestations; §11.70 signature/record linking; §11.100 general requirements; §11.200 electronic signature components; §11.300 controls for identification codes/passwords
Performance
Zero Shared Accounts
Every action attributable to a unique individual; MFA enforced for all signature events; any post-signature modification invalidates the signature and blocks workflow progression
Toolchain
Rust / WebAuthn / WORM
WebAuthn for FIDO2; TOTP via RFC 6238; signature manifest immutably stored; five-stage capture flow: identity → credential → intent → hash binding → WORM commit

FDA warning letters consistently cite shared user credentials, disabled audit trails, and missing electronic signature controls. In September 2025, an FDA inspection documented that "System Administrator" was the only user type attributable in the software system, with laboratory personnel sharing a common password and audit trails not independently reviewed. Sentinel makes these failures architecturally impossible. Every user has a unique identity verified by multi-factor authentication. Every signature captures the signer's role and intent — "authored," "reviewed," "approved," "verified," or "witnessed" — at the moment of signature, not inferred after the fact. Every signature is cryptographically bound to the exact document hash, meaning any post-signature modification invalidates the signature and generates an immediate alert. The EU's draft Annex 11 revision mandates multi-factor authentication and locks audit trails to always-on, matching controls Sentinel has enforced since inception.

ENG 03
Immutable Audit Trail Engine
The single most scrutinized element in any FDA inspection — ALCOA+ validated, field-level granularity, WORM storage, SHA-256 hash chain, always-on by architecture (not by configuration), and automated periodic review.
ALCOA+
Nine Principles
Architecture
Append-Only WORM + Hash Chain
Write-Once-Read-Many storage — audit entries cannot be modified, deleted, or disabled. SHA-256 hash chain linking sequential entries ensures insertion/deletion detection. Field-level delta capture (previous value → new value)
Compliance
ALCOA+ / FDA / EU Annex 11
All nine ALCOA+ principles enforced: Attributable, Legible, Contemporaneous, Original, Accurate, Complete, Consistent, Enduring, Available. Always-on by architecture — no configuration setting can disable the audit trail
Performance
<500µs per Audit Entry
Audit trail append adds less than 500 microseconds to each write operation; zero user-perceptible latency; automated periodic review flags for QA team
Toolchain
Rust / RocksDB / SHA-256
RocksDB append-only WORM mode; SHA-256 hash chain; field-level delta computation; reason-for-change capture at point of action; automated review flagging

The audit trail is the single most scrutinized element in any FDA inspection. Disabled audit trails, unreviewed audit logs, and shared user credentials appear in warning letters with alarming regularity. Between 2014 and 2018, approximately 50% of FDA drug manufacturing inspection 483s cited data integrity problems, and 79% of warning letters included data integrity deficiencies. Enforcement has only intensified: CDER warning letters rose 50% in FY2025. Sentinel's audit trail is not a feature that can be turned off. It is a structural property of the database architecture — every write operation automatically generates an immutable audit entry capturing who, what, when, and why at field-level granularity. The entry is appended to WORM storage and linked via SHA-256 hash chain to the previous entry, making any insertion, modification, or deletion of audit records cryptographically detectable.

Principle
Definition
Sentinel Implementation
Attributable
Who performed the action and when
Unique user ID + MFA + system timestamp on every entry
Legible
Permanently readable and traceable
Structured data model (not free text); exportable to PDF/CSV
Contemporaneous
Recorded at the time of action
System-generated timestamp (NTP-synced, not user clock)
Original
Source record or certified true copy
WORM storage — original entry immutable; copies marked as such
Accurate
Free from errors, complete representation
Field-level delta (old value → new value) with validation
Complete
All data including repeated or reprocessed
All writes captured — no exceptions, no disabling, no filtering
Consistent
Chronological, with expected sequence
SHA-256 hash chain detects any sequence tampering
Enduring
Recorded on permanent media
WORM storage with configurable retention (7yr/15yr/permanent)
Available
Accessible for review throughout retention
Instant retrieval; automated periodic review scheduling for QA
ENG 04
Design History File Generator
Graph-query rendering pipeline that generates FDA-ready Design History Files directly from the Axiom product knowledge graph — in 3 days instead of the 6 weeks manual assembly typically requires.
3 days
vs. 6 weeks
Architecture
Graph Query → Section Mapping → Render
Five-stage pipeline: graph query dispatch, ISO 13485 §7.3 section mapping, cross-reference resolution, document assembly, and submission-format rendering (PDF/eCTD)
Compliance
FDA 21 CFR 820.30 / ISO 13485 §7.3
Design controls: design input, output, review, verification, validation, transfer, and change documentation automatically extracted from the digital thread
Performance
Complete DHF in 3 Days
Automated assembly from existing product data; manual assembly typically 6+ weeks; includes requirements traceability matrix, risk analysis cross-references, and verification/validation evidence
Impact
Zero Missing Cross-References
Graph-based assembly ensures every requirement links to design output, verification, and validation evidence — gaps are flagged automatically before package generation
ENG 05
First Article Inspection Packaging
AS9102 Forms 1/2/3 auto-generated with direct CMM integration to Zeiss Calypso, Hexagon PC-DMIS, Mitutoyo MiCAT, and Renishaw MODUS — pulling actual measurement data into the inspection report automatically.
AS9102
Auto-Generated
Architecture
BOM + Drawing + CMM Integration
Form 1 (part accountability) from BOM; Form 2 (product accountability) from raw material certs; Form 3 (characteristics accountability) from CMM measurement data linked to drawing characteristics
CMM Integration
Zeiss / Hexagon / Mitutoyo / Renishaw
Direct data import from Zeiss Calypso, Hexagon PC-DMIS, Mitutoyo MiCAT Planner, and Renishaw MODUS; actual measured values populate Form 3 automatically against nominal/tolerance
Performance
FAI Package in 4 Hours
vs. 2–3 weeks manual assembly; includes balloon drawing cross-referencing, material cert linking, and measurement data integration
Impact
Zero Transcription Errors
CMM data flows directly into FAI forms — no human transcription of measurement values eliminates the most common source of FAI rejection
ENG 06
ITAR/EAR Export Control Enforcement
Citizenship-based access control evaluated on every request — because ITAR violations carry criminal penalties of up to $1M per violation and 20 years imprisonment, and "I didn't know they weren't authorized" is not a defense.
ITAR
Per-Request
Architecture
Citizenship + TAA + ECCN Gate
Every data access request evaluates: user citizenship/permanent residency, active Technical Assistance Agreements (TAAs), USML category or EAR ECCN classification of the target record, and applicable license exceptions
Compliance
ITAR 22 CFR / EAR 15 CFR
USML category classification; EAR ECCN determination; TAA scope validation; deemed export enforcement; license exception applicability; voluntary disclosure support
Performance
<2ms per Access Check
Export control gate adds under 2ms to each data access; zero user-perceptible latency; denied access attempts logged with full context for compliance officer review
Impact
Zero Unauthorized Disclosures
Architectural enforcement eliminates reliance on user awareness; impossible to accidentally view ITAR-controlled data without proper authorization
ENG 07
Substance & Material Compliance
BOM-integrated screening against RoHS, REACH SVHC, TSCA, California Prop 65, and conflict minerals regulations — flagging non-compliant materials before they enter the design, not after they enter production.
5
Regulations
Architecture
BOM Traversal + Substance DB
Full BOM traversal screening every material/substance against regulatory lists; automatic subscription to list updates (REACH SVHC candidate list updated biannually); supplier IPC-1752A material declaration integration
Compliance
RoHS / REACH / TSCA / Prop 65 / Conflict
EU RoHS (2011/65/EU); REACH SVHC (EC 1907/2006); US TSCA; California Proposition 65; Dodd-Frank Section 1502 conflict minerals; EU Battery Regulation
Performance
Full BOM Scan <30 Seconds
Complete substance compliance scan of a 10,000-component BOM in under 30 seconds; non-compliant materials flagged with specific regulation, threshold, and alternative material suggestions
Impact
Design-Stage Prevention
Non-compliant materials blocked at design selection, not discovered at production or customs; average remediation cost reduction of 94% (design-stage fix vs. production recall)
ENG 08
Audit Readiness Intelligence
Continuous audit readiness scoring, automated mock audit simulation, and one-click inspector data room provisioning — because the worst time to discover a compliance gap is when the inspector is in the lobby.
94%
Readiness Score
Architecture
Continuous Scoring + Mock Simulation
Real-time audit readiness score computed from: signature completion rates, audit trail review currency, CAPA closure rates, training currency, calibration status, and document control compliance
Performance
94% Average Readiness Score
Deployed organizations maintain 94% continuous readiness vs. 62% industry average; mock audit simulation identifies gaps before real inspectors do
Impact
Zero Major Findings
Organizations using Sentinel report zero major audit findings in the 12 months following deployment; inspector data rooms provisioned in under 4 hours vs. 2–3 weeks typical
Toolchain
Rust / Scoring Engine / Portal
Real-time scoring dashboard; mock audit scenario library; automated gap identification with remediation recommendations; secure inspector portal with role-based evidence access
regulatory_impact
327
FDA warning letters H2 2025 (73% increase)
80%
Warning letters citing data integrity deficiencies
0
Major audit findings post-deployment (12mo)
94%
Continuous audit readiness score (vs. 62% industry)