Core Pillar 2B · Proprietary Framework & Platform

NS-AISCA v1.0

A complete, evidence-based, maturity-scored AI security controls architecture securing the entire AI attack surface — across data, model, prompt, RAG, agent, tool, pipeline, cloud runtime, monitoring, assurance, and incident response.

108AI Security Controls

12Security Domains

20+Standards Aligned

5Evidence Grades

L1→L5Maturity Scale

Framework NS-AISCA v1.0 · 108 AI Security Controls · 12 Domains Threats Adversarial ML · Data Poisoning · Model Extraction · Prompt Injection GenAI Native LLM Coverage · RAG Security · Agentic Pipeline Controls Aligned OWASP LLM Top 10 · MITRE ATLAS · NIST AI RMF · ISO 42001 Maturity 5 Maturity Levels · 5 Evidence Grades · Structured Domain Scoring Testing LLM Red Teaming · Adversarial Testing · Model Robustness Assessment Output AI Security Posture Report · Threat Model · Remediation Roadmap Framework NS-AISCA v1.0 · 108 AI Security Controls · 12 Domains Threats Adversarial ML · Data Poisoning · Model Extraction · Prompt Injection GenAI Native LLM Coverage · RAG Security · Agentic Pipeline Controls Aligned OWASP LLM Top 10 · MITRE ATLAS · NIST AI RMF · ISO 42001 Maturity 5 Maturity Levels · 5 Evidence Grades · Structured Domain Scoring Testing LLM Red Teaming · Adversarial Testing · Model Robustness Assessment Output AI Security Posture Report · Threat Model · Remediation Roadmap

What Is NS-AISCA v1.0 and Why Was It Built?

The Nucleus Systems AI Security Controls Architecture (NS-AISCA v1.0) is the technical security counterpart to AI governance. It converts AI security principles, standards, threat models, and regulatory obligations into a single control-driven architecture that can be assessed, evidenced, scored, reported, and continuously improved.

NS-AISCA was built because AI security is not a single prompt filter, model test, cloud setting, or policy. It is a layered control architecture protecting the entire AI decision and action chain across classical ML, GenAI, RAG, AI APIs, autonomous agents, cloud-hosted AI services, AI-enabled products, and third-party foundation-model consumption.

The Problem

AI security ≠ a single control

Prompt filters, model tests, cloud settings, and policies are each necessary but none are sufficient alone

The Architecture

108 controls · 12 domains · full attack surface

Data · Model · Prompt · RAG · Agent · Tool · Pipeline · Cloud · Monitoring · Assurance · IR

The Outcome

Defensible AI security posture

Evidence-based scores boards, regulators, customers, investors, and acquirers can rely on

Framework Architecture

Framework Domains & Coverage

12 weighted security domains, 108 controls, one unified posture score. Each domain secures a distinct layer of the AI attack surface — together they sum to 100%.

D18%

D28%

D39%

D49%

D59%

D610%

D710%

D89%

D98%

D108%

D117%

D125%

D1 — Governance AI Security Governance & Accountability 9 controls covering executive ownership, AI security policy, risk appetite, exception management, board reporting, role accountability, and training

8%9 CONTROLS

D2 — Inventory AI Asset Inventory, Exposure & Classification 9 controls covering AI asset inventory, shadow AI discovery, AI-BOM, data-flow and decision-flow mapping, exposure classification, and high-risk reconciliation

8%9 CONTROLS

D3 — Secure Design AI Threat Modelling & Secure Design 9 controls covering AI threat modelling, misuse and abuse cases, trust boundaries, secure reference architectures, human oversight, and design gates

9%9 CONTROLS

D4 — Data Security Data, Privacy & Training-Set Security 9 controls covering dataset lineage, poisoning prevention, privacy, sensitive-data minimisation, vector database authorisation, and exfiltration prevention

9%9 CONTROLS

D5 — Model Security Model, Artifact & IP Security 9 controls covering model registries, artifact signing, access least privilege, model theft prevention, fine-tuning change control, rollback, and IP management

9%9 CONTROLS

D6 — GenAI Security LLM, Prompt, RAG & GenAI Application Security 9 controls covering prompt injection defence, system-prompt protection, input/output validation, RAG authorisation, context isolation, and telemetry

10%9 CONTROLS — JOINT HIGHEST

D7 — Agent Security Agentic AI, Tool & Autonomy Security 9 controls covering agent permission scoping, tool registry, human approval for high-impact actions, autonomy limits, memory governance, sandboxing, and kill-switches

10%9 CONTROLS — JOINT HIGHEST

D8 — MLSecOps MLOps, MLSecOps & AI Supply Chain Security 9 controls covering repository security, pipeline gates, AI supply-chain risk assessment, SBOM/AI-BOM linkage, dependency scanning, and reproducibility

9%9 CONTROLS

D9 — Runtime Cloud, API & Platform Security 9 controls covering workload segmentation, endpoint protection, API security, runtime hardening, secrets management, encryption, tenant isolation, and consumption controls

8%9 CONTROLS

D10 — Detection AI Security Monitoring, Logging & Detection 9 controls covering security event logging, tamper-evident logs, AI-specific threat detection, drift monitoring, SOC integration, KRIs, and forensic evidence

8%9 CONTROLS

D11 — Assurance Red Teaming & Independent Validation 9 controls covering security test plans, adversarial ML testing, LLM and agent red teaming, regression testing, independent validation, and evidence register

7%9 CONTROLS

D12 — Resilience AI Incident Response & Continuous Compliance 9 controls covering AI incident playbooks, severity criteria, regulatory reporting triggers, emergency rollback, post-incident review, continuity, and reassessment

5%9 CONTROLS

Framework Specification

NS-AISCA combines AI security architecture, adversarial testing, secure AI development, cloud runtime controls, monitoring, and continuous assurance into a single evidence-based assessment and improvement model.

Controls	108 fully defined AI security controls across 12 weighted domains, each aligned to evidence requirements, maturity expectations, and framework mapping.
Scoring Model	Weighted average of domain maturity supported by automatic gap scoring, evidence-grade constraints, risk heatmaps, control failure visibility, KRIs, roadmap, and dashboard outputs.
Maturity Scale	L1 Initial → L2 Managed → L3 Defined → L4 Quantitative → L5 Optimising L1 InitialL2 ManagedL3 DefinedL4 QuantitativeL5 Optimising
Evidence Standard	5 evidence grades gate maturity progression: E1 InformalE2 ManualE3 StructuredE4 System-generatedE5 Adaptive
Standards Alignment	20+ standards including: EU AI Act · ISO 42001 · ISO 23894 · ISO 27001 · ISO 27090 · NIST AI RMF · NIST AI 600-1 · NIST CSF 2.0 · NIST SSDF · OWASP LLM Top 10 · MITRE ATLAS · CSA AICM · Google SAIF
Assessment Tool	12 domain sheets with maturity dropdowns, auto-scoring, evidence register, remediation roadmap, board dashboard, architecture patterns, and assurance outputs.
Primary Purpose	Secure the entire AI attack surface: data · model · prompt · RAG · agent · tool · pipeline · API · cloud runtime · monitoring · assurance · incident response
Operating Model	Baseline assessment → Gap analysis → Remediation planning → Independent validation → Continuous reassessment as AI systems, prompts, models, vendors, and threats change

AI Security Controls Architecture Assessment Platform

NS-AISCA Assessment Workbook & Operating Model

The technology delivery engine for AI security architecture assessments and continuous control improvement. Provides 12 domain assessment sheets, control-level maturity dropdowns, automatic gap scoring, evidence register, remediation roadmap, board dashboard, architecture patterns, and assurance outputs. Enables organisations to measure AI security posture across classical ML, GenAI, RAG, agentic AI, AI APIs, MLOps pipelines, and cloud AI runtime environments using a single evidence-based model.

See Paxley →

Services Delivered Under This Pillar

All services anchored to NS-AISCA v1.0 and delivered through the AI Security Controls Architecture Assessment Platform.

AI Security Controls Architecture Assessment & Roadmap

NS-AISCA baseline across all 12 domains with AI Security Posture Score, maturity heatmap, evidence register, and prioritised remediation roadmap.

AI Threat Modelling & Secure Design Review

Threat modelling covering misuse cases, trust boundaries, abuse paths, secure reference architectures, human oversight, and design gate requirements.

LLM, Prompt, RAG & GenAI Security Assessment

Assessment of prompt injection, system-prompt protection, input/output validation, RAG authorisation, context isolation, data leakage, and GenAI telemetry controls.

Agentic AI, Tool & Autonomy Security Review

Review of agent permissions, tool registry, autonomy limits, high-impact human approvals, memory governance, credential isolation, sandboxing, and kill-switch procedures.

MLSecOps & AI Supply Chain Security Programme

Integration of AI security controls into repositories, ML pipelines, model registries, dependency scanning, SBOM/AI-BOM linkage, artifact signing, and reproducible deployment workflows.

AI Runtime, Cloud, API & Monitoring Assurance

Review of AI workload segmentation, endpoint and API security, secrets, encryption, tenant isolation, consumption controls, logging, drift monitoring, SOC integration, and KRIs.

AI Red Teaming, Incident Response & Continuous Validation

Adversarial ML testing, LLM and agent red teaming, regression testing, AI incident playbooks, rollback readiness, forensic evidence capture, and continuous reassessment.

Secure your AI systems with a defensible, evidence-based architecture

We baseline your AI security posture across all 12 domains and deliver a prioritised remediation roadmap your board can act on.

Request a briefing →