Skip to main content
Jira progress: loading…

TG-VALIDATE-STRUCTURE

TrustGate Trust Scoring Engine

0. Identity

Loading identity…

Depends on module:

Decision-grade verification and assurance domain that orchestrates verifier workflows, evidence handling, trust scoring, audit trails, and assurance packaging across CSRD/ESRS and other frameworks. Enables third-party sign-off, dispute handling, and assurance-ready disclosure outputs with replayable provenance.
Domain:
assurance-verification
Category:
trust-assurance
Classification:
module
Lifecycle status:
active
Semver:
1.0.0
Introduced in:
v0.3
Governance
AI risk level:
high
Trust threshold:
0.97
Human review required:
true
Verifier involved:
true
Audit required:
true
Ownership
Primary owner:
Platform
Architecture board:
true
White-label allowed:
true
Entrypoints
Docs:
/verification-assurance
UI:
/app/assurance
API:
/api/assurance
Dependencies
Modules
  • sis
  • input-hub
  • reports-insights-hub
  • zara
  • zaam
Unresolved tokens
  • ALTD
  • DAL
  • EvidenceVault
  • StripeConnect
  • TruliooKYB
  • TrustGate
  • VTE
  • VerifierWorkflowEngine
Engines (declared)
  • VerifierWorkflowEngine
  • DaVE
  • VTE
  • DICE
  • EvidenceVault
  • ALTD
  • DAL
  • TrustGate
  • StripeConnect
  • TruliooKYB
  • AISIM
Micro-engines (from registry)
None
Micro-engines (declared)
None
Signals
USO
  • ASSURANCE.VERIFICATION
  • ASSURANCE.EVIDENCE
  • ASSURANCE.SIGNOFF
  • AUDIT.LINEAGE
  • GOVERNANCE.TRUST
  • IDENTITY.VERIFIER
  • PAYMENT.ESCROW
CSI
  • CSI_VERIFICATION_ASSURANCE
SSSR tags
  • assurance
  • verification
  • verifiers
  • evidence
  • signoff
  • trust-score
  • audit
  • tamper-detection
  • blockchain
  • rfp
  • disputes
  • escrow
  • stripe-connect
Workflows & Outputs
Workflows
  • VerifierOnboardingAndQualification
  • AssuranceRFPAndProposalFlow
  • EvidenceRequestAndCollection
  • EvidenceValidationAndScoring
  • TrustScoreComputationAndPropagation
  • VerifierReviewAndCommenting
  • IssueFlaggingAndDisputeResolution
  • VerifierSignOffAndStamping
  • AssurancePackagingForReports
  • PaymentEscrowAndPayoutOrchestration
Outputs
  • verifier_profiles
  • assurance_requests
  • evidence_packages
  • validation_findings
  • trust_score_updates
  • signoff_stamps
  • assurance_ready_disclosure_packages
  • payment_events
Audit
Ledger:
ALTD
Replay supported:
true
PII policy:
controlled_pii_outside_omr
Tags

1. Purpose

The TrustGate Trust Scoring Engine calculates the canonical TrustGate trust score for an assurance-relevant signal.

It receives an enriched and validated signal, combines structural validation results, policy outcomes, historical trust, replay evidence, lineage quality, federation evidence, and AI calibration metadata, and produces a final trust score with confidence, explanation, and audit-ready scoring evidence.

The engine is responsible for converting many assurance signals into a single normalized trust value:

0T10 \leq T \leq 1

where:

  • $0.0$ means no trust;
  • $1.0$ means maximum trust;
  • values between $0.0$ and $1.0$ represent measurable assurance confidence.

The Trust Scoring Engine does not make the final routing decision. It produces the score, confidence, explanation, and scoring evidence consumed by the TrustGate Decision Engine.


2. Position within TrustGate Runtime

Signal Parser


Structure Validation


Signal Normalizer


Context Enrichment


Rule Evaluation


Policy Resolution


──────────────────────────────────────────
Trust Scoring Engine
──────────────────────────────────────────


Decision Engine


Replay / DAL / AII / AFLE

The Trust Scoring Engine is the quantitative assurance layer of TrustGate.

It must only execute after:

  • the signal has been parsed;
  • structure has been validated;
  • units and identifiers have been normalized;
  • context has been enriched;
  • validation rules have executed;
  • active policy has been resolved.

3. Canonical Identity

PropertyValue
MEIDMEID_TRUST_SCORE_CALCULATOR
CMIvera.TG-SCORE.ENGINE.CALCULATOR.1_0_0
KINDENGINE
Owner ModuleVerification & Assurance
Runtime TierTier-0 Assurance Runtime
Engine CategorySCORE
Engine Domaintrust
ZAR RegistrationRequired
Replay SupportNative
DAL AnchoringRequired
Federation AwareYes

The MEID identifies the stable logical engine.

The CMI identifies this specific versioned implementation.


4. Runtime Responsibilities

The Trust Scoring Engine is responsible for:

ResponsibilityDescription
Base Score CalculationComputes initial score from validation, completeness, provenance, and source quality.
Policy WeightingApplies active scoring weights resolved by the Policy Resolution Engine.
Confidence CalculationComputes confidence based on variance, completeness, replay history, and evidence quality.
Modifier ApplicationApplies approved bonuses and penalties from policy and rule outcomes.
Replay AwarenessIncorporates replay outcomes and historical drift into the score.
Federation AwarenessIncorporates AFLE attestations and EGFS identity trust where available.
AI CalibrationApplies DSAIL-provided calibration coefficients where policy permits.
Score ExplanationEmits machine-readable explanation metadata.
AII TelemetryProduces assurance telemetry for the Assurance Intelligence Index.
Audit EvidenceProduces replayable, DAL-anchorable scoring evidence.

The engine must not quarantine, reject, or route a signal. Those responsibilities belong to downstream engines.


5. Scoring Model Overview

The Trust Scoring Engine supports two scoring modes:

ModeDescription
Generic Trust ScoringPlatform-wide scoring model for all TrustGate signals.
Profile-Specific ScoringDomain-specific scoring profiles such as invoice, sensor, Carbon Passport, supplier declaration, or federation attestation.

The generic TrustGate scoring model is:

T=wsS+wiI+wqQ+wpP+wrR+wfF+waAT = w_sS + w_iI + w_qQ + w_pP + w_rR + w_fF + w_aA

Where:

VariableMeaning
$S$Source reliability
$I$Identity confidence
$Q$Data quality
$P$Provenance integrity
$R$Replay reliability
$F$Federation confidence
$A$AI calibration confidence

The weights must satisfy:

w=1\sum w = 1

The output score must be bounded:

0T10 \leq T \leq 1

5.1. Replay Semantics of the Trust Score

The Trust Score contains deterministic and AI-assisted dimensions. Replay equivalence is therefore declared per dimension and per published output.

DimensionReplay ModeRationale
S — Source ReliabilityEXACTDerived from pinned source history, validation evidence, and governed calculations.
I — Identity ConfidenceEXACTDerived from pinned identity, certificate, and federation-verification evidence.
Q — Data QualityEXACTDerived from deterministic structural validation and rule-evaluation results.
P — Provenance IntegrityEXACTDerived from pinned lineage, identity, integrity, and provenance evidence.
R — Replay ReliabilityEXACTDerived from recorded replay outcomes and deterministic calculations.
F — Federation ConfidenceEXACTDerived from pinned federation, delegation, attestation, and verification evidence.
A — AI Calibration ConfidenceBANDEDMay be produced by AI-assisted assessment and is evaluated within a governed tolerance ε.
Arithmetic AggregationEXACTThe aggregation formula is deterministic for a fixed dimensional vector, Weight Bundle, modifier set, and rounding policy.
Published Trust ScoreBANDEDEnd-to-end replay includes the BANDED A dimension; the permitted score variance is derived from its governed tolerance and effective weight.

The A dimension shall be replayed using the BANDED mode defined by the TrustGate Replay Profiles Specification (TG-RP).

The Replay Manifest shall pin:

  • model identifier;
  • model version;
  • prompt or instruction hash;
  • inference parameters;
  • evaluator version;
  • feature-schema version;
  • Weight Bundle identifier and version;
  • applicable tolerance-policy reference;
  • numeric and rounding policy.

For a linear aggregation without decision-material discontinuities, the maximum tolerance attributable to A shall be derived as:

εT=waεA+εround\varepsilon_T = |w_a| \varepsilon_A + \varepsilon_{round}

where:

  • $\varepsilon_T$ is the permitted end-to-end Trust Score tolerance;
  • $w_a$ is the governed effective weight of the AI calibration dimension;
  • $\varepsilon_A$ is the governed replay tolerance for the AI calibration dimension;
  • $\varepsilon_{round}$ is the governed numeric and rounding tolerance.

Where modifiers, caps, clipping, threshold bands, or other discontinuous functions apply, the Replay Manifest shall record the resolved decision path. A replay that crosses a decision-material boundary shall not pass solely because its numeric result remains within $\varepsilon_T$.

A replay divergence beyond the applicable tolerance, or a divergence that changes a decision-material outcome, shall emit comp.TG.EVENT.REPLAY-DRIFT.v1_0.

Decision-material drift shall:

  • route the affected trust decision to human review;
  • preserve the original and replayed dimensional vectors;
  • preserve the original and replayed outputs;
  • record the applicable Weight Bundle and Replay Profile;
  • generate a DAL anchor candidate.

5.2. Score Parameter Governance

Trust-score weights, scoring modifiers, tolerance values, calibration metadata, numeric policies, and any threshold metadata required for replay or explanation shall be obtained exclusively from the active governed Weight Bundle defined by the TrustGate Score Governance Specification (TG-SG).

The Trust Scoring Engine shall consume these parameters only through:

comp.TG.INPUT.POLICY-CONTEXT.v1_0

Routing thresholds are evaluated by the TrustGate Decision Engine. The Trust Scoring Engine may record resolved threshold-policy references for replay and explanation but shall not issue routing decisions.

Implementations shall not obtain scoring parameters from:

  • source-code constants;
  • environment variables;
  • local configuration files;
  • tenant database columns outside the governed policy-bundle path;
  • runtime AI recommendations;
  • undocumented operator overrides.

Every scoring execution shall record the applicable Weight Bundle identity and version in its Replay Manifest and scoring evidence.

Every Trust Scoring execution shall record:

  • Weight Bundle identifier;
  • Weight Bundle version;
  • policy snapshot identifier;
  • calibration authority;
  • effective timestamp;
  • applicable replay profile;
  • applicable ε policy reference for X.

No runtime tuning is permitted.


6. Score Dimensions

6.1. Source Reliability $S$

Source reliability measures the historical reliability of the originator or system submitting the signal.

Inputs may include:

  • supplier historical trust;
  • source system reliability;
  • previous validation failures;
  • auditor overrides;
  • data submission completeness;
  • source-specific AII history.

6.2. Identity Confidence $I$

Identity confidence evaluates whether the originating ECO identity is valid, verified, and federation-authorized.

Inputs may include:

  • ECO Number validity;
  • DID verification;
  • certificate validity;
  • FAGF certification status;
  • EGFS federation status;
  • identity conflict history.

6.3. Data Quality $Q$

Data quality measures completeness, structural validity, unit quality, datatype validity, and rule-level quality.

Inputs may include:

  • missing field count;
  • datatype validation result;
  • unit compatibility;
  • schema conformance;
  • metric compatibility;
  • required evidence coverage.

6.4. Provenance Integrity $P$

Provenance integrity measures the quality of traceability and lineage.

Inputs may include:

  • USO completeness;
  • origin chain length;
  • CMI traceability;
  • CSI correctness;
  • DAL anchor presence;
  • hash-chain validity;
  • source document integrity.

6.5. Replay Reliability $R$

Replay reliability incorporates OARM and AAE replay evidence.

Inputs may include:

  • replay success rate;
  • replay variance;
  • replay recency;
  • replay count;
  • deterministic replay availability;
  • difference between original and replayed score.

Replay reliability may be computed as:

R=Successful ReplaysTotal Replay AttemptsR = \frac{Successful\ Replays}{Total\ Replay\ Attempts}

If no replay history exists, policy determines whether $R$ is neutral, discounted, or ignored.


6.6. Federation Confidence $F$

Federation confidence evaluates cross-ECO corroboration.

Inputs may include:

  • AFLE attestation validity;
  • EGFS node health;
  • federation certificate status;
  • Carbon Passport verification;
  • external verifier endorsement;
  • regulator verification state.

6.7. AI Calibration Confidence $A$

AI calibration confidence is advisory and never overwrites factual evidence.

Inputs may include:

  • DSAIL calibration coefficients;
  • anomaly score;
  • confidence interval recommendation;
  • historical trust drift;
  • AI model approval state;
  • AI explainability score.

AI contributions must be separately recorded and explainable.


7. Runtime Processing Pipeline

Receive Scoring Request


Load Policy Weights


Load Scoring Profile


Collect Score Dimensions


Calculate Base Score


Apply Modifiers


Calculate Confidence


Generate Explanation


Emit Trust Score Event

Each stage must be deterministic and replayable.

The Trust Scoring Engine shall consume all scoring parameters exclusively through POLICY-CONTEXT.

The engine shall fail closed if:

  • no active Weight Bundle can be resolved;
  • the bundle lacks constitutional approval;
  • the bundle version cannot be replayed;
  • the DAL anchor cannot be verified where anchoring is required;
  • a required weight, threshold, modifier, or tolerance reference is absent.

The engine shall not apply implicit defaults.


8. Processing Algorithm

function score(enriched_signal, validation_result, policy_context):

profile = load_scoring_profile(policy_context)

weights = resolve_weights(profile, policy_context)

source = calculate_source_reliability(enriched_signal)

identity = calculate_identity_confidence(enriched_signal)

quality = calculate_data_quality(validation_result)

provenance = calculate_provenance_integrity(enriched_signal.lineage)

replay = calculate_replay_reliability(enriched_signal.replay)

federation = calculate_federation_confidence(enriched_signal.federation)

ai = calculate_ai_calibration(enriched_signal.ai)

base_score =
weights.source * source +
weights.identity * identity +
weights.quality * quality +
weights.provenance * provenance +
weights.replay * replay +
weights.federation * federation +
weights.ai * ai

modified_score = apply_modifiers(base_score, policy_context.modifiers)

confidence = calculate_confidence(
modified_score,
validation_result,
enriched_signal.replay,
enriched_signal.ai
)

explanation = build_explanation()

emit_score_event(modified_score, confidence, explanation)

return score_result

9. Non-Normative Weight Bundle Example

Non-normative example

This example illustrates the structure of a governed Weight Bundle. The values are not TrustGate defaults, shall not be implemented as source-code constants, and shall not be exposed as tenant decision cut-points. Runtime values are resolved exclusively through comp.TG.INPUT.POLICY-CONTEXT.v1_0 under TG-SG.

Example default scoring profile:

trustgate:
scoring_profile: generic_assurance_v1
weights:
source_reliability: 0.15
identity_confidence: 0.15
data_quality: 0.20
provenance_integrity: 0.20
replay_reliability: 0.10
federation_confidence: 0.10
ai_calibration_confidence: 0.10
modifiers:
verified_carbon_passport_bonus: 0.10
verified_epd_bonus: 0.10
stale_replay_penalty: -0.05
invalid_federation_penalty: -0.20
generic_spend_factor_penalty: -0.20
bounds:
min_score: 0.0
max_score: 1.0

Weights must be validated before execution.

The engine shall reject any scoring profile where:

w1\sum w \neq 1

unless the policy explicitly enables automatic normalization.

Example of neutral placeholders:

trustgate:
scoring_profile_ref: WB-EXAMPLE-001
weights:
source_reliability: "<governed-value>"
identity_confidence: "<governed-value>"
data_quality: "<governed-value>"
provenance_integrity: "<governed-value>"
replay_reliability: "<governed-value>"
federation_confidence: "<governed-value>"
ai_calibration_confidence: "<governed-value>"
modifiers:
verified_evidence_bonus: "<governed-value>"
stale_replay_penalty: "<governed-value>"
tolerances:
ai_calibration_epsilon_ref: "<governed-policy-ref>"
numeric_policy_ref: "<governed-policy-ref>"

10. CSI Contracts

10.1. Input CSIs

CSIRequiredPurpose
comp.TG.INPUT.ENRICHED-SIGNAL.v1_0YesEnriched TrustGate signal.
comp.TG.INPUT.VALIDATION-RESULT.v1_0YesStructural and rule validation results.
comp.TG.INPUT.POLICY-CONTEXT.v1_0YesGoverned Weight Bundle context containing weights, thresholds, modifiers, tolerance references, and calibration metadata.
comp.OARM.INPUT.REPLAY-SUMMARY.v1_0NoReplay summary and replay confidence.
comp.AFLE.INPUT.ATTESTATION-SUMMARY.v1_0NoFederation attestation summary.
comp.DSAIL.INPUT.CALIBRATION-HINT.v1_0NoAI calibration recommendation.

10.2. Output CSIs

CSIPurpose
comp.TG.OUTPUT.TRUST-SCORE.v1_0Final TrustGate trust score.
comp.TG.OUTPUT.CONFIDENCE-SCORE.v1_0Confidence score and confidence drivers.
comp.TG.OUTPUT.SCORE-EXPLANATION.v1_0Explainability payload.
comp.TG.EVENT.SCORE-CALCULATED.v1_0Runtime scoring event.
comp.AII.INPUT.TRUST-TELEMETRY.v1_0AII contribution event.
comp.DSAIL.INPUT.TRUST-FEEDBACK.v1_0AI feedback event.

11. Canonical Input Payload

{
"signal_id": "SIG-2026-00001472",
"eco_number": "ECO-A123",
"enriched_signal_ref": "ENR-2026-00001472",
"validation_result": {
"status": "passed",
"rules_checked": 42,
"rules_failed": 0,
"severity_max": "info"
},
"policy_context": {
"policy_bundle": "FAGF-2026.2",
"scoring_profile": "generic_assurance_v1"
},
"lineage": {
"uso_id": "USO-98122",
"dal_anchor": "DAL-991223",
"verified": true
},
"replay": {
"replay_count": 7,
"verification_rate": 0.986,
"variance": 0.011
},
"federation": {
"attestation_valid": true,
"node_health": "healthy"
},
"ai": {
"calibration_confidence": 0.94,
"model_cmi": "siss.DSAIL-TRUST.MODEL.CALIBRATION.2_0_0"
}
}

12. Canonical Output Payload

{
"score_id": "TGS-2026-00001472",
"signal_id": "SIG-2026-00001472",
"eco_number": "ECO-A123",
"engine_cmi": "vera.TG-SCORE.ENGINE.CALCULATOR.1_0_0",
"meid": "MEID_TRUST_SCORE_CALCULATOR",
"trust_score": 0.914,
"confidence": 0.936,
"classification_hint": "trusted",
"dimensions": {
"source_reliability": 0.89,
"identity_confidence": 1.0,
"data_quality": 0.94,
"provenance_integrity": 0.96,
"replay_reliability": 0.986,
"federation_confidence": 0.91,
"ai_calibration_confidence": 0.94
},
"weights": {
"source_reliability": 0.15,
"identity_confidence": 0.15,
"data_quality": 0.20,
"provenance_integrity": 0.20,
"replay_reliability": 0.10,
"federation_confidence": 0.10,
"ai_calibration_confidence": 0.10
},
"modifiers_applied": [
{
"modifier_id": "verified_carbon_passport_bonus",
"adjustment": 0.10,
"cap_applied": false
}
],
"explanation": {
"primary_positive_drivers": [
"verified_identity",
"dal_lineage_verified",
"high_replay_reliability"
],
"primary_negative_drivers": [
"minor_source_variance"
]
},
"created_at": "2026-06-25T12:04:19Z"
}

13. Score Confidence Model

The trust score and confidence score are separate.

Trust score answers:

How reliable is this signal?

Confidence answers:

How certain is TrustGate about the score?

A simple confidence model is:

C=1σd+σr+σa3C = 1 - \frac{ \sigma_d + \sigma_r + \sigma_a } {3}

Where:

VariableMeaning
$\sigma_d$Data variance
$\sigma_r$Replay variance
$\sigma_a$AI calibration uncertainty

Confidence must also be bounded:

0C10 \leq C \leq 1

14. Score Event

{
"event_type": "trustgate.score.calculated",
"score_id": "TGS-2026-00001472",
"signal_id": "SIG-2026-00001472",
"eco_number": "ECO-A123",
"trust_score": 0.914,
"confidence": 0.936,
"engine_cmi": "vera.TG-SCORE.ENGINE.CALCULATOR.1_0_0",
"timestamp": "2026-06-25T12:04:19Z"
}

15. DAL Integration

The Trust Scoring Engine produces DAL anchor candidates.

Example:

{
"artifact_type": "TrustScoreEvent",
"artifact_id": "TGS-2026-00001472",
"artifact_hash": "sha256:9f0dc4...",
"engine_cmi": "vera.TG-SCORE.ENGINE.CALCULATOR.1_0_0",
"meid": "MEID_TRUST_SCORE_CALCULATOR",
"created_at": "2026-06-25T12:04:19Z"
}

The engine does not itself finalize ledger anchoring. Final anchoring is performed by the TrustGate DAL Anchor Engine.


16. Replay Behaviour

The Trust Scoring Engine supports mixed replay semantics governed by TG-RP.

Replay inputs include:

  • enriched signal;
  • validation result;
  • policy context;
  • Weight Bundle identifier and version;
  • scoring profile;
  • applied modifiers;
  • model calibration metadata;
  • engine CMI;
  • ruleset and policy versions;
  • numeric and rounding policy;
  • Replay Profile.

Deterministic dimensions and arithmetic sub-steps shall replay in EXACT mode.

The AI calibration dimension shall replay in BANDED mode using the governed tolerance referenced by the active Weight Bundle.

The published Trust Score and Confidence Score shall pass replay when:

  • all EXACT components reproduce exactly;
  • all BANDED components remain within their governed tolerances;
  • the aggregation path, modifier path, caps, clipping, and rounding policy remain equivalent;
  • no decision-material boundary is crossed;
  • identity, provenance, lineage, and manifest integrity remain valid.

A purely recorded explanation or external AI narrative may use RECORDED mode where declared in frontmatter.

Replay divergence shall emit:

comp.TG.EVENT.REPLAY-DRIFT.v1_0

Decision-material drift shall be escalated for human review and prepared for DAL anchoring.


17. Federation Behaviour

Trust scores may be included in federation attestations only when:

RequirementRequired
ECO Number verifiedYes
DID verifiedYes
DAL anchor candidate createdYes
Scoring profile recordedYes
CMI recordedYes
Replay artifact availableYes
Policy bundle recordedYes

Federated trust scores must include freshness metadata.

Trust freshness may be calculated as:

TF=eλΔtTF = e^{-\lambda \Delta t}

where:

  • $TF$ = Trust Freshness;
  • $\lambda$ = decay coefficient;
  • $\Delta t$ = elapsed time since scoring.

18. AI Integration

The engine may consume DSAIL calibration hints but must not allow AI to overwrite factual score dimensions.

AI may adjust:

  • weight recommendations;
  • confidence modifiers;
  • replay priority;
  • anomaly indicators.

AI may not modify:

  • original data;
  • validation results;
  • DAL proofs;
  • identity status;
  • policy requirements.

All AI influence must be explicitly logged.


19. AII Integration

The Trust Scoring Engine is a primary telemetry producer for AII.

AII contribution payload:

{
"eco_number": "ECO-A123",
"period": "2026-Q2",
"assessment_count": 12045,
"avg_trust": 0.914,
"avg_confidence": 0.936,
"trust_variance": 0.027,
"replay_reliability": 0.986,
"federation_confidence": 0.91,
"dal_verification_rate": 1.0
}

20. Failure Handling

FailureSeverityAction
Missing policy contextCriticalAbort
Invalid weight sumCriticalAbort
Missing validation resultCriticalAbort
Missing enriched signalCriticalAbort
Missing replay dataWarningContinue
Missing AI calibrationInfoContinue
Missing federation contextWarningContinue
Score outside boundsCriticalAbort
Non-deterministic replayCriticalEscalate

21. Observability Metrics

MetricDescription
tg_score_totalTotal scores calculated.
tg_score_latency_msScoring latency.
tg_score_averageAverage TrustGate score.
tg_score_confidence_averageAverage confidence score.
tg_score_modifier_countNumber of modifiers applied.
tg_score_replay_drift_totalReplay drift events.
tg_score_ai_adjustment_totalAI calibration events.
tg_score_federation_enabled_totalScores eligible for federation.

22. Performance Targets

MetricTarget
Average latency< 30 ms
P95 latency< 80 ms
P99 latency< 150 ms
Throughput10,000 scores/sec per worker pool
Replay-profile conformance100%
Availability99.99%

23. Security Requirements

The engine must:

  • accept only authenticated internal runtime requests;
  • verify policy bundle signatures;
  • verify scoring profile source;
  • record engine CMI;
  • record MEID;
  • record scoring profile version;
  • never expose raw sensitive data in explanations;
  • redact sensitive fields before federation export;
  • log all scoring executions.

24. Compliance Alignment

FrameworkTrust Scoring Contribution
CSRDProvides measurable data quality and assurance confidence.
ESRSSupports uncertainty and quality disclosures.
ISSB / IFRS S1-S2Supports investor-grade confidence metadata.
ISO 14064-1Supports GHG data quality and verification evidence.
EU AI ActRecords AI influence and explainability metadata.
ISO 27001Supports secure assurance processing and audit logs.

25. Summary

The TrustGate Trust Scoring Engine converts enriched and validated assurance signals into normalized, explainable, replayable, and DAL-anchorable trust scores.

It is the quantitative assurance center of TrustGate and directly supports:

  • downstream decisions;
  • DAL anchoring;
  • OARM replay;
  • AFLE federation;
  • DSAIL calibration;
  • AII computation;
  • VIZZ dashboards;
  • regulatory assurance.

No TrustGate decision may be issued without a valid score event from this engine.




GitHub RepoRequest for Change (RFC)