Architecture-Constrained Autonomy for Safety-Critical Autonomous Systems

This paper introduces architecture-constrained autonomy as a foundational architectural principle for ensuring safety in autonomous systems. It defines how safety constraints can be embedded directly into system architecture to bound autonomous behavior at runtime. It establishes a structural approach in which autonomous actions are constrained not only by decision-making logic, but by enforceable architectural boundaries that define the admissible operational space. Related works: - A Governance Architecture for Safe and Bounded Autonomous Systems- Capability Lifecycle Governance in Autonomous Systems- Non-Bypassable Execution Control in Autonomous Systems- Safety-Bounded Autonomy in Distributed Autonomous Systems Autonomous systems are increasingly deployed in dynamic, distributed, and safety-critical environments, including industrial automation, autonomous transportation, and large-scale robotic infrastructures. As system complexity, autonomy, and interconnection increase, ensuring reliable and enforceable safety guarantees becomes a fundamental architectural challenge. Traditional approaches rely on decision correctness, policy validation, or post-hoc monitoring. However, these approaches do not guarantee that unsafe actions cannot be executed. This paper proposes architecture-constrained autonomy as a system-level paradigm in which safety is enforced through structural constraints embedded directly within the system architecture. Within this framework, autonomous decision processes may generate candidate actions, but execution is strictly constrained by architectural safety boundaries. These constraints define the permissible action space and prevent unsafe behavior from propagating to execution. The architecture introduces the concept of enforceable safety constraints at the architectural level, enabling bounded autonomy by design rather than by verification alone. This ensures that autonomous system behavior remains within predefined and verifiable safety limits, independent of learning, adaptation, or environmental uncertainty. Architecture-constrained autonomy is particularly relevant for distributed and multi-agent systems, where local decision correctness does not guarantee global system safety. By introducing shared architectural constraints, the framework enables coordinated safety enforcement across multiple agents and system components. The proposed approach provides a conceptual and architectural foundation for safety-bounded autonomy, complementing capability governance and execution control layers within a broader governance architecture. This work contributes to the emerging field of architectural safety enforcement in autonomous systems and establishes a structural basis for ensuring safe, bounded, and verifiable system behavior in real-world deployments. This work is part of a broader research program on governance and execution control in autonomous systems, including capability governance, safety-bounded autonomy, and non-bypassable execution control architectures.