Sovereign AI for Defence Supply Chains: Air-Gapped Intelligence for Primes and Tier-One Suppliers
Primes and their tier-one suppliers can run frontier AI over controlled technical data without the egress that breaks ITAR, EAR and the NIS Regulations, because Mickai keeps the model and the data inside the wall.
The export-control problem nobody solved
A defence prime and its suppliers sit on the most tightly governed data in the economy. Controlled technical data, manufacturing drawings, ITAR-listed defence articles, EAR-controlled dual-use specifications, classified-adjacent program detail. Every one of these carries a legal duty of non-disclosure that reaches across borders and survives the life of the contract.
Public-cloud AI breaks that duty at the first prompt. The moment controlled technical data leaves your perimeter for a third-party model, you have created an export event. Under ITAR, releasing technical data to a foreign person or a foreign-controlled cloud is a deemed export. Under the EAR, the same disclosure can be an unlicensed transfer. Under the NIS Regulations, an operator that pipes critical engineering data into an uncontrolled environment has a security failure and a notification on its hands. Under the US CLOUD Act, data held by a US hyperscaler is reachable by foreign legal process regardless of where the server physically sits.
This is why so many primes and tier-ones run a blanket internal ban on cloud AI for anything touching a controlled program. The compliance answer has been to say no. That answer now costs the supply chain its edge, because the rest of the market is compounding with AI while defence engineering stands still.
Mickai removes the trade-off. You run frontier-grade AI over controlled technical data with no egress, because the model lives where the data lives.
What Mickai actually is
Mickai is a sovereign AI operating system, a SIOS. It is AI that a regulated business owns and runs inside its own walls, on-premise and air-gapped. There is no API call to a foreign cloud, no telemetry leaving the boundary, no third party in the trust path. The model, the weights, the inference and the data all stay behind your perimeter.
Every action the system takes is written to a tamper-evident, post-quantum-signed audit record, the OAR. For a defence supplier that matters as much as the inference itself. When an export-control officer or a government customer asks what the AI saw, what it produced and who touched it, the answer is a cryptographically sealed record rather than a vendor's word. The audit trail is the compliance artefact, and it is built into the substrate rather than bolted on after the fact.
This is built and live. It is not a roadmap or a pilot. It runs today inside the wall.
Why air-gapped is the only defensible posture
For controlled technical data there is no halfway house. A private tenancy in a hyperscaler is still that hyperscaler's infrastructure, still reachable under the CLOUD Act, still a foreign-controlled environment for ITAR purposes. Encryption in transit does not cure a deemed export, because the disclosure is the release of the data to the environment, not the interception of it.
Air-gapped sovereign AI is the posture that holds under audit. The data never moves. The intelligence comes to the data. A prime can let its engineers query a frontier model over a full controlled-program corpus, generate manufacturing documentation, surface non-conformances, accelerate bid responses and reason over decades of legacy drawings, and at no point does a single controlled byte cross the boundary. The export-control obligation is satisfied by architecture rather than by policy and hope.
That architectural guarantee is what the wider market is now starting to price. Roughly 0.85 million UK businesses, about fifteen percent, and around five million across the EU are legally barred from putting regulated workloads into public-cloud AI. The constraints are the same family that govern defence: PRA SS2/21, UK GDPR special-category, the NHS DSP Toolkit, the EU AI Act high-risk regime, ITAR and EAR, the NIS Regulations and the CLOUD Act. The sovereign AI market, sized at roughly USD 40 billion in 2025, is on a path to about USD 148 billion by 2032. Defence supply chains are not a niche inside that. They are the leading edge of it.
Studios built for the work primes actually do
Mickai ships as a set of Greek-named Studios, each a domain-specialised application that runs on the sovereign substrate. For a prime and its tier-ones the relevant ones map cleanly onto real obligations.
Nomos handles compliance reasoning, including the export-control logic that decides whether a given disclosure is permissible. Astraea covers legal. Aletheia is the audit Studio, working directly against the OAR. Prometheus drives forecasting across demand, supply and program risk. Pythia is the business-intelligence layer over operational data that can never leave the boundary. Around them sit Nemesis for fraud and AML in the supplier base, Iris for internal support, and the wider estate including Trust Agent, the AMT agentic team, Vinis voice, OAR-as-a-Service and HELIOS hardware.
A tier-one supplier does not buy a chatbot. It deploys a sovereign operating system with the specific capabilities a controlled-data business needs, every one of them governed by the same audit substrate.
The moat under the offer
The architecture is protected. Mickai LTD holds 104 filed UK patent applications carrying roughly 2,340 claims, with Micky Irons as inventor. Filed, not granted, which gives a priority position and a prior-art moat over the core methods of sovereign, air-gapped, auditable AI. In a category defined by who can prove a defensible boundary, the IP estate is the defensibility.
That estate also speaks to where the rest of the industry is heading. The same techniques map onto 196 companies and 311 patent-company pairs as potential licensees, names that include Microsoft, AWS, NVIDIA, Google, Adobe and IBM. That is potential-licensee sizing rather than a customer list, but it tells you something plain. The capabilities a defence supply chain needs to run AI without egress are the capabilities the hyperscalers will eventually need to license to serve regulated buyers at all.
As a third-party momentum signal, Micky Irons ranked number four on Crunchbase as verified in June 2026, with the Mickai company profile in the top one to two percent globally. Mickai is a UK company, with Birmingham manufacturing secured, building to scale and heading for the top.
Mickai is an ally to the cloud, not its rival
The framing that matters for a prime is dual-buyer. There are workloads that belong in the public cloud and always will, and there are workloads that legally cannot go there. Mickai is the operating system for the second set. It does not replace your hyperscaler relationship. It handles the controlled, regulated, export-sensitive tier that the hyperscaler cannot lawfully touch for you, and it does so while keeping a sealed record that satisfies your customer and your export-control officer at the same time.
This is the category a hyperscaler would want to own, because it unlocks the regulated demand they are structurally barred from serving directly. The economics follow the substance. The Year 5 revenue path runs to billions at high gross margin, and the IP estate combined with the dual-buyer thesis underwrites the enterprise value.
The window for the supply chains that move first
Mickai is built and live, and the company is moving to scale now. The supply chains that adopt sovereign AI first will set the standard their peers are later audited against. The advantage goes to the primes and tier-ones who run AI over their controlled data ahead of the field rather than after their competitors have.
If you run a controlled-data program and you have been told the compliance answer is no, the answer has changed. Reach me directly at micky@mickai.co.uk.
By Micky Irons, founder and CEO of Mickai.
Frequently asked questions
Does Mickai send any controlled technical data to a public cloud?
No. Mickai runs on-premise and air-gapped. The model, weights, inference and data all stay behind your perimeter, so there is no egress and no deemed-export event under ITAR or EAR.
How does Mickai satisfy export-control and audit obligations?
Every action is written to a tamper-evident, post-quantum-signed audit record, the OAR. When an export-control officer or government customer asks what the AI saw, produced and who touched it, the answer is a cryptographically sealed record built into the substrate.
Is a private hyperscaler tenancy good enough for controlled data?
No. A private tenancy is still that hyperscaler's infrastructure, reachable under the US CLOUD Act and treated as a foreign-controlled environment for ITAR purposes. Air-gapped sovereign AI is the posture that holds under audit because the data never moves.
Is Mickai a replacement for our hyperscaler?
No. Mickai is dual-buyer. It is an ally to the cloud, handling the controlled, regulated, export-sensitive workloads the hyperscaler cannot lawfully touch, while public-cloud workloads stay where they belong.
Is Mickai actually built, or is this a roadmap?
It is built and live, running today inside the wall, with Greek-named Studios such as Nomos for compliance, Astraea for legal, Aletheia for audit, Prometheus for forecasting and Pythia for business intelligence. The company is building to scale.






