Continuous Air-Gap Attestation Token from Operator-Personalised Silicon for Classified-Environment Compliance.

Hardware-emitted attestation chain proves air-gap status across any specified subwindow.

A method and system for cryptographically attesting that a computer workstation has remained network-isolated throughout a defined window. The continuous attestation engine, on each tick of a configurable cadence, reads hardware ingress and egress counter deltas across every communications interface (Ethernet, Wi-Fi, Bluetooth, USB, Thunderbolt, PCIe), hashes the active process set, reads a hardware time-of-attestation value, constructs a signed attestation token chained to the prior token, and signs under FIPS 204 ML-DSA-65 in the operator-personalised silicon. A regulator given the export, the operator public key, and the silicon identity can replay the chain and prove with cryptographic certainty that the device emitted, ingested, or transferred no traffic across any defined boundary during any specified subwindow. Defence, nuclear-engineering, Chinese-wall, and anti-money-laundering applications. Filed 21 May 2026 as GB2611902.4.