MICKAI
Worked example · Worked example, defence prime

BAE Systems

This is an illustrative blueprint, not a customer story. It takes a defence prime of roughly this scale and walks the Mickai Defence vertical pack across it, using only public information. The thesis is simple. A prime handling classified airframe blueprints, CAD diagnostics, OT telemetry and tender documents cannot send any of that to a public cloud or a third-party AI vendor. The Mickai SIOS runs the analysis on-premises, inside the building, on hardware with the network cards disabled at the BIOS, so the data never leaves the building and no third party ever sees it. Everything below shows how such a prime could deploy the sovereign stack. None of it asserts that any named firm has done so.

Illustrative analysis · public information only

This page is an illustrative analysis built only from public information. BAE Systems is not a Mickai customer and has no relationship, engagement, trial, or endorsement with Mickai. Nothing here implies that BAE Systems uses, has trialled, or has engaged the Mickai SIOS. It is a sector blueprint showing how a defence prime of this scale could deploy the sovereign stack.

Publicly reported, on an approximate and as-published basis, as a defence prime with revenue of around twenty-five billion pounds and a global workforce of over 100,000 people. These figures are indicative public estimates used only to illustrate scale, not precise or verified financials.

The sovereign advantages

Five advantages hold across every sector, and they are architectural, not promotional. The third-party cloud-exposure vector is removed; your own physical, insider, and compliance controls remain yours.

Zero-trust data privacy

The data never leaves your hardware, so no third party and no cloud-provider employee ever sees it. What happens in the server room stays in the server room.

No vendor lock-in or outage exposure

You own the compute and the capability, so the system runs independent of the internet and of any cloud vendor's pricing, terms, or availability.

Data residency by default

The data never crosses a geographical or digital border because it never leaves the building, which removes the cross-border-transfer and third-party-processing friction of UK GDPR, Schrems II, and the sector rules. You keep your own obligations.

Proprietary advantage stays private

Fine-tune and run retrieval on your deepest archives to build a hyper-customised co-pilot, with no risk of your proprietary edge training a public model or leaking.

Predictable total cost of ownership

After the hardware and licence, queries cost essentially electricity. A capital asset you own and depreciate, instead of volatile per-token cloud bills.

The zero-espionage trust vault

There is no third-party cloud path, so no competitor and no vendor insider can scrape, intercept, or subpoena your prompts or your fine-tuned weights from the internet. The trust vault is closed by architecture.

Immunity to regulatory drift

You own the software snapshot on your own hardware, so a change to a cloud vendor's terms, a model deprecation, or an outage cannot reach you. The system stays predictable and auditable on-premise as the rules evolve.

The regulatory wedge

The specific rules that bar mainstream cloud AI from this sector's regulated data. Each one demands a named, auditable perimeter the operator controls, which a shared multi-tenant cloud cannot give.

ITAR and EAR export-control regimes, where technical data on defence articles cannot be exposed to non-authorised persons or systems, including foreign-owned cloud infrastructure
UK Official Secrets Act obligations covering classified and protectively marked material
MoD Secure-by-Design alongside JSP 440 (defence manual of security) and JSP 604 (networking instructions) for handling defence information and connecting systems
CMMC 2.0, the US cybersecurity maturity model that conditions defence-supply-chain participation on demonstrable control of controlled unclassified information
Cross-border data-transfer and third-party-processing exposure, which an air-gapped on-premises deployment removes; the prime keeps its own classification, personnel-vetting and physical-security obligations
The lead studios

The enterprise studios that lead in this sector, drawn from the eighteen that sit on the one sovereign substrate. Each runs on hardware the organisation owns, under one set of operator-held keys, writing to one Open Audit Record.

Hephaestus

Predictive Maintenance and OT

Reads OT and shop-floor telemetry from manufacturing lines, test rigs and platform sensors to flag fault patterns and maintenance needs, with the analysis running entirely on-premises so no machine data or production signature reaches an outside network.

Astraea

Contract Review and Legal-Ops

Reviews tenders, classified contract documents, supplier terms and export-control clauses in-house, surfacing risk and obligations without any document leaving the secure environment or passing to a third-party processor.

Nomos

Compliance and Regulator Mode

Maps activity against ITAR and EAR, Official Secrets, MoD Secure-by-Design, JSP 440, JSP 604 and CMMC 2.0, and produces an evidence trail for auditors and regulators. It removes the third-party cloud-exposure vector; classification and personnel controls remain the prime's own.

Clio

Sovereign Meeting Note-Taker

Captures and structures notes from programme reviews, classified briefings and supplier meetings on local hardware, so sensitive discussion never routes through a hosted transcription service. What happens in the server room stays in the server room.

Aletheia

Audit

Maintains an internal, tamper-evident record of who queried what and which documents were touched, giving security and assurance teams the audit evidence that export-control and classified-handling regimes demand.

See all eighteen on the sovereign services catalogue.

The illustration of scale

Qualitatively, the scale is large. A prime of around twenty-five billion pounds in revenue and over 100,000 staff runs thousands of engineers across airframe, naval, land and electronic-systems programmes, each generating CAD models, OT telemetry, test data, tender responses and classified correspondence that today cannot be put through any external AI service. The illustrative opportunity is the share of that knowledge work, design diagnostics, document review, OT analysis, compliance evidencing and meeting capture, that could be accelerated by AI only if the model runs air-gapped inside the prime's own accredited facilities. The value is not a cost line to quote; it is the unlocking of AI on material that, by law and by classification, can never go to the cloud.

The outcome

Money won, money saved, risk removed, on hardware you own.

In the pack, a buyer of this kind would see a Defence deployment blueprint: Mickai SIOS hardware installed inside an accredited facility with network cards disabled at the BIOS, no inbound or outbound internet path, and the studios above running locally against airframe and CAD diagnostics, OT and supply-chain telemetry, and tender and classified-document review. They would see the regulatory wedge mapped studio by studio against ITAR and EAR, Official Secrets, MoD Secure-by-Design, JSP 440, JSP 604 and CMMC 2.0, with Aletheia and Nomos producing the audit and compliance evidence those regimes expect. The headline they would take away is that the data never leaves the building, no third party ever sees it, and the system runs independent of the internet and cloud vendors, which removes the cross-border-transfer and third-party-processing friction while the prime keeps its own classification, vetting and physical-security obligations.

Lawful B2B engagement

Map the sovereign stack to your organisation estate.

Briefings are for organisations weighing a sovereign, on-premises deployment. Tell us about your estate and we will walk the pack, the regulatory crosswalk, and the deployment that fits your estate.

Note: This page is an illustrative analysis built only from public information. BAE Systems is not a Mickai customer and has no relationship, engagement, trial, or endorsement with Mickai. Nothing here implies that BAE Systems uses, has trialled, or has engaged the Mickai SIOS. It is a sector blueprint showing how a defence prime of this scale could deploy the sovereign stack.

Other sectors
Retail with customer-data depth
Retail
Law firms and legal-ops
Legal
Banking, insurance, and financial services
Finance
NHS Trusts and private healthcare
Health
Defence and government
Public Sector
Generational discretion and an uncompromised deal edge, on hardware you own.
VCs and Family Offices
Multi-generational wealth, processed entirely inside your own walls.
Private Banking and Wealth
The ledger never leaves the firm.
Accounting, Tax and Audit
Price the risk without surrendering the risk profile.
Insurance and Actuarial
Sovereign discovery infrastructure for assets too valuable to leave the building.
Pharma, Biotech and Pre-patent IP
Quality auditing of device and calibration data that never leaves the building.
Medical Devices
Bunker-grade AI for work that can never touch the public cloud.
Defence, Aerospace and Dual-Use
Off-grid intelligence for the systems a nation cannot afford to lose.
Critical Infrastructure, Maritime and Energy
Your process is your moat. Keep it inside the factory walls.
Heavy Industry, Manufacturing and Semiconductors
Network intelligence that never leaves the core
Telecommunications
Sovereign research intelligence that keeps the IP, and the dual-use risk, on campus.
Academic and University Research
Sift the whole talent pool without the raw records ever leaving your building.
Executive Search and HR
Athlete telemetry and tactics that never leave the training ground.
Elite Sport and Performance
The client black book that never leaves the room.
Luxury, Private Aviation and VIP Concierge
Clienteling and collections held in the house, not the cloud.
Luxury Fashion
Tag every frame on premises, so no pixel ever leaves the studio.
Commercial Photography and Media Houses
Sovereign deal intelligence for the agencies that hold the industry's secrets.
Talent and Literary Agencies
Your catalogue, indexed and searchable, with no master ever leaving the building.
Music Studios and Labels
Source protection that never leaves the newsroom.
Press and Investigative Journalism
The IP lifecycle stays under lock and key, from script to final pixel.
Film, TV and VFX
Safeguarding intelligence that never leaves the trust.
Multi-Academy Trusts (Primary and Secondary)
Where the question paper never leaves the vault until test day.
Examination and Testing Boards
Special-needs records that never leave the setting
SEN and Alternative Provision
Ship native AI for schools without inheriting the data-processing-agreement fight.
EdTech and LMS Vendors