Architecture
OMEN five-layer architecture, data flows, cross-cutting concerns, and design rationale
Overview
OMEN is structured as five horizontal layers, each with well-defined responsibilities and clean boundaries. Every component is designed for modular replaceability — any layer, service, or adapter can be substituted without requiring a full system rewrite.
┌──────────────────────────────────────────────────────────────────┐
│ Layer A — Presentation │
│ Tactical Map · Mission Overlays · Threat / BFT · Alerts │
└───────────────────────────┬──────────────────────────────────────┘
│ Plugin APIs / Event Bus
┌───────────────────────────▼──────────────────────────────────────┐
│ Layer B — Mission Engine │
│ Plugin Runtime · Service Orchestration · Policy · Telemetry │
└──────────┬───────────────────────────────────┬───────────────────┘
│ Canonical Entities │ Config / Secrets
┌──────────▼──────────────────┐ ┌────────────▼───────────────────┐
│ Layer C — CAL │ │ Layer D — Evaluation │
│ Adapters · Normalization │ │ Harnesses · DDIL Sim │
│ Validation · Sync/Cache │ │ Red-Team · HITL Review │
└──────────────────────────────┘ └────────────────────────────────┘
┌──────────────────────────────────────────────────────────────────┐
│ Layer E — Infrastructure │
│ Edge Runtime · Containers · Signed Artifacts · Fleet Mgmt │
└──────────────────────────────────────────────────────────────────┘
Layer A — Presentation
Directory: map-app/
Responsible for rendering the common operating picture to aircrew.
| Component | Description |
|---|---|
| Tactical Moving Map | Pan/zoom/rotate map with terrain, airspace, and route layers |
| Mission Overlays | Threat corridors, blue-force tracking, checkpoints, NOTAMs |
| Alert Panel | Decision support for route deviation, airspace infringement |
| Offline Display | Preloaded mission package renderer for DDIL conditions |
Key UX Requirements:
- Low cognitive load optimized for bright cockpit conditions
- Glove-friendly / simplified interaction modes
- Map decluttering under stress conditions
- Contrast-safe, color-safe palettes (WCAG AA minimum)
Technology: React + TypeScript, MapLibre GL JS, CesiumJS (optional 3D terrain), Vite
Layer B — Mission Engine
Directory: engine/
The runtime kernel that all mission applications plug into. This is the core orchestration layer.
| Component | Description | Implementation |
|---|---|---|
| Plugin Runtime | Discovery, registration, lifecycle management, fault isolation | engine/core/runtime.py — PluginRuntime, PluginRegistry, PluginManifest |
| Event Bus | Synchronous message routing with wildcard pattern matching | engine/core/event_bus.py — InProcessEventBus |
| Service Orchestration | Dependency injection and service wiring | Planned Phase 2 |
| Policy Engine | OPA-based authorization and enforcement hooks | engine/policy/ |
| State Synchronization | Session state, conflict resolution | Planned Phase 2 |
| Telemetry Pipeline | OpenTelemetry traces, Prometheus metrics, structured logs | engine/telemetry/ |
ARES-E Integration (engine/ares_e/)
The engine integrates with DaScient ARES-E via:
HITLGate— Human-in-the-loop review gate for AI recommendations with consequence-level categorization (low/medium/high/critical)HarnessHooks— Engine lifecycle hooks for deterministic evaluation with event replay capabilityHITLDecisionenum — APPROVED, REJECTED, EXPIRED states
Energy Integration (engine/energy/)
The engine integrates with DaScient Energy via:
EnergyClient— Fetches energy state from DaScient Energy API or platform-native sources (Linux/sys/class/power_supply)ModeController— Evaluates battery/thermal state and transitions between PERFORMANCE, BALANCED, LOW_POWER, and EMERGENCY modesEnergyState— Tracks battery SOC, power source, thermal state, CPU temperature
Layer C — Data Integration / CAL
Directories: cal/ · adapters/
The Critical Abstraction Layer (CAL) normalizes all operational data sources into a stable canonical model.
| Component | Description |
|---|---|
| Protocol Adapters | CoT, KML, GeoJSON, NOTAM, UDL translators with BaseAdapter contract |
| Normalization Pipelines | Heterogeneous-to-canonical translation with provenance chains |
| Validation | Schema enforcement, confidence scoring, timeliness tagging |
| Sync/Cache | Local-first cache, delta sync, TTL-based eviction, conflict resolution |
Adapter Registry
| Adapter | Format(s) | Status | Key Logic |
|---|---|---|---|
CoTAdapter |
cot, cot-xml |
✅ Active | XML parse → type mapping (a-f/a-h/a-n/a-u) → Track entity |
SampleGeoJSONAdapter |
geojson |
✅ Active | FeatureCollection → Point features → Track with completeness scoring |
KMLAdapter |
kml |
🔄 Phase 2 | KML 2.3 Placemarks → Track; Polygons → Airspace/Threat zones |
NOTAMAdapter |
notam, notam-plain, notam-aixm |
🔄 Phase 2 | ICAO NOTAM text + AIXM 5.1 XML → affected area geometry |
UDLAdapter |
udl, udl-json |
🔄 Phase 2 | Unified Data Library REST/JSON → canonical entities |
Layer D — Evaluation and Assurance
Directory: evaluation/
Continuous validation inspired by ARES-E methodology across 10 evaluation dimensions.
| Component | Description | Implementation |
|---|---|---|
| Adapter Harness | Standard compliance testing for BaseAdapter implementations |
evaluation/harnesses/adapter_harness.py |
| Engine Harness | Plugin lifecycle, event dispatch, fault isolation testing | evaluation/harnesses/engine_harness.py |
| DDIL Simulation | Network impairment profiles from full → offline | evaluation/ddil/test_ddil_scenarios.py |
| Red-Team Tests | Malformed inputs, out-of-bounds coordinates, protocol abuse | evaluation/red-team/test_malformed_inputs.py |
| HITL Review | Review gates for AI-generated recommendations | engine/ares_e/hitl.py |
| Scenario Replay | Record-and-replay operational scenarios | evaluation/scenarios/ |
Layer E — Infrastructure
Directory: ops/
Secure, reproducible deployment substrate for edge and cloud environments.
| Component | Description | Implementation |
|---|---|---|
| Container Builds | Docker images with signed manifests and health checks | ops/docker/Dockerfile.engine, Dockerfile.cal |
| Docker Compose | Multi-service dev environment (Engine, CAL, Map, Prometheus, Grafana) | ops/docker/docker-compose.dev.yaml |
| Kubernetes/K3s | Edge-capable orchestration manifests | ops/k8s/ |
| CI/CD Pipelines | GitHub Actions with Python 3.11/3.12 matrix, linting, testing | ops/ci/ci.yaml |
| IaC | OpenTofu modules for cloud and edge provisioning | ops/terraform/ |
| SBOM | CycloneDX/Syft SBOM generation scripts | ops/sbom/ |
Cross-Cutting Concerns
Security
- Zero-trust networking between services
- SPIFFE/SPIRE workload identity
- Artifact signing with Sigstore/Cosign
- Secrets via OpenBao/Vault-compatible workflows
- OPA-based authorization at every API boundary
Observability
- Distributed tracing with OpenTelemetry
- Metrics with Prometheus / Grafana dashboards
- Structured logging with Loki
- Health and readiness endpoints on all services
DDIL Resilience
- Local-first data cache with TTL and eviction policies
- Offline mission package loader with signed manifests
- Graceful degradation when upstream services are unavailable
- Delta sync for link recovery scenarios
Energy Awareness
- Compute budget tracking per plugin
- Adaptive model selection based on battery/thermal state
- Mode transitions: PERFORMANCE → BALANCED → LOW_POWER → EMERGENCY
- Platform-native battery sensing with DaScient Energy API fallback
Data Flow
External Sources (CoT, KML, NOTAM, UDL …)
│
▼
[Protocol Adapters] ←── adapters/
│
▼
[Normalization Pipeline] ←── cal/normalization/
│ (Canonical Entities + Provenance Tags)
▼
[CAL Event Stream / Local Cache] ←── cal/sync/
│
▼
[Mission Engine Event Bus] ←── engine/core/
│
┌─────┴────────────────────┐
▼ ▼
[Moving Map Plugin] [Other Mission App Plugins]
map-app/ sdk/templates/
Raw data enters via protocol-specific adapters, is normalized into canonical entities with full provenance chains, cached locally for DDIL resilience, and routed through the engine’s event bus to plugins that render the common operating picture.