# Deterministic Detection Determinism is the Integrity Kernel's core architectural property, not a tuning choice. Given the same input, the kernel produces **bit-identical** output every time — no random seeds, no floating-point indeterminacy, no model weights that shift under retraining. Reproducibility was verified across 899,838+ rows with SHA-256 hashing of outputs. > [!important] Why this is the whole point > In safety-critical [[The OT Intelligence Layer|operational technology]], a detector you cannot reproduce is a detector you cannot defend. Determinism converts a detection event from "the model flagged it" into "anyone re-running this log gets the same result" — the difference between an opinion and [[Frozen Evidence Baseline|evidence]]. Most industrial anomaly detection sits in the top-right quadrant of [[AI Verification]]: high penalty for failure, high opacity. Statistical/ML detectors fail there because their verdicts can't be independently re-derived. The kernel sidesteps this by being a fixed function: [[Detection Rules]] and [[Proven Invariants]] evaluated in a defined order. Determinism is also what makes [[Profile-Based Portability]] honest — the [[Common Trust Core]] is unmodified across domains, so identical logic produces identical behaviour everywhere, and only the per-site profile changes. ## Trade-off Determinism trades adaptiveness for defensibility. The kernel will not "learn" a novel attack on its own — that is by design. Novelty handling lives upstream; the kernel's job is to be the unmovable, auditable arbiter of trust. --- Related: [[Integrity Kernel MOC]] · [[Frozen Evidence Baseline]] · [[Common Trust Core]] · [[AI Verification]] · [[Four-State Trust Machine]]