# Fail-Closed Trust Gate The kernel's output is not an alert — it is a **gate**. The [[Four-State Trust Machine|trust state]] decides whether downstream control actions are permitted to execute. When trust cannot be established, the gate closes by default. This is the distinction between **prediction quality** (is the model right?) and **execution validity** (are we allowed to act?). > [!warning] Fail-closed, not fail-open > If the kernel is unsure, the safe default is to deny execution and route toward `SAFE_STATE`. A wrong "allow" in [[The OT Intelligence Layer|operational technology]] can damage equipment or people; a conservative "deny" costs availability. The kernel deliberately optimises for the former. Two conceptual gates: - **Trust Gate** — establishes whether the system state is trustworthy (driven by [[Detection Rules]] + [[Proven Invariants]]). - **Execution Gate** — uses that trust verdict to permit or block action. Because the verdict is [[Deterministic Detection|deterministic]], the gate's decision is auditable after the fact — you can prove *why* execution was blocked. This is the security analogue of [[Renacore/Security and Zero Trust|zero-trust]]: nothing is trusted implicitly; trust is continuously re-earned from evidence. --- Related: [[Integrity Kernel MOC]] · [[Four-State Trust Machine]] · [[Deterministic Detection]] · [[Renacore/Security and Zero Trust]] · [[Deployment Path]]