Core Concepts

The platform, visually explained.

Sixteen concepts in sixteen diagrams. No jargon, no walls of theory.

PEKG Hierarchy Lifecycle Workflows Probes Packages SDLC EA → Delivery Traceability Context Injection Tool Config Targets Approval Governance Connectors AI Provenance
Concept · 01

Persisted Enterprise Knowledge Graph.

The asset that compounds. Every Record, every Link, every approved artifact lives here as a versioned, role-owned, lifecycle-stated entity.

  • Versioned with full edit history
  • Typed records and links
  • Provenance-tracked for every AI-generated output
  • Role-owned across Programs → Projects → Teams
  • The longer it runs, the harder it is to deliver without it
Persisted
Enterprise Knowledge Graph
Versioned Typed Provenance Lifecycle Role-owned
Records
Links
Versions
Artifacts
Concept · 02

Programs → Projects → Teams.

A governed hierarchy that makes delivery accountability enforceable. Roles travel with the role, not the person who left.

  • Program owns Projects and a portfolio outcome
  • Project owns Teams and a delivery goal
  • Team owns Services, Records and on-call rota
  • Role-based ownership at every level (Programs roll up automatically)
PROGRAM Digital Modernisation PROJECT Cloud Migration PROJECT Payments v2 PROJECT Data Platform TEAM Platform TEAM Networking TEAM Checkout TEAM Ingestion TEAM Modelling
Concept · 03

Record Lifecycle.

Every record (artifact, decision, policy, design) flows through a state machine. Every transition is versioned, actor-attributed, and timestamped.

  • Draft when authoring begins
  • Review when submitted for approval
  • Approved when guardrails pass
  • Published when live
  • Deprecated when superseded
  • Archived with lineage retained
Draft
Review
Approved
Published
Published
Deprecated
Archived
VersionedEvery state change
Actor traceableCreated · Approved · Archived
TimestampUTC, immutable
ReversibleRoll back to any version
Concept · 04

AI Workflows.

An approved spec triggers a workflow. The workflow reads your tenant graph, applies installed standards, calls an LLM, and writes back a policy-checked artifact.

  • You submit a spec
  • Workflow fetches relevant Records as context
  • LLM generates grounded in real records
  • Policy engine validates against guardrails
  • Record persists with full provenance
You
Spec
Workflow
PEKG
Output
author
invoke
fetch context
records returned
policy-checked artifact
Concept · 05

Discovery Probes.

Read-only scanners that connect to your real systems and emit typed records into your tenant graph. No surveys, no spreadsheets.

  • Read-only by design (never writes to your systems)
  • Vaulted credentials, region-bound
  • Provenance attached to every record
  • Continuous sync keeps the graph fresh
Real Systems
GitHub
AWS / Azure / GCP
Databases
IdPs · Obs stacks
Probe
Read-only scan
Library-first
AI-gated enrichment
Provenance attached
PEKG
Typed Records
Links
Lineage
Lifecycle states
No source writes
No PHI in prompts
Audit-trailed
Continuous sync
Concept · 06

Packages.

Hundreds of pre-built standards, patterns, and reference architectures. Install in 1–2 weeks, customise 10–30% to your org, get governed defaults for the rest.

  • SpecTypes for typed records
  • LinkTypes for typed relationships
  • Workflows wired to your AI generation
  • Records, Roles, Templates included
  • Quarterly updates shipped with every package
A package ships with
SpecTypes
LinkTypes
Records
Workflows
Roles
Templates
EA Foundation
TOGAF · ITIL · Zachman
Landing Zones
AWS · Azure · GCP
DevOps
GitHub Actions · ArgoCD
Security
SOC 2 · ISO · PCI · HIPAA
Data Platforms
Snowflake · Databricks
Industry
FinServ · Health · Retail
Concept · 07

SDLC Lifecycle Alignment.

Arcitopsia overlays the standard delivery lifecycle without replacing it. Every SDLC stage gets a capability that runs on top of your existing tools, with the Persisted Knowledge Graph as the shared substrate.

  • Ideate grounded by probe-mapped real estate
  • Design generated from approved patterns
  • Build scaffolded from one spec
  • Test with generated suites & data patterns
  • Deploy via connector-routed pipelines
  • Operate with live scorecards & SLOs
  • Retire through governed deprecation
Ideate
Design
Build
Test
Deploy
Operate
Retire
Probes & Discovery
AI Design Specs
Spec → Code/IaC
Gen. Test Suites
Pipeline Connectors
SLOs & Scorecards
Lifecycle States
Substrate
Persisted Enterprise Knowledge Graph
Concept · 08

EA → Delivery Streams.

Enterprise Architecture standards cascade down to Delivery Streams as machine-readable artifacts. TOGAF governance layers (L3 through L10) map cleanly to delivery team types, and every layer's standards travel as records into the streams that deliver.

  • EA Strategy sets enterprise principles & portfolio direction
  • EA Standards codified as patterns, SpecTypes & reference architectures
  • Delivery Streams consume the standards at generation time
  • Production reports back; the graph closes the loop
L1–L2
EA Strategy & VisionPrinciples, target architecture
L3–L6
EA Standards & PatternsReference architectures, guardrails
L7–L9
Delivery StreamsApp, Data, Platform, DevOps teams
L10
Production & ObservabilityLive evidence flows back to graph
Concept · 09

End-to-End Traceability.

Every record links to its origin and its descendants. A business requirement traces through architecture, design, code, deployment and operations, all the way to the audit evidence it produces. Single graph query, every level.

  • Forward lineage, from requirement to running service
  • Backward lineage, from an incident to the originating decision
  • Impact analysis answers "what breaks if we change X?"
  • Audit evidence assembled live from the chain
Business Req
Outcome
Architecture
TDS
Design
API Spec
Code
Service
Deploy
Pipeline
Operate
SLO/Logs
Audit
Evidence
Every node is a typed Record in the Persisted Enterprise Knowledge Graph. Links between them are typed (derives-from, implements, deploys-to, evidences) and traversable in either direction.
Impact Analysis
Root-Cause Walk
Audit Pack
Change Risk
Concept · 10

Context Injection — Grounded AI.

The reason AI workflows produce useful outputs and not generic drafts. Before any LLM call, the workflow auto-fetches the relevant slice of your tenant graph and injects it as grounding context. The model sees your reality, not a Stack Overflow average.

  • Auto-fetched context by record type, owner, domain, policy
  • Grounded outputs cite real records, not invented references
  • Provenance attached to every generated artifact
  • Generic vs. grounded, you'll never want generic again
Source
PEKG context
Records Standards Owners Policies
Engine
AI Workflow + LLM
Injection Generation Validation
Generic LLM
"Use a Postgres database with a basic users table. Add JWT auth..." (Hours of editing to fit your reality.)
Grounded by PEKG
"Service follows your existing payments-domain pattern, reuses your auth-svc (Okta + JWT), routes via your standard Kafka topic..." (Ready to ship.)
Concept · 11

Tool Configurations & Hierarchical Overrides.

Connector credentials and settings (AWS account, GitHub PAT, DB endpoint, region, retention policy) live as Tool Configs. Values resolve down a hierarchy from Tenant → Program → Project → Team → Environment. Each level can override values from above.

  • Tenant sets safe defaults for the whole org
  • Program overrides where a portfolio needs different settings
  • Project further narrows the scope
  • Team tunes for the team's reality
  • Environment (dev / staging / prod) applies the most specific values
  • The platform resolves most-specific-wins at every call
Tenant aws-region = "us-east-1" default
Program aws-region = inherits inherit
Project aws-region = "eu-west-1" override
Team aws-region = inherits inherit
Env (prod) aws-region = "eu-west-2" override
Resolved value for a prod probe run
aws-region = "eu-west-2" ✓
Concept · 12

Discovery Targets & Probe Analyzer.

Targets define what to scan (which AWS account, which GitHub org, which database). Tool Configs supply how to reach it (credentials, region, scope). The Probe Analyzer routes each target to the right probe and orchestrates the scan that populates the Persisted Enterprise Knowledge Graph.

  • Targets name & scope the systems to discover (cloud accounts, repos, clusters, databases)
  • Tool Configs resolve the credentials & settings per target
  • Probe Analyzer picks the matching probe and schedules the run
  • Probes emit typed Records covering Infrastructure, Code & Data
  • The PEKG gets fresh records, lineage & provenance on every run
Targets
  • AWS-Prod-123456
  • GitHub org "payments"
  • RDS cluster "core"
  • EKS cluster "platform"
Tool Configs
  • AWS IAM role (read-only)
  • GitHub PAT (scoped)
  • DB metadata user
  • kubeconfig (cluster-reader)
Orchestrator
Discovery Probe Analyzer
Match target type
Resolve config
Schedule scan
Infra Probe
AWS / Azure / GCP
Code Probe
GitHub / GitLab
Data Probe
RDS / Snowflake
Records into
Persisted Enterprise Knowledge Graph
Services Networks Repos Schemas Pipelines Roles
Concept · 13

Approval Lifecycle.

Approvals run as policy-driven flows, not email chains. When an artifact is submitted, the policy engine checks it against guardrails. Compliant changes auto-approve; non-compliant changes route to the right reviewer with the violations highlighted.

  • Submit a Draft record (design, IaC, change, package)
  • Policy engine evaluates against guardrails & standards
  • Auto-approve when all checks pass
  • Route to reviewer when not, with full violation context
  • Three change paths: Standard · Normal · Emergency
  • Every step versioned with actor & timestamp into the audit trail
Draft submitted
Policy Engine · guardrail check
passes
Auto-Approved
violations
Routed to Reviewer
Published & persisted to PEKG
⊕ Audit record written at every step
Standard
Pre-approved, auto-routed. Logged.
Normal
CAB-routed with impact pack auto-attached.
Emergency
Fast-track. Post-approval review.
Concept · 14

Continuous Governance.

Governance lives inside the operating loop, not as an annual audit prep. Four pillars work together against the Persisted Enterprise Knowledge Graph as the source of truth.

  • Policy-as-Code enforces standards at write time
  • Live Scorecards roll up health at every level
  • Audit Evidence on demand assembled live from records
  • Role-Based Ownership across Programs → Projects → Teams
  • SOC 2 · ISO 27001 · GDPR · HIPAA · PCI · SOX evidence generated continuously
Policy-as-Code
Guardrails enforced at write time, not by reviewers afterwards.
Live Scorecards
Team → Project → Program → Portfolio roll-up, live from the graph.
Audit Evidence
Assembled on demand. No quarter-long fire drills.
Role-Based Ownership
Roles travel with the role across Programs → Projects → Teams.
Sample live scorecard
▼ 78%
Approval ▼
▼ 65%
Audit Prep
99.9%
Policy Pass
Live
Evidence
All four pillars read from one source: the Persisted Enterprise Knowledge Graph
Concept · 15

Connectors & Integration Hub.

The bidirectional integration layer that plugs Arcitopsia into your existing toolchain. Workflows push and pull from ITSM, ticketing, observability, identity, cloud, and CI/CD systems, so the platform never becomes another island.

  • Bidirectional: inbound discovery + outbound action
  • Connector packs ship with the platform; partners publish more
  • Categorised by domain (Cloud, IaC, ITSM, Obs, IdP, Docs, Data)
  • Vaulted credentials per Tool Config, scoped per Target
  • Read-only by default; writes only where explicitly granted
Cloud & IaC
AWSAzureGCPTerraformHelm
CI/CD
GitHub ActionsGitLab CIArgoCDJenkins
ITSM & Tickets
ServiceNowJiraBMC Remedy
Observability
DatadogSplunkPrometheusPagerDuty
Identity
OktaAzure ADPingFederate
Docs & Comms
ConfluenceSlackTeamsEraser.io
▼ ▲
Integration Hub
Arcitopsia Connectors
Routed via Tool Configs, scoped by Targets, vaulted by Secret store
Inbound
Discovery, sync, observability signals
Outbound
Actions, deployments, tickets, notifications
Concept · 16

AI Provenance & Trust.

Every AI-generated artifact carries full provenance: the context records used, the LLM invocation, the prompt template, the model version, and the generation timestamp. Provenance is what makes generated outputs auditable and trustworthy in regulated environments.

  • Source records cited inside the artifact (no hallucinated references)
  • LLM invocation tracked: model, prompt template, parameters
  • Generation timestamp and actor recorded
  • Staleness auto-flagged when upstream context changes
  • Replayable: regenerate with the same inputs, get a comparable output
AI-Generated
Technical Design Spec v3
payments-svc · 18 pages · cited 12 records
▼ provenance attached ▼
Provenance Record
context_records12 cited
workflowgenerate-tds.v1.4
llm_modelclaude-opus-4-7
prompt_templatetds-domain.v2
generated_at2026-06-04T09:14Z
actor_rolesolution-architect
stalenessfresh ✓
Audit Pack
Replay & Diff
Regen on Change
Trust Score

Now you've seen how it works.

Run the 5-step Quick Start to spin up your tenant, or book a guided walkthrough on a slice of your real estate.

Start the Quick Start →