Network Management Research Group R. Brown Internet-Draft April Labs Intended status: Informational June 2026 Expires: 6 December 2026 Constrained Manifold Inference Engine (CMIE): A Research Problem for Deterministic AI-Network Resilience draft-april-cmie-research-problem-00 Abstract This document identifies a gap in current AI-native network architectures: the absence of a real-time, hardware-accelerated validation function that checks AI-generated intents against physical causality constraints, including Transmission Time Interval (TTI) bounds, thermal limits, and topological admissibility. We propose the Constrained Manifold Inference Engine (CMIE) as a candidate architectural function and outline research challenges for its implementation on edge Neural Processing Units (NPUs). This work is motivated by the International Telecommunication Union - Telecommunication Standardization Sector (ITU-T) Focus Group on AI Native for Telecommunication Networks (FG-AINN) Gap Analysis (FG- AINN-O-024) and the related liaison statements between FG-AINN and the IETF Operations and Management Area Working Group (OPSAWG). Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 6 December 2026. Copyright Notice Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved. Brown Expires 6 December 2026 [Page 1] Internet-Draft CMIE Research Problem June 2026 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 4 2.1. Gap in Existing Network Architectures . . . . . . . . . . 4 2.2. Motivating Scenarios . . . . . . . . . . . . . . . . . . 4 3. Proposed Architectural Function: CMIE . . . . . . . . . . . . 5 3.1. Input State Spaces . . . . . . . . . . . . . . . . . . . 5 3.2. Core Inference Operation . . . . . . . . . . . . . . . . 5 3.3. Output: Recursive Topological Consistency (RTC) . . . . . 6 4. Research Challenges . . . . . . . . . . . . . . . . . . . . . 6 4.1. Real-Time Constraint Solving on Edge NPUs . . . . . . . . 6 4.2. Telemetry Extraction in Degraded States . . . . . . . . . 6 4.3. Multi-Agent Conflict Resolution . . . . . . . . . . . . . 7 5. Relationship to Existing IETF Work . . . . . . . . . . . . . 7 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 6.1. Security Benefits . . . . . . . . . . . . . . . . . . . . 7 6.2. Threats and Open Problems . . . . . . . . . . . . . . . . 8 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 8.1. Normative References . . . . . . . . . . . . . . . . . . 9 8.2. Informative References . . . . . . . . . . . . . . . . . 9 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9 1. Introduction The increasing deployment of autonomous AI agents in telecommunications networks has created a class of operational risk that existing architectures are not equipped to handle. When an AI orchestrator generates a network reconfiguration intent, there is currently no standardized, pre-execution mechanism to verify that the proposed action is consistent with the physical constraints of the underlying hardware and transmission medium. This gap can result in catastrophic cascading failures, as documented in [ITU-UNDRR]. This document articulates the research problem and proposes the Constrained Manifold Inference Engine (CMIE) as a logical network function to address it. The CMIE is intended to sit between AI orchestrators and physical network controllers, providing a hardware- anchored admissibility check before any intent is executed. Brown Expires 6 December 2026 [Page 2] Internet-Draft CMIE Research Problem June 2026 The scope of this document is limited to identifying the research gap, describing the proposed architectural function at a high level, and enumerating the key research challenges that must be addressed before practical deployment is feasible. It does not propose new protocols or IANA registrations. The rest of this document is organized as follows. Section 2 describes the gap in existing architectures and motivating scenarios. Section 3 defines the proposed CMIE function and its inputs and outputs. Section 4 enumerates the research challenges. Section 5 situates the work relative to existing IETF activities. Section 6 addresses security and trust considerations. 1.1. Terminology The following terms are used in this document: AI-native network: A network architecture in which autonomous AI agents have operational authority to reconfigure network resources in real time without mandatory human approval for each action. Intent: A goal-oriented directive issued by an AI orchestrator describing a desired network state or configuration change, expressed in a machine-readable schema (e.g., YANG models or an intent description language). Post-Threshold Telemetry State (PTTS): A formalized network link condition wherein primary communication objectives are suspended due to performance degradation, but the link is actively repurposed by the network to extract and utilize residual physical measurements (e.g., pilot drift, timing displacement) as a primary distributed environmental sensing resource. Deterministic Physical Degradation State (DPDS):A mathematically predictable, environment-specific profile of channel attenuation, phase-shift, and polarization changes, serving as a continuous, hardware-rooted authentication and sensing metric independent of stochastic error rates (e.g., traditional SNR or QBER thresholds). Admissible manifold: The subspace of possible network configurations that simultaneously satisfy all active physical constraints (TTI, thermal, topological, and latency). Recursive Topological Consistency (RTC): A network control paradigm wherein global physical manifold admissibility constraints are continuously projected downward to govern local routing, beamforming, and error-correction decisions, ensuring that distributed optimizations do not violate the global stability of the network topology. Constrained Manifold Inference Engine (CMIE): An AI-native network function or validation layer that evaluates stochastic AI/ML outputs, sensor fusion data, or intent translations against hard causal limits (e.g., latency, Transmission Time Interval [TTI], and Doppler bounds) and discrete spatial priors, systematically pruning and rejecting physically impossible network states prior to execution. Unified Coordination State Vector (UCSV): The output artifact of the Brown Expires 6 December 2026 [Page 3] Internet-Draft CMIE Research Problem June 2026 RTC process: a structured representation of the current feasibility boundaries, consumable by orchestrators, controllers, and audit systems. 2. Problem Statement 2.1. Gap in Existing Network Architectures Modern AI-native networks (e.g., those under study in ITU-T SG13/FG- AINN and 3GPP SA5) rely on autonomous agents to reconfigure network resources in real time. However, current architectures lack a standardized mechanism to validate whether an AI-generated intent (e.g., a traffic rerouting decision) respects fundamental physical causality, including: * Transmission Time Interval (TTI) bounds, * thermal degradation limits of radio and backhaul links, * topological admissibility under partial failure, and * latency budgets for closed-loop control. The ITU-T FG-AINN Gap Analysis [FG-AINN-O-024] identifies this as multiple related gaps: GS14 (absence of a unified architecture), G8-1 (lack of traceability for AI decisions), and G9 (undefined accountability framework). The analysis concludes that no existing standard from IETF, 3GPP, or ETSI defines a pre-execution validation function that bridges the gap between stochastic AI inference and deterministic physical constraints. 2.2. Motivating Scenarios Consider a compound stress event (e.g., an extreme heatwave coinciding with peak grid load). As links cross their nominal performance thresholds: * An AI orchestrator, optimizing for Quality of Service (QoS), may generate an intent to reroute critical traffic through a thermally degraded path. * Without a validation layer, the network would attempt to execute this intent, causing a cascading collapse (the "invisible failure" described in [ITU-UNDRR]). * Post-failure logs cannot recover the lost services; the damage is already done. Brown Expires 6 December 2026 [Page 4] Internet-Draft CMIE Research Problem June 2026 What is missing is a real-time, hardware-anchored function that can reject infeasible intents before they reach the physical network controllers, while simultaneously providing an auditable trace of why a particular intent was denied. 3. Proposed Architectural Function: CMIE This document proposes the Constrained Manifold Inference Engine (CMIE) as a logical network function that addresses the above gap. The CMIE is designed to be deployed on edge Neural Processing Units (NPUs) to meet sub-10ms latency requirements. 3.1. Input State Spaces The CMIE consumes three classes of input state: (1) Deterministic Physical Degradation State (DPDS) Extracted from post-threshold telemetry (e.g., phase drift, attenuation profiles) when links enter a Post-Threshold Telemetry State (PTTS). This provides a deterministic, hardware-rooted ground truth of physical limits. (2) Network Topology and TTI State Real-time constraints from RAN, backhaul, and core network, including synchronization bounds and remaining time budgets for closed-loop actions. (3) AI Intent and Policy State Proposals generated by autonomous orchestrators (e.g., Non-RT RIC, intent-based networking controllers), expressed in a common schema (e.g., YANG models or an intent description language). 3.2. Core Inference Operation The CMIE evaluates the AI intent against the physical state using a hybrid discrete-continuous constraint solver. The solver determines whether the proposed configuration lies within the admissible manifold defined by: * TTI synchronization windows, * thermal safety margins, * topological connectivity constraints, and Brown Expires 6 December 2026 [Page 5] Internet-Draft CMIE Research Problem June 2026 * maximum allowable latency for critical services. If the intent is admissible, the CMIE issues a signed Admissibility Certificate to the network controllers. If the intent violates any constraint, the CMIE rejects the proposal and triggers a deterministic fallback (e.g., a pre-validated degraded-mode service profile). 3.3. Output: Recursive Topological Consistency (RTC) Upon rejection or modification, the CMIE projects the physical constraints downward to all local AI agents. This process, called Recursive Topological Consistency (RTC), ensures that every agent operates with a globally consistent view of what is physically feasible. The output is a Unified Coordination State Vector (UCSV) that can be consumed by orchestrators, controllers, and audit systems. 4. Research Challenges The following research challenges must be addressed to enable practical CMIE deployment. 4.1. Real-Time Constraint Solving on Edge NPUs Formulating physical causality into a mathematical structure that can be solved within sub-10ms TTI bounds is non-trivial. Initial experiments suggest that mixed-precision integer inference, implemented on NPU architectures (e.g., those optimized for graph- based constraint solving), is a promising direction. Research is needed on: * efficient encoding of TTI and thermal constraints as differentiable or linearizable forms, * hardware-aware solver design for edge NPUs, and * trade-offs between solver accuracy and latency. 4.2. Telemetry Extraction in Degraded States The PTTS concept requires extracting Deterministic Physical Degradation Signatures from highly attenuated or noisy pilot signals. This may require new physical-layer signal processing techniques that operate without full demodulation. Brown Expires 6 December 2026 [Page 6] Internet-Draft CMIE Research Problem June 2026 4.3. Multi-Agent Conflict Resolution When a CMIE rejects an intent, local AI agents may resist the imposed constraints (e.g., by repeatedly submitting similar infeasible proposals). Research is needed on: * stable coordination protocols between the CMIE and multiple agents, * escalation and human-in-the-loop procedures for deadlock situations, and * distributed CMIE instances that maintain global consistency across domains. 5. Relationship to Existing IETF Work The CMIE concept complements and extends several IETF activities: * IETF NMRG (Network Management Research Group): provides a natural home for the research challenges identified above. * IETF ANIMA (Autonomic Networking Integrated Model and Approach): the CMIE could serve as a validation layer for autonomic functions described in ANIMA. * IETF OPSAWG (Operations and Management Area Working Group): a liaison from ITU-T FG-AINN [IETF-LS] (May 2026) already invites collaboration on AI-native network operations. This document does not propose protocol changes; it identifies a research gap that, if filled, could inform future protocol work (e.g., extensions to YANG models, new RPCs for intent validation). 6. Security Considerations The CMIE is designed to improve the security and resilience of AI- native networks. However, as a new architectural function interposed between AI orchestrators and physical network controllers, it also introduces a set of security considerations that must be addressed before deployment. 6.1. Security Benefits The CMIE provides several security and trust properties: Brown Expires 6 December 2026 [Page 7] Internet-Draft CMIE Research Problem June 2026 * It prevents hallucinated or adversarially manipulated reconfigurations from reaching the physical network, reducing the attack surface for AI-layer exploits. * It provides an auditable trail of rejected intents, including the specific physical constraints that caused each rejection, directly addressing the accountability gaps (G9) identified in [FG-AINN-O-024]. * When implemented on trusted execution environments or NPUs with attestation capabilities, the CMIE can provide hardware-rooted trust for the constraint evaluation function. 6.2. Threats and Open Problems The following threat categories are identified as requiring attention in future specifications based on this research problem statement: Telemetry integrity attacks: An adversary with access to physical- layer measurement systems could forge or manipulate the Physical Degradation State (DPDS) data fed to the CMIE. If the CMIE is presented with falsified telemetry indicating that a degraded path is healthy, it may issue an Admissibility Certificate for an infeasible configuration. Mitigations (e.g., cryptographic attestation of telemetry, anomaly detection on DPDS streams) are out of scope for this document and must be addressed in future work. Constraint solver poisoning: If the CMIE's constraint definitions or policy state are updatable at runtime, an adversary could modify them to either over-restrict feasible intents (denial of service) or under-restrict infeasible ones (bypass). The integrity and provenance of constraint definitions must be protected, for example through signed policy updates and a change-control process. Denial of service via solver exhaustion: An adversary controlling one or more AI agents could submit a high volume of complex, near- boundary intents, exhausting the CMIE's computational budget and delaying or blocking the evaluation of legitimate intents. Rate limiting and computational quotas per agent are candidate mitigations. Multi-agent coordination attacks: As described in Section 4, local Brown Expires 6 December 2026 [Page 8] Internet-Draft CMIE Research Problem June 2026 agents may repeatedly resubmit rejected intents. In an adversarial context, colluding agents could use this behavior to probe the constraint space and infer sensitive information about the physical state of the network. Escalation and human-in-the- loop procedures should be designed with this threat in mind. Admissibility Certificate forgery: If the signed certificates issued by the CMIE are not properly validated by downstream controllers, an adversary could present a forged certificate to bypass the validation function entirely. Future protocol work should define the certificate format, signing algorithm, and validation procedures. Detailed treatment of these threats, including threat modeling, attack trees, and mitigation specifications, is out of scope for this research problem statement and must be addressed in subsequent documents. 7. IANA Considerations This document has no IANA actions. 8. References 8.1. Normative References 8.2. Informative References [FG-AINN-O-024] ITU-T Focus Group on AI Native for Telecommunication Networks (FG-AINN), "Standardization Gap Analysis of the FG-AINN", Output Document FG-AINN-O-024, ITU-T, Geneva, May 2026. [IETF-LS] ITU-T Focus Group on AI Native for Telecommunication Networks (FG-AINN), "Liaison Statement to IETF OPSAWG on Completion of FG-AINN Vocabulary Deliverable", Liaison Statement LS-FG-AINN-OPSAWG-2026-05, ITU-T, Geneva, May 2026. [ITU-UNDRR] International Telecommunication Union (ITU) and United Nations Office for Disaster Risk Reduction (UNDRR), and Sciences Po Technology and Global Affairs Innovation Hub, "When Digital Systems Fail: The Hidden Risks of Our Digital World", ITU/UNDRR/Sciences Po Joint Report, Geneva, May 2026, Author's Address Brown Expires 6 December 2026 [Page 9] Internet-Draft CMIE Research Problem June 2026 Ricardo Brown April Labs Hong Kong Email: info@aprillabs.xyz Brown Expires 6 December 2026 [Page 10]