Validation Pipeline
Five validation paths. Anchored by one unit of proof.
Spark-XC sits above existing GPU, workload, facility, grid, and finance systems to validate, authorize, and prove AI power actions. Every governed action travels these five paths and emits a single Power Event Record — answering whether it was approved, safe, auditable, and financially real. Mission Control executes. Spark-XC validates.
Validation Paths
Every path, in detail
Fault Scenarios
What the evidence shows when something goes wrong
SPARK-XC is built so that failures are still provable. Here is how the validation paths respond to representative fault conditions — and what the Power Event Record captures.
Scenario A
Action never reached hardware
A power action is issued, but the GPU never actually changed state. The GPU telemetry path compares pre- and post-action NVML/DCGM snapshots and finds the expected delta is missing — the action did not take effect on real hardware.
Telemetry validation flags the gap. PER records the discrepancy.
Scenario B
Action threatens a running job's SLA
A power action would cut throughput below a job's SLA. The workload / scheduler context path reads job state from Slurm, Kubernetes, or Run:ai and surfaces the impact before the action is proven, so it is interpreted against the work it governs.
Workload context surfaces SLA risk. Captured in the PER.
Scenario C
GPU-reported savings don't reach the meter
GPU counters report a power reduction, but the facility doesn't show it. The facility power correlation path reconciles GPU-side power against DCIM, BMS, PDU/UPS, and utility signals where available — and the rack-level delta does not match.
Facility correlation flags the mismatch. Logged in the PER.
Scenario D
Unauthorized or out-of-scope action
An action arrives that exceeds the caller's authority, rate, or scope — or would induce unsafe oscillation. The policy / approval gates authorize, modify, defer, or block it before it is proven, and the decision itself becomes evidence.
Approval gates block the action. Rejection recorded in the PER.
Scenario E
Tampering with the evidence chain
An adversary attempts to delete or alter a Power Event Record. Because each PER is SHA-256 hash-chained to its predecessor on an append-only chain, the change breaks the chain — the next record's hash no longer matches and the violation is immediately detectable.
Chain integrity violation detected. PER is independently replayable.
Scenario F
A validation source is unavailable
One or more inputs — a facility feed, a scheduler, or a telemetry source — is unreachable when an action is governed. SPARK-XC still emits a Power Event Record, marking which paths were validated and which evidence was unavailable, so the gap is itself part of the proof.
PER records partial validation. Nothing is silently assumed.
Validation Characteristics
Validation path profile
Validation Path
Evidence Source
What It Proves
When Source Is Unavailable
In the PER
1 · GPU Telemetry
Pre/post NVML & DCGM
NVML · DCGM
Hardware-reported power, clocks, util
Took effect
Action reached real hardware
Marked partial
Snapshot gap recorded, not assumed
Telemetry block
Pre/post snapshots committed
2 · Workload Context
Scheduler state
Slurm · K8s · Run:ai
Job & throughput context
SLA-aware
Action interpreted against the work
Marked partial
Context unavailable, flagged
Workload block
Job & throughput context committed
3 · Facility Correlation
Facility & grid signals
DCIM · BMS · PDU/UPS · utility
Rack, room & meter
Physically real
GPU power confirmed downstream
Used where available
Correlation skipped, recorded
Facility block
Correlation result committed
4 · Approval Gates
Authority · rate · scope · oscillation
Policy ruleset
Authorize / modify / defer / block
Authorized
Action was permitted & in scope
Default-deny
Unresolved authority blocks action
Decision block
Authorization decision committed
5 · Evidence Chain
Power Event Record
SHA-256 chain
Append-only, hash-chained
Auditable
Tamper-evident, independently replayable
Always emitted
PER committed even on partial validation
The PER itself
All paths bundled into one record
See the proof
Replay a Power Event Record for yourself
Walk through how a single AI power action is validated across all five paths and committed as one independently replayable Power Event Record. Mission Control executes. Spark-XC validates.