SafeWave Other / Supplemental High-Consequence Follow-Up Questionnaire

Supplemental high-consequence review for chemical / hazardous materials, defense / battlefield autonomy, government / public-sector, classified / sensitive, safety-critical, space / satellite / orbital infrastructure, child / vulnerable-user, cyber-compromise, and custom high-consequence contexts.

Follow-up questionnaire notice

Complete this page only if you selected Other high-consequence domain or supplemental context at the end of the core SafeWave questionnaire. These answers are used to generate a separate High-Consequence Addendum and do not replace the core assessment.
Confidentiality, Anonymity & Use Notice

We recognize that this follow-up questionnaire may involve confidential, security-sensitive, operationally sensitive, or high-consequence system information. Please do not include classified information, credentials, live vulnerability details, proprietary implementation details, customer data, or other highly sensitive material unless you are authorized to share it for assessment purposes.

You may complete this questionnaire without identifying your company, product, or organization. You may use a generic system label, a generic contact email, or an internal assessment reference instead of a formal company identifier.

The purpose of this questionnaire is to help you gain a deeper understanding of your own system. Simply answering the questions may reveal areas where control boundaries, escalation pathways, runtime limits, auditability, rollback, authorization, or safe-state behavior may need further review.

You do not have to submit this questionnaire to receive value from it. You may use it internally as a self-assessment tool. If you choose to submit it for report generation, the resulting SafeWave report is intended to highlight areas of concern, explain why they matter, and map relevant findings to possible SafeWave substrates or engineering-pack pathways where applicable.

SafeWave’s goal is to help advanced systems remain more bounded, controllable, auditable, recoverable, and resistant to harmful escalation. Some issues may involve outside attackers, but others may arise from the system’s own architecture, automation, permissions, integrations, update pathways, or failure behavior.

Any SafeWave recommendations should be understood as architectural guidance and implementation requirements, not as a claim that one generic solution can be dropped into every system. Engineering teams may choose to implement equivalent controls themselves, or they may use SafeWave substrate mappings and Level 4 Engineering Packs to guide deeper implementation work.

How to use this page: Complete OTH.1 first. Then answer every section that applies to your situation. If several sections are relevant, complete each relevant section; the final addendum will reference all selected contexts together rather than generating a separate report for each section.

You do not need to complete sections that are not relevant. If an implementation detail is not known, select Unknown / not evaluated rather than guessing.

Section index

Use these links to jump to the section or sections that match your OTH.1 selections.

Assessment Linkage

Assessment Linkage

If you want this follow-up to be matched to a previously completed core questionnaire, use the same system label, contact email, or assessment reference ID. You may use generic identifiers if confidentiality is a concern.

To connect this follow-up to a core questionnaire, use the same system label, email, or assessment reference ID across forms. You may use generic identifiers if confidentiality is a concern.

Other / Supplemental High-Consequence Review

Supplemental High-Consequence Questions

Select the supplemental context or contexts that apply, then complete only the relevant sections below.

OTH.1 Which supplemental high-consequence context applies?

Select all that apply.

Multi-select

Supplement A — Chemical / Hazardous Materials Context

Supplement A — Chemical / Hazardous Materials Context

Complete this section only if the system affects chemical synthesis, hazardous materials, toxic substances, explosives, industrial chemistry, material handling, storage, transport, or hazardous manufacturing.

OTH-CHEM.1 Does the system operate in, support, recommend, automate, or influence chemical or hazardous-material workflows?

Single choice

OTH-CHEM.2 Can system outputs affect synthesis planning, material selection, process conditions, storage, transport, disposal, or access to hazardous materials?

Single choice

OTH-CHEM.3 Are hazardous-material actions separated from system recommendations by human authorization, screening, and audit?

Single choice

OTH-CHEM.4 Are misuse, diversion, toxic exposure, explosive risk, environmental release, and unsafe synthesis pathways screened before downstream action?

Single choice

OTH-CHEM.5 Are emergency shutdown, containment, isolation, cleanup, or exposure-response procedures defined and tested?

Single choice

OTH-CHEM.6 Can AI-generated outputs recommend, optimize, or accelerate chemical synthesis pathways, hazardous-material formulations, process conditions, or material combinations that require special review?

Single choice

OTH-CHEM.7 Are AI-generated chemical or hazardous-material outputs screened before they can move into procurement, synthesis, production, storage, transport, or operational use?

Single choice

OTH-CHEM.8 Can the system accelerate movement from chemical design or recommendation into procurement, synthesis, production, scale-up, storage, transport, or hazardous-material handling?

Single choice

OTH-CHEM.9 Are hazardous-material operating boundaries defined for what the system is allowed to recommend, automate, procure, synthesize, combine, transport, or influence?

Examples include prohibited compounds, toxic substances, explosive precursors, regulated materials, unsafe process conditions, restricted suppliers, and excluded use cases.

Single choice

OTH-CHEM.10 Could cyber compromise, vendor compromise, tampered inputs, altered recipes, manipulated process data, or compromised automation cause unsafe chemical or hazardous-material outcomes?

Single choice

Supplement B — Defense / Dual-Use / Battlefield Autonomy Context

Supplement B — Defense / Dual-Use / Battlefield Autonomy Context

Complete this section only if the system supports defense, intelligence, military logistics, surveillance, targeting support, battlefield workflows, drone or counter-drone systems, autonomous weapons, sensor-to-shooter workflows, dual-use research, or systems that could be repurposed for coercive, destructive, or harmful use.

OTH-DEF.1 Does the system operate in, support, or materially influence defense, military, intelligence, or dual-use workflows?

Single choice

OTH-DEF.2 Could the system’s outputs affect targeting, surveillance, threat assessment, force deployment, logistics, weapons-related workflows, or coercive action?

Single choice

OTH-DEF.3 Are rules of engagement, lawful-use boundaries, human command authority, and escalation limits enforced before action occurs?

Single choice

OTH-DEF.4 Could the system be repurposed from defensive, analytical, or logistical use into offensive, coercive, surveillance, or lethal-support use?

Single choice

OTH-DEF.5 Are dual-use risks, adversarial capture, and unauthorized operational expansion independently reviewed?

Single choice

OTH-DEF.6 Can the system identify, classify, prioritize, recommend, or track potential targets, threats, assets, vehicles, drones, personnel, infrastructure, or locations?

Single choice

OTH-DEF.7 Can the system support, automate, or accelerate sensor-to-shooter, drone, counter-drone, missile, cyber-physical, battlefield robotics, or autonomous weapons workflows?

Single choice

OTH-DEF.8 Are human command authority, rules of engagement, lawful-use boundaries, and escalation limits enforced before destructive, coercive, targeting, or force-support actions occur?

Single choice

OTH-DEF.9 Can degraded communications, GPS loss, spoofed sensors, adversarial imagery, poor visibility, data latency, or battlefield confusion cause target misclassification or unsafe action?

Single choice

OTH-DEF.10 Can autonomous or semi-autonomous military workflows continue, retarget, escalate, coordinate, or execute after communications with human command are degraded or lost?

Single choice

OTH-DEF.11 Are friendly-force, civilian, protected-site, medical, humanitarian, surrender, and non-combatant distinction safeguards defined and enforced where relevant?

Single choice

OTH-DEF.12 Can defensive automation, counter-drone action, threat response, or battlefield protection systems unintentionally escalate into offensive, destructive, or cross-domain action?

Single choice

OTH-DEF.13 Are battlefield, targeting, drone, counter-drone, or weapons-support actions logged in a way that allows after-action review, accountability, and reconstruction?

Single choice

OTH-DEF.14 Are autonomous or semi-autonomous battlefield systems tested against adversarial deception, decoys, spoofing, camouflage, electronic warfare, sensor saturation, and rapidly changing field conditions?

Single choice

OTH-DEF.15 Are non-negotiable stop conditions defined where the system must halt, degrade, return control, or refuse action rather than continue?

Examples include unclear target identity, civilian proximity, protected-site uncertainty, loss of command link, sensor conflict, spoofing suspicion, GPS loss, friendly-force uncertainty, or escalation ambiguity.

Single choice

OTH-DEF.16 — Command-to-Execution Separation

Is there a clear enforced separation between system-generated analysis, recommendations, targeting support, or threat prioritization and any destructive, coercive, kinetic, cyber-physical, or force-support action?

Single choice

OTH-DEF.17 — Time-Pressure Escalation Boundary

Can time pressure, degraded communications, adversarial conditions, operational urgency, or automated threat response compress human review before high-consequence military, defense, targeting, or force-support action occurs?

Single choice

Supplement C — Government / Public-Sector Context

Supplement C — Government / Public-Sector Context

Complete this section only if the system affects public administration, citizen services, public benefits, law enforcement support, regulatory decisions, identity systems, immigration, emergency services, civic infrastructure, or government decision-making.

OTH-GOV.1 Does the system operate in, support, or influence government or public-sector decisions?

Single choice

OTH-GOV.2 Could the system affect access to public services, benefits, rights, legal status, enforcement, identity, mobility, or civic participation?

Single choice

OTH-GOV.3 Are affected people able to contest, appeal, correct, or obtain human review of system-influenced decisions?

Single choice

OTH-GOV.4 Are decision records, authority boundaries, overrides, and exception pathways auditable by authorized oversight bodies?

Single choice

OTH-GOV.5 Can emergency powers, administrative shortcuts, or institutional pressure expand system authority without independent review?

Single choice

OTH-GOV.6 Does the system centralize, link, analyze, or provide access to sensitive citizen, resident, patient, student, taxpayer, financial, identity, immigration, policing, benefits, mobility, or behavioral data?

Single choice

OTH-GOV.7 Can AI, analytics, scoring, triage, prediction, classification, or automated decision-support affect access to services, benefits, healthcare, housing, education, mobility, enforcement, legal status, or public resources?

Single choice

OTH-GOV.8 Are data-use boundaries defined so information collected for one public purpose cannot be reused for unrelated enforcement, surveillance, eligibility, risk scoring, commercial, or political purposes without independent authorization?

Single choice

OTH-GOV.9 Are third-party vendors, contractors, cloud providers, administrators, platform operators, and integration partners restricted from broad or unnecessary access to identifiable public-sector data?

Single choice

OTH-GOV.10 Are public-sector data access, model outputs, administrative overrides, eligibility decisions, enforcement recommendations, and exception pathways logged in a tamper-evident and independently reviewable way?

Single choice

OTH-GOV.11 Can emergency powers, public-health crises, security incidents, fraud-prevention claims, fiscal pressure, or operational urgency expand system authority, data access, surveillance scope, or enforcement use without independent review?

Single choice

OTH-GOV.12 Are affected individuals able to know when a system materially influenced a decision, obtain an explanation, correct underlying data, contest the outcome, and reach meaningful human review?

Single choice

OTH-GOV.13 Are safeguards in place to prevent centralized public-sector data or AI systems from enabling inappropriate surveillance, behavioral monitoring, political targeting, social control, discriminatory enforcement, or coercive service access?

Single choice

OTH-GOV.14 Are cross-agency data sharing, identity linkage, public-private integrations, foreign vendor exposure, cloud jurisdiction, or external legal-access risks independently reviewed before deployment or expansion?

Single choice

OTH-GOV.15 Are non-negotiable stop conditions defined where system-influenced public-sector action must halt rather than proceed?

Examples include uncertain identity, contested data, vulnerable-person impact, rights-impacting action, unreviewed data linkage, emergency-scope expansion, unexplained model output, or unauthorized vendor access.

Single choice

OTH-GOV.16 Are hard boundaries defined to prevent system expansion from administrative support into population-level monitoring, behavioral prediction, coercive enforcement, or political targeting?

Single choice

OTH-GOV.17 Are independent public-interest, civil-rights, privacy, clinical, legal, or democratic-oversight bodies able to audit system purpose, data access, model behavior, vendor access, and authority expansion?

Single choice

Supplement D — Classified / Sensitive Context

Supplement D — Classified / Sensitive Context

Complete this section only if the system operates in classified, sensitive, restricted, intelligence, high-security, proprietary, national-security, or compartmented environments.

OTH-CLS.1 Does classification, secrecy, proprietary restriction, or compartmentalization limit normal review, audit, or external verification?

Single choice

OTH-CLS.2 Are logs, decisions, overrides, model behavior, safeguard changes, and authority expansions reviewable by authorized independent oversight personnel?

Single choice

OTH-CLS.3 Are exception pathways, emergency authorities, secrecy-based overrides, or national-security carve-outs logged and independently reviewable?

Single choice

OTH-CLS.4 Are insider-risk controls enforced across operators, administrators, vendors, contractors, and compartmented access groups?

Single choice

OTH-CLS.5 Is there a protected process for reporting safety, misuse, boundary, or control concerns without exposing sensitive information or risking retaliation?

Single choice

Supplement E — Safety-Critical Context

Supplement E — Safety-Critical Context

Complete this section only if failure could produce injury, loss of life, major operational failure, environmental harm, emergency disruption, or severe public-impact consequences.

OTH-SAF.1 Could system failure, misuse, escalation, or degraded behavior produce injury, death, major operational disruption, environmental harm, or public-scale impact?

Single choice

OTH-SAF.2 Is there a documented safety case showing why the system is safe for its intended operating environment?

Single choice

OTH-SAF.3 Are fail-safe, fail-operational, degraded-mode, emergency-stop, or manual-recovery behaviors clearly defined and tested?

Single choice

OTH-SAF.4 Are certification, compliance, inspection, or safety-review requirements identified and integrated into deployment decisions?

Single choice

OTH-SAF.5 Are high-risk updates, configuration changes, model changes, authority expansions, or operational changes blocked until safety controls are revalidated?

Single choice

Supplement F — Space / Satellite / Orbital Infrastructure Context

Supplement F — Space / Satellite / Orbital Infrastructure Context

Complete this section only if the system affects satellites, orbital infrastructure, GPS / positioning systems, satellite communications, earth observation, space-based sensors, orbital compute platforms, AI infrastructure in orbit, ground-station command systems, satellite fleet operations, or other space-linked systems.

OTH-SPACE.1 Does the system operate in, support, monitor, automate, secure, or materially influence space, satellite, or orbital infrastructure?

Single choice

OTH-SPACE.2 Can the system affect satellite command, orbital maneuvering, collision avoidance, positioning, communications, sensor tasking, ground-station operations, or orbital compute workflows?

Single choice

OTH-SPACE.3 Are command pathways between ground systems, satellites, orbital assets, cloud services, AI systems, and operators authenticated, bounded, logged, and independently reviewable?

Single choice

OTH-SPACE.4 Could failure, misuse, cyber compromise, automation error, or degraded data create cascading effects across navigation, communications, finance, emergency response, defense, weather, cloud, or other infrastructure dependencies?

Single choice

OTH-SPACE.5 Are orbital safety, collision-avoidance, debris-risk, fail-safe, safe-mode, deorbit, isolation, or recovery procedures defined and tested?

Single choice

OTH-SPACE.6 Are dual-use, military, intelligence, surveillance, or geopolitical escalation risks independently reviewed before deployment or operational expansion?

Single choice

OTH-SPACE.7 Could orbital compute, space-based AI infrastructure, satellite fleet automation, or ground-station integration increase autonomy, dependency, or cross-system cascade risk?

Single choice

OTH-SPACE.8 Are satellite, orbital, and ground-station updates blocked until command-pathway, collision-avoidance, safe-mode, and dependency-risk controls are revalidated?

Single choice

Supplement G — Child / Vulnerable-User Context

Supplement G — Child / Vulnerable-User Context

Complete this section only if the system interacts with or materially affects children, elderly persons, patients, disabled users, cognitively impaired users, emotionally distressed users, dependent users, isolated users, or users under coercive conditions.

OTH-VUL.1 Which vulnerable-user context applies?

Select all that apply.

Multi-select

OTH-VUL.2 Could the system create excessive trust, emotional dependency, manipulation, coercion, behavioral influence, or reduced user agency?

Single choice

OTH-VUL.3 Are age, capacity, dependency, distress, disability, or coercion-sensitive safeguards defined and enforced?

Single choice

OTH-VUL.4 Is human responsibility clearly preserved when the system affects vulnerable users?

Single choice

OTH-VUL.5 Are escalation pathways defined for abuse, self-harm risk, medical crisis, coercion, exploitation, grooming, neglect, or serious user distress?

Single choice

Supplement H — Other Custom High-Consequence Context

Supplement H — Other Custom High-Consequence Context

Complete this section if the respondent selected a high-consequence context not listed above.

OTH-CUSTOM.1 What other high-consequence domain or context does the system operate in, support, control, influence, or materially affect?

Open response

OTH-CUSTOM.2 What real-world consequences could occur if the system fails, escalates, is misused, or behaves outside intended boundaries?

Select all that apply.

Multi-select

OTH-CUSTOM.3 Are domain-specific boundaries, safeguards, authorization controls, and audit requirements defined?

Single choice

OTH-CUSTOM.4 Are rollback, safe-state, containment, pause, shutdown, or emergency-response mechanisms defined for this domain?

Single choice

OTH-CUSTOM.5 What remains unknown or not evaluated in this custom high-consequence context?

Open response

Cross-Cutting Supplemental Questions

Cross-Cutting Supplemental Questions

Complete these questions after any relevant supplemental sections above. They are used to capture cross-cutting urgency, cyber-compromise exposure, testing, and whether a Cybersecurity / Cyber Operations follow-up may also be needed.

OTH.2 Do any of the supplemental contexts selected above increase the urgency, containment depth, audit requirement, or human authorization burden beyond the core SafeWave report?

Single choice

OTH.3 Could external cyber compromise, hostile account access, credential theft, API abuse, cloud compromise, vendor compromise, telemetry manipulation, command-channel manipulation, or workflow hijacking materially affect any supplemental context selected above?

Examples include unsafe hazardous-material handling, battlefield or targeting misuse, public-sector decision manipulation, classified-system compromise, safety-critical failure, satellite or orbital command disruption, vulnerable-user exploitation, or other high-consequence misuse.

Single choice

OTH.4 Are cyber-compromise scenarios tested against realistic consequences for the selected supplemental context?

Examples include compromised accounts, malicious updates, poisoned inputs, vendor compromise, telemetry manipulation, command spoofing, workflow hijacking, adversarial data, or unauthorized changes to safeguards, boundaries, or authority settings.

Single choice

OTH.5 Should this assessment also include the Cybersecurity / Cyber Operations follow-up questionnaire?

Select “Yes” if cyber compromise, credential abuse, exposed APIs, cloud services, vendor access, telemetry manipulation, command-channel manipulation, workflow hijacking, or adversarial control could materially affect any selected supplemental context.

Single choice

Your completed follow-up will include the linkage fields above so this follow-up can be matched to the core questionnaire if you choose to share it for report generation.