SUMMIT.OS // TERMINAL

THE PLATFORM

THREE ROLES.
ONE UNIFIED PICTURE.

Summit.OS ships three purpose-built operator views. Each scoped precisely to its role — no feature sprawl, no context switching. One shared world model underneath all of them.

ROLE-01

OPS

Full-screen situational awareness for the field operator. Real-time entity stream, alert queue, geofencing, mission launch, and live feeds — all from a single map view.

Real-time map with <1s entity updates
Alert → investigate → dispatch in <3s
Geofence draw and active enforcement
Mission builder with NLP command input
HALT / RTB / camera override controls

ROLE-02

COMMAND

Three-column command and control for coordinators and incident commanders. Situation feed, sector map, and resource status in a single glance. One-click handoff brief generation.

Live situation feed with severity tiers
Sector map with full entity overlay
Resource availability across all assets
Handoff brief generator
Multi-agency coordination support

ROLE-03

DEV

Integration and diagnostics tooling for engineers connecting hardware or debugging live data flows. Adapter registry, message inspector, schema validator, and inference dashboard.

Adapter registry with live health status
Real-time message inspector
Schema validation against entity spec
Inference dashboard and model metrics
Entity explorer with full field view

USE CASES

BUILT FOR THE
MISSIONS THAT MATTER.

Designed for environments where autonomous systems need coordination and humans need to stay in control. Civilian-first. Mission-proven architecture.

CASE-01 // WILDFIRE OPS

WILDFIRE RESPONSE

Track air tankers, ground crews, and recon UAVs in a unified picture. AI-scored risk zones update as fire behavior evolves. Auto-dispatch retardant runs against confirmed spread vectors. Every asset on one screen.

CASE-02 // SAR

SEARCH & RESCUE

Multi-domain entity fusion across aerial and ground assets. Sector coverage tracking with gap detection. Survivor detection events queued for immediate dispatch. No part of the search grid goes unaccounted for.

CASE-03 // COMMERCIAL

UAV FLEET OPS

Fleet-wide telemetry for commercial drone operations at scale. Battery, link quality, and mission status across every asset simultaneously. Deconfliction alerts before proximity violations occur.

CASE-04 // DISASTER

DISASTER RESPONSE

Multi-agency coordination when the stakes are highest. Real-time resource status across organizations. Handoff brief generation for shift changes. A common operating picture for everyone in the room.

SYSTEM MANIFEST

FULL STACK.
ZERO DEPENDENCIES.

SYS-001 // INTELLIGENCE

SENSOR FUSION

Kalman EKF multi-source fusion pipeline. Ingests ADS-B, AIS, satellite, MQTT, and custom adapters into a unified world model.

SYS-002 // AI CORE

AI DISPATCH

ONNX-native inference. Mission classifier and risk scorer. Tiered autonomous escalation with human-in-the-loop approval gates.

SYS-003 // DATA LAYER

REAL-TIME FABRIC

WebSocket entity streaming, MQTT pub/sub, Redis world state. Sub-second entity updates across all connected operators.

SYS-004 // COMMAND

MISSION TASKING

Full mission state machine. Multi-tier autonomous response, asset dispatch, drone coordination, and intervention tracking.

SYS-005 // INTERFACE

OPERATOR CONSOLE

Three role-optimized views: OPS (full-screen map), COMMAND (3-column situational), DEV (adapter registry and schema tooling).

SYS-006 // INTEGRATION

ADAPTER SDK

First-class adapter framework. OpenSky ADS-B, AIS maritime, CelesTrak satellites built in. Extend with any sensor or protocol.

SYSTEM READINESS

SENSOR FUSION

95%

AI DISPATCH

88%

DATA FABRIC

97%

MISSION TASKING

91%

OPERATOR UI

85%

ARCHITECTURE

COMPOSABLE.
INDEPENDENTLY DEPLOYABLE.

API GATEWAY

:8000

ONLINE

FABRIC

:8001

ONLINE

FUSION

:8002

ONLINE

INTELLIGENCE

:8003

ONLINE

TASKING

:8004

ONLINE

INFERENCE

:8006

ONLINE

SUMMIT.OS // QUICKSTART

# Clone the platform
$ git clone https://github.com/BigMT-Ai/Summit.OS
$ cd Summit.OS

# Configure environment
$ cp .env.example .env

# Launch all systems
$ make dev

✓ Console      → http://localhost:3002
✓ API Gateway  → http://localhost:8000
✓ Grafana      → http://localhost:3001
✓ Prometheus   → http://localhost:9090

DATA PIPELINE

FROM RAW SENSOR
TO HUMAN DECISION.

Every event in Summit.OS follows the same path: raw signal in, fused world model out, AI scoring, mission creation, operator action. Here's what happens at each stage.

01

INGESTION // ADAPTERS

SENSOR DATA ARRIVES

Aircraft positions stream in via OpenSky ADS-B. Vessel locations arrive over AIS. Satellites propagate from TLE data. Your custom sensors publish over MQTT or HTTP. All of it hits the same adapter interface — Summit.OS doesn't care what the source is.

02

FUSION // WORLD MODEL

ENTITIES ARE FUSED

The Fusion service runs a Kalman Extended Kalman Filter over all incoming signals. Multiple reports of the same object are merged. Positions are interpolated between updates. The result is a clean, unified world model — one record per real-world entity, updated in real time and broadcast over WebSocket to every connected operator.

03

INFERENCE // AI CORE

AI SCORES EVERY ENTITY

The Intelligence service runs ONNX inference on the live world model. A mission classifier scores each entity against trained threat patterns. A risk scorer assigns severity tiers (LOW / MEDIUM / HIGH / CRITICAL). This happens continuously, not just on arrival — an entity's score changes as its behavior evolves. No LLM required; the ONNX models run locally on CPU.

04

TASKING // MISSION ENGINE

MISSIONS ARE CREATED

High-severity scores trigger the Tasking service, which creates a mission in the state machine (PENDING → ACTIVE → COMPLETE). Depending on risk tier, missions are either auto-dispatched or held for human approval. Asset assignments, drone coordination, and intervention tracking all live here. Every state change is logged with a timestamp and the operator or automated system that triggered it.

05

OPERATOR // CONSOLE

OPERATOR SEES AND ACTS

The operator console receives the live world model over WebSocket. Alerts land in the queue. The operator investigates — the map flies to the entity, a detail panel slides in. They review the AI assessment and tap DISPATCH. The mission is confirmed, assets are tasked, and the incident moves to resolution. The full loop, start to finish, is designed to take under 3 seconds of operator time for a known entity type.

OPERATOR WORKFLOW

ALERT IN.
DECISION OUT.

This is what it looks like in practice. An anomaly is detected. What happens next.

T+00:00 // DETECTION

ANOMALY DETECTED

A sensor reports an entity behaving outside normal parameters. The fusion pipeline merges corroborating signals. The AI classifier flags it. An alert is created with severity, a description, and a link to the source entity.

AUTOMATED

T+00:01 // ALERT QUEUE

ALERT APPEARS IN QUEUE

The alert lands in the operator's queue, color-coded by severity. On high or critical alerts, the entity pulses on the map automatically. The operator sees the alert description without needing to find the entity manually.

OPERATOR NOTIFIED

T+00:03 // INVESTIGATION

OPERATOR INVESTIGATES

The operator clicks INVESTIGATE. The map flies to the entity in 800ms. The entity detail panel slides in from the right — showing position, velocity, type, history, and the AI's risk assessment. All the context needed to make a decision is in one place, no tab-switching required.

< 3 SECONDS OPERATOR TIME

T+00:05 // DISPATCH

OPERATOR DISPATCHES

The operator reviews the AI assessment and taps DISPATCH. A mission is created, assets are assigned, and the state machine moves to ACTIVE. The panel closes. The operator is back in the queue in under 10 seconds total, incident owned.

MISSION CREATED

T+ongoing // TRACKING

MISSION TRACKED TO CLOSE

The mission lives in the COMMAND view alongside every other active incident. Asset status, intervention records, and timeline are updated in real time. When the incident resolves, the operator marks it complete. Every action is timestamped in the append-only audit log.

FULL AUDIT TRAIL

ACCESS CONTROL

WHO GETS IN.
HOW THEY PROVE IT.

Summit.OS ships with auth off by default so you can run it locally without setting up an identity provider. Flip the flags and every endpoint is locked down.

[DEV]

DEV MODE

DEFAULT // LOCAL ONLY

No auth required. Run docker compose up and every endpoint is open. Designed for local development and demos. Never run this on a public network — the API will warn you at startup if security flags are off.

[OIDC]

SSO / OIDC

PRODUCTION // SET OIDC_ENFORCE=TRUE

Plug in any OIDC-compatible provider: Keycloak (self-hosted, free), Auth0, Okta, Google Workspace, GitHub. The API gateway validates JWT tokens on every request. Users log in through your provider — Summit.OS never sees their password.

[MFA]

TOTP / AUTHENTICATOR

OPTIONAL // SOFTWARE-BASED

Standard 6-digit one-time codes. Works with any TOTP app: Google Authenticator, Authy, 1Password, Bitwarden. TOTP secrets are encrypted at rest with AES-256-GCM before being stored. Backup codes are hashed with Argon2id.

[KEY]

HARDWARE KEY

HIGHEST SECURITY // YUBIKEY + FIDO2

Physical USB/NFC security keys. Two modes: FIDO2 (tap to sign — no code to type, phishing impossible), and Yubico OTP (press button, 44-char one-time code validated against YubiCloud). All YubiKey 5 Series, Bio, and FIPS variants are supported.

[RBAC]

ROLE-BASED ACCESS

OPTIONAL // SET RBAC_ENFORCE=TRUE

Roles come from JWT claims. Built-in: OPERATOR (read + dispatch), COMMANDER (read + approve), ANALYST (read-only), ADMIN (full access), SUPER_ADMIN (Enterprise only — org management). Set RBAC_ENFORCE=true to reject requests with missing or insufficient role claims.

[API]

API KEYS

SERVICE ACCOUNTS // SET API_KEY_ENFORCE=TRUE

For machine-to-machine integrations. Scoped keys with expiry and rotation support. Each key is associated with a role so it inherits RBAC rules. API keys are hashed before storage — if the database is compromised, raw keys are not exposed.

PRODUCTION AUTH FLOW

AUTH SEQUENCE // OIDC + YUBIKEY

# Step 1 — User navigates to console
# Console redirects to OIDC provider (Keycloak / Auth0 / etc)
→ GET /auth/callback?code=[authorization_code]

# Step 2 — Gateway validates JWT
→ POST /auth/token  200 OK  { roles: ["OPERATOR"], mfa_required: true }

# Step 3 — MFA challenge (if enrolled)
→ POST /auth/mfa/webauthn/authenticate/begin
# Browser prompts: "Touch your security key"
→ POST /auth/mfa/webauthn/authenticate/complete  200 OK

# Step 4 — Full session issued
✓ Session JWT issued  →  valid 8h  →  RBAC enforced on every request
✓ Audit log entry created: AUTH_LOGIN // user@domain.com // ip: x.x.x.x

SECURITY POSTURE

SOC2 CONTROLS
IMPLEMENTED.

Every technical control required for SOC2 compliance is built in — Argon2id, AES-256-GCM field encryption, append-only audit logs, TLS, RBAC, geoblock. Off by default for local dev; flip the env flags and it's a hardened production deployment. Summit.OS is built to pass a SOC2 audit — not a shortcut around one.

ACTIVE

ARGON2ID PASSWORDS

OWASP 2024 recommended parameters (64MB memory, t=3). The hardest standard algorithm to brute-force if your database is ever stolen.

ACTIVE

AES-256-GCM FIELD ENCRYPTION

PII fields are encrypted at the application layer before hitting the database. A stolen database dump is unreadable without the encryption key.

ACTIVE

APPEND-ONLY AUDIT LOG

Every API call is logged with user, IP, path, and latency. Logs are batched to S3 for tamper-proof retention. Configurable 90-day pruning on the DB copy.

ACTIVE

POSTGRES TLS

All database connections require TLS (sslmode=require). Self-signed certs are generated at setup. Swap for CA-signed in production.

ACTIVE

GEOBLOCK // 7 COUNTRIES

Hard blocks on KP, CN, RU, IR, AF, IL, BY at the API gateway. MaxMind GeoLite2 database refreshes automatically every 24 hours. Returns HTTP 451.

ACTIVE

RATE LIMITING

Per-IP rate limits on all public endpoints via slowapi. Auth endpoints are separately limited (5/min for TOTP, 5/min for WebAuthn auth).

ACTIVE

TRIVY SECURITY SCANNING

Every push to GitHub triggers CVE scans on all Docker images and Python dependencies. Secret detection runs across the full commit history.

ACTIVE

mTLS + TRAEFIK

Optional mTLS proxy for service-to-service encryption. Traefik handles HTTPS termination with automatic Let's Encrypt certs for public deployments.

ACTIVE

SECRETS VAULT CHAIN

Priority chain: Infisical → HashiCorp Vault → env vars. Swap backends at deploy time without code changes. No secrets ever need to live on disk in production.

HARDWARE INTEGRATION

CONNECT
ANYTHING.

Summit.OS doesn't care what your hardware is. Drone, robot, CCTV camera, weather station, Modbus PLC, AIS transponder — if it produces data, it can talk to Summit.OS. Built-in adapters handle the most common sources. For everything else, the SDK is 10 lines of Python.

SUPPORTED PROTOCOLS

MAVLINK

DJI, ArduPilot, PX4, any autopilot. Full telemetry + command.

RTSP / ONVIF

IP cameras, CCTV, PTZ. Discovery + stream registration.

MODBUS

Industrial PLCs, sensors, RTUs over TCP or serial.

OPC-UA

Factory automation, SCADA, industrial IoT.

ROS2

Ground robots, robotic arms, autonomous ground vehicles.

ADS-B

Live aircraft via OpenSky. Or plug in a local SDR receiver.

AIS

Maritime vessel positions. Simulation built-in, or connect AISHub.

CoT / ATAK

Cursor-on-Target bidirectional UDP. ATAK team integration.

MQTT

Any IoT device. Temperature, pressure, vibration, anything.

HTTP / REST

Poll any web API. Webhooks. Generic JSON/XML sources.

SERIAL / CAN

Raw serial devices, vehicle CAN bus, embedded sensors.

CUSTOM

Subclass BaseAdapter. If it produces data, it works.

WRITE A CUSTOM ADAPTER // ~10 LINES

MY_SENSOR // CUSTOM ADAPTER

from summit_sdk import BaseAdapter, AdapterManifest, EntityBuilder, Protocol, Capability

class MySensorAdapter(BaseAdapter):

    MANIFEST = AdapterManifest(
        name="my-temperature-sensor",
        version="1.0.0",
        protocol=Protocol.MQTT,
        capabilities=[Capability.READ, Capability.STREAM],
        entity_types=["ASSET"],
    )

    async def run(self):
        while not self.stopped:
            reading = await self.read_sensor()   # your hardware call

            entity = (EntityBuilder(self.device_id, "ASSET")
                .position(reading.lat, reading.lon, reading.alt)
                .metadata("temperature", reading.celsius)
                .metadata("unit", "sensor-station")
                .build())

            self.publish(entity)           # → Summit.OS world model
            await self.sleep(10)           # poll every 10s

# Run it
$ python my_sensor_adapter.py
✓ Adapter registered → entity streaming → visible on map

The adapter publishes entities over MQTT. Summit.OS picks them up, runs them through fusion, scores them, and displays them on the map — all automatically. The only thing you write is the hardware read logic. See packages/adapters/examples/ for complete templates for drones, cameras, PLCs, and weather stations.

MISSION SYSTEM

CREATE A MISSION.
THREE WAYS.

A mission is an assigned task with a type, a target entity, an asset, and a lifecycle. It can be created by the operator, by the AI, or directly via the API. Every mission goes through the same state machine regardless of how it was created.

MISSION TYPES

TYPE // SURVEY

SURVEY

Cover a defined area. Used for fire-spread mapping, search grids, field inspection.

TYPE // MONITOR

MONITOR

Watch a specific entity or location. Loiter, track, and report status changes.

TYPE // SEARCH

SEARCH

Active SAR pattern. Systematic coverage of a zone with missing person or vessel protocols.

TYPE // PERIMETER

PERIMETER

Patrol a boundary. Security zone enforcement, fence inspection, border monitoring.

TYPE // DELIVER

DELIVER

Asset delivery to a waypoint. Medical supply drops, equipment transfer, logistics.

TYPE // INSPECT

INSPECT

Close-range inspection of a specific target. Pipeline, powerline, structure, or vessel.

TYPE // ORBIT

ORBIT

Circle a point of interest at altitude. Wide-area observation, incident watch.

MISSION LIFECYCLE

PENDING

CREATED

→

PENDING APPROVAL

HIGH RISK ONLY

→

ACTIVE

IN PROGRESS

→

COMPLETE

RESOLVED

THREE WAYS TO CREATE A MISSION

METHOD 01 // OPERATOR UI

DISPATCH BUTTON

Alert fires → operator clicks INVESTIGATE → reviews AI assessment → taps DISPATCH. Mission type is suggested by the classifier. Operator can override before confirming. Zero typing required for routine incidents.

METHOD 02 // AUTONOMOUS

AI AUTO-DISPATCH

For LOW and MEDIUM risk incidents, the tasking service creates missions automatically when the classifier fires. No human in the loop for routine events. HIGH and CRITICAL always require operator approval — the state machine enforces this and cannot be bypassed.

METHOD 03 // API

REST API

Create missions programmatically from any external system. Your existing dispatch software, a scheduler, or a custom workflow can POST a mission directly. Full API docs at localhost:8000/docs.

CREATE MISSION // REST API

# Create a SURVEY mission via API
$ curl -X POST http://localhost:8000/v1/missions \
    -H "Authorization: Bearer <token>" \
    -H "Content-Type: application/json" \
    -d '{
      "mission_type":  "SURVEY",
      "entity_id":    "entity-abc123",
      "asset_id":     "drone-01",
      "priority":     "HIGH",
      "notes":        "Smoke detected northeast sector"
    }'

201 Created
{
  "mission_id":  "msn-7f3a...",
  "status":      "PENDING_APPROVAL",  // HIGH = requires operator confirm
  "assigned_to": "drone-01",
  "created_at":  "2026-03-29T14:22:11Z"
}

PLATFORM

BUILD ANYTHING
ON TOP.

AGPL v3. No lock-in. Summit.OS is a foundation — like Linux for autonomous ops. The platform is open, the ecosystem is yours to shape. Commercial license available for proprietary deployments.

USE CASE // 01

WILDFIRE RESPONSE

Custom alert ingestion, fire-spread modeling, aerial asset dispatch, crew coordination.

USE CASE // 02

UAV FLEET OPS

Commercial drone fleet management, geofencing, multi-vehicle tasking, telemetry dashboards.

USE CASE // 03

SEARCH & RESCUE

Terrain analysis, resource tracking, multi-agency coordination, handoff brief generation.

USE CASE // 04

PORT & MARITIME

AIS vessel tracking, anomaly detection, berth coordination, security zone enforcement.

USE CASE // 05

EMERGENCY MGMT

Multi-agency situational awareness, resource deconfliction, incident command support.

USE CASE // 06

CUSTOM INTEGRATION

Any sensor. Any protocol. Any data source. The adapter SDK handles the heavy lifting.

SUMMIT.OS

INITIATE DEPLOYMENT.