02 / HOW IT WORKS

A sovereign operating environment
for healthcare AI.

Bifrost is composed in layers, each mapping to a real engineering investment. Curated frontier open-weight models. Per-tenant retrieval grounded in the clinical record. Dedicated inference environments tuned per workload. Compliance, observability, and lifecycle — operated by 3verest. The application sits with the builder; the platform is managed.

02 / layered architecture

The bridge,
in cross section.

Layered architecture · BFR-03Cross-section. Nine labelled horizontal strata, top to bottom: travellers, surfaces, crew, watch, lighting, gates, deck, pillars, foundations. Pillars and foundations carry an aurora accent indicating live motion.TRAVELLERSOperator · Tenant · Partner · Clinical (embedded)SURFACESBifrost consoles · Integration adapters · Clinical UXCREWSetup · Deployment · Management · Concierge supportWATCHCompliance · Audit · Evidence lockerLIGHTINGEvaluation · Safety · Drift detectionGATESIdentity · Access · Boundary · BYOKDECKv1: RAG + Inference · v2: Fine-tuning + AgenticPILLARSCurated Model Catalogue · Tenant Data LayerFOUNDATIONSSovereign Compute · Compute.3verest · AU · UK · EU · CA · USBIFROST · LAYERED ARCHITECTURE · v1
bifrost / layered architecture / v1
DRG
BFR-03
REV
1.0
DTE
2026-05-22
SCL
NTS
SHT
03
JUR
AU · UK · EU · CA · US
CLS
PUB
01 / pillars

Models and data.
Co-equal.

Curated Model Catalogue

Five to seven proven open-weight models in v1. Foundation models (Llama, DeepSeek, Qwen). Clinical specialists (MedGemma, pathology vision transformers). An embedding model for retrieval. A speech model for transcription. Each one validated end-to-end on Bifrost infrastructure, version-pinned per playbook deployment, refreshed quarterly.

The catalogue is small on purpose. Curation is the moat.

Models7 in v1 / quarterly refresh
Licencecommercial / open-weight
Validation7-stage pipeline / signed-off
Versioningpinned per deployment

Tenant Data Layer

Per-tenant vector indexes (pgvector / HNSW on PostgreSQL). Per-tenant clinical graphs, linked to the standard ontologies: SNOMED CT, RxNorm, LOINC, ICD-10. Hybrid retrieval in parallel: dense, sparse, graph traversal, adapter calls. Fused through a cross-encoder rerank. Retrieval-path budget: p99 < 500ms.

Records of truth stay in the systems of record. Bifrost holds the derived artefacts (embeddings, indexes, graph nodes) inside the sovereign perimeter.

Indexesper-tenant / pgvector HNSW
Graphsper-tenant / standard ontologies
Retrievalhybrid / parallel / reranked
Latencyp99 < 500ms (retrieval path)
02 / deck

Where the workload crosses.
RAG-first in v1.

A query enters the retrieval pipeline. Multi-source retrieval gathers context (vector search, knowledge graph traversal, adapter calls) in parallel. Results are reranked, assembled into a prompt template, and handed to the model. The model generates an output cited back to source. Every retrieval is logged. Every claim is auditable.

03 / foundations

One sovereign substrate.
Operated by 3verest across five jurisdictions.

F / 01

Compute.3verest

One sovereign substrate, operated by 3verest. The customer never carries operational risk for the AI platform. Deployment, model catalogue, RAG servers, inference, compliance evidence, observability, lifecycle. All managed.

F / 02

Five jurisdictions

AU, UK, EU, CA, US. Data, models, and inference stay inside the jurisdiction they originate from. New jurisdictions added on validated demand, never by default.

F / 03

Fully operated

3verest runs the platform 24/7 with a named operator team. The customer builds and operates the application on top. The line between platform and application is drawn deliberately and never blurred.

Bifrost is a single managed platform. There is no self-hosted edition, no partner-cloud edition, no bring-your-own-Kubernetes edition. One substrate, one operator team, one set of compliance controls.

04 / commitments

Residency at the network layer.
Not in a contract.

01

Data does not leave jurisdiction

Per-tenant network isolation enforced at the VPC layer. Per-tenant KMS keys with optional bring-your-own-key. mTLS internal between every Bifrost service. Inference services run in fully-isolated network namespaces with zero outbound internet egress.Architectural, not contractual.

02

Tenant isolation, physical where it can be, logical where it must be

Three isolation tiers (Foundation, Clinical, Enterprise) reflecting workload criticality. Dedicated GPU partitions, dedicated VPCs, per-tenant encrypted storage, per-tenant identity scoping. Cross-tenant data leakage would require simultaneous failure at four layers.

03

Every operation is auditable

Every inference, retrieval, configuration change, and operator action is logged immutably with cryptographic integrity. Append-only ledger with Merkle-tree integrity. Customer-controlled retention. SIEM-ready export. Continuous compliance evidence generation against IRAP, HIPAA, ISO 27001, Cyber Essentials Plus, EU AI.

05 / compliance

Pre-mapped to the frameworks that matter.

ISO 27001

Inherited from 3verest

HIPAA

Inherited from 3verest US scope

IRAP (PROTECTED)

Inherited from 3verest AU scope

Cyber Essentials Plus

Inherited from 3verest UK scope

SOC 2 Type II

Phase 2 (Bifrost-specific)

EU AI Act conformance

Phase 2 (per playbook)

HITRUST

Phase 3 (customer-driven)

TGA / MHRA / FDA SaMD

Phase 3 (per diagnostic playbook)

Bifrost does not claim certifications it has not earned. Every certification claim is backed by an auditor-signed attestation and is verifiable in the Compliance Evidence locker.

06 / operator console

Components have weight.
Loading is confident, never apologetic.

Bifrost / operations / sovereign-control-plane
2026-05-22 · 14:22 AEST
Crossings · active
all bridges holding
CR / 001
Sydney · primary
ap-southeast-2
live
CR / 002
London · paired
eu-west-2
live
CR / 003
Frankfurt · sovereign
eu-central-1
live
CR / 004
Toronto · paired
ca-central-1
live
CR / 005
Ashburn · paired
us-east-1
staged

Indicative// sample tenant

bifrost / operator console / sovereign control plane

Three lighthouse playbooksExplore the playbooksPDF · coming soonRead the technical brief