37% of AI governance documents in the wild fall below a structural quality threshold that aviation software certification has taken for granted since 1992.
That number comes from arXiv:2604.21090, an empirical companion to a paper that does something refreshingly concrete: it takes the three structural requirements DO-178C and DO-330 enforce through FAA and EASA certification and asks why no AI governance framework requires the same of a system prompt, an AGENTS.md file, or a governance policy.
Three Requirements Aviation Enforces That AI Governance Ignores
Aviation's playbook is brutally simple. First, structured governance linkage between a governing specification and the operational evidence that verifies it. Second, context-bounded validity: a certification lapses if the operational context changes, forcing revalidation. Third, an objective evidence architecture that defines what counts as proof and when that proof is sufficient.
Notice what's missing from every single AI governance document you've read. No epoch limit. No revalidation trigger when the model's training data shifts. No definition of what constitutes sufficient evidence that the document's constraints actually constrain the system.
The paper's authors map DO-178C's traceability architecture, DO-330's requalification triggers, and DO-178C's objective evidence requirements onto three structural findings: epoch limits on governance document validity, proof surfaces as the revalidation feedback mechanism, and the structural gap where AI governance instruments have no completeness requirements.
The Structural Gap Is Bigger Than Non-Determinism
Aviation's standard-setting bodies have acknowledged their frameworks break down for AI systems because neural networks are non-deterministic. But the paper makes a crucial distinction: the governance artifact itself is a static document. Its structural properties can be evaluated independently of the stochastic system it governs.
That means you can apply aviation's rigor at the document level even if you can't apply it at the system level. A governance document should have an expiration date (epoch limit). It should define what events invalidate it and how revalidation happens (proof surface). It should state what counts as sufficient evidence that the document's rules are being followed.
PromptQ's seven-principle framework operationalises these requirements at the governance document layer. Whether that framework gains adoption is the open question, but the diagnosis is spot-on: current AI governance is structurally incomplete in ways we've known how to fix for fifty years.
What changes next is that any organization shipping an AI governance policy without an epoch limit and a proof surface is shipping a document that would never pass a 1992-era aviation audit.
Source: Fifty Years of Specification Completeness: What Aviation Certification Tells AI Governance About Epoch Limits, Proof Surfaces, and the Structural Gap
Domain: arxiv.org
Comments load interactively on the live page.