All papers
HB-TR-2026-04·Technical Report·Substrate·April 2026·28 pages

Certifiable Safety and Semantic Interoperability via Neurosymbolic Ontology and SMT

High-risk environments need ontologies that are typed, axiomatised, and checkable. We use language models to propose and SMT solvers to dispose: schema generation, semantic bridge axioms, and safety properties become satisfiability problems with proof certificates or concrete counterexamples.

Leonidas Papadopoulos · Helios Brain · Founder
HeterogeneoussourcesNeural proposerLLM extractorSymbolic verifierSMT solverCertifiedontologyunsat core · constrain next proposalLLM proposes, solver disposes

Figure 1. The propose-verify loop. A neural extractor reads heterogeneous sources and proposes ontology fragments. A symbolic verifier (SMT solver) checks them for consistency. On failure, the unsatisfiable core constrains the next proposal. LLM proposes, solver disposes.

§ 01

The integration problem

High-risk enterprise environments (banking, defense, healthcare) integrate data from independently governed systems with conflicting schemas, mismatched vocabularies, and silent semantic shifts. The result is corruption of meaning and lack of machine-checkable safety guarantees.

This report introduces the representation layer of the Helios composed world model: a typed, axiomatised ontology that is generated with assistance from language models, but constrained at every step by symbolic validation.

§ 02

Ontology, description logic, SMT

An ontology is a pair of a TBox (terminological axioms) and an ABox (assertional facts). Merging ontologies requires explicit bridge axioms B that connect their vocabularies. Semantic interoperability is the property that the merged ontology admits a global interpretation, equivalently that it is satisfiable.

O=(TBox,ABox)\mathcal{O} = (\mathcal{T_{\text{Box}}}, \mathcal{A_{\text{Box}}})
Omerged=O1O2B\mathcal{O}_{\text{merged}} = \mathcal{O}_1 \cup \mathcal{O}_2 \cup \mathcal{B}
§ 03

Multi-source ontology generation

Heterogeneous sources are fed to a language-model extractor that proposes candidate terminology and assertions, each annotated with provenance. The proposals are then submitted to an SMT consistency gate. If the gate returns SAT with a model, the candidates are admitted to the certified ontology. If UNSAT, the unsatisfiable core names the conflict, and constrains the next proposal.

§ 04

Safety certification by SMT

Safety properties Ψ become satisfiability checks over the merged ontology and an evidence base D. The negation of Ψ is conjoined with the facts; UNSAT yields a proof certificate of safety, SAT yields a concrete counterexample to inspect.

OD    Ψ\mathcal{O}^{*} \models \mathcal{D} \implies \Psi
SMT(Encode(O)Encode(D)¬Ψ){SAT, UNSAT}\text{SMT}\big(\text{Encode}(\mathcal{O}^{*}) \land \text{Encode}(\mathcal{D}) \land \neg \Psi\big) \in \{\text{SAT},\ \text{UNSAT}\}
§ 05

Asymmetric trust

The pipeline operates under asymmetric trust: the neural model is allowed to be unreliable; it is only believed after the solver verifies it. The neural step provides recall (a wide net for candidates); the solver provides soundness (only verified candidates are admitted). The combination makes language-model extraction safe to use in regulated settings.

Cite this paper
Papadopoulos, L. (2026). Certifiable Safety and Semantic Interoperability via Neurosymbolic Ontology and SMT. Helios Brain, HB-TR-2026-04.