Infrastructure Kill Switch The secondary break-glass mechanism is an infrastructure-level kill switch: a dedicated API endpoint, hosted separately from the main application, that scales the inference service to zero replicas (on Kubernetes) or disables the inference endpoint (on managed ML services). This mechanism exists in case the application itself is compromised or unresponsive. The infrastructure kill switch is accessible to Level 1 (engineering) and Level 4 (AI Governance Lead) personnel. It operates independently of the application layer, ensuring that a software failure in the AI system does not prevent the system from being stopped. Both the application-level and infrastructure-level mechanisms are documented in the AISDP, with clear instructions for when each should be used. Key outputs

• Infrastructure-level kill switch independent of application
• Scales inference to zero or disables endpoint
• Accessible to engineering and AI Governance Lead
• Documented alongside application-level mechanism