Open data backbone, operator-private layers, sovereign EU hosting.
Every public layer is pulled through Wardstone’s own route handlers, cached at the cadence of the upstream source, and exposed with provenance attached. Source name and last-updated timestamp travel with the data, all the way to the operator’s screen.
On top of the open layers, operator-tier deployments fold in private signals from infrastructure operators — supply, staffing, sheltering, sensor telemetry. These never leave the operator boundary; they are not part of the public demo.
All hosting is EU-region. Operator-tier deployments can be pinned to a single member state on request. Open-data infrastructure runs in commercial EU regions; operator-tier infrastructure can be moved to sovereign-cloud or on-prem at the customer’s discretion.
Every public layer, cited.
Source name, link, update cadence, and what each one powers. If a feed is unreachable, the console shows a “feed offline” state rather than synthesizing values.
| Layer | Source | Cadence | What it powers | Status |
|---|---|---|---|---|
| GNSS interference | gpsjam.org · H3 res-4 daily CSV | Daily, soon after 00:00 UTC | Cross-border GNSS denial map derived from ADS-B aircraft reports. | Live |
| Electricity grid stress | ENTSO-E Transparency API | ~15 min | Actual load and generation per TSO bidding zone; current load as a share of the 24-hour peak. | Wired · token-gated |
| Active hazards | GDACS GeoJSON · MET Norway MetAlerts | ~10 min | Active GDACS disaster events in region plus severe-weather flags derived per capital. | Live |
| Critical infrastructure | OpenStreetMap via Overpass | Cached snapshot | Transmission-level substations (≥110 kV), hospitals, fire stations. Context layer underneath the live signals. | Snapshot |
Tokens for upstream APIs (ENTSO-E) are configured server-side and never exposed to the browser. Route handlers cache at the source cadence to respect upstream rate limits.
EU-region only. Operator-tier pinning by request.
The public open-data infrastructure runs in commercial EU regions. Operator-tier deployments can be pinned to a single member state — useful when national procurement requires data residency within sovereign borders. Sovereign-cloud and on-prem deployment targets are available for civil-protection authorities that require them.
No data ever leaves the EU under default configuration. No US hyperscaler region is used in the production path.
By default. Operator-tier deployments minimize PII; only the email, organization, and free-text note submitted via early-access forms are retained outside customer environments.
Operator-tier alignment is in scope. Incident-handling and supply-chain controls are tracked against the directive’s essential-entity profile.
Civil-resilience framing follows the CER taxonomy for critical entities and sectors. Layer scoping aligns with CER sector definitions.
In scope at launch. Not yet certified — we will not claim a status we cannot evidence.
We will not claim a certification we cannot evidence. ISO 27001 and SOC 2 are in scope at launch — not yet certified. Detailed posture documentation, including sub-processors and DPIA templates, lives on /trust.