Technical reference

The practice of deliberately injecting failures into a production or staging system to discover weaknesses before they manifest as incidents.

The maximum number of tokens an LLM can process in a single forward pass, encompassing both the input prompt and the generated output.

Command Query Responsibility Segregation. A pattern that separates read and write operations into distinct models, enabling independent scaling and optimisation of each path.

A mechanism by which a system proves the integrity of its software or hardware state using cryptographic signatures, used in zero-trust and trusted execution environments.

Common Vulnerabilities and Exposures. A publicly disclosed identifier for a specific security vulnerability, maintained by MITRE and used as a reference across security tooling.

A dense vector representation of a piece of text (or other data) in a continuous high-dimensional space, enabling semantic similarity search and clustering.

An architectural pattern in which state changes are stored as an immutable sequence of events rather than as the current state, enabling full audit trails and temporal queries.

The process of continuing the training of a pre-trained model on a domain-specific dataset to specialise its behaviour, as opposed to few-shot prompting.

A confident but factually incorrect or fabricated output produced by an LLM. RAG architectures and grounding techniques are commonly used to mitigate hallucinations.

The execution phase of a trained model: given an input, the model produces an output. Inference latency and throughput are key operational concerns in production AI systems.

An open-source container orchestration platform that automates deployment, scaling, and management of containerised workloads across a cluster of nodes.

Large Language Model. A neural network trained on large corpora of text capable of generating, summarising, translating, and reasoning over natural language.

Mutual TLS. A variant of TLS in which both the client and server authenticate each other with certificates, commonly used in service mesh environments.

The ability to infer the internal state of a system from its external outputs: logs, metrics, and traces. Distinguished from monitoring by its focus on unknown failure modes.

Retrieval-Augmented Generation. An architecture that grounds LLM outputs by retrieving relevant documents from a vector store before generation, reducing hallucinations and enabling up-to-date responses.

Role-Based Access Control. An access control model where permissions are assigned to roles, and users or service accounts are granted roles, simplifying permission management at scale.

An infrastructure layer that manages service-to-service communication in a microservices architecture, providing traffic management, observability, and security (mTLS) transparently.

Service Level Objective. A target value or range for a service-level indicator (SLI) such as availability or latency, agreed between engineering and product as the reliability contract.

An attack that targets the build pipeline, dependencies, or distribution mechanisms of software rather than the end application, compromising integrity at the source.

The process of splitting text into discrete units (tokens) that a language model processes. Tokenisation strategies directly affect context window utilisation and model behaviour.

A database optimised for storing and querying high-dimensional embedding vectors using approximate nearest-neighbour (ANN) algorithms such as HNSW or IVF.

A security model that requires continuous verification of every user, device, and workload regardless of network location. It replaces the implicit trust of perimeter-based models.