Peveka.
Platform

PLATFORM
ARCHITECTURE

The infrastructure layer that makes forensic intelligence possible at enterprise scale — ingestion, retrieval, inference, access control, and compliance logging.

01

Multi-Modal Ingestion

Every data stream, unified.

Multi-Modal Ingestion reads contract language, schedule files, cost reports, and engineering drawings as a single unified dataset — not three separate uploads. Supported formats include P6 XER, MPP, Cobra ZIP exports, PDF contracts and specifications, and CSV cost data. Sub-2-second cross-reference time across all active data streams.

Unified Dataset, Not Separate Uploads

Most forensic analysis tools treat contracts, schedules, and cost reports as separate documents analyzed independently. Multi-Modal Ingestion treats them as a single dataset. When §14.2 of a contract specifies a 10-day notice requirement and the schedule shows a 14-day lag with no documented event, Multi-Modal Ingestion surfaces that conflict automatically.

  • Contract, schedule, and cost data read as a single dataset
  • Cross-stream conflicts identified automatically
  • No sequential analysis — all streams processed simultaneously
  • Sub-2-second cross-reference time across all streams

Supported Formats

Schedule formats: Oracle Primavera P6 XER, Microsoft Project MPP, Asta Powerproject PP. Cost formats: Deltek Cobra ZIP exports, SAP PS exports, Oracle Unifier, Prism cost data, CSV cost reports. Document formats: PDF contracts, specifications, and general conditions. Engineering drawings: PDF and DWG.

  • P6 XER, MS Project MPP, Asta Powerproject PP
  • Deltek Cobra, SAP PS, Oracle Unifier, Prism, CSV cost data
  • PDF contracts, specifications, and general conditions
  • PDF and DWG engineering drawings
02

Semantic Knowledge Base

Retrieval-augmented regulatory intelligence.

A 3,072-dimensional vector knowledge base pre-loaded with DCMA 14-Point Assessment standards, EIA-748, DOE Order 413.3B, federal acquisition regulations, and FIDIC frameworks. Retrieval is semantic — a question about schedule logic surfaces content about network dependencies and critical path integrity without keyword matching.

Pre-Loaded Regulatory Corpus

The Semantic Knowledge Base is pre-loaded with the full text of the regulatory frameworks governing capital project controls: DCMA 14-Point Assessment methodology, EIA-748 EVMS standards, DOE Order 413.3B, FAR and DFARS acquisition regulations, FIDIC Red, Yellow, Silver, and Gold Book contract frameworks, and standard General Conditions language.

  • DCMA 14-Point Assessment methodology
  • EIA-748 EVMS standards (full text)
  • DOE Order 413.3B (full text)
  • FAR and DFARS acquisition regulations
  • FIDIC Red, Yellow, Silver, and Gold Book frameworks

Semantic Retrieval & Client Augmentation

Retrieval uses 3,072-dimensional vector embeddings — a query about schedule logic surfaces content about predecessor relationships without keyword matching. At intake, the client's specific contract documents are embedded and indexed alongside the standard corpus, enabling queries against your specific contract language, not generic standards.

  • 3,072-dimensional vector embeddings for semantic retrieval
  • No keyword matching — intent-based retrieval
  • Client General Conditions and Special Conditions uploaded at intake
  • Confidence score and clause citation per answer
03

Provider-Agnostic AI Layer

No lock-in. No single point of failure.

A fully abstracted AI provider layer routes inference through Vertex AI (GCP Government), AWS GovCloud Bedrock, Azure Government OpenAI, or on-premise vLLM — selected via environment configuration with zero code changes. Supports air-gapped and FedRAMP High enclave deployments natively.

Abstracted Provider Layer

The Peveka forensic engine does not depend on any single AI provider. A fully abstracted inference layer sits between the forensic logic and the underlying model, routing requests to whichever provider is configured for the deployment environment. Switching providers requires a configuration change — not a code change, not a re-deployment.

  • Provider selection via environment configuration only
  • Zero code changes required to switch providers
  • No provider lock-in at the application layer
  • Supports routing to different providers by task type

Supported Backends

Vertex AI on GCP Government (FedRAMP High authorized, us-gov-central1), AWS GovCloud Bedrock (us-gov-west-1), Azure Government OpenAI (US Gov regions), and on-premise vLLM for air-gapped deployments. For federal programs, all inference routes through authorized government cloud backends. Zero data leaves the client's controlled environment in enclave mode.

  • Vertex AI — GCP Government (FedRAMP High, us-gov-central1)
  • AWS GovCloud Bedrock (us-gov-west-1)
  • Azure Government OpenAI (US Gov regions)
  • On-premise vLLM for air-gapped and classified deployments
04

Multi-Tenancy & Enterprise Auth

Built for organizational scale.

Full organization/workspace model with tenant-level data isolation — each organization's files, knowledge base, and audit history are scoped exclusively to their tenant. SAML 2.0 / SSO integration with Okta, Azure AD, and Google Workspace. SCIM user provisioning and directory sync. Role-based access control: Admin, Analyst, Viewer.

Tenant-Level Data Isolation

Every organization operating on the Peveka platform is a fully isolated tenant. Files, knowledge base entries, audit runs, and audit history are scoped exclusively to the tenant that owns them — there is no shared data layer, no cross-tenant query path, and no mechanism by which one organization's data can be accessed by another.

  • Files, knowledge base, and audit history scoped to tenant
  • No shared data layer across tenants
  • No cross-tenant query path — isolation enforced at data layer
  • Tenant deletion cascades to all associated data

SSO, SCIM & RBAC

SAML 2.0 SSO with Okta, Azure AD, and Google Workspace. SCIM 2.0 provisioning enables automated user lifecycle management — users added to your IdP are automatically provisioned in Peveka. Three roles govern access: Admin, Analyst, and Viewer — assignable per user and per workspace within an organization.

  • SAML 2.0 SSO: Okta, Azure AD, Google Workspace
  • SCIM 2.0 provisioning and directory sync
  • Admin, Analyst, and Viewer roles
  • Roles assignable per user and per workspace
05

Audit Trail & Compliance Logging

Every action. Tamper-evident.

All user actions — queries, file uploads, audit runs, knowledge base modifications — are logged to a tamper-evident audit store with a minimum one-year retention. Exportable for internal control evidence, GDPR data subject requests, and federal security reviews.

Tamper-Evident Log Architecture

Every action performed on the Peveka platform is written to an append-only, tamper-evident audit log. Log entries cannot be modified or deleted — only appended. Each entry includes a timestamp, the user, the action type, the affected resource, and a cryptographic hash linking it to the preceding entry. Any modification to a historical entry breaks the hash chain and is detectable.

  • Append-only log — entries cannot be modified or deleted
  • Cryptographic hash chain linking each entry
  • Tamper-evidence holds for all users including administrators
  • Chain break immediately detectable

Retention, Export & EVMS Compliance

Audit logs are retained for a minimum of one year. Logs are exportable as JSON or CSV for DCMA surveillance evidence, DOE EVMS compliance documentation, and internal control evidence. Every forensic audit run is logged with the schedule data analyzed, metrics evaluated, findings generated, and the analyst who initiated the run.

  • Minimum one-year retention per log entry
  • Exportable as JSON or CSV, scoped to tenant
  • DCMA surveillance and DOE EVMS documentation supported
  • Internal control evidence collection ready