Orthogonal to Each Other, Not to the World
A reviewer reads a Zero Trust framework. The framework claims its evaluation dimensions are orthogonal. The reviewer pushes:
“If your dimensions are orthogonal, why do compromised supply chains so often correlate with weak identity practices? In real incidents the dimensions seem to fail together.”
The framework’s author has a choice. They can defend the orthogonality claim by arguing the correlation is illusory. Or they can sharpen the claim — admit that one sense of orthogonality doesn’t apply to real-world correlation, while another sense does.
The second move is the right one. Orthogonal is a load-bearing word in evaluation frameworks, and it carries multiple meanings that have to be distinguished or the claim collapses on contact with operational data.
There are three precisions. Distinguishing them is what makes the framework honest, and what lets it survive contact with real incidents.
Three Precisions of “Orthogonal”
Precision 1 — Evaluation independence. The dimensions are independent evaluation functions. Each dimension takes some inputs from the shared context and produces a verdict. Knowing the verdict on one dimension gives no algorithmic information about the verdict on another. The functions don’t share computation.
This is the structural property. It is what makes the framework auditable: each dimension’s verdict can be traced to its specific inputs and rules, without depending on what other dimensions concluded. Without this property, you cannot reason about which dimension fired and why; the verdicts entangle.
Precision 2 — Empirical correlation. In observed incidents, weakness on one dimension may correlate with weakness on another. A compromised supply chain may correlate with weak identity practices, weak attestation, weak behavioural baseline. This is empirical, not structural. It reflects the joint distribution of failures in the real world — incidents cluster in organisations whose investment is uneven across all dimensions.
This correlation does not violate Precision 1. The dimensions are still independent as evaluation functions. They just happen to empirically fire together because organisations don’t usually invest deeply in one dimension and shallowly in others.
Precision 3 — Effect interaction. Even though the dimensions are independent in evaluation and may correlate empirically, their effect on the final verdict is multiplicative. A zero in any dimension collapses the product. The dimensions interact in their joint effect, in the specific way that multiplication encodes: any one dimension at zero brings the whole product to zero, regardless of the others.
This third property is what gives the framework its non-compensability. You cannot offset weak supply-chain evidence with strong identity evidence. The multiplicative composition catches the failure mode that addition would miss.
Why You Need All Three
Each precision answers a different question. Skip any one and the framework’s claims become defensible against one critique but vulnerable to another:
Without evaluation independence: the framework cannot be audited. Why did the verdict deny? becomes unanswerable, because the dimensions tangle and you cannot point to the specific evidence on the specific dimension that produced the deny.
Without acknowledging empirical correlation: the framework gets caught making claims that contradict observed incident data. You said dimensions are orthogonal but real attacks correlate them — and the defender has no good answer if they only had Precision 1.
Without effect interaction: the framework is correct on the structural property but ships verdicts that allow compensation. Strong identity offsets weak supply chain, the product looks fine, the failure lands at the weak dimension, the framework didn’t catch it.
The three together are what holds. Independent in evaluation. Correlated in observation. Interactive in effect.
Where Each Property Is Load-Bearing
Evaluation independence is load-bearing for audit and forensics. When an incident occurs, the audit needs to trace which dimension’s verdict was at fault. If dimensions tangle, the trace breaks.
Empirical correlation is load-bearing for risk modelling and prioritisation. The fact that dimensions cluster empirically means investment should not be evenly distributed by default — the weakest dimension is often the one that pulls the others down. Risk models that assume no correlation will under-estimate joint failure rates.
Effect interaction is load-bearing for the verdict itself. The multiplicative composition is the architectural commitment that says no dimension at zero ships. This is what makes Trust × Safety meaningful as a product rather than a marketing phrase.
A framework that holds all three is robust to multiple critiques: the auditor’s, the risk modeller’s, and the post-incident reviewer’s.
A Worked Example
Consider an incident: an agent took a harmful action. Investigation reveals:
- Identity check passed (workload identity verified, signed mandate, fresh)
- Supply chain check passed (model attested, framework attested)
- Behavioural baseline check passed (action matched historical pattern)
- Output verification failed — the output contained injected content that subverted the user’s intent
What does the framework say about this incident?
Evaluation independence says: each dimension’s verdict was traceable. The first three fired pass. The fourth fired fail. The audit can point to which dimension’s evidence was the failure.
Empirical correlation says: this incident was not correlated across dimensions. The first three were strong; the fourth was weak. This is unusual — most incidents see weakness clustered. The framework should expect this case to be rarer than the clustered case.
Effect interaction says: the multiplicative composition catches it. Strong on three, weak on one — product is weak. The verdict denies. The framework did its job.
A framework that had only evaluation independence would miss the fourth verdict’s weight in the multiplication and might let the action through. A framework that had only effect interaction without independence couldn’t audit which dimension fired. A framework that had both but not empirical correlation would mis-model the joint risk.
All three together produce the right behaviour: the audit traces it, the verdict denies it, the risk model expects it.
What This Says About “Orthogonal”
The word orthogonal in evaluation-framework writing has to carry all three. When a reviewer hits the framework with the empirical-correlation critique, the right response is:
Yes, dimensions are correlated empirically. They are still independent in evaluation. They still interact multiplicatively in effect. The orthogonality claim is about the evaluation property, not the observation property.
When a reviewer hits with the audit critique:
Each dimension’s verdict is traceable to its specific evidence. The dimensions are independent as evaluation functions, regardless of whether their inputs correlate.
When a reviewer hits with the multiplication critique:
The multiplicative composition is what makes the dimensions effective in joint action. Independent in evaluation, interactive in effect — that’s the structure.
A framework that can answer all three has internalised the precisions. A framework that conflates them will fold under any of the three critiques, depending on which one lands first.
The Disposition
Orthogonal is one of those words that carries weight in technical writing precisely because it’s used loosely. Architects say it; reviewers accept it; the meaning isn’t always pinned down. When the framework hits real conditions, the imprecision is what cracks first.
The discipline is to be explicit about which property of orthogonality you’re claiming, in any given sentence:
- Independent in evaluation — the structural property
- Correlated in observation — the empirical property
- Interactive in effect — the compositional property
When you write the dimensions are orthogonal, ask: in which sense? If you can’t answer cleanly, the claim isn’t ready to ship.
A framework that ships with this discipline is robust to scrutiny. A framework that ships without it will be cracked open by the first reviewer who pushes on the word. The push is correct. The discipline is to anticipate it.
Three precisions. Each is a distinct property. Together they are what orthogonal actually means in a working evaluation framework. Skip any one and the claim collapses on the data.
