Research · 2026
Toward an Autonomous Business Operating System for the U.S. Private Security Industry: A Multi-Agent AI Framework for End-to-End Workflow Automation
Department of Computer Science and Engineering
St. Cloud State University
ASBOS is an event-driven, multi-agent framework for coordinating scheduling, emergency coverage, timekeeping, reporting, compliance, payroll, billing, and client communication in private security operations. The architecture preserves deterministic business rules, authoritative systems of record, and human approval for consequential actions.
Conceptual research framework · No production field trial completed · Manuscript
Operational problem
U.S. private security providers coordinate scheduling, emergency coverage, timekeeping, reporting, compliance, payroll, billing, and client communication across multiple systems. Staffing continuity remains difficult: the U.S. Bureau of Labor Statistics reports approximately 1.27 million workers in the combined occupation in 2024, with about 162,300 projected openings annually during 2024–2034. A Census QWI-based analysis cited by the Center for American Progress reported 50.8% annual turnover in the security industry in 2023.
Existing workforce platforms already integrate substantial portions of these functions. ASBOS is proposed as an orchestration layer that coordinates cross-system workflows with explicit human approval, auditable events, and scoped agent permissions — not as a claim that integrated software does not exist.
Research question
Can a security-specific, event-driven multi-agent layer coordinate workforce functions autonomously within policy bounds, preserve auditability, escalate risk appropriately, and demonstrate better outcomes in a controlled field study?
Six-agent architecture
All six agents operate through a central orchestration and policy layer. Agents receive scoped permissions; deterministic rules control hard constraints; important actions can require supervisor approval; authoritative systems remain the systems of record; and events and actions are logged for traceability.
Workforce Scheduling Agent
Proposes assignments using availability, qualifications, overtime risk, site rules, travel constraints, and historical attendance while explaining constraint violations.
Emergency Shift Coverage Voice Agent
Contacts ranked replacement guards using approved scripts, disclosures, and bounded terms; records acceptance or decline and transfers sensitive cases to a supervisor.
Timesheet and Payroll Agent
Reconciles scheduled shifts, approved clock events, location evidence, and pay rules into a review queue rather than an automated fraud verdict.
Report Generation Agent
Assembles structured activity data and drafts summaries traceable to source events or explicitly marked as inference.
Compliance and Human Resources Agent
Tracks credentials, training, and site eligibility; blocks deterministic rule failures and escalates disputed records.
Billing and Client Relationship Agent
Prepares invoice lines from verified hours and contract rates; flags aging balances while requiring human approval for write-offs and disputes.
Architecture visualization
Event-driven orchestration
ASBOS is modeled as an orchestration layer above existing systems of record. Each business event receives a unique identifier, timestamp, source, confidence level, data classification, and audit history. The orchestration service receives events such as shift creation, missed clock-ins, credential expiry, overdue reports, and invoice due dates — evaluates policy, invokes specialized agents, records tool calls and decisions, and routes exceptions to a human queue.
Emergency coverage workflow
Proposed event cascade for a call-off or missed clock-in. Fill-time guarantees are not claimed.
-
Coverage-gap event
A call-off or missed clock-in creates a coverage-gap event in the orchestration layer.
-
Eligible ranked list
Scheduling and compliance rules generate an eligible, ranked replacement list.
-
Voice outreach
The voice agent contacts guards using approved terms, disclosures, and bounded scripts.
-
Assignment update
An accepted assignment updates the schedule and notifies relevant parties through logged events.
-
Supervisor escalation
If no suitable guard accepts, the case continues through the ranked list or escalates to a supervisor.
Human oversight
ASBOS uses three action tiers. Tier 1 actions are low-risk and reversible, such as drafting a schedule or sending an approved reminder. Tier 2 actions may execute automatically but notify a supervisor. Tier 3 actions require approval — including unbudgeted premiums, payroll changes, credential exceptions, and high-severity incident communications.
Privacy and security controls
Voice deployment requires jurisdiction-specific review of call authorization, recording consent, AI disclosure, data retention, and opt-out handling. The architecture constrains voice outreach to approved pay bands, explicit disclosures, short retention where possible, and immediate human handoff for sensitive cases. Biometric voice templates should not be created unless legally approved and operationally necessary.
- Role-based access control and tenant isolation
- Typed event validation with source provenance
- Complete audit logging and policy versioning
- Reversible writes to systems of record
- Data minimization for location, voice, and biometric data
Evidence and context
Public context only. Market figures are third-party forecasts, not observed outcomes. These organizations do not endorse ASBOS.
U.S. workers in combined security-guard and gambling-surveillance occupation (2024)
U.S. Bureau of Labor Statistics
Government employment statistic
Projected annual openings during 2024–2034
U.S. Bureau of Labor Statistics
Mostly replacement demand
Reported annual turnover in the security industry (2023)
Center for American Progress (Census QWI analysis)
Private sector average reported at 38.4%
Published AI-agent market forecasts for 2030
MarketsandMarkets; BCC Research
Third-party forecast — not an observed outcome
Prospective evaluation plan
A suggested 90-day pilot includes baseline weeks, staged deployment phases, and a final observation period. The outcomes below are proposed pilot measurements, not completed results. The repository simulator provides synthetic baseline comparisons only to support protocol design.
- Administrative workload
- Coverage time (median and 90th percentile)
- Percentage of shifts filled before start
- Timekeeping exceptions
- Report delivery compliance
- Credential-related assignment blocks
- Human escalations and overrides
- System availability
- Duplicate-action rate
- Failed integrations
- Recovery time
View synthetic simulator scaffold
Economic sensitivity analysis
The paper presents a transparent sensitivity model for a hypothetical 100-guard company. The earlier 3–6× ROI claim is withdrawn; the figures below are illustrative scenarios only.
| Case | Estimated benefit | Annual cost | Net ROI | Benefit-cost ratio |
|---|---|---|---|---|
| Low | $30,399 | $60,000 | -49% | 0.51 |
| Base | $60,798 | $45,000 | 35% | 1.35 |
| High | $100,797 | $30,000 | 236% | 3.36 |
Limitations and future work
ASBOS is a conceptual and design contribution. It does not report a completed deployment, causal effect, measured fill time, measured administrative savings, or validated ROI. Market-size figures differ by publisher and category definition. Future work includes a registered pilot protocol, de-identified event dataset, failure-mode analysis, fairness testing of replacement ranking, and independent security and privacy review.
Author
Cite this work
Plain text
Rabbi, K M Fazle (2026). Toward an Autonomous Business Operating System for the U.S. Private Security Industry: A Multi-Agent AI Framework for End-to-End Workflow Automation. Manuscript. St. Cloud State University.
BibTeX
@article{rabbi2026asbos,
title={Toward an Autonomous Business Operating System for the U.S. Private Security Industry: A Multi-Agent AI Framework for End-to-End Workflow Automation},
author={Rabbi, K M Fazle},
year={2026},
institution={St. Cloud State University},
note={Manuscript}
}