RRetelnistRequest a briefing →
← Back to Retelnist platform overview

Methodology.

What Retelnist measures, how it measures it, what's open, what's proprietary, and how every claim on this site can be verified.

Aligned with the DISARM Foundation taxonomy. Statistical methodology documented for academic review. Methodology brief available to verified buyers under NDA.

Retelnist's name is its commitment: rigor. Every number we publish carries its uncertainty. Every claim we make can be reproduced.

Request a verified briefingRequest the full methodology brief (under NDA) →

Opening principle

What Retelnist publishes, what it doesn't, and why

A cognitive intelligence platform has two failure modes. Publish everything, and the adversary trains against your methodology. Publish nothing, and you become a black box no procurement officer can defend.

Retelnist's resolution follows the discipline its name describes. This page documents the public layer. The methodology brief documents the NDA layer.

Public

  • The taxonomies used (DISARM, EEAS FIMI)
  • The statistical methods (bootstrap, permutation tests, confidence intervals)
  • The measurement constructs — what the V-engine measures and why those components were chosen
  • The audit and reproducibility guarantees

Under NDA · to verified buyers

  • Component weighting in the V(x,t) score
  • Identity-coupling lexicon construction
  • Real-time aggregation pipeline architecture
  • Adversarial-robustness measures

Layer A — Detection

DISARM-aligned, audit-traceable

Taxonomy

Retelnist uses the DISARM Red Framework v2 — the open, community-governed taxonomy for adversarial information operations. DISARM is the de-facto standard adopted by the EEAS, NATO StratCom CoE, the FIMI ISAC, and the broader transatlantic counter-disinformation community.

Retelnist rule-tags against 40 priority techniques drawn from the DISARM Red v2 set, prioritized by observed frequency in EU/UA/MENA operational data.

Tag governance

Every tag in Retelnist carries:

Timestamp
Source (rule ID or analyst ID)
Confidence score
Evidence trail
Review status
Analyst override log

Coverage

TelegramTier 1Public channels, comments, message-level
X (Twitter)Tier 1API-permitted scope; coordinated-amplification signals
FacebookTier 1Public pages, public groups, comments
YouTubeTier 1Channels, comments, captions
RedditTier 1Public subreddits
RSS feedsTier 1Configurable feed set per deployment
LinkedInTier 2Public posts, public commentary
Additional platformsCustomAvailable on engagement

Coordination signals

Temporal synchronization

Accounts posting variants of the same content within statistically improbable time windows, validated against baseline posting distributions.

Content cloning

Near-duplicate detection at sentence and paragraph level, with edit-distance thresholds calibrated to language and platform.

URL co-amplification

Same URLs surfaced across account clusters at rates above organic baseline.

Bot velocity

Posting-frequency outliers relative to account-age and account-history baselines.

Layer B — The V-Engine

Continuous measurement of belief-shift

This is the section most carefully read by methodology validators. It is also where Retelnist has the most to defend.

What Retelnist is measuring

Retelnist models the target audience's decision-space as a finite set of propositions — concrete belief statements that adversarial retellings are designed to shift. Examples from active deployments:

P-UA-12

"Mobilization is unjust — rich buy out, poor die."

P-UA-07

"Western support is weakening."

P-EU-04

"Sanctions hurt us more than Russia."

P-IR-03

"The negotiations track is the only rational path."

Baseline construction

Every V(x,t) is computed against an organic baseline — the level of natural discussion the proposition would generate absent coordinated retelling. Baselines are constructed from longitudinal pre-incident data and re-estimated quarterly.

The baseline is what makes "is this a 2.3σ shift" a meaningful claim rather than a vibe. Without baseline, you have noise. With baseline, you have signal.

The V(x,t) score

5 components · weighted aggregate
  1. 01

    Frequency

    Surface volume of content referencing the proposition across the monitored information environment, normalized to baseline volume for that environment.

  2. 02

    Sentiment polarity

    Directional sentiment of content referencing the proposition (supports / contests / amplifies / mocks), measured via fine-tuned language models trained on annotated cognitive-warfare corpora.

  3. 03

    Identity coupling

    Co-occurrence of the proposition with identity, in-group, or emotional markers known to lower critical evaluation in the target population.

  4. 04

    Amplification asymmetry

    Gap between organic discussion volume and coordinated amplification volume, derived from Layer A signals.

  5. 05

    Rate of change

    First derivative of the above against the proposition's organic baseline.

On proprietary weighting

Component weights are proprietary. The decision to keep weighting under NDA is deliberate — published weights would allow adversarial calibration. Weights are documented in full in the methodology brief, shared with verified buyers under NDA, and revised periodically based on validation against ground-truth events.

The coupling layer — CWPI

From two signals to one verdict

Detection tells you a coordinated retelling is happening. Effect tells you belief is shifting. Neither alone tells you whether the retelling caused the shift. That requires coupling.

The coupling test — outputs

Lag

The time offset at which correlation is maximized, typically 0–72 hours.

Correlation strength

At the peak lag.

Statistical significance

Computed via permutation test (N=1000 random permutations of Layer A signal), reported as p-value.

Confidence interval

95% CI on the correlation statistic via bootstrap resampling (N=1000).

CWPI — the single verdict number

The Cognitive Warfare Presence Index combines Layer A density, Layer B shift magnitude, and coupling significance into a single per-proposition or per-operation index, reported with 95% confidence intervals.

CWPI exists for one reason: decision-makers need a single number that tells them whether to act. Analysts get the full breakdown. Directors get CWPI.

What Retelnist is honest about

Coupling is correlation, not causation. A confirmed coupling tells you that observed behavior and observed belief-shift co-occur with a consistent lag at statistically improbable levels. It does not, by itself, prove the retelling caused the shift.

In every operational report, coupling claims are paired with:

  • Alternative-explanation review (what real-world events occurred in the same window?)
  • Counterfactual cohort comparison where available
  • Analyst judgment on whether confounding is plausible

This honesty is the differentiator. Platforms that don't publish their statistical reasoning don't have it.

The endogeneity caveat

Layer B is measured through the same information environment Layer A monitors. Retelnist addresses this in two ways:

  1. 01Layer B propositions are operationalized through belief markers, not just frequency. Identity coupling and sentiment polarity are partially independent of pure volume signals.
  2. 02Counterfactual cohort design. Where ethically and operationally feasible, Retelnist compares V(x,t) trajectories between populations exposed to the retelling and matched populations not exposed.

The peer-reviewed paper currently in preparation focuses specifically on this validity question.

Validation & audit

How every claim is reproducible

The promise embedded in Retelnist's name is reproducibility. Without it, “rigor” is marketing language.

  1. Audit trail

    Every tag, component score, coupling result, and report is logged with: timestamp, source (model version or analyst ID), confidence, evidence pointers, and review history. Exportable per deployment.

  2. Reproducibility

    Given access to the same input data and the same model version, every output Retelnist produces is deterministic and reproducible. Model versions are pinned per report.

  3. Ground-truth dataset

    Each deployment builds a per-environment annotated dataset of confirmed and rejected operations, used for ongoing model calibration and as a defensibility resource for the client.

  4. Validation against external events

    Where confirmed operations are later disclosed by other channels (government attribution, platform takedown announcements, peer-published research), Retelnist retrospectively validates CWPI against ground truth.

  5. Methodology peer review

    A methodology paper covering the V-engine validity, coupling design, and validation results is in preparation. Until publication, the NDA methodology brief is the authoritative document.

Data sovereignty & infrastructure

Where the data lives, who can see it

Hosting

EU-region only. Hetzner (Helsinki) and Scaleway (Paris). No data leaves EU jurisdiction.

On-premises

Available for sovereign government clients with full instance deployment, including model weights, on client infrastructure.

Data segregation

Strict multi-tenant isolation. No cross-client data sharing. No model fine-tuning on client data without explicit consent.

Access control

Role-based access within client organization; full audit log of all queries, exports, and report generations.

GDPR & DSA alignment

GDPR Article 6 lawful-basis documentation per deployment; DSA Article 40 alignment for in-scope clients.

Adversarial robustness

Specific measures documented in the NDA methodology brief.

Interoperability

Outputs that fit your existing workflow

STIX 2.1

Full export of detected retellings as STIX bundles for ingestion into FIMI ISAC, G7 RRM, or organizational threat intelligence platforms.

EEAS-FIMI report format

Weekly threat briefs structured to match the EEAS FIMI report template, exportable as PDF or Markdown.

DISARM tag export

Per-operation tag manifests for cross-validation with peer organizations.

API access

REST API for organizations integrating CWPI signals into their own dashboards or alerting systems. Rate-limited per deployment.

xAPI / SCORM

For the Training module — scenarios deploy as standard learning objects with full xAPI behavioral telemetry.

See /train

Citations

The research Retelnist is built on

DISARM Framework

DISARM Foundation. DISARM Red Framework v2. Open governance, community-maintained.

Information operations taxonomy

EEAS. FIMI Threat Methodology and Reporting Framework. European External Action Service, ongoing publication series.

NATO cognitive doctrine

NATO Allied Command Transformation. Cognitive Warfare Concept. NATO ACT publications.

Inoculation theory (training module)

McGuire, W. J. (1961). The effectiveness of supportive and refutational defenses in immunizing and restoring beliefs against persuasion. And: van der Linden, S., & Roozenbeek, J. (2020). Psychological inoculation against fake news. And the broader inoculation-at-scale literature 2017–2024.

Statistical methods

Efron & Tibshirani, An Introduction to the Bootstrap (1993); permutation testing per Good, Permutation, Parametric, and Bootstrap Tests of Hypotheses (2005).

Coupling and causal inference

Methodology brief, in preparation for peer-reviewed publication.

Request the full methodology brief

The NDA layer, documented in full

Available to verified buyers under NDA. The same verification process used for platform briefings.

Request a verified briefing →methodology@retelnist.com

PGP key available on request.

Full brief covers

  • Complete V(x,t) component formulas with weighting
  • Identity-coupling lexicon construction methodology
  • Full coupling analysis derivation, including endogeneity treatment
  • Validation results against confirmed historical operations
  • Adversarial robustness measures
  • Internal architecture and pipeline documentation