Security & Compliance

Data flow, encryption controls, access model, SOC 2 posture, and shared responsibility matrix.

Capped AI is air-gapped by design. All AI inference, handover data, alarm logs, and DCS readings stay on the physical appliance inside your plant perimeter. No customer data is transmitted to Capped AI or any third party. The OPC-UA connection to your DCS is read-only and cannot actuate any control.

What does NOT happen

ConcernWhy it doesn't happen
Operator data sent to the cloudAll inference runs on the local H100 appliance. The only outbound signal is an encrypted aggregate health metrics heartbeat — no content, no handover text, no alarm data.
Capped AI can actuate the DCSStructurally impossible. The OPC-UA session is read-only at the protocol level. Capped AI has no write credentials and no actuation path.
Capped AI trains on your dataThe LLM runs locally. No handover text, plant data, or operator input is sent to any AI provider. The model weights are fixed at delivery.
Handovers can be deleted or alteredSigned handovers are written to a WORM (Write Once, Read Many) log. Deletion requires physical access to the appliance and a dual-person integrity process.
Audio data leaves the plantVoice transcription runs locally via Whisper-large-v3 on the H100. Audio is processed on-device and discarded after transcription.
Capped AI engineers can read handoversRemote management access (for software updates) is outbound-only from the appliance to Capped AI Ops Cloud. Capped AI cannot initiate inbound connections to the appliance without your explicit approval.

Data flow guarantees

Data typeWhere it stays
Operator voice/text inputAppliance only — transcribed and discarded
DCS historian readingsAppliance only — read via OPC-UA, stored in local pgvector DB
Alarm logsAppliance only — ingested from DCS, stored locally
Handover draftsAppliance only — generated by local LLM
Signed handovers (WORM)Appliance WORM log — 7-year retention, tamper-evident
Aggregate health metricsCapped AI Ops Cloud — request counts, latency, disk usage only
LLM model weightsAppliance only — delivered at install, updated on your approval schedule

OPC-UA read-only guarantee

The OPC-UA connection between the Capped AI appliance and your DCS historian is configured as a Subscribe session with read-only NodeId access. Specifically:

  • Session type: OpcUa_SubscribeSession (no write capability)
  • Access level: CurrentRead only — write access is not requested and cannot be granted at this session level
  • Firewall rule: TCP 4840 allowed from Capped AI appliance IP to DCS server IP only (no return path for writes)
  • Verified at installation: Capped AI field engineer and your DCS engineer jointly verify that the session cannot write to any NodeId

WORM audit log

Every signed handover is written to a cryptographically sealed append-only log on the appliance:

  • SHA-256 hash of each entry chained to the previous entry (blockchain-style)
  • Operator digital signature (ed25519) applied at sign-off
  • 7-year retention by default (configurable per regulatory requirement)
  • Export to PDF or JSON available via the admin dashboard with audit trail metadata intact
  • Deletion requires dual-authorization (plant manager + Capped AI support) and generates an immutable deletion record

Certifications roadmap

StandardTargetNotes
ISO 27001Year 1 (2026)Information security management — covers appliance, Capped AI Ops Cloud, and software development process
SOC 2 Type IIPost-launchTrust services criteria: security, availability, confidentiality
IEC 62443-4-1Post-launchIndustrial cybersecurity — product security development lifecycle
IEC 62443-4-2Post-launchIndustrial component security requirements
ISO 27001 — company-wideYear 1 (2026)Covers Capped AI's Cairo engineering team, Miami HQ, and all global operations

Pen-test and vulnerability schedule

  • Annual third-party penetration test of the appliance software and Capped AI Ops Cloud API
  • Results shared with Enterprise customers within 30 days of test completion
  • Critical findings remediated within 14 days; high findings within 30 days
  • CVE monitoring via OSV (Open Source Vulnerabilities) for all appliance software components
  • Model weight integrity: SHA-256 checksums verified at delivery and on each update

Incident response

PhaseWhat happens
DetectCapped AI Ops Cloud monitors appliance health metrics. Anomalies trigger on-call engineer within 15 minutes.
TriageP1 = production handover system down; P2 = degraded quality; P3 = minor issue.
CommunicateEmail + shared Slack channel update within first hour of P1 incident.
MitigateCapped AI pushes a signed software patch to the appliance (outbound-only management channel). You approve before installation.
Root causeWritten root cause analysis delivered within 5 business days of resolution.
DiscloseSecurity incidents affecting plant data disclosed within 24 hours of confirmation.

Contact