- Analyzes telemetry and surfaces recommendations grounded to readings — control setpoints stay locked, so the agent informs operators rather than acting on the grid.
- Ontology permissions
Grid, field-ops, and compliance reporting — tuned for safety-critical work.
Energy and utility agents support grid operations, field work, and compliance reporting with hard budget caps and oversight modes set for safety-critical operations. Anything that could touch the physical system is gated, and every action is sealed for the regulator.
Aligned with NERC CIP · ISO 27001 · SOC 2 · NIST CSF
When the system is physical, an AI mistake isn't just a bad answer.
NERC CIP makes critical-infrastructure protection a regulatory floor, and an agent that can influence grid operations or field dispatch carries safety consequences a chatbot never will. The risk is autonomy near a physical system. Cortex tightens oversight for safety-critical work, caps spend hard, and seals every action into a record the regulator can inspect.
Operational support, with autonomy kept away from the controls.
Each agent runs under a tightened oversight mode, hard budget caps bound the spend, and anything near the physical system is gated.
- Schedules and enriches work orders against typed Asset objects, with dispatch actions gated under oversight tuned for safety-critical work.
- Oversight modes
- Assembles NERC CIP and regulatory reports where every figure cites its source reading, sealed into a record the regulator can verify.
- Trust Ledger
- Runs forecasting and optimization under hard 30-day budget caps that block a runaway batch at 100% spend rather than burning the budget.
- Cost governance
- SCADA credentials and control setpoints are locked deny-by-default, and the MCP gateway firewalls every tool call away from operational technology.
- MCP Gateway
The agent advises the operator — it doesn't touch the grid.
Anything that could influence the physical system is gated and the agent's autonomy is tightened for safety-critical work. Control setpoints and SCADA credentials are locked deny-by-default, hard budget caps bound every batch, and every action is sealed for the NERC CIP record.
- Control setpoints and SCADA credentials locked deny-by-default
- Oversight tightened for safety-critical work — high-impact actions pend
- Hard budget caps block a runaway batch at 100% spend with a 402
- Every action sealed into a record the regulator can verify
The verdicts an ops lead and a regulator will see.
These are the literal runtime responses — anything near the physical system fails closed.
- 01
Model the domain
Map the work to typed ontology objects — Asset, WorkOrder, Reading, Outage, Report — with restricted fields like scada_credential / control_setpoint locked at the property level.
- 02
Encode the rules
Translate the obligations above into Policy-as-Code and Action Fabric approvals — the gates fail closed, returning a precise code, not a guess.
- 03
Prove the outcome
Every run lands in a hash-chained Trust Ledger with signed receipts and 10-hop provenance — a record you can hand the regulator.
The controls behind energy & utilities.
The same shared runtime powers every vertical — here are the capabilities and the Solution Pack this industry composes from.
Cost governance
Hard 30-day caps block a runaway batch at 100% spend with a 402.
Oversight modes
Tighten autonomy for safety-critical work — control actions pend.
MCP Gateway
Firewall every tool call away from operational-technology systems.
Trust Ledger
Seal every action into a record the NERC CIP auditor can verify.
Ontology
Model Asset and WorkOrder; lock setpoints and SCADA credentials.
Trust Center
Map control isolation and audit trails to NERC CIP and ISO 27001.
Built for the critical-infrastructure floor NERC CIP sets.
Control isolation, hard budget caps, the MCP firewall, and detection & response are shared across grid, field, and reporting — so you map once, to NERC CIP and ISO 27001 controls. Aligned with, never claiming a certification you don't hold.
AI agents for energy & utilities — questions, answered.
Can an AI agent change a grid control setpoint?
Not autonomously. Control setpoints and SCADA credentials are locked deny-by-default, and any control action is gated under oversight tuned for safety-critical work — so the agent advises the operator rather than acting on the physical system.
How does Cortex isolate AI agents from operational technology?
SCADA credentials and control setpoints are locked at the property level, and the MCP gateway firewalls every tool call — allowlist, DLP, rate limit, risk score — keeping agents away from OT systems.
How does Cortex bound the cost of large analytics runs?
Hard 30-day budget caps block a run once projected spend would exceed the cap, returning a 402 — so a runaway forecasting or optimization batch can't burn through the budget.
Does Cortex help with NERC CIP reporting?
Yes. Compliance reports are assembled with every figure cited to its source reading and sealed into a tamper-evident ledger the regulator can verify, supporting alignment with NERC CIP recordkeeping.
One governed runtime, every regulated vertical.
The controls are the same — the obligations they satisfy differ. Explore another vertical, or see the full set.
Let AI advise the grid — without ever touching the controls.
See the budget gauge, the tightened oversight, and the control isolation behind every energy and utilities workflow.