Built for the security posture your plant actually has.
Offline operation. Air-gapped readiness. Signed offline licensing that never cuts your data. Secrets redacted by construction. AI-assisted workflows that propose — never silently alter. Trust architecture engineered for OT, not adapted from IT.
Offline by default · RSA-signed local licensing · hash-chained audit · secrets redacted in backups & support bundles · no phone-home.
Why OT software fails security review
Most industrial software was designed in an IT world and patched for an OT one. The architecture assumed a live internet connection for licensing, a cloud back-end for telemetry, a third-party AI service for "intelligence," and a refresh cycle measured in days. Then the software met a real factory.
Real factories don't have any of that. They have isolated control networks. They have plants that cannot be patched mid-shift. They have customers with strict no-cloud policies, export-control regimes, defense contracts, regulated data, or simply a CISO who reads vendor contracts carefully. The IT-shaped software starts requiring exceptions: a special license-server arrangement here, a cloud-bypass mode there, an air-gap workaround over there. Each exception is a compliance bill in waiting.
The right answer isn't to ship the same IT-shaped software with a longer security-questionnaire response. It's to design the trust architecture into the platform from the first commit. That's what Elpis did.
"Each exception is a compliance bill in waiting."
Operational trust, not cybersecurity theater
Production continuity is non-negotiable.
A platform that stops a production line because its license server is unreachable, its cloud back-end is down, or its AI service is externally unavailable has failed its core operational responsibility. EdgeConnect runs offline by default, validates its license locally, and never depends on a remote service to keep machine data flowing.
Air-gapped operation is the default, not a fallback.
EdgeConnect does not require an internet connection at any point in its lifecycle — installation, licensing, configuration, telemetry, or update. Plants on isolated OT VLANs install and run the platform exactly the same way as plants with internet access. There is no "offline mode" because there is no "online mode" — there is just operation.
AI-assisted workflows are constrained by design.
Where AI-assisted workflows are enabled, they generate proposals for an operator to confirm. They do not silently alter routing, transform data, or change configuration. Local-LLM support is mandatory for AI-assisted deployments; cloud LLMs are optional. No plant data is sent to a third-party AI service by default.
Audit trail as a system property, not a feature.
Every configuration change to the gateway is recorded in a hash-chained log with actor identity and timestamp. The log is tamper-evident and replay-ready — not bolted on for regulated-industry sales, but built into the configuration plane itself.
Licensing that never cuts customer data.
A lapsed license blocks configuration changes; it never stops production data from flowing. Your machines keep talking even if your renewal email got stuck in someone's spam folder. The license enforces the commercial relationship — it does not hold operations hostage.
Specific properties to evaluate
Use this as a checklist against any other OT vendor you're considering. Each item is an architectural property of the platform, not an aspirational claim.
- Offline-first by design.
EdgeConnect does not require an internet connection to run, validate its license, or deliver data.
- Air-gapped factories are first-class.
RSA-signed JSON license files validate locally. No phone-home. No cloud licensing dependency. Updates ship on physical media or internal mirrors.
- No forced cloud dependency.
The platform can be entirely on-premise. Cloud destinations are optional, not required.
- Licensing never cuts data.
A lapsed license blocks configuration changes only; production data keeps flowing.
- AI never alters the data path.
AI-assisted workflows propose; humans confirm. No silent state changes. Local-LLM support is mandatory; cloud LLMs are optional.
- Hash-chained configuration audit log.
Every change recorded with actor and timestamp. Tamper-evident, exportable for review.
- Reversible configuration changes.
A draft → validate → apply → rollback flow means untested configuration never reaches the data path, and any applied change can be rolled back.
- Secrets redacted by construction.
Configuration backups and the diagnostic support bundle run through a field-level redaction engine: adapter passwords, certificate private keys, and API tokens are stripped; the signed license file is excluded entirely; any field not explicitly classified fails closed to stripped. A support bundle is designed to be shareable in a support workflow after customer review.
- Per-tag quality codes.
Every data point carries a quality state (Good / Uncertain / Bad / Stale), so downstream systems can distinguish a real value from a stale or unreliable one.
- Fault isolation.
A failing adapter never affects another adapter, route, or sink; a misbehaving sink never blocks a healthy one. Store-and-forward preserves queued data across outages and replays in source order.
- Role separation supported.
Configuration editing, audit review, and data consumption can be assigned to distinct roles. No single operator holds every privilege by default.
- Per-gateway identity.
Each EdgeConnect instance carries a stable UUID and customer/site binding established at first start. Fleet identity is clean and traceable.
- OPC UA Server security modes.
Anonymous + SecurityMode=None is available for commissioning on trusted OT VLANs; production deployments can use Sign / SignAndEncrypt with X.509 certificate-based authentication.
- Application certificate management.
The OPC UA Server auto-generates a self-signed X.509 application certificate on first start; client trust is operator-controlled via standard trust folders.
What the platform refuses to do
Honest framing of what the platform refuses to do is sometimes more useful than what it does:
- Does not phone home for telemetry or licensing. Period.
- Does not require cloud connectivity. Cloud is opt-in. The platform runs identically with no external network access.
- Does not send plant data to third-party AI services by default. Local-LLM-capable is the default posture.
- Does not bypass operator confirmation for AI-proposed actions. AI-assisted workflows never silently alter state.
- Does not export secrets in plaintext in configuration backups or diagnostic bundles. Both are redacted by construction; the license file is never bundled.
- Does not auto-update. Updates are operator-controlled. Plants schedule them against their own shift calendar.
- Does not allow a single shared credential. Role separation is supported from day one.
- Does not depend on a vendor cloud service for any production-critical path. Buffering, replay, alarm capture, and data acquisition all work with the cloud entirely unreachable.
Honest framing on certifications
Elpis does not currently claim ISO 27001, SOC 2, IEC 62443, 21 CFR Part 11, or equivalent framework certification on this page. What we can provide today is evidence of the operational primitives those reviews often ask about: audit trails, role separation, signed local licensing, offline-first behavior, secret redaction, and a deterministic data path.
If your industry requires a specific certification or audit posture, talk to us about your timeline and we will be transparent about where the platform stands today. We will not claim a certification we have not earned, and we will not stage one mid-sales-cycle to win a deal.
What you can verify today — without us claiming any specific framework:
- The configuration audit log produces a hash-chained, tamper-evident record suitable for regulated-industry change-control review.
- The offline-first architecture supports air-gapped deployments and export-control-sensitive environments.
- The AI constraint architecture (proposals + human confirmation + local-LLM support) supports environments where data sovereignty is non-negotiable.
- The secret-redaction engine lets you produce a support bundle that is safe to share without leaking credentials, keys, or the license file.
- The per-tag quality codes and three-way diagnostics support investigations into data provenance and integrity.
Questions your security team is about to ask
"Where does our plant data go?"
Wherever you route it. EdgeConnect publishes to the destinations you configure — MQTT brokers and an OPC UA Server today. Required destinations and protocol scope are confirmed during the security review. Nothing is sent to Elpis by the platform automatically, and no telemetry is collected for our visibility.
"What happens if the license expires?"
Configuration changes are blocked; data keeps flowing. Production continuity is not affected by a licensing event.
"Can your software run completely offline?"
Yes. Installation, licensing, configuration, runtime, and updates can all happen with no internet access.
"How do you handle credentials and secrets at the edge?"
Source and sink credentials are stored encrypted at rest on the edge node. Operator credentials for the Connectivity Studio UI follow standard role-based access control. And exports are redacted before they are written: configuration backups and diagnostic bundles run through a field-level redaction engine that strips passwords, certificate private keys, and tokens, and excludes the license file entirely.
"If we send you a diagnostic bundle for support, what's in it?"
A redacted-by-construction snapshot: status codes, route/source/sink IDs, health metrics, and recent diagnostic events — with adapter passwords, certificate private keys, API tokens, and the license file removed before the bundle is written. Any field not explicitly classified as safe fails closed to stripped. The bundle is designed to be shareable in a support workflow after customer review.
"What happens if a config change breaks the gateway?"
The draft → validate → apply → rollback flow makes every config change reversible. Untested configuration never reaches the data path.
"Can a single operator do everything, or do you support role separation?"
Role separation is supported. Configuration editing, audit review, and data consumption can be assigned to distinct roles.
"What's the audit trail for configuration changes?"
A hash-chained log with actor identity and timestamp for every change. Tamper-evident, exportable for review.
"How does your AI work — does it need our data?"
AI-assisted workflows propose actions for human confirmation. Local-LLM support is mandatory; cloud LLMs are optional. By default, no plant data leaves your environment for AI purposes.
"What network access does the platform require?"
It can run with no internet access at all. Where you do connect it, the required inbound / outbound ports, egress endpoints, and DNS / NTP assumptions are documented and confirmed during the security review against your network policy.
"How are updates delivered and controlled?"
Updates are operator-controlled — never automatic. They can be applied from physical media or an internal mirror, on your own shift calendar. Package-integrity details are confirmed during the security review.
"Does Elpis have remote access to our deployment?"
No vendor remote access is required or enabled by default. Any support access is customer-approved and deployment-specific.
"How are certificates and keys managed?"
The OPC UA Server auto-generates a self-signed X.509 application certificate on first start; client trust is operator-controlled via standard trust folders. Generation, import, and rotation / expiry responsibility for the production trust model are confirmed during the security review.
"What audit logs can we export, and what's the retention model?"
The configuration audit log is a hash-chained, tamper-evident, exportable record with actor identity and timestamp. Retention window, export format, and time source are confirmed during the security review against your change-control requirements.
"Do you provide an SBOM or third-party dependency information?"
No public SBOM program is claimed on this page. Dependency and SBOM information for a specific release is provided during the security review.
"Do you have a public vulnerability-disclosure or incident-response policy?"
No public program is claimed on this page. Deployment-specific security contacts and escalation are established during the security review.
"Can we run a security review against the platform before purchase?"
Yes. We support a pre-purchase security review against a representative deployment.
Where trust lives in the platform
Each critical layer of the platform has a named trust property. Offline operation at the edge. Signed local licensing. Hash-chained configuration audit. Secrets redacted in backups and support bundles. AI proposals at the intelligence layer require human confirmation. Per-tag quality codes propagate end-to-end. There is no "trust feature" because trust is not a feature — it's the architecture.
Talk to our security lead.
Bring us your security-review questionnaire. Bring us your air-gap requirement. Bring us your regulated-industry constraint. We will tell you exactly what the platform does today, what it does not do, and what we are willing to commit to for your deployment.