ITAR · EAR · ISO 27001 · IEC 62443 · NIST 800-171

AI safety + IP control for manufacturing

The eval + guardrail + red-team + audit platform for industrial, advanced, and defense manufacturing. Block ITAR/EAR-controlled-technical-data leakage at the gateway, prove engineering-doc AI is faithful to source CAD/specs, satisfy ISO 27001 + IEC 62443 audit obligations.

0
Scorers
0
LLM providers
0
Red-team plugins
0.00ms
Firewall p95

What ships today

Honest posture, not roadmap promises

Every checked item is in production today. In-progress items are flagged explicitly — no overclaiming, no vapor.

ITAR / EAR controlled-technical-data firewall (CTI markings)
ISO 27001 ISMS-aligned control mappings
IEC 62443 industrial-cybersecurity-aligned controls
NIST 800-171 CUI handling for DoD-contractor supply chain
Hallucination scorers for engineering-doc + spec-citation tasks
BYOK + self-host deployment for air-gapped factory networks
CMMC 2.0 Level 2 attestation by accredited firm

Built for buyer reality

Manufacturing AI use cases we ship for

Engineering-doc + spec assistant

Design engineer asks the AI to summarize a 500-page MIL-STD or extract a tolerance from a CAD package. Outputs must be faithful to the source spec — a fabricated tolerance becomes a quality escape on the shop floor.

EvalGuard features

  • Hallucination scorer: faithfulness check against the loaded spec corpus
  • Citation-coverage scorer: every numeric claim cited to the source document + page
  • Output guardrail: block mode rejects responses with un-cited tolerances or material grades
  • Audit log: every spec query linked to engineer + part number for QMS recoverability

Shop-floor operator chatbot

Operator asks the AI about a fault code or a setup procedure. AI must not hallucinate a setup that could damage a $2M tool or injure the operator. Crisis-level safety obligation.

EvalGuard features

  • Output guardrail: block mode on safety-critical procedure questions (require human escalation)
  • Faithfulness scorer: every procedure step cited to the verified work-instruction corpus
  • Multi-language support: shop-floor crews are often multilingual; same scorer threshold per language
  • Voice + barge-in support for hands-free factory deployment (gloves, noise environments)

Supplier-data + bid analysis

AI extracts pricing + lead time + compliance claims from supplier bid responses. Cross-tenant isolation matters (supplier A's bid never visible to supplier B), ITAR-restricted suppliers need export-control isolation.

EvalGuard features

  • ITAR firewall: CTI-marked content routed to ITAR-compliant providers only
  • BYOK keys: per-supplier encryption isolates bids per procurement event
  • Cross-tenant RLS: supplier-level isolation enforced at every DB query
  • Tamper-evident audit log: every bid analysis survives the post-award protest window

Predictive maintenance + alert triage

AI ingests sensor telemetry + maintenance history + suggests prioritized maintenance actions. False negatives lead to unplanned downtime; false positives wear out the tech team.

EvalGuard features

  • Faithfulness scorer: every prioritization cited to specific sensor reading + maintenance history
  • Cost ledger: per-line USD attribution for maintenance ROI accounting
  • Output toxicity scorer: catches over-confident urgency language that triggers wolf-cry fatigue
  • Multi-model routing: cheap model for routine alerts, premium model for ambiguous cases

Wire it in 60 seconds

Wrap your OpenAI client. Point baseUrl at your air-gap deploy.

ITAR firewall patterns + spec-faithfulness scorers + ISO 27001 retention live in your self-hosted control plane. Your code just wraps the client and sets `baseUrl`.

typescript
import OpenAI from "openai";
import { wrapOpenAI } from "evalguardai-openai";

const openai = wrapOpenAI(new OpenAI(), {
  apiKey: process.env.EVALGUARD_API_KEY!,
  baseUrl: "https://evalguard.factory.local/api/v1", // air-gap deploy
  projectId: "spec-summary",
  metadata: { vertical: "manufacturing", classification: "ITAR-CTI" },
  blockOnViolation: true,                  // CTI-marked content pre-egress
  evalOnResponse: { failOnScore: 0.9 },    // spec-citation + tolerance gate
});

await openai.chat.completions.create({
  model: "gpt-4o",
  messages: [{ role: "user", content: milStdSummaryPrompt }],
});
Air-gap deploy keeps CTI-marked engineering data inside the factory boundary — never traverses the public internet.
Same integration for Anthropic, Gemini, and 91+ providers — swap wrapOpenAI for wrapAnthropic.

Stack

Six surfaces, one platform

Eval, firewall, red-team, audit, BYOK, dashboard — every surface ships out of the box. No bolt-on vendors, no procurement cycle per capability.

ITAR + spec firewall

Controlled-technical-data marking detection + CUI / IP / supplier-name redaction.

Engineering-faithfulness scorers

Spec-citation + tolerance-numeric-faithfulness + work-instruction-coverage scorers.

Red-team (249 plugins)

Manufacturing pack: spec-extraction, procedure-jailbreak, supplier-data-leak attacks.

Audit log + QMS trail

Tamper-evident audit log + ISO 27001 + IEC 62443 evidence bundles for your QMS auditor.

BYOK + air-gap deploy

Apache-2.0 source — deploy in air-gapped factory networks, BYOK encryption for CTI-marked workloads.

Compliance dashboard

ITAR + ISO + IEC + NIST 800-171 control coverage with auto-generated evidence for your auditor.

Ship factory AI that survives the next ITAR + ISO audit.

Free trial includes the ITAR firewall, engineering-faithfulness scorers, and the full audit log. Air-gapped self-hosted deployment + CMMC + ITAR evidence bundles on request.

Start free trialTalk to founders

Apache-2.0 source · SOC 2 Type II in progress · full trust center