industrial-aiops/industrial-aiops

iaiops — industrial data tap + intelligent troubleshooting

One governed MCP server exposing 66 tools across 8 industrial protocols plus a cross-protocol intelligence layer. Every tool runs through the iaiops governance harness (audit / budget / risk-tier / undo). Read-first. The 6 write tools are gated as Management-of-Change: risk=HIGH, dry_run=True by default, CLI requires a double-confirm, the before-value is captured for undo. Never write to a production control system without authorization. Preview / mock-or-sim validated — verify against live equipment. Start with protocols_supported to see what's configured and <protocol> doctor to test a link.

When to route here

Task mentions: OPC-UA / opc.tcp, Modbus, Siemens S7 / S7-1200/1500, Mitsubishi / MELSEC, MTConnect / CNC machine monitoring, MQTT / Sparkplug B / Unified Namespace, Allen-Bradley / ControlLogix / CompactLogix / EtherNet-IP, EtherCAT / CoE / SDO / PDO / SOEM, OEE / downtime, OT asset inventory, "no data / stale tag" diagnosis, alarm flood / ISA-18.2.

Tools by protocol

OPC-UA (read-only) — opc.tcp endpoints

• opcua_server_info — status, build info, namespace array
• opcua_browse — browse node tree from a node id (bounded depth)
• opcua_read_node — value + datatype + source timestamp + status code
• opcua_read_many — batch read node ids (bounded)
• opcua_subscribe_sample — bounded sampling, then returns (never loops)
• opcua_read_alarms — best-effort active alarm/condition surfacing
• opcua_read_history — Historical Access (HDA): raw history over a [start,end] window
• health_summary — classify node-ids vs warn/alarm thresholds
• anomaly_scan — sample a node, flag statistical outliers

Modbus-TCP (read-only here)

• modbus_read_holding (FC03), modbus_read_input (FC04), modbus_read_coils (FC01), modbus_read_discrete (FC02) — with decode hints
• modbus_health_summary — classify registers vs thresholds

Siemens S7comm (pyS7; S7-300/400/1200/1500)

• s7_cpu_info — CPU identity + run/stop
• s7_read_area — read N items of a type from an S7 memory area
• s7_read_db — read N items from a data block
• s7_read_many — batch raw pyS7 address strings
• s7_write_db — [WRITE][HIGH][MOC] write one value to a DB (off by default)

Mitsubishi MC (pymcprotocol 3E; Q/L/iQ)

• mc_cpu_status — MELSEC CPU type/code
• mc_read_words / mc_read_bits — batch word/bit devices from a head device
• mc_read_many — random-read scattered word + dword in one request
• mc_write_words — [WRITE][HIGH][MOC] write words (off by default)

MTConnect (read-only; all CNC machine tools)

• mtconnect_probe — device model (devices → components → data items)
• mtconnect_current — latest value of every data item (machine snapshot)
• mtconnect_sample — bounded stream of recent observations
• mtconnect_assets — cutting tools / fixtures / programs
• mtconnect_oee_snapshot — availability / execution / mode / program (OEE inputs)

MQTT / Sparkplug B / UNS (paho-mqtt; full Tahu protobuf decode)

• mqtt_read_topic — plain MQTT bounded message collect
• sparkplug_decode_payload — decode one raw Sparkplug B payload to metrics
• sparkplug_subscribe_sample — bounded sample w/ full decode + birth/death/seq
• sparkplug_node_list — edge nodes/devices + online state + primary-host STATE
• uns_browse — browse the live topic tree (UNS) under a filter (bounded)
• mqtt_publish — [WRITE][HIGH][MOC] publish/command to a topic (off by default)

Allen-Bradley EtherNet/IP (pycomm3; ControlLogix/CompactLogix)

• eip_controller_info — controller identity (proves the CIP link)
• eip_list_tags — discover controller tag list (names/types/structures)
• eip_read_tag — read one tag (or array element) with its type
• eip_read_many — batch read (auto multi-packet)
• eip_write_tag — [WRITE][HIGH][MOC] write one tag value (off by default)

EtherCAT (pysoem/SOEM; Linux + root/CAP_NET_RAW + dedicated NIC + real slaves)

Optional extra pip install iaiops[ethercat]; no software simulator (hardware-only, macOS unsupported). Tools degrade to a teaching error if pysoem/permission/NIC/bus is missing.

• ethercat_master_state — master/working-counter state + expected vs found slave count
• ethercat_slaves — bus scan: enumerate slaves (id/vendor/product/rev/addr/AL-state)
• ethercat_slave_info — one slave: SM/FMMU config + object-dictionary summary
• ethercat_read_sdo — CoE SDO upload (acyclic mailbox read of an OD entry)
• ethercat_read_pdo — one cyclic snapshot of a slave's input process-data image
• ethercat_write_sdo — [WRITE][HIGH][MOC] CoE SDO download (off by default)
• ethercat_set_state — [WRITE][HIGH][MOC] AL-state transition (can START/STOP motion; off by default)

Cross-protocol intelligence

Diagnostics — skills umbrella: troubleshooting

• diagnose_dataflow — localize a "no data" break across an endpoint's reachable hops
• historian_health — bad-tag / flatline / gap detection over a series
• alarm_bad_actors — ISA-18.2 alarm-flood analysis (rate vs <6/12/30, Pareto offenders, chattering, standing) over an event list
• tag_health — rank tag offenders by bad-quality / flatline / range / anomaly

Analytics

• oee_compute — OEE = Availability × Performance × Quality
• downtime_events — detect running→stopped transitions, categorize stoppages
• oee_multidim — aggregate OEE across machine × part × shift
• asset_inventory — actively fingerprint endpoints (vendor/model/firmware/protocol) into an asset register (active discovery, not passive SPAN/tap)
• monitor_changes — capture only the value CHANGES of a point over a bounded window

Meta / roadmap

• protocols_supported — capability map (protocols, status, tools, connection params)
• Roadmap: EtherCAT EoE/FoE/SoE mailbox protocols; EtherNet/IP PLC-5 / SLC (PCCC), Micro800; passive asset discovery; OPC-UA certificate security.

Setup

iaiops init (interactive wizard, per-protocol prompts) writes ~/.iaiops/config.yaml; credentials go to the encrypted store (~/.iaiops/secrets.enc, master password via IAIOPS_MASTER_PASSWORD). Run iaiops doctor to probe each configured endpoint. Full per-protocol reference, connection params, simulator-test guide, and MCP JSON examples are in the README.

Safety

Read-first. The 6 write tools (s7_write_db, mc_write_words, mqtt_publish, eip_write_tag, ethercat_write_sdo, ethercat_set_state) default to dry_run=True, require a CLI double-confirm, and record an undo descriptor from the captured before-value/state. EtherCAT state changes can START or STOP machine motion. Do not point this at production control systems without authorization. No tool returns secrets.