Skip to main content
IIOS — The platform for organizational reasoning
Overview

Architecture

IIOS is a layered operating system for industrial intelligence. Source systems flow up into a governed knowledge graph, an intelligence layer reasons over it, and experiences compose on top — while identity, governance, and security wrap every call.

ForEnterprise architectsImplementation teamsIT organizations

Reference architecture

The platform is organized into four horizontal layers plus a cross-cutting control plane. Each layer depends only on the published contract of the layer beneath it, which lets teams evolve connectors, storage, or models independently without breaking applications.

Layered platform
Experience layer — workspaces, studios, embedded appsOperating UIworkspaceStudiosvertical appsCopilotsask / actPartner appswhite-labelIntelligence layerReasoning/v1/reasonConfidencecalibrationAgentsscoped toolsShared svcsmeshKnowledge layerKnowledge Graphentities · events · evidenceOntologytyped schemaRetrievalkeyword · vectorIntegration layerConnectorsingestNormalizemap → ontologyStreamingeventsSyncCDC / batchSource systems — SCADA · ERP · MES · historians · documents
Data flows upward; contracts point downward. Nothing skips a layer.

The layers

LayerResponsibilityKey contract
IntegrationIngest and normalize source-system dataConnectors → ontology mapping
KnowledgeStore entities, events, and evidenceGraph query / assert API
IntelligenceReason, score confidence, run agentsreason() / invokeAgent()
ExperienceWorkspaces, studios, embedded & partner appsSDK + HTTP API

Because contracts are explicit, the same application code runs unchanged whether the knowledge layer is backed by a managed cluster in our cloud or an on-premises deployment in an air-gapped facility.

contracts.ts
// Each layer exposes a stable contract to the one above it.
// Applications depend on the contract, not the implementation.

interface KnowledgeLayer {
  query(spec: GraphQuery): Promise<GraphResult>   // read
  assert(mutation: GraphMutation): Promise<void>  // write, with evidence
}

interface IntelligenceLayer {
  reason(question: ReasonRequest): Promise<GroundedAnswer>
  invokeAgent(id: string, input: unknown): Promise<AgentRun>
}

Cross-cutting control plane

Identity, policy, audit, and sovereignty are not a layer — they are cross-cutting concerns enforced on every request regardless of which layer serves it. A graph read, a reasoning call, and an agent action all pass through the same policy engine and land in the same immutable audit ledger.

Control plane
IdentitySSO · SCIMPolicy engineRBAC · ABACAudit ledgerimmutableSovereigntytenant boundaryEvery call
Enforced uniformly for humans, services, and agents.
One enforcement point
There is no separate access model for agents. An agent can never see or do more than the principal that scoped it — the policy engine is the single source of truth.

Implementation patterns

Compose, don't rebuild

Applications reuse the graph, security, and reasoning rather than re-implementing data models per use case. New apps start at the experience layer.

Ontology-first integration

Map each source system to the shared ontology once. Downstream reasoning and agents work against typed entities, not raw tables.

Event-sourced truth

Facts are asserted as time-stamped events with evidence, so history, lineage, and point-in-time queries come for free.

Boundary-aware by default

Every deployment runs inside a sovereignty boundary. Data residency and isolation are configuration, not custom engineering.

Where to go next

Start with the Knowledge Graph to understand the core data model, then read the Reasoning Engine and Deployment guides.