Honest Boundaries
Capability Matrix
Every module listed here is implemented and deployed. This page documents exactly what each module does and — equally important — what it does not do. There are no AI-powered features, no machine-learning models, and no black-box predictions. All calculations are deterministic, auditable, and traceable to published engineering standards.
No ML / AI predictions. Terms like “predictive maintenance” on this platform refer to rule-based threshold triggers derived from statistical calculations (Weibull β, corrosion rate, MTBF trend), not trained ML models. Every trigger condition is listed explicitly in the module detail below.
Generally Available— shipped and supported
Beta— available but API may change
Roadmap— documented as future work, not yet implemented
Asset Registry
Hierarchical asset management with full CRUD, CSV import, and tamper-evident audit trails.
CapabilityWhat it doesWhat it does NOT doStatus
Asset CRUD
Create, read, update, delete assets with tag, class, location, criticality, and P&ID fields.
Does not sync to external EAM/CMMS systems in real time (integration is via CSV or webhook).
Generally Available
CSV bulk import
Import up to 5,000 asset rows per file; maps common column headers automatically.
Does not parse free-form Excel macros or embedded images.
Generally Available
Audit trail
Immutable, cryptographically chained log of every field change with actor and timestamp.
Does not provide field-level rollback; audit log is append-only.
Generally Available
Asset hierarchy
Parent / child hierarchy up to unlimited depth; drag-and-drop reordering.
Does not enforce ISO 14224 taxonomy automatically; tagging is user-defined.
Generally Available
Inspections & RBI
Full inspection lifecycle from scheduling through closure, with API 581 risk-based inspection prioritisation.
CapabilityWhat it doesWhat it does NOT doStatus
Inspection scheduling
Calendar-driven and risk-driven intervals; overdue detection fires governance events.
Does not integrate with physical IoT sensors or vibration analysers directly.
Generally Available
API 581 PoF × CoF scoring
Probability of Failure × Consequence of Failure risk matrix with configurable thresholds; drives inspection priority ranking.
Does not perform full API 581 Level 2 thinning or stress-corrosion cracking sub-models. Scoring is a structured rule system, not an ML model.
Generally Available
Thickness readings
Record nominal, measured, and minimum thickness; calculates remaining life and corrosion rate.
Does not perform Fitness-For-Service Level 3 fracture mechanics assessments automatically.
Generally Available
NDE methods
Log UT, RT, PT, MT, VT readings with method and technician. Calculates next due date.
Does not interpret raw NDT waveform data or image files.
Generally Available
Risk Matrix & FMEA
5×5 consequence × likelihood risk matrix with full FMEA (Failure Mode and Effects Analysis) and RPN trending.
CapabilityWhat it doesWhat it does NOT doStatus
Risk scoring
Manual 5×5 PoF × CoF matrix; colour-coded risk level; configurable consequence categories.
Does not calculate risk scores automatically from sensor data or ML models.
Generally Available
FMEA
Full FMEA workflow: failure modes, effects, causes, detection methods, severity × occurrence × detection RPN.
Does not auto-generate failure modes from equipment class libraries (manual entry required).
Generally Available
RPN trending
Time-series chart of RPN per FMEA item; highlights worsening items.
Does not statistically forecast future RPN values.
Generally Available
Reliability Engineering
Statistical reliability analytics: MTBF, MTTF, MTTR, 2-parameter Weibull analysis via MLE.
CapabilityWhat it doesWhat it does NOT doStatus
MTBF / MTTF / MTTR
Calculates all three metrics from logged failure events at component level.
Does not import or benchmark against external industry failure rate databases automatically.
Generally Available
Weibull analysis
Fits 2-parameter Weibull (β, η) via Maximum Likelihood Estimation from failure event history. Outputs reliability curve, hazard function, MTTF.
Does not perform 3-parameter Weibull, mixed Weibull, or Bayesian reliability analysis. No ML-based failure prediction.
Generally Available
RCM task selection
Supports 4 RCM task categories (time-based PM, condition-based CM, redesign, run-to-failure) with structured justification.
Does not auto-select RCM strategy. Engineer must select and justify each task type.
Generally Available
Predictive maintenance triggers
Rule-based threshold triggers (MTBF decline, remaining life < 20%, Weibull β change) that queue governance events automatically.
Does not use AI or ML to detect anomalies. Triggers are deterministic rule evaluation only.
Generally Available
Corrosion Rate Engine
PL/pgSQL RPC corrosion rate calculator with damage mechanism library and inspection due date automation.
CapabilityWhat it doesWhat it does NOT doStatus
Corrosion rate calculation
Calculates corrosion rate (mm/year) from sequential thickness readings per asset. Returns remaining life and inspection due date.
Does not model electrochemical corrosion mechanisms or predict corrosion from process chemistry alone.
Generally Available
Damage mechanism library
12 pre-seeded damage mechanisms (General Corrosion, SCC, HIC, Fatigue, Erosion, etc.) assignable to assets.
Does not automatically identify active damage mechanisms from NDT data.
Generally Available
Governance & Workflow
Multi-step approval workflows with state machine enforcement, escalation, and cryptographic audit chain.
CapabilityWhat it doesWhat it does NOT doStatus
Approval workflows
Configurable multi-step approval chains with role-based assignment, SLA timers, and automatic escalation on overdue.
Does not support parallel approval branches (all chains are sequential).
Generally Available
State machines
Canonical status enums per entity type (assets, inspections, risks, decisions) with validated transitions enforced at database and service layer.
Does not support custom status values per tenant — statuses are fixed per entity type.
Generally Available
Audit chain
SHA-256 cryptographic hash chain: each audit entry hashes the previous, making log tampering detectable.
Does not use blockchain or distributed ledger technology. Chain integrity is verified by the application, not a decentralised network.
Generally Available
MOC & PTW
Management of Change and Permit-to-Work modules with full lifecycle, governance integration, and asset cross-linking.
CapabilityWhat it doesWhat it does NOT doStatus
MOC lifecycle
Full MOC workflow: initiation, impact assessment, approval, implementation, closure. Linked to asset and governance events.
Does not auto-generate MOC records from CMMS work orders.
Generally Available
PTW lifecycle
Permit-to-Work creation, approval, isolation sign-off, and closure. Linked to asset and responsible engineer.
Does not integrate with physical lock-out/tag-out hardware systems.
Generally Available
Asset cross-linking
MOC and PTW records carry an optional asset_id FK; asset detail page shows linked MOC/PTW records.
Does not enforce one-active-permit-per-asset constraints automatically.
Generally Available
Root Cause Analysis
Structured RCA investigations with causal chain analysis, 5-Why methodology, findings, and corrective actions.
CapabilityWhat it doesWhat it does NOT doStatus
Causal chain
Structured immediate → contributing → root cause chain stored in JSONB metadata. Editable by lead investigator.
Does not auto-suggest root causes from historical data or AI text analysis.
Generally Available
5-Why analysis
Sequential 5-Why entries stored per investigation; displayed in investigation detail view.
Does not enforce exactly 5 iterations; count is flexible.
Generally Available
Auto-trigger from governance
createRcaFromGovernanceEvent() creates a draft investigation pre-linked to the triggering asset and governance event.
Does not automatically assign a lead investigator; must be set manually.
Generally Available
Corrective actions (CAPA)
CAPA records linked to investigation with type, assignee, due date, and status tracking.
Does not automatically verify that corrective actions prevented recurrence.
Generally Available
Shutdown Optimizer
Turnaround and shutdown planning with task management, Gantt visualisation, and critical-path tracking.
CapabilityWhat it doesWhat it does NOT doStatus
Shutdown plans
Create and manage shutdown/turnaround plans with start date, duration, and scope. Links to assets and inspections.
Does not integrate with project management tools (MS Project, Primavera) for schedule import/export.
Generally Available
Gantt chart
Scrollable Gantt view of shutdown tasks with dependency visualization.
Does not auto-reschedule dependent tasks when a predecessor is delayed (manual adjustment required).
Generally Available
Critical path
Identifies the longest dependency chain in the task network.
Does not perform resource levelling or float/slack calculations automatically.
Generally Available
Access Control (RBAC)
Six-role permission model with granular feature gating enforced at both UI and server-action layers.
CapabilityWhat it doesWhat it does NOT doStatus
6-role model
owner / admin / engineer / member / viewer / auditor — each with a distinct permission set enforced at server action and UI level.
Does not support custom role creation or per-user permission overrides.
Generally Available
Feature gating
FeatureGate component wraps restricted UI with a locked overlay for insufficient permissions. Server actions re-validate on every call.
Does not support attribute-based access control (ABAC) or time-limited access grants.
Generally Available
Tenant isolation
Row-Level Security (RLS) on all tables enforces tenant_id boundary. Cross-tenant data access is blocked at DB layer.
Does not support multi-tenant data sharing or federated identity across tenants.
Generally Available
Compliance Engine
Deviation tracking, compliance state per asset, scheduled stale-record checks, and exportable evidence packets.
CapabilityWhat it doesWhat it does NOT doStatus
Compliance state
Per-asset compliance state (COMPLIANT / AT_RISK / NON_COMPLIANT / OVERDUE) driven by inspection due dates and open deviations.
Does not map compliance states to specific regulatory standard clauses automatically.
Generally Available
Evidence packets
Exportable ZIP containing inspection records, audit log entries, and signed documents for a specified asset or date range.
Does not generate regulator-specific report formats (e.g., HSE, PSM, OSHA forms).
Generally Available
Integrations
REST API, webhooks, and CSV I/O. No native CMMS connectors ship in GA — integration is configuration-based.
CapabilityWhat it doesWhat it does NOT doStatus
REST API
All entities accessible via tenant-authenticated REST API with standard CRUD endpoints.
Does not yet publish a versioned OpenAPI spec (roadmap).
Generally Available
Webhooks
10 outbound webhook events (asset.created, inspection.completed, risk.escalated, etc.) with HMAC-SHA256 signature verification.
Does not support inbound webhooks for triggering actions from external systems.
Generally Available
CMMS connectors
SAP PM, Maximo, Oracle EAM, and Infor EAM field mapping documented in integration guide.
Connectors are not pre-built plugins — integration requires mapping configuration and API setup per deployment. No one-click install.
Roadmap
Single Sign-On (SSO)
Supported OAuth identity providers and explicitly unsupported protocols.
SupportedNOT Supported
- Google Workspace OAuth — OAuth 2.0 via Google identity; works with any Google Workspace or personal Google account.
- Microsoft Entra ID (Azure AD) OAuth — OAuth 2.0 via Microsoft identity; supports M365 and Azure AD tenants.
- SAML — Enterprise SAML federation is not supported out of the box. Custom SAML setup requires a professional services engagement.
- LDAP / Active Directory group sync — LDAP directory sync is not supported. User provisioning is OAuth-based only; group-to-role mapping must be configured manually per user.
Data Import, Export & API
Supported bulk data operations and API surface. All formats are tenant-scoped.
OperationDetail
Import
CSV bulk import for assets, inspections, and risks. Column headers are mapped automatically for common field names.
Export
CSV and Excel export for all major entities (assets, risks, inspections, FMEA, reliability events). PDF export for individual inspection reports and compliance evidence packets.
REST API
REST API available for all major entities. Standard CRUD endpoints, tenant-authenticated via JWT. See API Reference for endpoint documentation.
Webhooks
Outbound webhook support via
integration_configs. 10 event types with HMAC-SHA256 signature verification. Inbound webhooks (triggering actions from external systems) are not supported.Last updated: February 2026. This matrix is maintained alongside the codebase — if a capability is listed as GA, the corresponding server action, database migration, and UI component are all shipped.
Found a gap between this document and the product? Open an issue or contact support. Accuracy of this document is treated as a bug.