For smart factory architects, IT, and OT leads

Smart Factory Architect

Machines publish via MQTT. ERP context arrives through REST. AI agents connect through MCP. Every integration point is typed, documented, and deployed as a Docker-native edge service — owned by the factory, not the vendor.

check_circle

Inspect edge topology

check_circle

Trace data contracts

check_circle

Verify integration points

flag

Deploy custom service

A Single Pane of Glass

Explore the Unified Namespace directly from the architect view. Search live MQTT topics, inspect machine paths, and watch the factory data model breathe.

Reconnecting…·0 topics

Waiting for the first messages…

Connected to the factory broker. Topics will appear here as data starts flowing.

Typed Control Plane

Integrate through a typed control plane, not a pile of ad hoc endpoints. PREKIT uses a standard OpenAPI surface as the metadata and discovery layer.

check_circleAuto-generated clients from the OpenAPI schema for typed integrations.
check_circleSignal discovery by semantic contract instead of hardcoded topic guessing.
check_circleSystem elements, permissions, annotations, and service inventory live behind one API.

Relevant for ERP, MES, historian, and partner applications that need discovery before subscription.

GET /api/v1/signals/?implements_contract=EdgeExecutionContext

{
  "results": [
    {
      "name": "execution-context",
      "data_type": "json",
      "implements_contract": "EdgeExecutionContext",
      "topic": "alp/v1/_Metric/factory/conching/unit-04/execution-context"
    }
  ]
}

smart_toyAsk the factory anything

Live Technical Assistant

Uses the same live factory, ERP, topology, and curated MCP tool surface that powers the public assistant.

Governance & Identity

The same platform that opens the factory also enforces who can see, publish, and change what.

fingerprint

IAM

Keycloak with OAuth2 / OIDC

policy

RBAC

Role-based and ISA-95 namespace-resolved resource access control

key

Namespaces

subscribe / publish / read / write

vpn_lock

mTLS

Service-to-service trust

workspace_premium

Private PKI

Smallstep-issued certificates

Security Model

roles:
  - prekit_admin
  - prekit_editor
  - prekit_viewer
namespace_scopes:
  - subscribe
  - publish
  - read
  - write
  - annotate
  - delete
mqtt_auth:
  - certificate-based
  - keycloak tokens
service_to_service:
  - mTLS
  - private PKI

Semantic Contracts

Semantic contracts preserve execution meaning across ERP, machines, and agents.

EdgeExecutionContextVALIDATED

Published on the signal’s normal PREKIT _Metric topic. The contract lives inside Metric.value_json.

Discover via GET /api/v1/signals/?implements_contract=EdgeExecutionContext

event_type: execution_start
asset_id: 4
lot_nr: 23018
timestamp: 2026-04-04T07:42:18Z
source: plc_auto
order_nr: 992
step_id: 2
operator_id: OP-17
context:
  recipe: Dark 78%
  shift: A

Deploy Custom Services In The Namespace

deployed_codeDocker

PREKIT generates Docker Compose deployments from edge YAML. Custom services are declared in the node spec, registered into the service inventory, and can publish their own ServiceDetails into the same architecture.

custom_services:
  - name: chocolate-ai-copilot
    service_type: agent
    description: Partner-provided orchestration service

# declared in node YAML
# added via docker-compose.override.yaml
# registered into PREKIT service inventory

How PREKIT Makes It Inspectable

check_circleGenerate: `prekit generate <node>` renders the compose package.
check_circleRegister: service name and `service_type` are added to PREKIT’s service inventory.
check_circleObserve: architecture metadata and KPIs let the service appear in the architecture layer.
check_circleGovern: mTLS, PKI, and namespace rules apply across the same runtime.

Inspect this stack with your own integration in mind

This factory stays public on purpose. If you want to compare your own connector, service, or agent flow against the same live context shown here, use this demo as the reference point.

Contact Alpamayo