Vortalis for Energy and utilities

Grid management

The trust layer for AI agents inside forecasting, congestion analysis, dispatch recommendation, and distributed-energy-resource bidding workflows.

Grid management is a reliability-critical domain. The grid-management sub-vertical pack codifies the actions an agent may take inside a forecasting, congestion, dispatch, and DER-bidding pipeline, gates a major dispatch change behind a named human approver, and signs every action into an audit chain a regulator can verify offline. Vortalis does not operate the grid, dispatch generation, or compute the engineering line rating; it governs the agent's actions and produces the audit evidence the operator relies on.

Regulators covered

Which frameworks the energy and utilities pack maps to today.

Framework

Jurisdiction

Coverage

Notes

FERC Federal Power Act Sections 205 and 206

vortalis_proxy/compliance/ferc.py
tests/conformance/regulators/ferc/

Partial

16 U.S.C. 824d and 824e: rates, terms, and conditions for jurisdictional transmission or sale must be just and reasonable. The platform records the agent's rate-related and dispatch actions; the just-and-reasonable determination and the rate filing are the participant's and FERC's.

FERC Order No. 881 (transmission line ratings)

vortalis_proxy/compliance/ferc.py
tests/conformance/regulators/ferc/

Partial

Managing transmission line ratings: the transmission provider uses ambient-adjusted ratings and maintains a rating methodology. The platform records the agent's rating action and basis; the engineering rating and the methodology are the transmission provider's.

FERC Order No. 2222 (DER aggregation)

vortalis_proxy/compliance/ferc.py
tests/conformance/regulators/ferc/

Partial

Distributed energy resource aggregation participation in RTO/ISO markets. A major dispatch change is gated behind a named human; the registration of the aggregation runs on the RTO/ISO systems, not the platform.

NERC CIP-002, CIP-005, and CIP-007

vortalis_proxy/compliance/nerc_cip.py
tests/conformance/regulators/nerc_cip/

Partial

BES Cyber System categorisation (CIP-002, asset-categorisation-dependent and deployer-supplied), electronic security perimeters (CIP-005), and systems security management (CIP-007). Vortalis does not categorise BES Cyber Systems or enforce a physical perimeter; it speaks to electronic access-management and security-event-monitoring controls.

Adapter coverage

Upstream services Vortalis adapts for this vertical.

No Vortalis-side adapters ship for this vertical today. The calling system holds the upstream credentials (energy management system, SCADA/EMS interface, RTO/ISO market gateway) and Vortalis governs the action at the agent boundary rather than at the upstream-API boundary.

Action vocabulary

The policy template for this vertical.

Actions allowed

Each action gated by policy at the hot path.

Anticipated require_human actions

dispatch.major_change

Rate-limit posture

5 000 forecast.generated per 1-hour rolling window; 5 000 congestion.analysed per 1-hour rolling window; 2 000 dispatch.recommended per 1-hour rolling window; 200 dispatch.major_change per 1-hour rolling window; 2 000 der.bid_submitted per 1-hour rolling window; 20 000 telemetry.ingested per 1-hour rolling window. Defensible for a single control area; high-throughput operators raise after agreement with the reliability function.

Template path: policies/sectors/energy-utilities/grid-management-template.yaml

Integration brief

The implementation guide your engineers read first.

Available

docs/governance/integration-briefs/energy-utilities-grid-management.md

Honest limits

What this sector pack does not do.

Vortalis does not operate the grid or dispatch generation; the operator does.

The policy template gates 9 actions including forecast.generated, dispatch.recommended, and dispatch.major_change. It does not run the energy management system, send the dispatch instruction to the plant, or compute the engineering line rating. The dispatch outcome runs on the operator's EMS and the RTO/ISO systems; the major dispatch change is gated behind a named human through the require_human flow.

NERC CIP depends on operator-side asset categorisation and physical security.

NERC CIP-002 requires the operator to categorise its BES Cyber Systems, and the applicability of the downstream CIP controls flows from that. Vortalis does not categorise BES Cyber Systems and does not enforce a physical security perimeter (CIP-006). The platform speaks to electronic access-management (CIP-005) and security-event-monitoring (CIP-007); the categorisation and the physical security are the operator's.

Counterparty certification with grid operators and ISO-RTOs is the operator's responsibility.

The agent acts against the operator's EMS and the RTO/ISO market systems. The registration of a DER aggregation, the connection agreement with the grid operator, and the certification with the ISO-RTO are the operator's. Vortalis governs the agent at the action boundary and records the trail; it does not stand in for the operator's certifications.

Reliability and dispatch gates depend on operator process.

The require_human gate on dispatch.major_change is the mechanism; the substance of the reliability review (the contingency analysis, the dispatch authority, the operating limits) is the operator's. A misconfigured require_human list is an operator error, not a platform guarantee.

The general-purpose honest limits sit at /security/limitations; this list is specific to the energy and utilities pack.

Bring Vortalis to your energy and utilities agents.

Read the integration brief if you would rather start with the engineering detail. Talk to us first if you would rather start with a conversation about your threat model.

Read the integration brief Talk to an engineer