Water Utilities AI: Critical Infrastructure Decision Governance
Water and wastewater utilities have the same AI opportunity many industrial operators see today: use models to summarize alarms, organize operating procedures, accelerate incident reporting, and reduce the time it takes staff to find the right operational context. The constraint is obvious. These are critical infrastructure environments where a helpful summary and an unsafe recommendation can be only one workflow apart. Teams need AI assistance, but they also need the system to preserve human accountability, provider restrictions, and clear evidence about how a route was used.
Keeptrusts works well in that environment because it governs the AI path instead of pretending governance happens later. With RBAC, Data Routing Policy, Human Oversight, and Audit Logger, utilities can support plant operators, control-room staff, engineering teams, and compliance groups without giving them one uncontrolled model lane. The related material in Critical Infrastructure, Energy & Utilities, Regulated Execution, and Centralize AI Observability helps position AI as governed support infrastructure rather than unmanaged experimentation.
Use this page when
- You are using AI in water treatment operations, incident reporting, engineering support, or compliance documentation.
- You need to avoid turning AI into an unreviewed decision path for plant or network operations.
- You want infrastructure-grade controls around provider routing, human review, and event evidence.
Primary audience
- Primary: Technical Leaders
- Secondary: Technical Engineers, plant operations leaders, compliance and resilience teams
The problem
Utilities often begin with low-risk AI use cases such as report drafting or procedure search, then discover that users naturally pull the assistant toward more consequential questions. The operator who asks for a shift summary today asks for help interpreting an abnormal trend tomorrow. The engineer who summarizes a maintenance packet today asks the model to compare options during an event next week. That is not misuse. It is what happens when the tool becomes useful. Without a governed boundary, the route silently migrates from productivity assistance toward operational influence.
Water utility environments also carry infrastructure-specific sensitivity. Treatment-process details, security notes, incident history, vendor access information, and plant-specific vulnerability context can all be risky if they move through the wrong provider path. If the system cannot enforce routing standards such as zero retention or local-only processing expectations, the organization has no strong answer when security, resilience, or regulatory stakeholders ask how the AI path is controlled.
There is also a trust issue inside operations. Plant and network teams are more likely to adopt AI when they can see that the system is designed to support their work, not to bypass their judgment. If the route does not visibly preserve human review and auditability, adoption either stalls or moves underground.
The solution
The right model is to make the route itself reflect the operational boundary. Start with RBAC so requests carry identity and operational context such as site, role, or business function. That keeps a compliance analyst, plant operator, and engineering lead from inheriting the same AI privileges simply because they work at the same utility.
Then use Data Routing Policy to require the provider handling profile appropriate for critical infrastructure workflows. For routes that support higher-consequence interpretation, add Human Oversight so the assistant remains a governed decision-support tool rather than an autonomous actor. Finally, use Audit Logger and Regulated Execution to create reviewable evidence and stronger operational control around the workflows that matter most.
Implementation
This example creates a water-utility route that reserves broader support tools for approved roles and blocks provider fallback when the required handling profile is unavailable.
pack:
name: water-utility-critical-ai
version: 1.0.0
enabled: true
policies:
chain:
- rbac
- data-routing-policy
- human-oversight
- audit-logger
policy:
rbac:
deny_if_missing:
- X-User-ID
- X-User-Role
- X-Site-ID
roles:
plant-operator:
allowed_tools:
- summarize_shift_log
- search_operating_procedure
process-engineer:
allowed_tools:
- summarize_shift_log
- compare_process_notes
compliance-manager:
allowed_tools:
- summarize_incident_report
- draft_regulatory_response
data-routing-policy:
require_zero_data_retention: true
sanitize_before_provider: true
local_only_processing: true
on_no_compliant_provider: block
log_provider_selection: true
human-oversight: {}
audit-logger: {}
The point is not to encode every plant procedure inside the policy. The point is to stop the AI boundary from becoming more permissive than the operational environment allows. A route can still be useful for summaries, reports, and structured analysis while clearly preserving a review step for higher-consequence workflows.
Teams should validate the behavior before broader rollout:
kt policy lint --file ./water-utility-critical-ai.yaml
kt gateway run --policy-config ./water-utility-critical-ai.yaml --port 41002
kt events tail --policy data-routing-policy
kt events tail --policy human-oversight
That gives operations and security teams immediate evidence about provider selection, blocked fallbacks, and oversight-triggered workflows before the route becomes part of routine daily use.
Results and impact
Utilities that adopt this pattern usually gain confidence faster because the governance model matches how critical infrastructure teams think. AI is allowed where it clearly helps, but the path is constrained and reviewable. That makes operational leaders more willing to permit use in real workflows instead of limiting the technology to isolated pilots.
The other benefit is post-event clarity. If AI was involved in preparing an incident narrative or supporting an engineering review, the utility can inspect the event trail and confirm whether the route behaved as designed. In infrastructure environments, that ability to reconstruct the decision-support path is often a prerequisite for long-term adoption.
Key takeaways
- Water utility AI should strengthen operational discipline, not create a side channel around it.
- Use RBAC to separate operator, engineer, and compliance roles.
- Use Data Routing Policy to require compliant provider handling for critical infrastructure workflows.
- Use Human Oversight and Regulated Execution for higher-consequence support.
- Use Audit Logger so incident and resilience reviews start from evidence.