Aelix GridIQ · Grid operations control platform
The control room, finally on one screen.
GridIQ is one role-aware control room that replaces SCADA, OMS, DERMS, and ISO/RTO market-screen tab-sprawl. Live network topology, AMI-based fault localization and outage management, short-horizon load forecasting, and digital switching orders with Lockout/Tagout (LOTO) enforcement. Domain AI agents watch your grid, reason over live data, and draft the next action for operator approval. Grid reliability (SAIDI/SAIFI) is the scoreboard, and an append-only NERC CIP audit trail sits behind every action. Agents do the work. People keep the authority.
SAIDI = System Average Interruption Duration Index. SAIFI = System Average Interruption Frequency Index. AMI = Advanced Metering Infrastructure. LOTO = Lockout/Tagout. DERMS = Distributed Energy Resource Management System.
Agentic AI · Domain agents for the control room · Governed by design
Domain agents for the control room, governed by design.
GridIQ ships purpose-built AI agents for grid operations, not a generic chatbot. They watch your SCADA, AMI, and market feeds, reason over live grid state, draft the next action, and execute it on approval. Running on Aelix Core's built-in agent and workflow engine, the platform layer the whole suite shares.
Agents do the work. People keep the authority.
Outage Response Agent.
Detects and localizes faults from AMI data, drafts a switching/restoration plan, and recommends crew dispatch for operator approval.
Load Forecast Agent.
Continuously produces short-horizon load forecasts and flags anomalies.
Switching Order Agent.
Drafts digital switching orders with Lockout/Tagout (LOTO) checks for operator sign-off.
Market & DER Signal Agent.
Watches market and distributed-energy-resource signals and recommends actions. Human-approved by design. Never auto-executes power purchases or load-shedding. Those commitments always wait for an authorized operator or trader.
Human-in-the-loop authority
On consequential actions (grid switching, load-shedding, market purchases) agents monitor, reason, draft, and recommend. A human approves the commitment. The safety gates are never overridden. Every agent action is logged to the append-only NERC CIP audit trail (governed, attributable, and reversible) and runs inside your single-tenant deployment under role-based permissions, so data never leaves your boundary.
The problem
The operator is the integration layer. That is the tax.
Walk into a distribution control room and count the browser tabs. SCADA/DMS in one. A paper switching order on the desk. A vendor AMI head-end portal in another tab. The ISO/RTO market screen in a third. Spreadsheets bridging the gaps. When a fault hits at 2 a.m., the person at the desk is the only thing connecting those systems. Reading one screen, retyping into another, reconciling price against physical grid state by hand.
That seam is where reliability is lost.
Outages are found slowly and located imprecisely.
Crews roll on coarse information, restoration runs long, and the SAIDI/SAIFI numbers you report to the Public Utility Commission (PUC) drift the wrong way.
Load is managed reactively.
Without a trustworthy short-horizon forecast, the call to fire a peaker or buy shortfall megawatts gets made under time pressure.
Switching is error-prone and weakly auditable.
Paper or semi-digital switching orders with no enforced verification before crew action, and no immutable record, is a NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) liability.
Market participation is detached from grid state.
Locational Marginal Pricing (LMP) decisions happen outside the operations view, so price and physical reality are reconciled manually.
GridIQ collapses those tabs into one console, and puts a forecasting and inference layer plus an append-only audit spine underneath the work.
What GridIQ does
Six capabilities, one console.
Live topology + AMI fault localization
A real-time grid map of substations, lines, and node state (energized, de-energized, fault, frequency, load) streamed from your SCADA/DMS telemetry. When a cluster of smart meters drops out, GridIQ localizes the suspected fault segment against the geospatial topology graph and highlights it on the map.
SCADA and AMI telemetry ingested over a streaming bus into a time-series and geospatial (PostGIS) data layer. Fault localization scored against the topology graph, with a rule-based fallback if the model is unavailable. Operator-perceived event lag is engineered to a sub-2-second target.
Outage management + crew dispatch
One incident registry, a block-level outage map, and crew assignment (dispatched, in-progress, resolved) with the events rolled up into the reliability surface your reliability engineer reports to the PUC.
Localized faults generate incidents that associate to affected customer counts and accrue to a SAIDI/SAIFI time-series rollup, with a reporting view and exportable report. Dispatch is designed around a sub-5-minute time-to-dispatch target after fault detection.
Short-horizon load forecasting
A 24-hour load forecast with a confidence band, plotted against your capacity reference line and demand drivers. So peaker activation and shortfall decisions are made against a number you can trust, not a gut call.
Forecasts served from a dedicated inference service with explicit lower/upper bounds. Every forecast run is persisted and traceable in the audit trail. If the model is down, GridIQ surfaces the last-known forecast clearly tagged as degraded rather than failing silently.
Digital switching orders + LOTO enforcement
Per-step switching workflows with author, approver, and executor roles, and digital Lockout/Tagout that a crew cannot bypass. A step cannot be marked executed until its LOTO tag is digitally verified.
An explicit approve to execute state machine. Actuation routes through a vendor SCADA adapter and blocks at the actuate step with operator notification if the adapter fails. Every state change writes an audit row and a versioned, signed PDF of the order.
Load shedding, DERMS and market interconnect, human-approved
Emergency rolling-blackout planning, distributed energy resource visibility, and live LMP across neighboring interconnects with shortfall-purchase decisioning. All in the same console as the rest of grid state.
GridIQ recommends. The human commits. Load-shedding plans and shortfall-purchase orders are surfaced with price, quantity, and risk context, and are not executed until an authorized operator or trader approves. GridIQ does not autonomously shed load or purchase power. On extended dependency outage, autonomous behavior pauses and falls back to human approval by design.
Append-only NERC CIP audit trail
Every state-changing action (switching steps, shed events, trades, RBAC changes, authentication) records actor, target, before/after, timestamp, and correlation ID, in an append-only log that is the system of record.
Designed so the application database is granted insert-and-read only on the audit log. Records cannot be altered or deleted from within the app. The trail is built to support your NERC CIP scoping and evidence collection, with cold-archive retention.
Why GridIQ
Reliability is the scoreboard. Not a feature.
Reliability is the scoreboard, not a feature.
Most control software measures itself by what it displays. GridIQ measures itself by SAIDI and SAIFI: the regulator-reported reliability metrics your reliability engineer owns. Faster, better-located outage response and a trustworthy forecast are the levers. The reliability numbers are the goal.
Honest autonomy: the AI recommends, the human commits.
We deliberately refuse to auto-execute market buys and load shedding. For conservative utility buyers, that is a safety feature and a trust feature, not a missing one. Autonomy graduates only as risk controls (circuit breakers, auto-pause, proven limits) are demonstrated.
Auditable by construction.
The append-only audit trail is not a logging add-on bolted on at the end. It is the spine: RBAC scoped per module and per substation, SSO with mandatory MFA, digital LOTO enforcement, and an immutable record behind every action. So the audit-evidence question has an answer before it is asked.
Part of the single-tenant Aelix platform.
GridIQ runs on Aelix Core, the secure foundational architecture and the security, compliance, and audit backbone the rest of the suite shares. Single-tenant, deploy-anywhere: in your environment, on-prem or in your private cloud. Isolation is the feature, not the limitation.
What we can prove, and what we are targeting
Pilot-stage. Mechanisms verifiable today, targets honestly framed.
GridIQ is pilot-stage. We are recruiting a controlled design-partner pilot, not claiming live production customers. We will not show you another vendor's invented reliability numbers, because none exist for GridIQ and we will not fabricate them. Here is what we will show you instead: the mechanisms, and the targets they are built to hit.
Mechanisms you can verify in a demo (against live services, never mock)
- AMI fault localization highlighting a suspected segment from a simulated meter-dropout cluster.
- A switching order that blocks at the execute step when LOTO is not verified, and records the attempt.
- A 24-hour load forecast with confidence bands, every run traceable in the audit trail.
- A shortfall-purchase recommendation that will not submit until a trader approves it.
Targets (framed as targets, not results)
MAPE = Mean Absolute Percentage Error. Any forecast accuracy figure shown in the product is labeled 'target.'
Free SAIDI/SAIFI baseline capture
Before any commitment, we can run a baseline capture of your current reliability metrics, so improvement is measured against your real numbers, not ours.
Security and compliance posture
Built for the skeptical compliance and security buyer.
GridIQ is built for the skeptical compliance and security buyer. We state mechanisms and credentials honestly. Nothing we cannot stand behind in a POC.
Designed to NERC CIP standards.
Append-only audit trail, RBAC scoped per substation, and evidence retention engineered to support your CIP scoping. NERC CIP certification is a per-deployment, per-customer engagement, not a vendor badge.
SOC 2 Type II in progress.
A Type II report requires months of operating evidence and cannot be accelerated. We will not imply a report exists before it does.
Single-tenant, deploy-anywhere.
One deployment per utility, on-prem or in your private cloud. Air-gappable: only your chosen outbound integrations (notifications, ISO/RTO APIs) require allow-listed egress.
Identity and access.
SSO via SAML 2.0 / OIDC (Microsoft Entra, Okta, generic SAML). MFA mandatory. Signed, httpOnly session cookies with configurable timeout. No local passwords.
Encryption in transit and at rest.
TLS edge-in with strict transport security and a strict CORS allowlist. Encryption at rest in your environment.
Availability on your terms.
Single-tenant deployment in your environment. Availability designed around your operational requirements, not a shared-cloud SLA. We do not publish an uptime figure.
See it for yourself
See the control room on one screen.
GridIQ is enterprise, SSO-provisioned, and design-partner-led. No self-serve signup, no mock demos. Every demo runs against live services and is labeled where data is illustrative.