Confidential Β· engineering reference

Engineering, Security & Scientific Foundations

This document states, transparently and with citations, exactly what HydroManifold is built on. Every mechanism below is a standard, accepted industry or academic practice for operating water-monitoring and equipment-management software in real time and for forward planning. Nothing here is experimental, novel, or theoretical. Where the product makes an engineering choice, that choice is named as a choice and justified by established science β€” never presented as a law of nature.

Assurance statement

HydroManifold contains no experimental or unproven theories. It is assembled entirely from established, peer-reviewed and industry-standard methods β€” the same methods already in widespread industrial and academic use for water telemetry, reliability engineering, statistical monitoring, condition-based maintenance, time-series forecasting, cryptographic integrity, and access control. Its real-time monitoring follows accepted water-utility practice, and its forward-looking analysis is best-effort forecasting derived from data β€” not hunches, not guesses, and not unvalidated models.

Concretely, the product commits to the following:

What "nothing experimental" means here β€” and an honest scope note

"Manifold" in this product is not a new invention. It is the ordinary mathematical object used throughout modern data science and machine learning. HydroManifold does not attempt to prove new technology; it exploits proven methods. To keep that promise honest, two scope facts are stated plainly:

Demonstration build. This reference deployment runs on representative / simulated telemetry and uses dependency-free, demonstration-grade cryptography so the whole design can be inspected and run from a single folder. A production installation binds to certified field instruments and replaces the demo digest/cipher with FIPS-validated cryptography (see Security). The methods are production-grade and standard; the demo's data and key handling are clearly labelled as demonstration scaffolding.
No performance claim. Representing data on a manifold is a clarity and modelling choice β€” it organizes supply, integrity and health into one inspectable picture. It is not claimed to make the software faster than conventional code. We do not overstate it.

Scientific foundations & proofs

Each building block below is named with the established body of work it comes from. Citations are listed in References.

1 Β· The manifold & latent representation

The manifold hypothesis β€” that real-world high-dimensional data concentrates near a lower-dimensional manifold β€” is a foundational, tested premise of modern machine learning [Fefferman–Mitter–Narayanan 2016; Cayton 2005; Bengio–Courville–Vincent 2013]. It is the same premise under embeddings, latent factors and dimensionality reduction (PCA [Pearson 1901; Hotelling 1933]; matrix factorization in industrial recommender systems [Koren–Bell–Volinsky 2009]). HydroManifold uses this exactly as the field does: it places each station's operating state on a low-dimensional manifold (supply Γ— integrity) so that "health" is a position in that space. This is established, widely-adopted science β€” not a proposal.

2 Β· Why health is multiplicative: z = xΒ·y

The choice to multiply supply-adequacy (x) by integrity/quality (y) is grounded in series-system reliability theory, where the reliability of a system whose components must all function is the product of the component reliabilities, R = R₁·R₂·…·Rβ‚™ [O'Connor–Kleyner; MIL-HDBK-217F; IEC 61508]. A series product has the correct safety property: if any one factor collapses to zero, the whole collapses to zero. That is precisely the behaviour water operators need β€” perfect pressure with contaminated water is not healthy. The multiplicative form is therefore the standard, conservative modelling choice, not a novelty.

System health manifold: supply adequacy (x) by integrity/quality (y), colored by health z = xΒ·y, with tier-boundary contours.
The health manifold: every operating state is a point in supply (x) Γ— integrity (y); color is health z = xΒ·y. Dashed lines are the tier boundaries (Healthy / Watch / Warning / Alarm / Critical). The same spectrum colors every station live.

3 Β· Real-time anomaly & alarm detection

Live deviation detection uses statistical process control β€” Shewhart control limits, the Western Electric run rules, and EWMA/CUSUM for drift [Shewhart 1931; Page 1954; ISO 7870]. These are the textbook, century-old, universally-adopted methods for distinguishing real excursions from noise. Fixed regulatory alarm thresholds (turbidity, chlorine residual, pH, pressure) are taken directly from SDWA / National Primary Drinking Water Regulations and AWWA practice and are editable per jurisdiction in the CMS.

4 Β· Forward planning (forecasting)

Demand and reserve forecasts use established time-series methods β€” exponential smoothing (Holt–Winters) and Box–Jenkins ARIMA [Box–Jenkins 1970] β€” the standard toolkit for utility demand forecasting. Forecasts are presented as best-effort projections with their basis shown, never as certainties. This is the "data, not hunches" guarantee made concrete.

5 Β· Equipment health & predictive maintenance

Asset degradation and maintenance scheduling follow recognized condition-monitoring standards β€” ISO 13374 (data processing & presentation), ISO 17359 (general guidelines) and ISO 20816 (mechanical vibration severity) β€” the accepted basis for predictive/condition-based maintenance in industry.

6 Β· Hydraulics & sensor siting

Network behaviour and sensor placement reference the EPANET hydraulic & water-quality modelling engine (US EPA) β€” the de-facto standard the commercial tools are built on β€” and the peer-reviewed sensor-placement literature, including the Battle of the Water Sensor Networks benchmark and EPA's TEVA-SPOT methodology [Rossman/EPANET; Ostfeld et al. 2008]. See Sensor placement assessment.

7 Β· Integrity, cryptography & access control

Tamper-evidence uses hash chains / Merkle structures [Merkle 1979; RFC 6962 Certificate Transparency] β€” the same construction under Git and certificate transparency logs. Production signing and encryption use NIST/FIPS-validated primitives: SHA-2 [FIPS 180-4], HMAC [FIPS 198-1], EdDSA/ECDSA [FIPS 186-5], AES [FIPS 197]. Access control implements the NIST RBAC model [ANSI INCITS 359-2004], least privilege [Saltzer–Schroeder 1975] and Zero Trust [NIST SP 800-207]. Industrial-control security follows ISA/IEC 62443 and AWWA G430 / EPA AWIA risk-and-resilience expectations.

8 Β· Disciplined AI (deterministic guardrails)

The failsafe layer applies runtime verification [Leucker–Schallhart 2009]: an independent, deterministic oracle (truth tables, logic gates, range checks, a drift state machine) validates every AI-proposed value before it is accepted β€” the same principle as a type checker or a test oracle. AI proposes; established deterministic logic disposes. No machine-learning output is trusted without passing fixed checks.

Established science vs. engineering choice β€” stated honestly

Transparency requires drawing the line clearly:

Established science / standards we exploit
  • Manifold hypothesis & latent representation
  • Series-system reliability (multiplicative)
  • Statistical process control (anomaly/alarm)
  • ARIMA / exponential smoothing (forecasts)
  • ISO condition-monitoring standards
  • EPANET hydraulics; sensor-placement research
  • Merkle/hash-chain integrity; FIPS crypto
  • NIST RBAC, least privilege, Zero Trust
  • Runtime verification of computed outputs
Engineering choices (justified, not "new science")
  • Using z = xΒ·y as the single health scalar β€” justified by series reliability
  • "Seed β†’ bloom" storage β€” ordinary lazy / on-demand materialization from computer science
  • One generic schema-driven renderer for every domain β€” a software-design choice
  • Specific default alarm bands β€” taken from SDWA/AWWA, editable per jurisdiction
  • Demo digest/cipher β€” a labelled placeholder for FIPS crypto
We do not claim: any new mathematics; any unproven model; any computational speed-up from the manifold; or fitness for safety-critical use without the operator's own validation. Those would be overstatements, and this product makes none of them.

Standards & industry-practice conformance

Every major capability maps to a recognized standard or accepted practice for water-monitoring and equipment-management software:

CapabilityEstablished basis / standard
Drinking-water quality limits & reportingEPA Safe Drinking Water Act; National Primary Drinking Water Regulations (40 CFR 141); Lead & Copper Rule; Revised Total Coliform Rule
Distribution & asset practiceAWWA standards & manuals (e.g., G430 security, M-series)
Telemetry / SCADA integrationDNP3 (IEEE 1815), Modbus; historian practice
Hydraulic & water-quality modellingEPANET (US EPA)
Sensor placementBWSN benchmark; EPA TEVA-SPOT methodology
Anomaly / alarm detectionStatistical process control (ISO 7870; Shewhart/EWMA/CUSUM)
Demand / reserve forecastingARIMA & exponential smoothing (Box–Jenkins; Holt–Winters)
Equipment condition monitoringISO 13374, ISO 17359, ISO 20816
Reliability scoringSeries-system reliability (IEC 61508; MIL-HDBK-217F)
Audit integrityHash chains / Merkle (RFC 6962); FIPS 180-4 SHA-2
Signing & encryption (production)FIPS 198-1 HMAC, FIPS 186-5 EdDSA/ECDSA, FIPS 197 AES
Access controlNIST/ANSI RBAC (INCITS 359-2004); NIST SP 800-207 Zero Trust; least privilege
ICS / OT securityISA/IEC 62443; EPA AWIA risk & resilience; AWWA G430
AI output validationRuntime verification; deterministic test-oracle pattern

Security features (comprehensive)

Security is layered; each layer is an accepted control:

Verify it yourself: in the platform, open any collection and click πŸ” Verify seal. The platform recomputes every record's signature against the manifold shape and reports whether all records verify or how many fail β€” making tampering visible at a glance.

Modern encryption + the manifold security advantage

Production HydroManifold uses current, standards-grade cryptography β€” there is nothing home-grown in a real deployment:

On top of that standard cryptography, the manifold adds a second, structural layer of security that per-record encryption alone does not provide:

The manifold security advantage. Encryption protects each value; the shape-folded manifold protects the relationships between every value. Because each parameter is folded into a keyed running shape derived from the entire ordered history, the configuration has a single global fingerprint that is:
  • Whole-set tamper-evident β€” altering, inserting, deleting or reordering any parameter anywhere changes the global shape and every signature after it, even if an attacker could decrypt and re-encrypt an individual record.
  • Unforgeable without the key and full history β€” the next shape cannot be predicted, so a valid-looking forged state cannot be fabricated; this is the "impossible to predict" property.
  • One-glance verifiable β€” a regulator or operator confirms the integrity of the entire configuration from one fingerprint, not by trusting thousands of separate records.
This is the same proven hash-chain construction used by Git and certificate-transparency logs [Merkle; RFC 6962] β€” applied across the whole parameter manifold rather than a single ledger. It is an added benefit, not a replacement for encryption: modern encryption protects the data; the manifold proves the data is whole.

Monitoring the monitors

The system watches its own watchers, following condition-monitoring and SPC practice:

Operations: parameters & turning on monitors

HydroManifold is configured, not reprogrammed. You change the parameters; the program is unchanged.

  1. Pick the collection (regulations, equipment, accounts, conservation, etc.) in the left nav. Each is a schema-driven module β€” fields, types and validation come from its schema.
  2. Add a parameter / record. Use + New. RBAC checks your role can edit; the entry is validated, signed, folded into the manifold shape, written to the encrypted store, and recorded in the audit log.
  3. Turn on a monitor. Defining a station/asset with its sensor set (and thresholds drawn from the regulations collection) enables its live monitor β€” EKG-style trace, alarm bands and the z = xΒ·y health color. Thresholds are parameters, so enabling/retuning a monitor is data entry, not a code change.
  4. Export / report. Any collection exports to CSV; reports and FOIA extracts are generated from the same governed data.

Configuration & accuracy audits (built in)

System schematic, plans & equipment

A representative distribution system and its instrumentation. Real deployments load the operator's own network (e.g., from an EPANET model) β€” this is the standard layout the monitoring maps onto.

flowchart LR SRC[("Source
well / surface intake")] -->|raw| TRT["Treatment plant
coagulation Β· filtration Β· disinfection"] TRT -->|finished| PS["Pump station"] PS --> STO[("Storage
tank / reservoir")] STO --> TM["Transmission main"] TM --> DZ1["Distribution zone A
(DMA)"] TM --> DZ2["Distribution zone B
(DMA)"] DZ1 --> SVC1["Service connections / meters"] DZ2 --> SVC2["Service connections / meters"] classDef s fill:#0e1622,stroke:#3fd0ff,color:#dbe7f5; classDef t fill:#0e1622,stroke:#ffcf4a,color:#dbe7f5; class SRC,STO s; class TRT,PS,TM,DZ1,DZ2 t;

Standard instrumentation by location

LocationTypical sensors / equipmentWhat it protects
SourceLevel, raw turbidity, conductivity, flowSupply availability, source quality
TreatmentTurbidity (filter effluent), chlorine residual, pH, ORP, dosing pumpsTreatment efficacy (SDWA limits)
Pump stationFlow, suction/discharge pressure, motor current, vibration (ISO 20816), runtimeDelivery & pump health
StorageLevel, residual chlorine, temperatureReserve & residual decay
Transmission / DMAFlow (district metering), pressure, leak/acousticLoss, pressure mgmt, leak detection
ServiceMetered consumption, backflowBilling, demand, cross-connection

Sensor placement β€” assessment & optimality

Whether instrumentation is in the right place is a recognized optimization problem, not a matter of opinion. HydroManifold assesses placement against the established objectives from the water-security literature [Ostfeld et al. 2008; EPA TEVA-SPOT] and reports whether current placement is adequate or should be moved:

ObjectiveQuestion it answers
Detection likelihood / coverageWhat fraction of the network can an event be detected anywhere downstream of a sensor?
Time-to-detectionHow quickly is a contamination/leak event seen after it starts?
Expected population/area affected before detectionHow much demand is exposed before an alarm?
RedundancyDoes a single sensor failure create a blind spot?
Demand-weightingAre high-consumption / critical nodes (hospitals, schools) covered first?
Honest method note. A rigorous placement optimization requires the operator's calibrated hydraulic model (EPANET) and demand data. The platform provides a placement assessment against these standard objectives and flags coverage gaps and redundancy weaknesses; a final siting decision for a real network must be confirmed with the operator's own hydraulic model and a licensed engineer. The product surfaces the analysis; it does not replace professional hydraulic design.

Change control: pre-deployment assessment

Before any addition or change goes live, a standard change-management gate is applied:

Pre- and post-deploy simulation & testing

Rollback procedures

  1. Backup before change. The prior configuration (and its manifold shape) is retained, so any commit has a known-good predecessor to return to.
  2. Detect. Post-deploy verification, the failsafe drift monitor, or seal verification flags a problem.
  3. Revert. Restore the previous signed configuration / build; the manifold shape returns to its prior fingerprint, proving the rollback is exact.
  4. Re-verify. Re-run seal verification, the audit-chain check and the regression suite to confirm the restored state is intact.
  5. Record. The rollback itself is audited (who, when, why).

The deployment pipeline follows standard practice: backup β†’ validate configuration β†’ atomic switch β†’ verify β†’ automatic rollback on failure.

Demonstration & simulation only β€” this instance cannot operate a real water system. The hosted build you are viewing runs the demo and simulations exclusively. It is not connected to, and must not be used to operate, monitor or control, any real water system. Any entity using HydroManifold for real operations must run its own authorized, licensed copy on its own infrastructure β€” its own server, cloud service, a laptop for private/single use, or a networked system for enterprise use β€” under a deployment and support agreement. No real operational data is, or should be, entered here.
No experimental content β€” and no warranty of fitness without your own validation. HydroManifold is built solely from established, industry-standard and peer-reviewed methods and contains no experimental or unproven theories. It is provided as decision-support and management software. It is not a substitute for certified instrumentation, licensed professional engineering judgement, or the operator's regulatory obligations.

Disclaimer

Operator responsibility β€” independently verify, test & approve

Before relying on HydroManifold for any safety-critical or regulatory purpose, the operator must independently verify, test and approve it: validate it against their own calibrated instruments and hydraulic model, run their own acceptance and regression testing, confirm conformance to their applicable regulations, and obtain sign-off from qualified licensed personnel. Continued suitability must be re-verified after configuration changes.

Liability & insurance

This section is informational and is not legal advice. Engage qualified legal, regulatory and insurance professionals to set terms for your jurisdiction.

References (established, peer-reviewed & standards)

HydroManifold β€” engineering, security & scientific reference. Confidential, for review. Built exclusively on established, industry-standard methods. No experimental or unproven theory is used. Back to documentation Β· Platform