Pieter Van Schalkwyk

CEO at XMPRO

Organizations deploying agentic AI systems ask about accuracy, hallucinations, ROI. Few ask about intellectual property protection.

These organizations are encoding years of operational expertise into Skills files, custom MCP servers, and carefully crafted prompts. Proprietary maintenance strategies, quality optimization algorithms, production scheduling logic. All in plain text files that anyone with file system access can copy in minutes.

The architecture choices being made today will determine whether enterprises can actually protect what they're building. I've written a technical analysis examining this through the lens of the Industrial IoT Consortium's trustworthiness framework.

The Core Issue

When business logic lives in accessible files, you have an IP exposure problem. A senior engineer can copy your entire Skills library, all your custom integration code, and your accumulated domain expertise faster than HR can process their exit paperwork.

The legal protections we rely on for software don't work well for text files. Copyright protects expression, not ideas. Trade secret status requires proving you took reasonable security steps. How do you argue that when the "secrets" are in files accessible to your entire development or engineering team?

Two Different Architectures

The analysis examines two approaches to agentic systems:

File-based systems store everything in accessible files. Skills, prompts, configurations, integration code. Great for development. Fast iteration. Easy customization. But your proprietary business logic sits in plain text.

Runtime-based systems separate configuration from execution. Agent configurations describe what to optimize and within what constraints. The actual algorithms, the business logic, the accumulated intelligence lives in protected runtime code. An employee can see what agents do but not how the system achieves it.

The difference matters for industrial operations where substantial investment goes into building operational intelligence.

What The IIC Framework Reveals

The Industrial Internet Consortium (now part of the Digital Twin Consortium as the Industrial IoT Consortium) developed a trustworthiness framework for industrial systems. The analysis uses this framework to compare both approaches across five pillars: Security, Privacy, Safety, Reliability, and Resilience.

File-based systems struggle on all five:

• Governance policies can't be enforced when they exist as text instructions that LLMs interpret
• Prompt injection can't be prevented when business logic is in prompts
• IP can't be protected when it lives in copyable files

Runtime-based systems align naturally with the framework:

• Policies validated at execution time
• Security enforced architecturally
• IP protected in compiled code
• Audit trails automatically comprehensive

Why This Matters Now

As enterprises move from experimenting with agentic AI to deploying it in production, architecture becomes permanent. The Skills library built today for predictive maintenance will be valuable competitive intelligence in two years. The custom integration logic developed for quality optimization represents substantial investment.

If that IP lives in accessible files, it's one disgruntled employee away from walking out the door.

Organizations treat agentic systems as IT projects when they should be strategic IP decisions. The CIO evaluates features and costs. Security reviews authentication and encryption. But no one asks: "How do we actually protect what we're building?"

What's In The Analysis

The technical paper examines:

• How file-based and runtime-based architectures actually work, where IP lives in each approach, and who can access it
• What security vulnerabilities each architecture introduces and how governance enforcement differs fundamentally
• Real-world scenarios showing how IP theft happens and how to prevent it
• A detailed XMPro MAGS case study showing runtime-based principles in production safety-critical industrial environments
• Practical recommendations for companies using file-based systems, companies evaluating agentic systems, and best practices for any deployment

The Question You Should Ask

When evaluating agentic systems for production deployment, ask this:

"If our most knowledgeable engineer leaves for a competitor next week, what intellectual property could they take with them?"

If the answer is "everything," you have an architecture problem, not a policy problem.

File-based systems work well for development and experimentation. But production industrial operations need different guarantees. IP protection. Security enforcement. Governance validation. The architecture you choose determines what's possible.

The technical analysis provides the framework to support these architectural decisions.

Written for engineering leaders and operations executives who need to understand what these choices actually mean for their organizations.

Download: IP Protection and Trustworthiness in Agentic Systemsfor Industrial Operations

Reference: Industrial Internet Consortium (now Industrial IoT Consortium), "The Industrial Internet of Things Trustworthiness Framework Foundations" - https://www.iiconsortium.org/pdf/Trustworthiness_Framework_Foundations.pdf

Pieter van Schalkwyk is the CEO of XMPro, specializing in industrial AI agent orchestration and governance. XMPro MAGS with APEX provides cognitive architecture and DecisionGraph capabilities for agent networks operating on existing industrial systems.

Our GitHub Repo has more technical information. You can also contact myself or Gavin Green for more information.

Read more on MAGS at The Digital Engineer