Balancing AI Integration with FDA 21 CFR Part 11 and Zone-Conduit Architecture

We’re looking at bringing anomaly detection and predictive maintenance models into our MES environment, but we’re hitting some friction between the security architecture that FDA and IEC 62443 demand and the connectivity that these AI models need. Our current setup is still mostly flat, and we know we need to move to zone-conduit segmentation—but we’re trying to figure out how to do that while also enabling the data flows and model inference that make AI useful.

The challenge is that the AI components—edge gateways, model servers, data collection agents—all expand the attack surface, and they need to sit somewhere in the zone architecture. Some of the models need near-real-time access to historian data and SCADA signals, but we can’t open up direct paths from IT to Level 2 without violating segmentation principles. We’re also under pressure to maintain rigorous audit trails and ensure any AI-driven decisions are explainable and traceable for 21 CFR Part 11.

Curious how others have navigated this. Are you running AI in a dedicated zone? How are you handling data flow between zones without compromising isolation? And how are you managing the compliance documentation when the models themselves adapt over time?

We put our predictive models in a separate DMZ zone that sits logically between IT and the OT historian layer. The historian replicates a subset of time-series data to this zone on a scheduled basis—never real-time, always one-way. The models run inference there, and any alerts or recommendations are passed back into the MES via a controlled API with strict rate limiting and validation. It adds latency, but it keeps the production network isolated and makes audit trails much cleaner.