Six sibling specs for AI tools used by electric utilities, ISO/RTOs, balancing authorities, transmission operators, pipeline operators, and AI vendors providing tools that touch BES Cyber Systems or pipeline SCADA. Distinct from sibling verticals: EnergyTech is the first to introduce physical-realm-vs-data-realm distinctions (OT/IT boundary) and wall-clock regulatory invariants (CIP-008 1-hour, TSA 12-hour). The Suite vertical 6-pack a utility's Chief Reliability Officer + Chief Cybersecurity Officer + Chief Equity Officer + NERC regional-entity auditor + TSA + FERC + state PUC need.
NERC Reliability Standards CIP-002 through CIP-014 · NERC operating procedures + System Operator certification · FERC Orders 2222 + 715 + Form 715 · TSA Security Directives SD-2021-02 / SD-2021-02C (post-Colonial Pipeline) · DOE EO 14028 implementation + CISA Binding Operational Directives · EPA Clean Air Act Section 114 · State PUC tariff + prudency review (CA D.24-06-008 · NY 15-E-0751 Supplemental · TX PUCT Staff Guidance 55718 · MA DPU 24-15 · IL ICC 24-0589 NOPR · WA UE-240122) · ISO/RTO Business Practice Manuals (CAISO BPM Rev 71 first major US ISO with AI-aided bid-validation BPM)
bes_cyber_system_categorization (HIGH/MEDIUM/LOW/NONE/PHYSICAL-SECURITY-PERIMETER-ONLY per CIP-002-5.1a) + ot_it_boundary (OT/IT/OT-IT-CROSSING) BOTH as REQUIRED fields on every audit event AND every Incident Card. SAME enums cross-bound across THREE EnergyTech repos — strongest typed cross-repo binding in the Suite to date. CIP-008 incident reporting 1-hour wall-clock invariant — first Suite verifier to enforce regulatory time-arithmetic numerically (not just regulatory shape). Population-level equity in essential service delivery (load shed allocation, outage restoration priority, EV deployment) — first Suite bias lab reframed from individual decisioning. Regulatory-clock meta-violations as first-class Incident Card event types: cip-008-1-hour-notification-window-missed + tsa-sd-2021-02c-12-hour-window-missed (missing the window is its own separately-enforceable violation). 7 EnergyTech-unique vault contract protection levels including medical-baseline-tokenized-with-flag (only place in Suite where a per-record flag remains accessible alongside opaque identity — outage-prioritization AI must honor critical-medical-equipment registry without learning who the customer is). Asymmetric OT→IT data-diode enforcement (IT→OT FORBIDDEN by default).
Every Kinetic Gain Protocol Suite vertical 6-pack contains exactly these six artifact shapes. The same six shapes appear in every vertical — only the per-vertical content (data categories, regulatory basis, invariants) differs.
grid-decision-record-audit-stream17-kind event taxonomy + REQUIRED resource.bes_cyber_system_categorization + REQUIRED resource.ot_it_boundary. Three invariants: human-operator-in-loop on HIGH-IMPACT+OT + TSA pipeline disclosure + CIP-008 1-hour wall-clock (first Suite invariant enforcing regulatory time-arithmetic numerically).
state-puc-ai-disclosure-tracker10 jurisdictions seeded: 6 state PUCs (CA / NY / TX / MA / IL / WA) + FERC + NERC + TSA + CAISO. Mixed-authority shape reflects the energy sector's actual multi-layered regulatory geography. Per-(jurisdiction, docket) lifecycle threading.
nerc-cip-readiness-evidence-bundle12 obligation families × 53 required evidence kinds — LARGEST evidence bundle in the Suite. Two parallel regulatory clocks (CIP-008 1-hour + TSA 12-hour) as separately-named drill records. AI model version change explicitly treated as CIP-010 configuration change.
grid-operator-bias-coverage-labPopulation-level equity framing (not individual decisioning). EPA EJSCREEN + Justice40 + state DAC designations + DOE LEAD energy-burden bands. 3 EnergyTech-unique pattern detectors: load-shed-disparity-pattern-detected, restoration-priority-disparity-pattern-detected, critical-medical-equipment-response-time-violation. 7-day freshness window (shortest in Suite).
grid-operations-incident-card-profile20 event types — most extensive Incident Card in the Suite. Includes regulatory-clock meta-violations as first-class event types. 12 referral pathways (NERC E-ISAC + CISA + TSA + DOE CESER + FERC + ISO/RTO Market Monitor + state PUC + EPA EJ + DOJ Civil Rights + FBI Cyber Division). ed25519 REQUIRED.
grid-asset-data-vault-contract-profileDesign centerpiece. 20 data categories × 5 BES tiers × 3 OT/IT codes × 12 protection levels (7 EnergyTech-unique). medical-baseline-tokenized-with-flag protection level — only place in Suite where a per-record flag remains accessible alongside opaque identity. 5 unique runtime invariants including asymmetric OT→IT data-diode enforcement.
A buyer's procurement team operating across mixed regulated verticals — utility AI vendors plus HealthTech AI vendors plus FinTech AI vendors — can apply the same six-shape Suite vocabulary to every vendor in every vertical. The kg-suite-vertical-router tool routes any artifact to the right vertical's verification logic with one CLI command. The kg-suite-vertical-comparator tool surfaces the SAME-vs-DIFFERENT design contributions across all nine verticals as a single reference table.