## Weekly signal

From May 11–19, 2026 manufacturing moved decisively from proof-of-concept agent experiments to commercially packaged agentic functionality across operations, R&D, and shop-floor systems. Major vendor announcements (Emerson/AspenTech AVA; Rescale agentic digital engineering; Hermes Reply's Brick Cognitive) show suppliers shipping agentic workflows that are explicitly tied to OT data, CAE/simulation, and MES/MOM stacks. At the same time, open-source research (Orchard) and field studies (arXiv adoption research) clarify both how to build agents and why many industrial organizations struggle to move agents safely into production. Infrastructure updates (NVIDIA Omniverse on DGX Cloud) make realistic agent testing and digital‑twin validation easier — but security analyses warn that agentic agents compress attacker workflows and require immediate operational defenses. These developments together mark a practical inflection: agentic AI is now being productized for manufacturing, and the remaining barriers are governance, verification, OT data readiness, and cyber resilience.

## What changed

Emerson / AspenTech: May 11, Emerson announced AVA — an "agentic, domain-aware" platform designed to embed industrial first-principles and OT context into agent workflows for operations, maintenance, and planning. The pitch is production readiness: advisors that act on contextualized OT data rather than generic LLM outputs. That means vendors are prioritizing data fabric and model grounding inside agent designs for industry use cases. This is explicitly aimed at process industries and other regulated environments where traceability and predictable behavior matter.

Rescale: On May 12 Rescale launched agentic digital engineering: agents that live inside the simulation/CAE pipeline to automate repetitive engineering tasks (validation, troubleshooting, surrogate model creation) and dramatically shorten iteration cycles. The key engineering implication is moving agentic automation left into R&D — enabling downstream manufacturing choices (materials, tooling, tolerances) to be explored at higher velocity and lower compute cost.

Hermes Reply / Brick Cognitive: On May 13 Hermes Reply released Brick Cognitive — an agentic operating system layered onto its Brick Reply MES offering — with prebuilt advisors for quality investigations, KPI guidance, and production-flow advising. This is a sign vendorized MES/MOM platforms are integrating agent autonomy directly into execution stacks rather than leaving agents as bolt-on chat features.

Open tooling and research: Microsoft Research’s Orchard (published May 14) provides an open-source framework and training recipes for agentic modeling — a practical resource for teams building domain-specific agents. At the same time, a separate arXiv study ("Agentic AI in Industry", May 14) based on practitioner interviews shows most industrial adopters remain at low maturity: a capability→deployment verification gap is widespread (agents working in experimental settings but failing to meet production verification/qualification needs). Those papers together show both progress in builder tooling and the very real maturity challenges firms face.

Infrastructure and risk: NVIDIA updated Omniverse on DGX Cloud (May 15), removing friction for large-scale simulation, shared digital-twin environments, and physics-accurate testing of agentic workflows. Conversely, security research (arXiv paper submitted May 6) highlights how agentic AI lowers the cost of many attack phases — reconnaissance to exploit adaptation — and urges immediate hardening of identity, CI/CD, telemetry, and recovery posture for enterprises operating OT and ICS systems. For manufacturing, the takeaway is clear: better simulation and agent testing are available, but so are accelerated attacker capabilities if defenses lag.

## Why this matters (implications)

1) Agents are becoming industry-aware, not just conversational. Vendors are packaging agents with domain models, OT data fabrics, and CAE/simulation hooks — which accelerates practical value (fewer hallucinations, more deterministic outputs) but also raises the bar for verification and governance.

2) The bottleneck is verification and context. The arXiv field study found a capability→deployment verification gap: firms have agents that can demonstrate advanced behaviors but lack reliable production verification processes, especially in safety- or compliance-sensitive environments. That gap is the primary operational hurdle to scale.

3) Simulation-first pipelines matter for risk reduction. Rescale and NVIDIA updates make it easier to run agentic behaviors inside virtual factories/digital twins before touching production equipment—this both speeds iteration and reduces risk when agents eventually act on live systems.

4) Security is now operational. Agentic capabilities compress attack lifecycles; manufacturing firms must treat agentic rollout as an OT security program (identity, CI/CD hardening, telemetry, governance, recovery). Failure to do so risks faster exploitation of OT stacks.

5) Open frameworks lower experimentation cost. Orchard and similar projects give engineering teams tested recipes and harnesses for training task-specific agents — valuable for manufacturers who want to own their stack rather than bet entirely on vendor agents. But open tooling also demands disciplined verification and sandboxing.

## What to do with it (practical next steps)

For manufacturers and factory IT/OT leaders

1) Prioritize 1–2 pilot workflows: choose high-impact, contained processes (e.g., root-cause analysis for quality escapes, maintenance triage, or CAE pre-processing). Test agentic automation in simulation first, then in a read-only production sandbox. Use Rescale/Omniverse for CAE/digital-twin validation where feasible.

2) Force verification and traceability: require agents to emit structured decision logs, tool-call traces, and provenance data. Integrate those traces into change-control and QA workflows — treat an agent run as a verifiable software change. The recent arXiv field study shows lack of these capabilities is the main blocker to production.

3) Adopt a governance lifecycle: define an Agent Development Lifecycle (ADLC) that includes design, success metrics, sandbox testing, launch controls, monitoring, and continuous improvement. Vendor offerings and platform press releases show ADLC-like frameworks are becoming available; adopt one now to avoid sprawl.

4) Harden security and telemetry now: inventory agent privileges, separate agent execution identities, require phishing‑resistant auth, add CI/CD checks for agent tool-call code, and ensure OT telemetry and recovery playbooks are in place. Treat agentic deployments like any new automation that can change system state.

5) Use open frameworks for prototyping, but gate production: leverage Orchard and similar frameworks to iterate on agent behavior quickly, but only promote agents that pass reproducible test harnesses and domain qualification procedures.

For builders and product teams

- Benchmark in simulation: design your agent CI to run in digital twins and CAE sandboxes before hitting hardware. Instrument agent behavior under adversarial and edge-case scenarios. Use Omniverse / Rescale where possible. - Design sub-agent architectures: prefer modular agents (parent agent orchestrating specialized sub-agents) so safety and spec verification can be localized and tested. - Invest in trace/debug tooling: add step‑by‑step trace views for agent runs and correlate tool outputs to inputs; ensure easy human override and roll-back.

Bottom line: this week made agentic AI in manufacturing tangible — vendors shipped production-oriented stacks for operations and engineering, infrastructure for realistic testing improved, and research clarified both how to build agents and what stops them from scaling. The immediate task for manufacturing leaders is pragmatic: pilot with simulation-first methods, embed verification and governance into the deployment path, and treat agent security as an operational priority.