Security
Your infrastructure. Your data. Your control.
selfpatch is built to run inside regulated, on-prem, and air-gapped environments. Diagnostic data never has to leave your network.
Runs where your robots run
Deploy on-prem, in your VPC, or fully air-gapped. The diagnostic gateway needs no outbound connection.
Role-based access control
JWT authentication with viewer / operator / configurator / admin roles, plus resource locking to prevent conflicting operations.
No model calls you didn't make
Fault correlation is deterministic: weighted matching of symptoms, with no embeddings, no vector database, and no calls leaving your network. The only AI in the system is the agent you choose to connect - which is why the whole thing can run air-gapped.
Signed, reversible OTA
Updates are signature-verified and health-gated, with automatic rollback driven by the diagnostic gateway.
Encryption in transit
All diagnostic API traffic is encrypted with TLS, and access follows the SOVD authentication model - data is protected on the wire and visible only to authenticated clients.
Standards, not lock-in
A standard SOVD (ISO 17978-3) API and an Apache-2.0 open core - integrate once, swap vendors without re-integrating.
See selfpatch on your fleet
Tell us about your stack. We'll show you how the diagnostic layer fits - and which of your recurring faults it could already resolve.