AI Governance · OT/ICS Security · Critical Infrastructure

AI governance and OT security for critical infrastructure

I develop research, frameworks, and assurance models for governing AI in high impact operational environments, with a focus on the electric sector, ICS/OT cybersecurity, and cyber physical AI risk. Author of AAIGF-E, the first control mapped AI governance framework built for the Bulk Electric System.

Download AAIGF-E Brief SSRN Papers Google Scholar

AAIGF-E Author NIST NCCoE Community Member ISA99 / 62443 Contributor OWASP Agentic AI Reviewer IEEE P3396 Working Group IEEE and ISA Senior Member CISM · CISA · CRISC AAIA · AAISM ISO 42001 LI · ISO 27001 LA 8 SSRN papers · 250+ downloads

AAIGF-E Framework

Full paper on SSRN →

111Controls

11Risk domains

7Lifecycle anchors

5Framework mappings

The Adaptive AI Governance Framework for the Electric Sector closes the governance gap that exists when AI systems operate inside the Bulk Electric System. No existing mandatory standard currently governs model integrity, adversarial threats, drift detection, or AI output influence on operators. AAIGF-E is a CIP overlay, not a replacement.

NERC CIP MITRE ATLAS NIST AI RMF ISA/IEC 62443 ISO/IEC 42001

AAIGF-E Executive Brief — 4 page management overview Download PDF

Standards and Community Engagement

NIST NCCoE

Manufacturing Community of Interest

Member of the NCCoE Manufacturing Sector Community of Interest, receiving updates on events, publications, and opportunities to contribute to cybersecurity guidance for manufacturing and OT environments.

ISA99 / 62443

Industrial cybersecurity standards activity

Participant in ISA99 related standards discussions, including JT 62443 06 activity. Submitted comments on ISA IEC 62443 SR 3.1 to SR 3.5 focusing on AI/ML security gaps, and contributed feedback on Security Level Representation options.

OWASP

Agentic AI security and governance

Reviewer and contributor to OWASP agentic AI security and governance work, with emphasis on AI risk scoring, assurance, and governance considerations.

Research and Publications

All papers on SSRN →

2026 · SSRN

The ACP Model: Operational Authority Drift in AI enabled Industrial Systems

19 views · 12 downloads

Read →

2026 · SSRN

Beyond MITRE ATLAS: Defining Adversarial AI Techniques for Industrial Control Systems

20 views · 10 downloads

Read →

2026 · SSRN

Beyond Digital Adversaries: Extending MITRE ATLAS to Cyber Physical AI Attack Vectors in Critical Infrastructure

32 views · 17 downloads

Read →

2026 · SSRN

Operationalizing AI Governance in Bulk Electric Systems: A Control Level Gap Analysis of NERC CIP Using AAIGF-E

50 views · 18 downloads

Read →

2026 · SSRN

Adaptive AI Governance Framework for the Electric Sector (AAIGF-E)

122 views · 46 downloads

Read →

2026 · SSRN

Adversarial Artificial Intelligence in Industrial Control Systems: A Consequence Oriented Gap Analysis of MITRE ATLAS

210 views · 48 downloads

Read →

2025 · SSRN

AI Governance in Smart Grids and Industrial Automation: Integrating RAG with Framework Mapping

168 views · 50 downloads

Read →

2025 · SSRN

Exploring the Role of RAG in Enhancing Cybersecurity GRC Frameworks

401 views · 51 downloads

Read →

Speaking and Engagements

Nov 2025

ISACA Astana Chapter and IIA Astana

ISO 42001: Artificial Intelligence Management System · Webinar

Delivered

Dec 2025

ISACA Riyadh Chapter

New ISACA Advanced in AI Audit AAIA Certification Plan · Chapter Technical Session

Delivered

Jan 2026

ISACA Atlanta Webinar Program

How to Audit AI Systems: Practical Steps for IS Internal Auditors · Webinar

Delivered

Jun 2026

ISACA Atlanta Webinar Program

AI Auditing in High Risk Industries: A Practical Approach Beyond ISO 42001 and NIST AI RMF · Webinar

Upcoming

Jun 2026

ICCSDFAI 2026

Prompt Injection Through Operational Data Feeds: A Structural Governance Gap in OT Connected Agentic AI Systems · Istanbul, Türkiye

Upcoming

Jul 2026

Protect It All Podcast

Guest appearance on AI governance, OT/ICS security, and critical infrastructure · Podcast

Upcoming

Research Aligned Advisory

AI governance reviews

Reviewing AI governance models, assurance controls, and gaps in high impact AI deployment plans for energy and industrial organizations.

OT/ICS AI risk workshops

Structured sessions on agentic AI risk, operational data trust, cyber physical threats, and assurance design for OT environments.

Framework mapping

Mapping AI governance requirements to NERC CIP, NIST AI RMF, ISA/IEC 62443, MITRE ATLAS, and ISO 42001 for utilities and asset owners.

Available for pilot assessments, framework reviews, and advisory engagements. Inquire for scope and availability.

Selected Activity

Energy Digital Q and A forthcoming Automation.com article in progress SSRN · 8 published papers IEEE Istanbul 2026 · accepted paper NIST NCCoE · ISA99 / 62443 · OWASP engagement Protect It All Podcast · upcoming guest appearance

Available for research aligned advisory work

If your work involves NERC CIP compliance, OT/ICS security, AI deployment at a utility, or AI governance research, I would value a conversation.

Connect on LinkedIn View SSRN Profile