Introduction

EdgeWare is the distributed, edge-native intelligence layer between individual buildings running PARA//EL at the far edge and the FLEXUS cloud supervisory platform.

EdgeWare turns validated building-level state into verified community-level state — then coordinates flexibility without breaking physical, comfort, or contractual limits.

It aggregates across feeders, transformers, islands, and Positive Energy Districts; enforces partitions; verifies constraints; coordinates dispatch and acknowledgements; supports autonomous fallback when the cloud is absent; and participates in FLEXUS_HIVE, minutemanSEM, and federated AI as specified in the technical spec.

Where it sits

• FLEXUS (cloud) — markets, portfolio optimisation, DSO/TSO interfaces, governance.
• EdgeWare (community edge) — aggregation, constraint verification, dispatch allocation, resilience, audit.
• PARA//EL (building / Jetson-class) — asset control, local AI, comfort, readiness, execution of commands EdgeWare issues.
• Infrastructure — PV, batteries, EV, heat pumps, meters, and grid interfaces.

Control plane rule: PARA//EL does not talk to FLEXUS directly — only via EdgeWare (and agreed semantic fabrics).

What EdgeWare does

• Ingress and validation — identity, schema, timestamps, semantics, plausibility for PARA//EL and upstream sources.
• Aggregation and state — building, partition, and community views with confidence and provenance.
• Constraints and flexibility — evaluate requests, allocate dispatch, track acks and delivery, report outcomes.
• Autonomy — offline / degraded modes, buffering, replay-safe events, local safety-first policies.
• Security and AI coordination — hive isolation workflows, federated rounds without centralising raw building data.

Next: Use the dashboard demo for layout experiments; implement runtime services against docs/EDGEWARE_SPECS.md.

What EdgeWare is not

• Not a replacement for PARA//EL (no direct per-asset actuator logic by default).
• Not FLEXUS (not the primary market or cloud portfolio system).
• Not a passive API gateway — it is an authority for community-level control decisions.

Design principles (summary)

• Local first — safe operation without continuous cloud reliance.
• Physical reality before optimisation — constraints beat market signals.
• Aggregation before exposure — minimise raw telemetry upstream.
• Event-driven and replay-capable — idempotent handlers, ordered replay.
• Zero trust at the far edge — validate every PARA//EL payload before trust.

Security posture (summary)

• Transport — TLS for HTTP/MQTT; mutual TLS or equivalent for node authentication where deployed.
• Trust states — per-building and per-node trust; no dispatch to suspect or isolated nodes.
• FLEXUS_HIVE — containment, peer validation, rebuild and rejoin flows coordinated with FLEXUS.

Deployment model

• Container image — PHP-FPM + nginx (see repository Dockerfile and docker-compose.yml).
• Registry — images built and pushed via GitHub Actions to Amazon ECR (.github/workflows/deploy.yml).
• Data — persistent uploads and artifacts under configured host paths (see docker/init_pm.sh and compose overrides).