DeltaV MCP Server for Edge API and OPC-UA. Contains a REST API and OPC-UA server with simulated values and a browser UI.
deltav-edge-mcp-server
Safety-conscious TypeScript MCP server for Emerson DeltaV Edge read access, engineering investigation workflows, and offline engineering artifact generation.
Safety First
This repository does not support autonomous live control of a DeltaV system.
Prohibited actions include:
- writing values to live controllers
- changing live setpoints
- forcing I/O
- acknowledging or disabling alarms
- bypassing interlocks
- downloading modules to production
- modifying SIS logic
- pushing generated logic to production
Supported operating modes:
READ_ONLYSANDBOX_ENGINEERING
SANDBOX_ENGINEERING enables offline artifact generation only. It is not a production write mode.
Supported data sources:
EDGE_RESTMOCK_EDGE_RESTOPCUA
What The Server Includes
- DeltaV Edge authentication status checks
- hierarchy and graph search
- node context lookup
- history retrieval with summary statistics
- alarms and events retrieval
- batch event retrieval and batch-analysis helpers
- abnormal-event investigation helpers
- offline engineering generation tools
- offline review and validation tools
- Mermaid diagram generators
- local engineering package generation
- registered MCP prompts for engineering workflows
- registered MCP resources for site standards and templates
- a development-only mock DeltaV Edge REST API and browser UI
- datasource abstraction for Edge REST, mock REST, and OPC UA selection
- read-only
node-opcuaintegration plus a development-only mock OPC UA server
Architecture
AI Client -> MCP Server -> DeltaV Edge REST API -> DeltaV Edge Environment -> DeltaV system replica/context
|
+-> Local site standards, prompts, resources, generated packages, and pattern library
The server talks to the DeltaV Edge REST boundary, not directly to live controllers.
Repository Layout
src/
audit/
config/
deltav/
engineering/
prompts/
resources/
safety/
server/
tools/
utils/
mock-deltav-edge/
src/
ui/
site-standards/
mock-opcua-server/
tests/
docs/
Requirements
- Node.js
>=20.11.0 - npm
Install
npm install
Running The Server
Stdio transport
Default MCP mode:
npm run dev
Production-style local run from compiled output:
npm run build
npm start
Streamable HTTP transport
Set:
DELTAV_HTTP_ENABLED=true
DELTAV_HTTP_HOST=0.0.0.0
DELTAV_HTTP_PORT=3000
DELTAV_HTTP_PATH=/mcp
DELTAV_HTTP_STATELESS=true
Then run the server and use:
- MCP endpoint:
http://localhost:3000/mcp - health endpoint:
http://localhost:3000/healthz
DELTAV_HTTP_STATELESS=false enables session IDs via the SDK transport.
Mock DeltaV Edge
Run the local simulated API and UI:
npm run dev:mock
Endpoints:
- mock API health:
http://localhost:8080/health - mock UI:
http://localhost:8080/ - default mock API base path:
http://localhost:8080/edge/api/v1
The mock is for development, testing, demos, and CI only. It is not a certified DeltaV Edge emulator.
Mock OPC UA
Run the local simulated OPC UA server:
npm run dev:mock-opcua
Default endpoint:
opc.tcp://localhost:4840/UA/DeltaVMock
The mock server supports local endpoint discovery, browse, reads, and bounded monitored-item capture windows. It is for development, testing, demos, and CI only.
Quick Start For Mock-Backed MCP
Use mock-oriented settings like:
DELTAV_DATA_SOURCE=MOCK_EDGE_REST
DELTAV_EDGE_BASE_URL=http://localhost:8080/edge/
DELTAV_EDGE_USERNAME=demo
DELTAV_EDGE_PASSWORD=demo
DELTAV_EDGE_VERIFY_TLS=false
DELTAV_MCP_MODE=READ_ONLY
DELTAV_USE_MOCK=true
DELTAV_EDGE_ENDPOINT_AUTH_TOKEN=/api/v1/Login/GetAuthToken/profile
DELTAV_EDGE_ENDPOINT_GRAPH_COLLECTION=/api/v1/graph
DELTAV_EDGE_ENDPOINT_GRAPH_ENTITY=/api/v1/graph/{entityId}
DELTAV_EDGE_ENDPOINT_HISTORY_COLLECTION=/api/v1/history
DELTAV_EDGE_ENDPOINT_HISTORY_BY_ID=/api/v1/history/{entityId}
DELTAV_EDGE_ENDPOINT_ALARMS_EVENTS=/api/v1/ae
DELTAV_EDGE_ENDPOINT_BATCH_EVENTS=/api/v1/batchevent
DELTAV_AUDIT_LOG_PATH=./logs/audit.log
DELTAV_PACKAGE_OUTPUT_DIR=./generated-packages
DELTAV_HTTP_ENABLED=false
The checked-in .env.example shows the full variable set. For mock mode, DELTAV_USE_MOCK=true and the endpoint overrides are the important switches.
Environment Variables
Core connection and mode settings:
DELTAV_DATA_SOURCE=MOCK_EDGE_REST
DELTAV_EDGE_BASE_URL=http://localhost:8080/edge/
DELTAV_EDGE_USERNAME=
DELTAV_EDGE_PASSWORD=
DELTAV_EDGE_VERIFY_TLS=true
DELTAV_USE_MOCK=false
DELTAV_MCP_MODE=READ_ONLY
DELTAV_ALLOWED_AREAS=
DELTAV_ALLOWED_ENTITIES=
DELTAV_AUDIT_LOG_PATH=./logs/audit.log
DELTAV_PACKAGE_OUTPUT_DIR=./generated-packages
Endpoint-path overrides:
DELTAV_EDGE_ENDPOINT_AUTH_TOKEN=/connect/token
DELTAV_EDGE_ENDPOINT_GRAPH_COLLECTION=/api/graph/search
DELTAV_EDGE_ENDPOINT_GRAPH_ENTITY=/api/graph/entities/{entityId}
DELTAV_EDGE_ENDPOINT_HISTORY_COLLECTION=/api/history
DELTAV_EDGE_ENDPOINT_HISTORY_BY_ID=/api/history/{entityId}
DELTAV_EDGE_ENDPOINT_ALARMS_EVENTS=/api/ae
DELTAV_EDGE_ENDPOINT_BATCH_EVENTS=/api/batchevent
HTTP transport:
DELTAV_HTTP_ENABLED=false
DELTAV_HTTP_HOST=0.0.0.0
DELTAV_HTTP_PORT=3000
DELTAV_HTTP_PATH=/mcp
DELTAV_HTTP_STATELESS=true
Mock service settings:
MOCK_DELTAV_EDGE_HOST=0.0.0.0
MOCK_DELTAV_EDGE_PORT=8080
MOCK_DELTAV_EDGE_BASE_PATH=/edge/api/v1
OPC UA settings:
DELTAV_OPCUA_ENDPOINT_URL=opc.tcp://localhost:4840
DELTAV_OPCUA_SECURITY_MODE=None
DELTAV_OPCUA_SECURITY_POLICY=None
DELTAV_OPCUA_USERNAME=
DELTAV_OPCUA_PASSWORD=
DELTAV_OPCUA_APPLICATION_NAME=deltav-engineering-mcp-server
DELTAV_OPCUA_CERT_DIR=./certs/opcua
DELTAV_OPCUA_TRUST_UNKNOWN_CERTIFICATES=false
DELTAV_OPCUA_SESSION_TIMEOUT_MS=60000
DELTAV_OPCUA_REQUEST_TIMEOUT_MS=30000
DELTAV_OPCUA_MAX_NODES_PER_READ=100
DELTAV_OPCUA_ENABLE_SUBSCRIPTIONS=true
DELTAV_OPCUA_ENABLE_WRITES=false
DELTAV_OPCUA_NODE_MAP_PATH=./config/opcua-node-map.json
Configuration is validated at startup. Package output and audit log paths must resolve inside the repository working directory.
Codex MCP Configuration
Example stdio registration:
[mcp_servers.deltav_edge]
command = "node"
args = ["dist/index.js", "--transport", "stdio"]
cwd = "/absolute/path/to/deltav-edge-mcp-server"
startup_timeout_sec = 30
tool_timeout_sec = 120
enabled = true
[mcp_servers.deltav_edge.env]
DELTAV_DATA_SOURCE = "MOCK_EDGE_REST"
DELTAV_EDGE_BASE_URL = "http://localhost:8080/edge/"
DELTAV_EDGE_USERNAME = "demo"
DELTAV_EDGE_PASSWORD = "demo"
DELTAV_EDGE_VERIFY_TLS = "false"
DELTAV_USE_MOCK = "true"
DELTAV_MCP_MODE = "READ_ONLY"
DELTAV_AUDIT_LOG_PATH = "./logs/audit.log"
DELTAV_PACKAGE_OUTPUT_DIR = "./generated-packages"
Auth: Unsupported is normal for a local stdio MCP server. If Codex shows Tools: (none), check build output, cwd, stdout logging, and the troubleshooting guide in docs/TROUBLESHOOTING.md.
OPC UA Status
The repository now includes a working read-only OPC UA client path, dedicated OPC UA MCP tools, a checked-in logical NodeId map, and a local mock-opcua-server/ workspace. The implementation remains conservative:
- no OPC UA writes
- no mutating method calls
- no alarm acknowledgement
- bounded sampling and monitoring windows only
- no claim that sampled windows are historian-backed history
Tool Surface
Core DeltaV read tools:
deltav_auth_statusdeltav_search_graphdeltav_get_node_contextdeltav_get_historydeltav_get_alarms_events
Investigation tools:
deltav_get_trend_packdeltav_generate_event_timelinedeltav_correlate_alarms_with_historydeltav_find_first_outdeltav_find_repeating_alarmsdeltav_find_chattering_alarmsdeltav_summarize_abnormal_eventdeltav_compare_before_after_change
Batch tools:
deltav_search_batchesdeltav_get_batch_timelinedeltav_compare_batchesdeltav_find_batch_deviation_windowdeltav_summarize_phase_failuresgenerate_phase_logic
Engineering generation tools:
generate_control_narrativegenerate_control_module_designgenerate_alarm_listgenerate_interlock_matrixgenerate_test_protocolcreate_engineering_change_package
Review and validation tools:
review_control_narrativereview_module_designreview_alarm_listreview_interlock_matrixreview_test_protocolidentify_missing_failure_modesidentify_missing_operator_actionsidentify_unsafe_assumptionsvalidate_control_strategy
Pattern and diagram tools:
engineering_list_patternsengineering_get_patterngenerate_module_relationship_diagramgenerate_cause_effect_diagramgenerate_sequence_logic_diagramgenerate_mode_state_diagramgenerate_batch_phase_diagramgenerate_alarm_response_diagram
OPC UA tools:
opcua_discover_endpointsopcua_test_connectionopcua_get_namespace_arrayopcua_get_server_statusopcua_browse_nodeopcua_read_nodeopcua_read_nodesopcua_translate_pathopcua_sample_nodes_for_windowopcua_monitor_nodes_for_window
See docs/TOOLS.md for details.
Prompts And Resources
Registered prompts:
investigate_abnormal_eventreview_control_module_designgenerate_pump_control_strategygenerate_pid_loop_designgenerate_alarm_rationalizationgenerate_batch_phase_designgenerate_fat_sat_protocolgenerate_moc_packagereview_interlock_matrixcompare_strategy_to_site_standard
Registered resources:
deltav://standards/naming-conventionsdeltav://standards/alarm-philosophydeltav://standards/module-templates/pid-loopdeltav://standards/module-templates/motordeltav://standards/module-templates/valvedeltav://templates/control-narrativedeltav://templates/fat-satdeltav://templates/mocdeltav://templates/validation
Audit, Guardrails, And Access Control
- Every tool call writes an audit record with sanitized input, status, mode, and optional session ID.
- Natural-language live-write requests are refused with a structured safe alternative.
DELTAV_ALLOWED_AREASandDELTAV_ALLOWED_ENTITIESenforce fail-closed allowlists when configured.- Generated packages are written only under
DELTAV_PACKAGE_OUTPUT_DIR.
Docker Compose
Start the full local stack:
docker compose up --build
Services:
- REST-backed MCP server on
http://localhost:3000/mcp - OPC UA-backed MCP server on
http://localhost:3101/mcp - mock API on
http://localhost:8080/health - mock UI on
http://localhost:8080/ - mock OPC UA server on
opc.tcp://localhost:4840/UA/DeltaVMock
The mock UI proxies tool calls explicitly to both MCP services:
- REST proxy:
/api/mcp/rest/tools/listand/api/mcp/rest/tools/call - OPC UA proxy:
/api/mcp/opcua/tools/listand/api/mcp/opcua/tools/call
The generic /api/mcp/tools/* routes remain pointed at the OPC UA service for backwards compatibility with the current console defaults.
Development Scripts
npm run dev
npm run dev:mock
npm run build
npm run build:mock
npm run build:mock-ui
npm test
npm run lint
Testing
Primary repo checks:
npm test
npm run build
npm run lint
The test suite covers configuration, client request construction, mock-backed MCP flows, access control, guardrails, validation, package writing, and audit redaction.
Example MCP Client Config
{
"mcpServers": {
"deltav-edge": {
"command": "node",
"args": ["dist/index.js"],
"cwd": "/path/to/deltav-mcp",
"env": {
"DELTAV_EDGE_BASE_URL": "http://localhost:8080/edge/",
"DELTAV_EDGE_USERNAME": "demo",
"DELTAV_EDGE_PASSWORD": "demo",
"DELTAV_EDGE_VERIFY_TLS": "false",
"DELTAV_USE_MOCK": "true",
"DELTAV_EDGE_ENDPOINT_AUTH_TOKEN": "/api/v1/Login/GetAuthToken/profile",
"DELTAV_EDGE_ENDPOINT_GRAPH_COLLECTION": "/api/v1/graph",
"DELTAV_EDGE_ENDPOINT_GRAPH_ENTITY": "/api/v1/graph/{entityId}",
"DELTAV_EDGE_ENDPOINT_HISTORY_COLLECTION": "/api/v1/history",
"DELTAV_EDGE_ENDPOINT_HISTORY_BY_ID": "/api/v1/history/{entityId}",
"DELTAV_EDGE_ENDPOINT_ALARMS_EVENTS": "/api/v1/ae",
"DELTAV_EDGE_ENDPOINT_BATCH_EVENTS": "/api/v1/batchevent",
"DELTAV_MCP_MODE": "READ_ONLY"
}
}
}
}
Documentation
- docs/ARCHITECTURE.md
- docs/SAFETY_MODEL.md
- docs/TOOLS.md
- docs/DELTAV_EDGE_SETUP.md
- docs/ENGINEERING_WORKFLOWS.md
- docs/MOCK_DELTAV_EDGE.md
- docs/DIAGRAMS.md
- docs/PATTERN_LIBRARY.md
- docs/EXAMPLE_PROMPTS.md
Known Limitations
- Real DeltaV Edge routes and payloads must be verified against installed site documentation.
- The mock server is a development aid, not a plant-validated emulator.
- Investigation outputs summarize evidence but do not prove causation.
- Generated artifacts, diagrams, reviews, and validation outputs remain proposed engineering material until qualified human review and site change control are complete.