SDK Quick Start — Manufacturing, Supply Chain & Logistics

Getting started: Manufacturing, Supply Chain & Logistics

This guide takes you from install to your first attributed governance record in manufacturing, supply chain & logistics. You will install the SDK, configure a provider, instrument a workflow step with the real OTel attribute vocabulary from this vertical, and have a reviewable evidence record in your portal within an afternoon. There is no scaffolding project — just your API key and the three steps below.

Why this matters right now. As of March 2026, agentic AI in manufacturing and supply chain is deployed across: autonomous production scheduling and job order management (ISA-95 MOM integration via OPC UA), collaborative robot (cobot) supervision and dynamic task assignment (ISO/TS 15066 force/speed limiting), digital twin-driven predictive maintenance with autonomous work order generation, vision inspection AI for automated quality control and defect classification, AI-driven supply chain risk monitoring and alternate sourcing (UFLPA compliance, CSRD scope 3 traceability), autonomous customs classification and trade compliance document generation, AI-powered OEE optimisation closing the Plan-Do-Check-Act loop, OT/ICS security monitoring agents applying IEC 62443 security level enforcement, and product recall orchestration agents triggered by regulatory notifications. The EU Machinery Regulation (2023/1230) applies from January 20, 2027 and significantly expands AI system requirements for safety-component AI in machinery. The EU AI Act Annex I explicitly includes AI systems used as safety components of machinery as high-risk AI. The EU Product Liability Directive (2024/2853) entered force December 2024 — manufacturers are liable for AI-integrated product defects including software updates. The EU Machinery Regulation (2023/1230) replaces the Machinery Directive effective January 20, 2027. AI systems used as safety components of machinery (including cobot force-limiting AI, vision-guided robot path planning, and autonomous mobile robot obstacle detection) are simultaneously subject to the EU AI Act Annex III high-risk classification AND the Machinery Regulation's essential health and safety requirements — requiring a single technical file demonstrating compliance with both. The UFLPA (US) creates a rebuttable presumption that goods made wholly or in part in Xinjiang were produced with forced labour — supply chain provenance AI must provide traceability evidence to CBP at the line-item level. CSRD Scope 3 Category 1 (purchased goods and services) reporting requires AI-assisted supplier emissions data collection and validation starting for large companies in FY2025 reports.

How the layering works

You are not adopting a separate product surface for this vertical. You are adding a market-specific vocabulary layer on top of the same core session model used everywhere in VeriProof.

If you need the cross-industry baseline first, open the core SDK reference, Python core, or .NET core before continuing here.

Step 1 — Install

TypeScript / Node.js

npm install @veriproof/sdk-core

Python

pip install veriproof-sdk

.NET

dotnet add package Veriproof.Sdk

Step 2 — Configure

Call the configuration helper once, before any AI framework initialises. After that call, every OTel span in the process — whether emitted by your code or by a framework adapter — is exported automatically to VeriProof.

Your API key comes from the VeriProof portal. Try a live demo to see the portal before you register, or start a free Builder account and use the environment variable pattern above directly.

Need a production credential path rather than sandbox exploration? Get API access for a Builder account, or contact the team if you need an architecture or compliance review alongside implementation.

Step 3 — Instrument your workflow

The governance vocabulary for this vertical lives in the Manufacturing, Supply Chain & Logistics reference. Use the OTel attribute names below — they are the same names the portal uses in evidence records and the same names your policy engine will evaluate. Consistency here is the point.

TypeScript example

import { configureVeriproof, VeriproofClient, VeriproofSdkOptions, SessionMetadata } from '@veriproof/sdk-core';
import { JobOrderState, JobOrderStateMeta, ISA88BatchProceduralElementState, ISA88BatchProceduralElementStateMeta } from '@veriproof/sdk-core/verticals/manufacturing-supply-chain-logistics';

// Call once at application startup
configureVeriproof(
  VeriproofSdkOptions.createProduction({
    apiKey: process.env.VERIPROOF_API_KEY!,
    applicationId: 'manufacturing-supply-chain-logistics-app',
  }),
  { serviceName: 'manufacturing-supply-chain-logistics-app', setGlobal: true },
);

// Instrument a governed workflow
const client = new VeriproofClient(
  VeriproofSdkOptions.createProduction({ apiKey: process.env.VERIPROOF_API_KEY! }),
);

const session = client
  .startSession('manufacturing.supply.chain.logistics.review')
  .withSessionMetadata(SessionMetadata.forTransaction('txn-001').withEnvironment('production'))
  .addStep('evaluate', { output: { status: 'completed' } })
  .withMetadata(JobOrderStateMeta.otelAttribute, JobOrderState.waiting)
  .withMetadata(ISA88BatchProceduralElementStateMeta.otelAttribute, ISA88BatchProceduralElementState.idle)

await session.complete();

Python example

import os
from opentelemetry import trace
from veriproof_sdk import VeriproofClientOptions, configure_veriproof
from veriproof_sdk.verticals import manufacturing_supply_chain_logistics as mscl

# Call once at application startup
configure_veriproof(
    VeriproofClientOptions(
        api_key=os.environ["VERIPROOF_API_KEY"],
        application_id="manufacturing-supply-chain-logistics-app",
    ),
    service_name="manufacturing-supply-chain-logistics-app",
    set_global=True,
)

tracer = trace.get_tracer(__name__)

# Instrument a governed workflow
with tracer.start_as_current_span("manufacturing_supply_chain_logistics.review") as span:
    span.set_attribute(mscl.JobOrderState.__otel_attribute__, mscl.JobOrderState.waiting.value)
    span.set_attribute(mscl.ISA88BatchProceduralElementState.__otel_attribute__, mscl.ISA88BatchProceduralElementState.idle.value)
    span.set_attribute(mscl.EquipmentUseState.__otel_attribute__, mscl.EquipmentUseState.production.value)
    ...

.NET example

using Veriproof.Sdk;
using Veriproof.Sdk.Core.OpenTelemetry.Verticals.ManufacturingSupplyChainLogistics;

// Configure once at application startup
builder.Services.AddVeriproof(options =>
{
    options.ApiKey = builder.Configuration["VERIPROOF_API_KEY"]!;
    options.ApplicationId = "manufacturing-supply-chain-logistics-app";
});

// Instrument a governed workflow step
using var activity = ActivitySource.StartActivity("evaluate");
    activity?.SetTag(JobOrderState.Metadata.OtelAttribute, JobOrderState.waiting);
    activity?.SetTag(ISA88BatchProceduralElementState.Metadata.OtelAttribute, ISA88BatchProceduralElementState.idle);
    activity?.SetTag(EquipmentUseState.Metadata.OtelAttribute, EquipmentUseState.production);

How teams use this in production

• Manufacturing Operations Management (ISA-95 MOM): Job Order State. AI production scheduling agent creates job orders and advances state through the lifecycle. 'Aborted' state triggers automatic root cause analysis and material reconciliation workflow. 'Held' state triggers QA agent investigation before resumption is permitted. (Eu Machinery Reg 2023 1230: Job order state transitions driven by AI scheduling agents are in scope of EU Machinery Regulation (2023/1230) Article 9 if the AI system influences safety-critical work centre operations)
• Manufacturing Operations Management (ISA-95 MOM): ISA88 Batch Procedural Element State. Batch AI agent transitions a pharmaceutical batch procedure through ISA-88 states. 'Held' state is used for planned interruptions (e.g. IPC sampling); 'Aborted' state triggers FDA-required batch failure investigation and deviation report generation.
• Manufacturing Operations Management (ISA-95 MOM): Equipment Use State. AI OEE agent tracks equipment use state transitions to calculate availability. Autonomous work order generation triggers when predicted time-to-failure falls below threshold for critical equipment. (Iso 22400: ISO 22400-2 — OEE availability calculation uses production, setup, maintenance, and down states)
• Manufacturing Operations Management (ISA-95 MOM): OEEPerformance Factor. AI OEE agent tags each autonomous improvement action with the targeted OEE factor. Vision inspection AI reducing defect rate tags actions as 'quality'. Predictive maintenance agent reducing unplanned downtime tags actions as 'availability'.

Next steps

• Open the full Manufacturing, Supply Chain & Logistics governance reference for all 26 enum categories, policy patterns, and source standards.
• Review TypeScript SDK core for advanced session-builder options, batch export, and Merkle verification.
• Review Python SDK core for decorator-based annotations and framework adapter options.
• Review .NET SDK core for Semantic Kernel, AutoGen, and Activity-based instrumentation.
• Browse all vertical references to understand how the core governance vocabulary layers underneath vertical-specific attribute sets.
• Compare this guide with the public industry pages if you need the commercial and workflow framing behind the same vocabulary.