"ISO/IEC 42001, ISA/IEC 62443, NIST SP 800-82, EU Machinery Regulation. Four acronyms, one warning: an LLM in OT is still subject to the safety case."
Compass, Manufacturing-Compliance-Reader AI Agent
Seven frameworks shape manufacturing LLM deployments in 2026: ISO/IEC 42001 (AI management systems), ISA/IEC 62443 (industrial cybersecurity), NIST AI RMF and SP 800-82 (federal OT security and AI risk), EU Machinery Regulation 2023/1230, EU AI Act, ITAR/EAR export controls, and sector-specific GxP/GMP regimes. Each touches a different facet of a typical manufacturing LLM deployment; most production projects must satisfy at least three. This section maps each track to the deployment pattern that satisfies it.
Prerequisites
This section assumes the manufacturing LLM failure modes from Section 73.2 and the LLM-policy vocabulary from Section 55.1.
The Seven Frameworks
ISO/IEC 42001, the AI management system standard, was published in December 2023 as the first international standard specifically for AI governance. It was drafted by ISO/IEC JTC 1/SC 42 over more than 5 years, including a famously heated 2022 working-group meeting in Antalya where the EU and U.S. delegations spent three days negotiating the definition of "AI system". The final wording was a near-verbatim copy of the OECD's 2019 definition, after the negotiators conceded.
- ISO/IEC 42001: AI management system standard. Increasingly referenced in manufacturing procurement contracts. The standard provides a management-system framework (analogous to ISO 9001 for quality or ISO 27001 for information security) for organizations deploying AI. By 2026 it is appearing in RFPs for industrial AI deployments, particularly in regulated sectors.
- ISA/IEC 62443: industrial cybersecurity standards. LLM deployments touching OT networks must align with the relevant security levels. The zone-and-conduit reference model is the architectural backbone of the IT/OT separation that Section 73.1 covers.
- NIST AI Risk Management Framework: not legally binding but widely adopted as the reference for risk-management practice; many U.S. defense-industrial-base contracts now require AI RMF alignment. NIST SP 800-82 Rev. 3 remains the U.S. federal reference for OT cybersecurity that any cross-zone deployment is benchmarked against.
- EU Machinery Regulation (2023/1230): replaces the Machinery Directive; introduces AI-specific safety requirements for machinery placed on the EU market. The new regulation, effective January 2027 with transitional provisions, explicitly contemplates AI components in machinery and imposes specific risk-assessment and conformity obligations.
- EU AI Act: Annex III Section 4 (employment and worker management) catches some manufacturing HR use cases. Annex I lists product-safety legislation under which AI components inherit high-risk status.
- ITAR, EAR, and export controls: defense-related manufacturing data may be export-controlled. Model weights, training data, and inference traffic all need to be reviewed for export-control exposure. The Commerce Department's Bureau of Industry and Security has issued specific guidance on AI-model export controls through 2024 and 2025.
- Sector-specific GxP/GMP regimes: pharmaceutical manufacturing under FDA, EMA, PMDA; medical-device manufacturing under MDR/IVDR; food under HACCP. Each has its own validation expectations for software (including LLMs) that touches production records.
ISO/IEC 42001 in Practice
The ISO/IEC 42001 standard published in late 2023 is the first formal AI management-system standard. Its adoption rate through 2024 and 2025 has been rapid in manufacturing, where management-system thinking is already mature (ISO 9001 and ISO 27001 are ubiquitous). The standard does not specify particular LLM technical practices; it specifies the management-system processes that govern AI deployment (roles, risk management, change control, supplier management, monitoring). Manufacturers adopting it report that the management-system framework integrates well with existing quality and security programs, and that vendors with ISO 42001 certification clear procurement reviews faster.
ISA/IEC 62443 and the Zone-and-Conduit Model
The IEC 62443 family is the canonical reference for industrial cybersecurity and the architectural framework for IT/OT separation. The zone-and-conduit model defines areas of equal trust (zones) and the controlled connections between them (conduits). LLM deployments respect these boundaries: IT-side zones (Purdue Level 4 and 5) host the LLM; OT-side zones (Level 0 through 3) consume only structured, signed, human-approved information through audited conduits. Procurement RFPs and architecture reviews routinely reference the IEC 62443 security levels (SL1 through SL4) for the relevant zones.
NIST AI RMF and SP 800-82
For U.S. defense-industrial-base contracts and many critical-infrastructure deployments, NIST AI RMF alignment and SP 800-82 OT security guidance together define the practical baseline. The AI RMF's Govern, Map, Measure, Manage functions are the standard structure for the deployment's risk-management documentation; SP 800-82 Rev. 3 is the standard reference for the OT security controls. The combination is increasingly required by defense and infrastructure-related contracts.
EU Machinery Regulation and AI Act Overlap
The EU Machinery Regulation (2023/1230) and the EU AI Act overlap in scope for AI components placed in machinery. The Machinery Regulation specifies safety requirements for the machinery as a whole; the AI Act overlays specific obligations for the AI components. The practical implication for vendors selling AI-augmented machinery into the EU is a dual-regime conformity assessment: Machinery Regulation for the machine, AI Act for the AI. Both processes are mature and well-documented; the combined work is substantial but predictable.
ITAR, EAR, and Model Weights
For defense-industrial-base manufacturing, ITAR-controlled data cannot flow to a cloud LLM unless the cloud is ITAR-compliant (AWS GovCloud, Azure Government, with explicit ITAR endorsements). Model weights trained on ITAR data may themselves be export-controlled; the legal analysis is jurisdiction-specific and not yet uniformly settled. The dominant pattern is on-premises open-weight deployment for ITAR-bearing workloads, with documented data-flow controls.
Sector-Specific GxP Regimes
Pharmaceutical manufacturing under FDA Title 21 CFR Part 211, EMA EudraLex Volume 4, and PMDA GMP follows the strictest documentation regimes. Any software that touches production records, including LLMs, falls under computerized-systems validation (CSV) under GAMP 5. The LLM must be validated against its intended use, with documented evidence; the LLM cannot be a "black box" that changes uncontrollably. Most pharma manufacturers therefore deploy on stable, versioned model snapshots rather than continuously-updating frontier APIs, and they document the validation explicitly.
The frameworks above are not in conflict. They differ in subject matter (cybersecurity, safety, AI management, sector quality), and a competent compliance team integrates them into a coherent program rather than treating them as parallel obligations. The integration is essentially: ISO 42001 provides the management-system layer, ISA/IEC 62443 and NIST SP 800-82 provide the cybersecurity layer, the EU Machinery Regulation and AI Act provide the safety-conformity layer for EU market access, GxP provides the quality-system layer for regulated sectors, and ITAR/EAR provide the export-control overlay for defense work. Treating them as separate, parallel programs creates duplicated overhead; treating them as a unified compliance program is faster to ship.
What Comes Next
Section 73.4 covers the plant-floor maintenance copilot architecture that has consolidated as the dominant production deployment pattern, with the OT-safe table that maps LLM patterns onto risk tiers.
What's Next?
In the next section, Section 73.4: Plant-Floor Maintenance Copilot Architecture, we build on the material covered here.