AeroSentinel is an AI-powered ONE Record operational intelligence platform for air cargo.
It is not just a dashboard. It is a shared cargo operating layer that combines:
- ONE Record logistics objects
- ONE Record logistics events
- JSON-LD linked data
- digital twin modeling
- real-time IoT telemetry
- AI operational reasoning
- multi-party intervention workflows
- cargo chain-of-custody intelligence
- full audit and replayability
The goal is simple: every authorized stakeholder sees the same cargo truth, the same live condition state, the same event history, and the same intervention status.
AeroSentinel runs in two modes:
- development mode: simulator connectors and local fallbacks are allowed for engineering workflows
- production mode: live integrations and validated sources only
Production mode should use:
NODE_ENV=productionALLOW_SIMULATOR_DATA=falseREQUIRE_SIGNED_INTEGRATIONS=trueCARGO_SEED_DEMO=false
In production mode, the platform must not rely on:
- hardcoded operational metrics
- placeholder control-tower summaries
- dummy alerts
- synthetic shipment data
- mock serverless APIs
The legacy mock serverless handler in backend/api/index.js is now fail-closed so production deployments must use the live Express backend.
AeroSentinel is designed to be the shared intelligence layer across:
- airline
- freight forwarder
- shipper
- warehouse
- customs
- ground handler
- truck operator
- consignee
- regulator
- IoT provider
Instead of fragmented cargo tools, AeroSentinel provides:
- shared cargo state
- shared event history
- shared telemetry
- shared alerts
- shared intervention plans
- shared audit trail
Sense -> Analyze -> Predict -> Act -> Verify -> Audit
Every operational or environmental signal becomes an event. Every event can update the digital twin, trigger risk scoring, create tasks, notify stakeholders, and be verified against the operational state.
The platform treats ONE Record as the cargo digital twin API layer.
Current modeling in the repo includes:
LogisticsObjectfor ULD and cargo twin payloadsTemperatureRecordLocationTemperatureComplianceStatusRiskAssessmentOperationalContext
Platform target model also includes:
- Cargo Piece
- ULD
- Sensor
- Location
- Handling Event
- Exposure Event
- Intervention Task
- Condition Status
The backend serves strict JSON-LD for the ONE Record object layer:
GET /api/ulds/:idPOST /api/uldsPATCH /api/ulds/:id
Compatible aliases are also exposed under:
GET /api/one-record/ulds/:idPOST /api/one-record/uldsPATCH /api/one-record/ulds/:id
AeroSentinel uses a hybrid model:
- Redis is the fast operational state layer
- ONE Record is the auditable linked-data twin
- Postgres or TimescaleDB is the durable ledger and evidence store
- Socket.IO provides realtime operational updates
High-level flow:
IoT Sensors -> MQTT -> Ingestion API -> Exposure / Custody Engines -> Risk Engine -> Intervention Engine -> Verification Queue -> ONE Record Sync -> Digital Twin
The repo already implements:
- Redis-backed operational reads
- BullMQ-backed verification jobs
- ONE Record sync and reconciliation
- JSON-LD digital twin writes
- append-only cargo custody ledger
- realtime event streaming
- signed HTTP ingestion for trusted IoT senders
- OpenAPI and JSON Schema contract endpoints
- Twilio, flight, and METAR adapter services
Trusted HTTP telemetry ingestion is exposed at:
POST /api/integrations/iot/http
Required headers:
x-event-idx-timestampx-noncex-signaturewhen signed integrations are enforced
The request signature is derived from:
<timestamp>.<nonce>.<eventId>.<json-body>
Contract discovery endpoints:
GET /api/contracts/openapi.jsonGET /api/contracts/schemas/:name
Reference shipment dataset endpoint:
GET /api/shipments/reference
This reference shipment is normalized from a provided ONE Record shipment dataset and includes shipment, pieces, dimensions, and waybill structure for graph-aware UI and integration work.
The platform now includes a cargo chain-of-custody module for tracking when cargo is:
- removed from aircraft, ULD, or storage zone
- transferred to inspection, customs, or security hold
- staged in warehouse, cold room, bonded area, or truck dock
- repacked, relabeled, or reopened
- scanned back in and reloaded
- flagged missing, damaged, tampered, or in custody violation
Each custody event is append-only and hash-linked for immutable-style audit behavior.
Event examples include:
CargoUnloadedCargoScannedOutCargoTransferredCargoInspectedCargoHeldCargoOpenedCargoRepackedCargoScannedInCargoReloadedCargoMissingCargoDamagedCargoTamperAlertCustodyViolation
The system computes:
- custody state
- outside-custody duration
- cargo integrity score
- theft and tamper risk
- stop-load decisions
- recommended interventions
Cargo evidence is no longer modeled as static links alone.
The backend now exposes replay-oriented APIs:
GET /api/cargo/video/:cargoIdGET /api/cargo/video/:cargoId/:eventId/replayGET /api/cargo/video/:cargoId/:eventId/frame/:frameIndex
These APIs return:
- replay metadata
- anomaly markers
- keyframes
- generated playback frames
- operator-friendly forensic playback context
The custody UI includes playback controls for:
- open replay
- play and pause
- scrub timeline
- jump to anomaly markers
- inspect rendered replay frames
AeroSentinel reasons over operational graph context, not just isolated sensor rows.
The current platform supports:
- predictive thermal risk scoring
- intervention recommendations
- custody risk and integrity scoring
- cargo operations copilot queries
- workflow and alert creation from live events
Target AI reasoning questions include:
- Why is cargo risk increasing?
- What event caused the exposure?
- Which airport or handler creates repeated dwell failures?
- Which shipment has the highest theft risk?
- What is the next likely failure node?
- Which intervention has the highest recovery value?
The platform is event-native.
When a condition or operational state changes, AeroSentinel can:
- publish an event
- update Redis operational state
- update the ONE Record twin
- append to the custody ledger
- trigger alerts
- create tasks and workflows
- notify subscribers
- emit live websocket updates
Current event subscribers and notifications are implemented through:
- webhook subscriptions
- email notifications
- realtime dashboard events
Current validation and trust controls include:
- strict JSON-LD validation for ONE Record write endpoints
- request-body validation on cargo mutation routes
- bounded AI Ops query validation
- signed HTTP IoT ingestion with freshness, nonce, and replay checks
- geo and telemetry plausibility validation at ingestion time
- shared schema definitions for telemetry, cargo, AI Ops, Twilio, WhatsApp, METAR, and flight queries
Integration adapters now present in the backend:
- Twilio SMS, WhatsApp, and voice adapter with webhook signature verification
- flight-data adapter with live-provider normalization
- METAR lookup adapter for airport weather
- ONE Record reference shipment dataset exposure
The target architecture also anticipates:
- customs subscriptions
- shipper subscriptions
- consignee subscriptions
- delegated event sharing
- broader pub/sub distribution
The repo includes Keycloak-oriented OAuth2 support and ONE Record token management.
Current capabilities:
- bearer-token middleware
- Keycloak issuer and JWKS config
- ONE Record token caching in Redis
- request-signature validation support for trusted integrations
Frontend production gating:
- API-backed platform pages remain available
- legacy store-driven pages are explicitly gated in production mode so seeded UI state cannot appear as live operational data
Target access model:
- RBAC
- delegated permissions
- federated graph sharing
- stakeholder-specific graph segment visibility
The frontend is a real multi-page application with dense operational views rather than a single-screen mockup.
Current routes:
/dashboard/flights/uld-tracking/exposure/interventions/cargo-custody/alerts/airports/analytics
Current page intent:
Dashboard: control-tower summary and entry pointFlights: long-haul operational contextULD Tracking: live ULD movement and conditionExposure: thermal and environmental analysisInterventions: tasks, workflows, and operator coordinationCargo Custody: movement ledger, replay, integrity, and theft/tamper reviewAlerts: exception monitoringAirports: airport and zone intelligenceAnalytics: compliance and performance
Target page map:
/control-tower/cargo-graph/live-events/thermal-map/exposure/interventions/stakeholders/compliance/audit/ai-ops
Current backend APIs include:
GET /api/healthGET /api/platformGET /api/fleetGET /api/control-centerGET /api/flightsGET /api/analyticsGET /api/alertsGET /api/auditGET /api/verification/auditGET /api/uld/:id/statusGET /api/uld/:id/actionsGET /api/uld/:id/workflowsGET /api/uld/:id/timelinePOST /api/actions/:id/completePOST /api/alert/subscribePOST /api/uld/:id/reset
Current cargo APIs include:
GET /api/cargo/control-centerPOST /api/cargo/scan-outPOST /api/cargo/scan-inPOST /api/cargo/verifyPOST /api/cargo/reloadPOST /api/cargo/copilot/queryGET /api/cargo/history/:idGET /api/cargo/location/:idGET /api/cargo/risk/:idGET /api/cargo/video/:idGET /api/cargo/video/:id/:eventId/replayGET /api/cargo/video/:id/:eventId/frame/:frameIndexGET /api/cargo/chain-of-custody/:id
Target customer-facing surface also includes:
/risk/exposure/predictions/interventions/history/condition/audit/graphql- websocket streams
The current repo supports:
- Redis for fast state
- Postgres for audit and cargo ledger persistence
- Timescale-aware schema initialization for custody events and evidence
- compression and retention policy attempts when TimescaleDB is available
The Docker stack now uses a TimescaleDB-compatible image for the database service.
Design direction for scale:
- 100M+ cargo events
- 50k concurrent users
- sub-second operational lookups
- Kafka or equivalent event streaming
- Timescale hypertables for event history
- object storage for video and evidence
- graph-centric digital twin queries
- failover and redundancy
backend/: Express API, realtime engines, ONE Record sync, custody ledger, verification, and workflow orchestrationfrontend/: React + TypeScript operational UIbroker/: local MQTT brokersimulator/: telemetry and cargo custody event simulatorrisk-service/: predictive risk microserviceinfra/: Docker Compose for Redis, TimescaleDB, Keycloak, GraphDB, NE:ONE, and observabilitydocs/: supporting API, demo, and scenario material
The local setup is designed to run even when Redis, Postgres, Keycloak, GraphDB, or NE:ONE are unavailable.
npm install --workspaces- Start the MQTT broker:
npm run dev:broker- Start the backend in local fallback mode:
AUTH_DISABLED=true \
REDIS_DISABLED=true \
POSTGRES_DISABLED=true \
RISK_SERVICE_DISABLED=true \
ONE_RECORD_ENABLED=false \
CARGO_SEED_DEMO=false \
npm run dev:backend- Start the frontend:
npm run dev:frontend- Start the simulator for telemetry plus custody events:
MQTT_URL=mqtt://localhost:1883 \
BACKEND_URL=http://localhost:3000 \
npm run dev:simulator- Frontend dev UI:
http://localhost:5173 - Backend app and API:
http://localhost:3000 - Metrics:
http://localhost:3000/metrics - Health:
http://localhost:3000/api/health
To run the full hybrid stack:
docker compose -f infra/docker-compose.yml up --buildPrimary services:
- Frontend:
http://localhost:5173 - Backend:
http://localhost:3000 - Risk service:
http://localhost:8010 - Keycloak:
http://localhost:8081 - NE:ONE:
http://localhost:8080 - GraphDB:
http://localhost:7200 - Prometheus:
http://localhost:9090 - Grafana:
http://localhost:3001
Validated in this workspace with:
npm --workspace backend test
npm --workspace frontend run typecheck
npm --workspace frontend run build
node --check backend/src/server.js
node --check simulator/src/index.jsAeroSentinel is cargo infrastructure software:
- shared truth
- live linked-data twin
- realtime event intelligence
- AI operational reasoning
- collaborative execution
- full auditability
To view updated working demo with all integrations working ; check it here : https://drive.google.com/file/d/1oyL_eTT2e3CNbzGPZQKTQYS4E8RObFLy/view?usp=sharing
That is the direction of the platform, and this repository already implements a meaningful slice of that operating model today.