Blog | JUL 06, 2026
Context Is Not Proof: The $3.1 Billion Question Industrial AI Still Can't Answer
Schneider Electric's acquisition of Cognite confirmed what the industrial data layer is worth. It also exposed the question the contextualization category cannot answer: not what your data means, but whether it can be trusted.
On 30 June 2026, Schneider Electric agreed to acquire Cognite for 3.1 billion US dollars, roughly eighteen times revenue, to combine Cognite's industrial data platform with AVEVA. Schneider's rationale was stated plainly: industrial AI is shifting from describing what happens to deciding and acting on it, and that shift requires a unified, contextualized foundation of industrial data on which AI can be trusted to operate at scale.
It is the right diagnosis, and the price tag settles an old argument. The industrial data layer is not plumbing. It is the strategic asset that determines whether AI ever reaches the plant floor.
But read Schneider's sentence again. "Trusted to operate" is doing two jobs at once, and contextualization only performs one of them.
The problem context genuinely solves
Let us give the contextualization category its full due, because the problem it addresses is real and enormous.
Rockwell Automation's 10th State of Smart Manufacturing Report, drawing on more than 1,500 manufacturing leaders across 17 countries, found that 95 percent of manufacturers have invested or plan to invest in AI, yet only 20 percent are using smart manufacturing at scale. Most of the rest are piloting, and many pilots never leave the lab.
The industry knows why. Around 70 percent of manufacturers cite poor data quality as a barrier to AI adoption, and IBM estimates that roughly 90 percent of industrial data collected is never used. Raw operational data arrives as cryptic tags with inconsistent naming, fragmented across decades of IT and OT systems that were never designed to talk to each other. An AI model fed Tag_101 = 45.5 cannot reason about anything. Fed Boiler_3_Temperature = 45.5 degrees, it can.
Contextualization platforms, Cognite prominent among them, solve exactly this. They connect fragmented sources, resolve naming chaos, and organize raw signals into asset models that machines and models can interpret. ARC Advisory Group's Q4 2025 Industrial AI Survey found 63 percent of respondents rating the decoupling of data from monolithic applications as critically important, and the market has responded: IoT Analytics identifies industrial DataOps as the fastest growing industrial software segment.
This work is necessary. Nothing that follows argues otherwise. The point is that it is not sufficient, and the gap becomes visible the moment AI stops observing and starts acting.
Five questions the context layer cannot answer
1. Is this reading genuine?
Contextualization begins after ingestion. It organizes whatever arrives. Nothing in that pipeline can prove that a value was authentic when it was generated, or that it has not been altered on its way in.
Data quality tooling does not close this gap, because quality and integrity are different properties. Quality checks catch values that look wrong. A deliberately manipulated value that looks plausible passes every quality gate, and manipulation is not a hypothetical: Nozomi Networks' research on OT and IoT attacks found that data manipulation and command injection together account for roughly 64 percent of observed attacks, the two most common categories.
Contextualizing tampered data does not fix it. It produces confidently wrong AI with better labels. Proving origin and integrity is a function of the layer beneath contextualization, not of contextualization itself.
2. Was this action authorized?
The contextualization category lives on the read path. Data flows in, context is added, insight flows out. But Schneider's own framing of the Cognite acquisition, AI moving from insight to action, points at the write path: the moment an AI system sends a setpoint change, a configuration update or a work order back towards physical equipment.
Verifying that path requires different machinery entirely. Commands signed at origin. Policy checked at the edge before anything executes. A tamper-evident, non-repudiable record of what was requested, by whom or by what, and what actually ran. The SANS State of ICS/OT Security 2025 survey shows how far the industry is from this: half of all reported incidents stemmed from unauthorized external access, while only 13 percent of organizations have implemented advanced access controls.
Context helps AI decide well. It cannot verify what AI does.
3. Who verifies the verifier?
This question became sharper on 30 June, not weaker. Cognite now sits inside Schneider's ecosystem, alongside AVEVA software and Schneider automation hardware. For integrated intelligence, that is a strength. For verification, it is a structural limit, because no platform can independently attest to data flowing through its own stack, for the same reason companies do not audit their own accounts.
Real industrial environments are multi-vendor by nature. Equipment from competing automation OEMs runs side by side in the same plant, and no operator will accept one vendor's platform as the trust anchor for its competitors' data. The same logic applies to hyperscalers, whose platforms offer connectivity and increasingly rich semantics, but no independent cryptographic proof of the data inside them. Trust in a multi-vendor world has to come from a layer that belongs to none of the vendors being trusted.
The acquisition did not close this gap. It created a larger, more consolidated stack that needs an independent layer beneath it.
4. Can you prove it later?
Contextualization platforms produce data products. Regulators, auditors, insurers and courts consume evidence, and the two are not the same thing.
The EU AI Act's Article 10 imposes data governance obligations on high-risk AI systems. The Cyber Resilience Act increases documentation and reporting duties for manufacturers of products with digital elements. A knowledge graph tells you the current state of the world. Supporting compliance with these frameworks requires something more: a tamper-evident history that proves how that state came to be, what changed, when, and on whose authority. Analysts have already named this unfinished edge of the DataOps category; LNS Research describes it as a persistent gap in industrial data trustworthiness.
Evidence is not a feature of context. It is a property of proof.
5. Does trust survive leaving the platform?
Context lives inside one enterprise's trust domain. The moment data crosses a boundary, to a supplier, an OEM's monitoring service, an insurer, a regulator or a national data ecosystem, platform-internal trust evaporates. The receiving party is back where the industry started: blind trust in whatever arrives.
Cryptographic proof behaves differently. It travels with the data itself and can be verified by any party, on any platform, without trusting the sender's infrastructure. As sovereign AI programs and cross-border industrial data ecosystems take shape, this portability stops being a nice-to-have. Verification that works across platforms and borders is what makes shared data, and sovereignty claims built on it, stand up to scrutiny.
The provenance mandate is already written
Do not take a vendor's word for any of this. Take the word of nine national security agencies.
In May 2025, the NSA, CISA, the FBI and their counterparts from the United Kingdom, Australia and New Zealand published joint guidance on AI data security. Its prescriptions are unambiguous and cryptographic: source reliable data and track data provenance, verify and maintain data integrity during storage and transport, and employ digital signatures so that original data is signed at creation and every subsequent revision is signed by whoever made the change. The guidance even looks past today's algorithms, recommending quantum-resistant signature standards for the datasets that train and steer AI systems.
Seven months later, in December 2025, an expanded coalition including the German BSI, the Canadian Centre for Cyber Security and the national cyber centers of the Netherlands, New Zealand and the UK published the first joint principles for integrating AI into operational technology, treating AI in OT as a distinct risk domain. Its immediate priority is data provenance: immutable logging, cryptographic signing, and continuous auditing of data lineage from source to model output, on the explicit grounds that AI risks in industrial environments are fundamentally data risks.
Read together, the two documents specify an architecture: signed data at origin, signed revisions, verified commands, immutable lineage. That is not a product roadmap written by a vendor. It is a procurement direction written by the agencies that defend critical infrastructure, published before most of the industry has begun to build it. Contextualization alone does not deliver the full architecture described here: signed data at origin, independently verifiable revisions, verified commands and portable proof across platforms.
Two layers, one stack
The industrial data stack is resolving into two distinct layers. Above: contextualization, semantics and intelligence, the layer that makes data useful, now valued in billions and consolidating fast. Beneath: cryptographic verification of data and commands, the layer that makes data trustworthy, independent of every platform above it.
AI acting in the physical world needs both. Gartner predicts that over 40 percent of agentic AI projects will be canceled by the end of 2027, citing inadequate risk controls among the leading causes. The context layer will not fix that, because the stalling point is no longer whether AI understands the plant. It is whether the plant, its operators, its auditors and its regulators can trust what AI reads and what AI does.
Context makes data useful. Proof makes it trustworthy. The next phase of industrial AI will be built on infrastructure that can prove, not merely detect.
Tributech builds Trustworthy Data Infrastructure for AI, OT and IoT: patented data notarization, verifiable Secure Remote Commands scoped to configuration, OTA updates and setpoint changes, and a Digital Twin Knowledge Graph with MCP access for AI agents. Independent of every platform, complementary to all of them.
Blog | JUL 06, 2026
)
)
)
)