MCP (Model Control Protocol) service

Contents

• MCP (Model Control Protocol) service

  • Safety and security

  • Configuring agents

  • Recommended initial prompt

  • Troubleshooting

  • Setup

  • EAPI methods

MCP service allows to connect AI agents directly to EVA ICS control bus.

This allow agents to solve various tasks, such as:

• Perform automatic components deployment and configuration

• Automatic monitoring and diagnostics

• State and data analysis

• Predictive maintenance

• Anomaly detection

• Process optimization

• Natural language interface for operators

• Automated reporting and documentation

Safety and security

Warning

AI agents can perform unpredictable actions, on production plants it is strongly advised to set a very minimal set of services/methods allowed to be called. Full human supervision is always recommended.

The service has no authentication and can provide full access to the platform control bus.

After deploying, protect the MCP server with a Web Application (WAF, e.g. Gateryx) or L4-firewall to allow access from trusted sources only.

For mission-critical systems, it is recommended to create a dedicated “read-only” node, which replicates states of the real one and deploy MCP service on it.

Note that integration of “big” AI models into industrial automation systems is still experimental practice. Supervision from the product vendor or integrators is strongly advised.

Configuring agents

The MCP URL is http://node_ip:8765/mcp and it accepts standard JSON-RPC 2.0 requests. The agents get methods “help” which guides them with basic information and rules how to access DeepWiki and official EVA ICS documentation. Refer to your agent documentation for more details.

Example for Cursor agent (~/.cursor/mcp.json):

"eva-node-1": {
   "url": "http://node_ip:8765/mcp",
   "headers": {}
 }

(add required authentication headers for WAF if applicable).

It is also highly recommended to connect DeepWiki MCP as well.

Recommended initial prompt

The conversation (or rules, agent files) should contain a phrase like

you are connected to the system …..

This tells the agent to immediately check the MCP servers provided.

Troubleshooting

Note

Certain agents may require restarting if MCP service has been restarted or connection has been lost.

Setup

Use the template EVA_DIR/share/svc-tpl/svc-tpl-mcp.yml:

# EVA ICS MCP service
command: svc/eva-mcp
workers: 1
bus:
  path: var/bus.ipc
config:
  # to expose the MCP API to public, use a Web Application Firewall (WAF) or
  # change the listener to 0.0.0.0 or the server's public IP address (should be
  # done with caution and L4-firewall rules to restrict access to trusted IPs)
  listen: 127.0.0.1:8765
  # optional: custom help text for this node (MCP tool node_help)
  #node_help: |
  #  This is a node of a power plant, use services eva.db.default for general
  #  historical data, eva.db.ts for time-series data.
  #
  # WARNING: on production nodes always restrict allow list to required
  # services/methods only
  allow: "*"
  #allow:
    #eva.core:
      #- test
      #- item.summary
      #- item.list
      #- item.state
    #eva.repl.default:
      #- test
      #- node.list
    #eva.svc.test: "*"
user: nobody

Create the service using eva-shell:

eva svc create eva.mcp.1 /opt/eva4/share/svc-tpl/svc-tpl-mcp.yml

or using the bus CLI client:

cd /opt/eva4
cat DEPLOY.yml | ./bin/yml2mp | \
    ./sbin/bus ./var/bus.ipc rpc call eva.core svc.deploy -

(see eva.core::svc.deploy for more info)

EAPI methods

See EAPI commons for the common information about the bus, types, errors and RPC calls.