*Generative AI is pouring into the product lifecycle. In regulated industries, we haven’t actually solved the part that matters — and the fix isn’t a smarter model.*
**By Prakhar Mittal**
—
Every PLM vendor now has an “AI copilot.” You ask it a question about your product data, it answers in plain English, the demo crowd nods. Impressive. And if you run a Class III medical device line, an aerospace program, or a food-safety-regulated plant, it should also make you a little nervous.
Here’s the thing. We’ve spent the last two years proving that large language models can *talk* about engineering data. Almost nobody has answered the harder question sitting underneath that: in a regulated lifecycle, what happens when the model is wrong? When it states a revision that doesn’t exist, or summarizes a compliance history that’s subtly off? In most software, that’s an annoyance you patch. In a regulated environment, it’s a finding. A recall. A submission you can’t defend.
I’ve written before about where AI fits in the product lifecycle — the search, the synthesis, the optimization. I want to take a sharper position now, because the conversation has drifted somewhere risky. The whole industry is racing to make AI in PLM more *capable*. The problem worth solving is making it *governable*. Those are not the same thing, and treating them as the same is how good engineering organizations walk into trouble.
## Better models won’t fix this
A generative model, by design, generates. It produces the most probable next token. That’s exactly what you want when you’re drafting an email, and exactly what you cannot allow when the output becomes part of a device master record. You can fine-tune it, prompt it carefully, wrap it in guardrails — but none of that changes the fundamental fact that the thing is *capable of inventing*. And in a validated environment, “usually right” is not a standard. You can’t write “the model was confident” into an FDA submission.
So the reflex across the market — make the model better, make it hallucinate less — is treating a structural problem as a tuning problem. A model that invents 1% of the time instead of 5% is still a model you cannot certify. Lowering the odds of a fabrication is not the same as making fabrication impossible, and in regulated manufacturing only the second one counts.
The move I’d argue for is to stop trying to make the AI trustworthy, and instead build an architecture where the AI is *structurally incapable* of being the problem.
## Cage it, don’t trust it
Concretely, here’s the shape of it.
The system of record — your graph of requirements, specifications, parts, routings, compliance artifacts and the validated edges between them — stays deterministic. Rule-governed. Mathematically resolvable. The AI never writes to it, and never generates facts about it. Its only job is to translate: take a plain-English question, traverse the real graph, and render the *actual retrieved data* into readable language. If the graph can’t resolve the lineage, the model doesn’t get to improvise — it’s barred from answering at all.
I call that a deterministic cage. The model keeps the one thing it’s genuinely good at: language — turning a graph traversal into a sentence a quality engineer can read at 2 a.m. It’s denied the thing that makes it dangerous: authority over the record, and the freedom to fill a gap with a plausible fiction. Ask it “show me every Class III component using this polymer that’s affected by the new EU regulation,” and the answer is assembled from verified edges, or it doesn’t come back. No confident nonsense. No summary you can’t trace.
That difference isn’t cosmetic. One design gives you an AI that dazzles in a demo. The other gives you an AI you can put in front of an auditor. Only one of those is worth anything on a regulated floor.
## Governance starts at ingestion
None of this is free, and I won’t pretend otherwise. The language model is the easy part — that problem is mostly solved. The hard part is the graph underneath it: getting messy, human-entered enterprise data into a structure clean enough that a deterministic answer is even possible.
One plant logs a material as “Medical-Grade Polyurethane.” Another calls the identical substance “PU-Med-HighDurometer.” If your graph treats those as two different things, your “deterministic” foundation is already lying to you, and no amount of clever prompting downstream will save it. Real governance starts at ingestion — reconciling that drift before a single edge is written — long before anyone types a question into a chat box. That’s where the actual engineering lives, and it’s the part the copilot demos quietly skip past.
## The bet
I don’t think the field has settled this, and I’d rather argue it in the open than pretend it’s done. My position is that in regulated lifecycles, AI’s role should be deliberately, architecturally small — a translator, not an author. Caged, not trusted. If you work on AI in regulated PLM and you see it differently, I want to hear the counter-argument; the disagreement is where this gets sharper.
Because the companies that win the next decade of regulated manufacturing won’t be the ones with the most capable AI. They’ll be the ones whose AI they can defend.
—
*Prakhar Mittal writes on PLM, enterprise digital transformation, and AI governance in regulated industries at Global PLM.*