Projects

Things I’m building in the open. Most of this work lives at the intersection of cloud security, identity, and the unglamorous parts of operational infrastructure that don’t get enough attention.

Janus — Zero Trust OT Gateway Link to heading

A stateless admission control service for accessing OT devices — CNC machines, welding robots, SCADA HMIs — from the IT side of a manufacturing network. Three gates: device registry, Entra group membership, Intune device compliance. Every decision lands in an append-only audit log designed as the CMMC 2.0 evidence artifact, not as an afterthought.

The PoC is in PowerShell and pins down the decision contract, data shapes, gate sequence, and functional-core / imperative-shell split. The recommended production port is C# on ASP.NET Core with the admission core in F#.

• Repo: github.com/spross216/Janus
• License: Apache 2.0
• Background: Janus: A Zero Trust OT Gateway for Wichita’s Machine Shops
• Looking for: contributors on the C# / F# port, transport plug-ins (YARP, WireGuard, raw TCP), audit-sink integrations, and the companion PowerShell management module.