Discovery & plant-floor mapping
Operator and controller interviews, paper-journal taxonomy, shift-workflow modeling, photo-evidence requirements, on-prem deployment constraints, GDPR + CCPA posture mapping.
Case study · Industrial · Manufacturing
CheckList — offline-first MES for reactor process control
How we shipped a three-app industrial ecosystem — a Kotlin Android operator client, a Laravel + React admin panel, and a controller dashboard — deployed inside an isolated plant network and built to replace paper journals with an audit-grade workflow for facilities across the United States and the European Union.
The brief — replace paper journals on a plant floor with no internet
The CheckList client ran a manufacturing plant where reactor processes were tracked with paper journals: operators wrote stage timings by hand, supervisors flipped through logbooks to reconstruct shifts, and there was no real-time visibility into uptime or error counts. The plant operated without internet inside its perimeter — a hard constraint, not a preference — so any digital replacement had to work fully offline and synchronize when LAN connectivity was available. We delivered a three-app ecosystem deployed inside the plant's isolated network: operators use a Kotlin Android app to log stages with timestamps and photo evidence; admins configure equipment, checklists, users, and permissions in a Laravel and React admin panel; controllers watch a live dashboard with uptime, error counts, and an emergency-stop button. Local authentication and offline-first sync make the system usable without internet access, and a reactor/process constructor lets the plant add new equipment without a code change. The result is an audit-grade workflow that holds up to plant-audit scrutiny in both US and EU jurisdictions and replaces every line of the paper logbook.
Project highlights
Kotlin Android operator app
Laravel + React admin panel
Real-time controller dashboard
On-prem deployment
Offline-first sync
Photo evidence + timer per stage
Reactor / process constructor DSL
Audit-grade completed-cycle archive
By the numbers
A snapshot of what the CheckList build delivered across the operator app, the admin panel, and the controller dashboard during its first production cycle on the plant floor.
3tightly coupled apps — Android operator, web admin, web controller dashboard
0internet dependencies on the plant floor — the system runs fully on plant LAN
100%operator actions persisted locally first, drained to server when LAN is reachable
2-appweb surface — admin panel for setup, controller dashboard for live monitoring
RBACrole-based access control — operator, admin, controller, each with scoped views
20–32 wktypical delivery window for a comparable offline-first MES MVP
Why custom Kotlin + Laravel + React over SaaS MES, off-the-shelf SCADA, and a forms builder
The stack decision dominates every other architectural choice in an industrial MES build. We chose a custom Kotlin Android operator client paired with a Laravel backend and a React web surface because the trade-offs line up cleanly with a plant floor that operates without internet. The Android app runs offline by design, the Laravel backend deploys on a single on-prem box inside the plant LAN, and the React admin and controller dashboards share session state through WebSockets so a supervisor sees an error count tick the moment an operator logs a deviation.
SaaS MES vendors were eliminated early: they assume reliable internet, they pull plant data outside the perimeter, and they bill per node in ways that get unmanageable as the plant grows. Off-the-shelf SCADA is highly configurable but its workflow surface — shift handoff, photo evidence, an audit-grade archive — sits outside its core competence. A generic forms-builder plus an automation tool stitches together a brittle pipeline that breaks the first time the plant LAN drops a packet.
| Dimension | CheckList (Kotlin + Laravel + React) | SaaS MES vendors | Off-the-shelf SCADA / forms builder |
|---|---|---|---|
| Offline-first behavior | Native — local SQLite queue, drains on LAN | Assumes reliable internet | SCADA: yes; forms builder: usually no |
| Deployment topology | On-prem on plant LAN; air-gappable | Multi-tenant cloud; per-seat pricing | SCADA: on-prem; forms: cloud-only |
| Data ownership | Plant owns the database end to end | Vendor holds production data | SCADA: plant; forms: vendor + automation |
| Workflow surface fit | Shift workflow, stage timing, photo evidence native | Strong but model-bound | SCADA: process-focused; forms: brittle |
| Customization depth | Reactor / process constructor DSL — plant adds equipment | Vendor cycles + configuration limits | SCADA: deep; forms: shallow |
| Role-based access control | Operator / admin / controller built-in | Strong, but inherits vendor's RBAC model | SCADA: strong; forms: typically weak |
| Audit-grade archive | Completed-cycle archive with photo evidence | Vendor-dependent; export-grade varies | SCADA: historian; forms: spreadsheet |
Stack references: Laravel documentation, Android SQLite developer guide, React documentation.
Operator app — Kotlin Android, offline-first sync, photo evidence
The Android client is written in Kotlin and runs on plant-floor tablets that are bound to a unique device identifier on first launch. Local authentication is required — there is no expectation that the device can reach a cloud identity provider — and every operator action is written first to a local SQLite store before any sync attempt. The shift workflow walks the operator through stages with a built-in timer, captures photo evidence at the points the audit needs, and routes the completed-cycle archive into the on-prem server when LAN connectivity is available. The UI is tuned for thick gloves, plant-floor lighting, and quick taps rather than for a phone-in-a-pocket consumer pattern.
A background sync worker drains the local queue to the on-prem Laravel server over WebSockets, with idempotent operations keyed by a client-generated ID so retries never duplicate work. Automatic shift handoff transfers an in-progress reactor cycle from one operator's tablet to the next without losing state, and conflicts are resolved server-side by the workflow engine. The operator surface is part of our mobile app development practice, and the offline-first contract is the centerpiece — if the plant LAN drops for a half-shift, no operator action is ever lost.
Admin and controller web surface — Laravel + React
The web surface has two distinct personas, each with a scoped view backed by role-based access control. The admin panel — built in React against a Laravel backend — lets supervisors configure equipment, edit checklists, manage users and permissions, and bind tablets to specific operators. The reactor / process constructor DSL is the centerpiece here: a plant adds a new reactor or extends an existing process flow by editing checklist templates in the admin panel, not by waiting on an engineering cycle. New equipment, new stage definitions, new photo-evidence requirements all land through configuration.
The controller dashboard is a real-time monitoring surface that streams the plant's state over WebSockets — current reactor uptime, error counts, in-flight shifts, completed-cycle archive growth — and exposes an emergency-stop button gated by RBAC so only a controller-role user can press it. The dashboard runs in any modern browser inside the plant LAN, which means the controller can monitor from a fixed workstation, a maintenance laptop, or a wall-mounted screen above the production line. The whole web surface is delivered as part of our custom software development practice and is structured so plants can add new dashboards (KPI export, supervisor mobile-view) without restructuring the data layer.
Architecture, on-prem deployment, and the audit-log store
CheckList's architecture was built around the constraint that the plant LAN has no internet egress. The Laravel backend and MariaDB database deploy on a single on-prem server inside the plant perimeter, the React admin and controller dashboards are served from the same machine, and the Android tablets reach the backend over WebSockets on the plant LAN. There is no third-party broker, no cloud-only telemetry, and no shadow analytics tracker. Background workers handle audit-log writes and photo-evidence ingestion, and the completed-cycle archive is preserved indefinitely with retention policies configurable per facility.
Role-based access control gates every API endpoint and every dashboard route — an operator sees only their shift, an admin sees configuration and user management, a controller sees the live metrics surface plus the emergency-stop control. Device binding ties each tablet to a unique identifier so a lost tablet cannot be repurposed off-floor. The data-handling posture is documented for both GDPR obligations on European Union operations and CCPA / CPRA obligations on California and broader United States operations, with audit-log retention configurable per facility to match local regulatory windows. The hardening posture is consistent with our broader cloud & DevOps hygiene.
Compliance posture: GDPR-aligned · ISO 27001 ready · SOC 2 Type II in progress · HIPAA-capable · CCPA-acknowledged.
Delivery methodology
A five-phase build that took CheckList from paper journals to a three-app industrial ecosystem deployed inside an isolated plant network.
Architecture & constructor DSL
Laravel + React + Kotlin stack selection, reactor / process constructor DSL design, role-based access control surface, audit-log store schema, device-binding scheme.
Three-app build
Kotlin Android operator app with offline-first sync, Laravel + React admin panel, controller dashboard with WebSocket streaming, emergency-stop control.
Audit-grade hardening
Photo-evidence pipeline hardening, audit-log retention policies, RBAC test sweep, conflict-resolution rules in the workflow engine, plant-floor UX tuning.
On-prem rollout
On-prem server deployment, tablet provisioning and device binding, operator training, controller-dashboard fit checks, completed-cycle archive verification.
From one plant to a multi-facility deployment topology
CheckList was deployed first inside a single plant, but the architecture is designed for multi-facility expansion without changing the operator app or the admin panel. Each facility runs its own on-prem Laravel server and its own MariaDB database — the plant LAN remains the security perimeter — and a future federation layer can aggregate completed-cycle archives, KPI exports, and BI feeds into a corporate-level overview without breaking the offline-first contract on the plant floor. The reactor / process constructor DSL means a new facility can configure its own equipment library, checklists, and shift workflows without an engineering ticket; the device-binding scheme means tablets can be provisioned and rotated locally; the role-based access control surface means operator, admin, and controller roles work identically across facilities even if the underlying equipment varies. The same posture leaves room for a future BI export path — completed-cycle archive data flows out of the plant's perimeter only when the plant operator explicitly authorizes it, with retention windows configured per facility to match the local regulatory regime. Plants in the US and EU can run with the same deployment recipe and adjust retention, RBAC scopes, and BI export rules locally without forking the codebase.
Launching across the United States and the European Union
CheckList was built for plant-floor rollout across the United States and the European Union without a separate codebase per region. The English-language UI serves operators and controllers in California, New York, Texas, Florida, and Washington in the US, and operators and controllers in the Netherlands, Germany, France, Ireland, and Sweden in the EU. Data-handling practices are aligned with GDPR for European Union operations and with the US state-privacy patchwork — CCPA / CPRA (California), VCDPA (Virginia), CPA (Colorado), CTDPA (Connecticut), UCPA (Utah), TDPSA (Texas), and Oregon CPA. Because the on-prem deployment keeps plant-floor data inside each facility's perimeter and the role-based access control surface gates every read and write, regional compliance reduces to honest disclosure and audit-log retention configuration rather than per-jurisdiction data segregation.
The on-prem deployment recipe is identical across US and EU facilities — same Laravel backend, same MariaDB database, same Kotlin Android operator app, same React admin and controller dashboards. Retention windows for the completed-cycle archive are configurable per facility to match local regulatory expectations, and the audit-log store is structured to satisfy GDPR data-handling obligations for users in the European Union and California CCPA obligations for facilities in the US. The engineering team behind the build sits across CET and runs a CET workday with East-Coast US overlap (9 AM–1 PM ET) for stand-ups, rollout choreography, and incident response — the timezone that lets a US plant operations team and an EU engineering team share four hours of live overlap every day.
Tech stack and roadmap
Kotlin
PHP
Laravel
React
MariaDB
REST API
Offline-first sync
Local authentication
Role-based access control
Device-bound auth
On-prem deployment
WebSockets
Push notifications
Image upload pipeline
Background workers
Audit log store
Process constructor DSL
Realtime dashboard
The active custom software development roadmap for CheckList includes a multi-plant federation layer that aggregates completed-cycle archives across facilities, a BI export path that streams sanitized KPIs into corporate data lakes, an offline-first photo-evidence pipeline that survives long LAN dropouts on remote sites, and a hardened on-prem upgrade recipe that does not require taking a plant offline. A US-focused and an EU-focused rollout playbook are planned, with the existing role-based access control surface already structured to support facility-local retention configuration.
Build an industrial MES like this — talk to us
If you are planning a manufacturing MES, an offline-first plant-floor app, or any industrial process-control build where the data has to stay inside the plant perimeter for audiences in the US and EU, we have shipped this stack end-to-end and can compress the build timeline meaningfully. The engineering team behind it sits inside YuSMP Group. We work fixed-price for well-scoped MVPs and on dedicated development teams for ongoing delivery, with a CET workday and a guaranteed East-Coast US overlap (9 AM–1 PM ET) window for stand-ups, demos, and incident response.
Frequently asked questions
How much does it cost to build an offline-first manufacturing MES like CheckList?
A three-app MES MVP covering a Kotlin Android operator client, a Laravel + React admin panel, a controller dashboard, on-prem deployment, and offline-first sync typically costs $140k–$320k. Adding a reactor and process constructor DSL, multi-plant federation, photo-evidence pipelines, a hardened audit-log store, and BI export brings a full-featured industrial product to $400k–$780k. The dominant cost drivers are the offline-first sync correctness, the on-prem hardening work, and the role-based access control surface that has to survive a real plant audit.
Why use a custom MES instead of off-the-shelf SaaS, generic SCADA, or a forms builder?
SaaS MES vendors assume the plant has reliable internet and customer data leaves the perimeter; both are dealbreakers for a facility that operates offline by design. Off-the-shelf SCADA is configurable but the workflow surface around shift handoff, photo evidence, and an audit-grade archive sits outside its core model. Generic forms-builder plus automation stitches a brittle pipeline together. A custom Kotlin Android plus Laravel and React build owns the data, the deployment topology, and the workflow surface end to end.
How does the offline-first Android app stay in sync with the on-prem server?
Every operator action — stage start, timer event, photo upload, shift handoff — is written first to a local SQLite store on the device under a device-bound auth identity. A background sync worker drains the queue to the on-prem Laravel server over WebSockets when the plant LAN is reachable, with idempotent operations keyed by a client-generated ID so retries do not duplicate work. Conflicts are resolved server-side by the workflow engine, and the operator UI shows the last-known-good state until the server confirms acceptance.
How does CheckList stay GDPR and CCPA aligned for plant-floor data?
The system collects only the operator and process data the plant actually needs — operator role, shift, stage timing, photo evidence — and stores it on the on-prem server inside the plant's perimeter. There is no third-party broker, no cloud-only telemetry, and no shadow analytics tracker. Role-based access control gates who can see which photos and which shift archives. The data-handling posture is documented for both GDPR for European Union operations and CCPA for California operations, with audit-log retention configurable per facility.
How long does it take to ship an offline-first MES like this?
A focused MVP with a Kotlin Android operator app, a Laravel + React admin panel, a controller dashboard, on-prem deployment, and offline-first sync typically takes 20–32 weeks of calendar time. Adding a reactor and process constructor DSL, multi-plant federation, BI export, and a hardened audit-log store adds another 10–16 weeks. The on-prem hardening pass — device binding, role-based access control, audit-log retention, and the rollout choreography across plant floors in the US and EU — should be budgeted at 4–6 weeks of dedicated work.
Related cases
More industrial and platform builds
Home Improvement · Web
Mosokna
Unified online window calculator and CRM — multi-tenant across three brand sites, address-based lookup.
View case → Mobility · RidesharingConvenient Taxi Aggregator
Three-app taxi platform — driver, passenger, dispatcher — with realtime GPS and document verification.
View case → Automotive · E-commerceZipIt
Auto-parts marketplace plus seller CRM — VIN search, multi-location inventory, integrated delivery.
View case →Related services
Enterprise Software Development
Architecture-first enterprise platforms with audit-ready compliance and integration to SAP, Salesforce, Workday, Okta.
Learn more →
Software Modernization
Strangler-fig migration of legacy stacks (.NET Framework, Java 8, monolith) without rip-and-replace risk.
Learn more →
Digital Transformation Consulting
Pragmatic transformation that ships - cloud migration, legacy modernisation, AI integration, data platform.
Learn more →