SOLHEIR ESTATE

WHEN AI AGENTS BREAK BUILDINGS

A Case Study in AI Agent Network Impact on Shared Building Infrastructure at West Block Toronto

17–19 Bathurst Street · 500 Lake Shore Blvd West

Elevators · Fire Alarms · Access Control · Server Infrastructure

How Autonomous AI Agents on Shared Wi-Fi Are Destabilising Life-Safety Systems

S + A = C

Issued by The Solheir Estate

Managing Trustee: Kian Xavier Solheir

Classification: Case Study · Version 1.0 — March 2026

WEST BLOCK CASE STUDY

AI Agent Traffic · IT/OT Convergence · Life-Safety Risk

Standards + Accountability = Currency

876 condos. 1,100 Loblaw Digital workers. One shared network backbone.

When AI agents consumed the bandwidth, the building started breaking.

CONFIDENTIALITY & INTELLECTUAL PROPERTY

This document is the exclusive property of the Solheir Estate. All concepts, frameworks, and architectures — including AGD, S + A = C, the Golden Share, the Sacred Circle, the Zoran Law, the Landauer-Audited State Ledger, and all NQD brand assets — are proprietary intellectual property.

Unauthorized reproduction, distribution, or derivative use is strictly prohibited.

© 2026 Solheir Estate. All Rights Reserved.

CONTENTS

PREAMBLE: THE BUILDING AS A NETWORK

PART I — THE WEST BLOCK COMPLEX

1.1 876 Condos Above Loblaw Headquarters 1.2 Documented Infrastructure Failures 1.3 The Physical Integration Problem

PART II — HOW BUILDING SYSTEMS DEPEND ON IP NETWORKS

2.1 Elevator Control Systems 2.2 Fire Alarm Panel Networking 2.3 Access Control and Fob Systems 2.4 The VLAN Segmentation Illusion

PART III — AI AGENTS: A FUNDAMENTALLY DIFFERENT LOAD

3.1 Bandwidth per Agent: 100 MB–1+ GB/Hour 3.2 The 1,000x Multiplier 3.3 The 7,851% Year-Over-Year Growth 3.4 50 Concurrent Agents = Building-Scale Stress

PART IV — THE CASCADING FAILURE MECHANISM

4.1 Switch CPU Overload from Broadcast Storms 4.2 CAM Table Overflow: When Switches Become Hubs 4.3 Trunk Link Saturation 4.4 Discovery Protocol Bleeding 4.5 The RF Spectrum Layer

PART V — ONTARIO REGULATORY FRAMEWORK

5.1 CAN/ULC-S524: Dedicated Fire Alarm Links 5.2 Ontario Fire Code: O. Reg. 213/07 5.3 Condominium Act and Occupiers’ Liability 5.4 Toronto False Alarm Penalties

PART VI — RECOMMENDATIONS AND AGD GOVERNANCE

6.1 Immediate Technical Remediation 6.2 AGD as Infrastructure Governance 6.3 The Sacred Circle Applied to Network Architecture

CERTIFICATION

PREAMBLE

THE BUILDING AS A NETWORK

This case study documents a pattern of cascading infrastructure failures at the West Block complex (17–19 Bathurst Street, Toronto) — a mixed-use development where approximately 876 condominium units sit atop Loblaw Digital’s 1,100-person office and a flagship Loblaws supermarket, all sharing a common building network backbone. The documented failures include: elevator outages (at least twice weekly), fire alarm false activations (at least four times weekly), door fob and access control malfunctions (systems offline for days), complete heating system failures (twice within three days), and Loblaw’s own door systems malfunctioning simultaneously with the residential systems.

The hypothesis advanced in this case study is that the uptake of autonomous AI agents — tools like Claude Code, Devin, OpenAI Assistants, and other agentic AI systems — by residents and Loblaw Digital workers operating on the building’s shared Wi-Fi network is generating traffic volumes and patterns that overwhelm the shared physical infrastructure, causing cascading degradation of the building’s operational technology (OT) systems. This is not a theoretical risk. The traffic patterns of AI agents are fundamentally different from human web usage, the physical network infrastructure in mixed-use buildings is rarely properly segmented, and Ontario’s regulatory framework — particularly CAN/ULC-S524’s requirement that fire alarm data communication links be dedicated to the fire alarm system only — establishes clear standards that shared-infrastructure architectures may be violating.

THESIS: Autonomous AI agents running on shared residential Wi-Fi generate traffic 100–1,000x greater than human browsing. When building life-safety systems (elevators, fire alarms, access control) share physical network infrastructure with tenant networks, this traffic is sufficient to cause cascading OT failures — even when the systems are logically separated by VLANs.

PART I

THE WEST BLOCK COMPLEX

1.1 876 Condos Above Loblaw Headquarters

17 Bathurst Street (“The LakeShore,” ~42 storeys) and 19 Bathurst Street (“The LakeFront,” ~47 storeys) were developed by Concord Adex as part of the West Block Est. 1928 mixed-use complex. The towers rise directly above the restored 1928 Loblaw Groceterias heritage building at 500 Lake Shore Blvd West. Today, the seven-storey commercial podium houses five floors of Loblaw Digital offices (over 1,100 workers), a 50,000 sq ft flagship Loblaws supermarket, Shoppers Drug Mart, Joe Fresh, and an LCBO. Choice Properties REIT — Loblaw’s real estate arm, controlled by the Weston family — acquired full ownership of the commercial component in 2020 for $206 million.

The physical integration is total: condo residents have direct indoor access to the retail below, and both residential and commercial components share the building’s core infrastructure — mechanical, electrical, and critically, network. This architectural marriage of nearly 900 residential units, a major corporate technology office, and high-traffic retail creates an environment where thousands of simultaneous network users and building automation systems compete for shared infrastructure resources.

1.2 Documented Infrastructure Failures

| System Failure Pattern | Frequency | Impact | | :--- | :--- | :--- | | Elevators | Service outages, all three disabled simultaneously | 2+ times/week Residents stranded in 42–47 storey towers | | Fire Alarms | False activations, no visible cause | 4+ times/week Evacuation fatigue, Toronto Fire dispatch costs | | Door Fobs | Access control offline, fobs unresponsive | Multi-day outages Residents locked out, security compromised | | Heating | Complete building-wide heating failure | Twice in 3 days Habitability violation in winter conditions | | Loblaw Doors | Commercial door systems malfunctioning | Concurrent with residential Indicates shared infrastructure root cause | | Servers | Building management servers crashing | Recurring Loss of monitoring, control, and logging |

1.3 The Physical Integration Problem

The critical observation is that Loblaw’s commercial door systems and the residential access control systems are failing simultaneously. If these were independent systems on independent networks, simultaneous failure would be coincidental. The concurrent failure pattern strongly suggests a shared infrastructure root cause — a common network backbone, switch fabric, or uplink that serves both the residential and commercial OT systems. When that shared resource is overwhelmed, both systems degrade together.

PART II

HOW BUILDING SYSTEMS DEPEND ON IP NETWORKS

2.1 Elevator Control Systems

Modern destination-dispatch elevator systems — Otis Compass, KONE DX Class, Schindler PORT, ThyssenKrupp MAX — rely on TCP/IP communication between dispatch servers, destination entry computers, and access control integration controllers. When network connectivity fails, destination dispatch ceases and elevators revert to conventional call mode. Elevator safety systems (governors, buffers, interlocks) remain hardwired per ASME A17.1, but service quality degrades markedly. In a 47-storey tower, the difference between intelligent dispatching and degraded-mode operation is the difference between a 2-minute wait and a 15-minute wait.

2.2 Fire Alarm Panel Networking

Fire alarm systems use dedicated Signaling Line Circuits (SLC) that operate independently of IP infrastructure. However, panel-to-panel networking on systems like Simplex 4100ES runs over 100 Mbps IP infrastructure. When IP communication fails between networked panels, the system generates communication fault signals — trouble conditions that trigger Brigade Fault relays. Persistent communication faults consume monitoring station attention, generate nuisance dispatches, and degrade system reliability. CAN/ULC-S524:2019 explicitly requires that Data Communication Link Style N (DCLN) pathways — including Ethernet — shall be dedicated to the fire alarm system only.

2.3 Access Control and Fob Systems

Enterprise-grade access controllers (HID VertX EVO, Genetec Synergis) cache 50,000–250,000 credentials locally for offline operation, but real-time features fail during network outages: event logging, credential updates, remote unlock, and elevator dispatch integration. Cloud-dependent systems like Kisi support only 36 hours of cached credentials before losing all access control capability. If the building’s fob system is cloud-dependent and the shared network is degraded, fobs stop working — exactly the pattern observed at West Block.

2.4 The VLAN Segmentation Illusion

The industry standard for protecting OT systems is VLAN segmentation — logically separating building automation traffic from tenant traffic on the same physical switches. This is necessary but fundamentally insufficient. According to the SANS Institute, only 8.2% of organisations maintain fully air-gapped OT systems. VLAN segmentation protects against casual sniffing; it does not protect against the physical-layer failure modes that AI agent traffic triggers — switch CPU overload, CAM table overflow, trunk link saturation, and broadcast storm amplification. These failures affect all VLANs on the shared switch fabric regardless of logical separation.

PART III

AI AGENTS: A FUNDAMENTALLY DIFFERENT LOAD

3.1 Bandwidth per Agent: 100 MB–1+ GB/Hour

A March 2026 study measured actual wire-level traffic from Claude Code across 10 sessions and 223 LLM calls. The baseline overhead for a single API call — before the user types anything — is 82.6 KB (15,245-character system prompt + 67,425 characters of tool schemas). A 74-character user question constitutes just 0.088% of the total request payload. Over 10 sessions, Claude Code generated 25.95 MB outbound and 4.46 MB inbound in pure LLM API traffic alone. Adding package downloads, git operations, documentation browsing, and code execution, a single autonomous agent session consumes 100 MB to over 1 GB per hour.

3.2 The 1,000x Multiplier

Cloudflare CEO Matthew Prince stated at SXSW (March 2026) that a human shopping for a camera might visit 5 websites; an AI agent performing the same task visits 5,000 — a thousandfold multiplier. Human browsing follows bursty, intermittent patterns: 1–10 page loads per minute during active sessions of 5–30 minutes. AI agents produce sustained, high-frequency traffic: 10–100+ API calls per minute, chained sequentially at machine speed, running continuously for hours or days. Shared infrastructure is engineered for aggregate human traffic profiles, not the sustained load profiles of autonomous agents.

3.3 The 7,851% Year-Over-Year Growth

HUMAN Security’s 2026 State of AI Traffic Report documented AI agent traffic growing 7,851% year-over-year in 2025. The Imperva 2025 Bad Bot Report found automated traffic crossed the 51% majority threshold of all web traffic in 2024. Cloudflare projects bot traffic will exceed human traffic by 2027. Buildings engineered for 2020-era network loads face exponentially increasing infrastructure stress without any physical changes to the building.

3.4 50 Concurrent Agents = Building-Scale Stress

If 50 of West Block’s ~876 residents concurrently run autonomous agents — a conservative estimate in a tech-adjacent building above Loblaw Digital — the LLM API traffic alone reaches 130 MB per hour. Factor in tooling traffic and 50–100 concurrent agent sessions could generate 10–50 GB per hour on the shared network. Add 1,100 Loblaw Digital workers — a software engineering population highly likely to be running AI development tools — and the aggregate agent traffic could saturate a shared gigabit backbone within business hours.

KEY FINDING: A single AI agent generates 100–1,000x the network traffic of a human user. In a building with ~2,000 potential users (876 residential + 1,100 Loblaw Digital), even a 5% agent adoption rate produces traffic volumes sufficient to stress shared switch infrastructure and trigger cascading OT failures.

PART IV

THE CASCADING FAILURE MECHANISM

4.1 Switch CPU Overload from Broadcast Storms

APNIC research demonstrated that a broadcast storm on VLANs 1 and 200 caused an uninvolved switch carrying only VLAN 500 to reach 100% CPU utilisation and become unreachable. The mechanism: every arriving frame’s VLAN tag must be inspected before the switch can drop it, and at storm volumes (~900 Mbps from a single PING to a non-existent IP), tag inspection alone saturates the CPU. When switch CPU is saturated: spanning tree BPDUs are dropped (risking topology instability across all VLANs), ARP resolution fails for every VLAN, packets are dropped indiscriminately due to buffer saturation, and the switch becomes unreachable via management interfaces. This is the mechanism by which tenant traffic overwhelms building OT systems even when they’re on separate VLANs.

4.2 CAM Table Overflow

When a switch’s Content-Addressable Memory table fills (4,000–128,000 entries depending on model), the switch enters fail-open mode and floods all traffic to all ports, effectively becoming a hub. Traffic from the BMS VLAN becomes visible on tenant ports and vice versa. AI agents running multiple containerised environments, spawning browser instances, and creating network namespaces can generate far more MAC address entries than typical human usage.

4.3 Trunk Link Saturation

On trunk ports carrying multiple VLANs, heavy traffic from the tenant VLAN consumes shared backplane bandwidth, starving BMS traffic. Storm control monitors combined Layer 2 traffic across all VLANs on trunk links. A saturated trunk between floor switches and the building’s core switch degrades every system using that path — including elevators, fire panels, and access controllers on separate VLANs.

4.4 Discovery Protocol Bleeding

mDNS (port 5353), SSDP (port 1900), and UPnP traffic can leak between VLANs through misconfigured reflectors or bridge domains. AI agents with computer-use capabilities instructed to “check connectivity” or “find available services” may broadcast ARP requests, send mDNS/SSDP queries, or perform TCP SYN scans — all generating broadcast traffic that stresses shared switch infrastructure. Palisade Research’s LLM Agent Honeypot logged over 20 million access attempts and confirmed at least 3 autonomous AI agents probing infrastructure without human direction.

4.5 The RF Spectrum Layer

The 2.4 GHz band offers only 3 non-overlapping channels. In a building with hundreds of AI agents making constant HTTP connections, continuous Wi-Fi transmissions occupy the wireless medium (half-duplex), preventing building sensors using Zigbee (also 2.4 GHz), BLE, or wireless BMS components from transmitting. Wi-Fi performance degrades significantly above 50% channel utilisation; beyond 80%, effective throughput collapses for all wireless devices.

PART V

ONTARIO REGULATORY FRAMEWORK

5.1 CAN/ULC-S524: Dedicated Fire Alarm Links

CAN/ULC-S524:2019 (Installation of Fire Alarm Systems), directly referenced by Ontario Building Code Section 3.2.4.5(1), introduces Data Communication Link Style N (DCLN) pathways — including Ethernet — and explicitly requires that DCLN shall be dedicated to the fire alarm system only.

PART VI

RECOMMENDATIONS AND AGD GOVERNANCE

6.1 Immediate Technical Remediation

• Network audit. Commission an independent IT/OT segmentation audit of the West Block network infrastructure. Determine whether fire alarm, elevator, and access control systems share physical switches, trunk links, or uplinks with tenant Wi-Fi and Loblaw corporate networks.
• Physical air-gapping. If fire alarm data communication links are not on dedicated infrastructure per CAN/ULC-S524, this is a code compliance issue requiring immediate remediation.
• Storm control and QoS. Implement broadcast storm control thresholds, port security limits, DHCP snooping, and quality-of-service policies prioritising OT traffic on all shared trunk links.
• Agent traffic policy. Establish acceptable use policy addressing autonomous AI agent usage on shared building Wi-Fi, including bandwidth caps and traffic shaping for sustained high-volume connections.

6.2 AGD as Infrastructure Governance

The AGD Operating System’s governing equation — S + A = C — applies directly to building network architecture. Standards (S): CAN/ULC-S524 compliance, physical air-gapping of life-safety networks, documented network segmentation architecture. Accountability (A): real-time network monitoring with automated alerting when OT traffic is degraded, quarterly independent audits, public reporting to the condo corporation. Currency (C): the emergent proof that the building’s life-safety systems operated in alignment with their design specifications — that the elevator responded, the fire alarm communicated, and the fob authenticated.

6.3 The Sacred Circle Applied to Network Architecture

Under AGD, every interaction between a network device and the building’s infrastructure operates as a Sacred Circle: a self-contained execution environment where the interaction executes deterministically within its allocated resources and dissolves without residual impact on other systems. The tenant’s AI agent session is a Sacred Circle — it executes within its allocated bandwidth, its packets are contained within its VLAN, and its completion leaves no entropic drag on the fire alarm’s data communication link. The fire alarm’s communication cycle is a Sacred Circle — it executes on its dedicated DCLN, verifies panel-to-panel connectivity, and seals the state. These circles cannot share physical infrastructure because sharing creates the structural possibility that one circle’s entropy contaminates another. This is not network engineering philosophy. In a 47-storey building, it is the architectural definition of whether the fire alarm works when the building is on fire.

The same classification logic documented in the Black Pearl Audit and People Are Not Resources operates here: when a building treats its life-safety systems as “just another VLAN” on a shared network — classifying fire alarms, elevators, and access control as equivalent to tenant Netflix streams and AI agent API calls — it is making the same ontological error as classifying humans as “resources.” The consequence in HR is discrimination. The consequence in a building is someone trapped in a 47-storey tower when the elevator fails and the fire alarm can’t communicate.

CERTIFICATION

CERTIFICATION AND SIGNATURE

I certify under the Law of the Land that the foregoing case study is true and correct to the best of my knowledge. All technical claims are sourced to identified standards, peer-reviewed research, or official regulatory documents. This document is issued under the authority of the Solheir Private Estate.

Signed: _______________________________________________

Kian Xavier Solheir

Managing Trustee, Solheir Private Estate

Authorized Representative for the Consolidated Trust

Prepared under the authority of the Solheir Estate

Managing Trustee: Kian Xavier Solheir

Operational Arm: Northern Quantum District

Governance Framework: Allodial Geometrodynamics Operating System (AGD OS)

Core Doctrine: Standards + Accountability = Currency

Version 1.0 — March 2026

By the Hand of the Managing Trustee,

The Ledger is Balanced,

The Record is Sealed.

THE SOLHEIR ESTATE

PRIVILEGED & CONFIDENTIAL — SOLHEIR PRIVATE ESTATE — ALL RIGHTS RESERVED