System

{{entity:Naval Combat Management System}} ({{hex:51FD7959}}), project se-naval-cms. This is the QC review session following first-pass completion of all 10 subsystems across 58 components. The project entered this session with 185 requirements, 184 trace links, and 15 diagrams across 8 baselines.

Findings

Duplicate requirements (4 instances). The {{entity:Electronic Warfare Subsystem}} decomposition contains textual duplicates: {{sub:SUB-SUBSYSTEMREQUIREMENTS-053}} duplicates {{sub:SUB-SUBSYSTEMREQUIREMENTS-049}} ({{entity:Electronic Attack Controller}} jamming initiation), {{sub:SUB-SUBSYSTEMREQUIREMENTS-054}} duplicates {{sub:SUB-SUBSYSTEMREQUIREMENTS-050}} (simultaneous jamming capacity), {{sub:SUB-SUBSYSTEMREQUIREMENTS-055}} duplicates {{sub:SUB-SUBSYSTEMREQUIREMENTS-051}} ({{entity:EW Threat Library}} database capacity), and {{sub:SUB-SUBSYSTEMREQUIREMENTS-056}} duplicates {{sub:SUB-SUBSYSTEMREQUIREMENTS-052}} (field-programmable updates). These were created across different decomposition sessions and flagged in {{arc:ARC-ARCHITECTUREDECISIONS-001}} for consolidation.

Degraded mode requirements lack measurable criteria (4 instances). {{stk:STK-STAKEHOLDERNEEDS-005}} establishes the need for degraded operation but specifies no acceptance thresholds. {{sub:SUB-SUBSYSTEMREQUIREMENTS-009}} ({{entity:Threat Evaluation Engine}} degraded priority) and {{sub:SUB-SUBSYSTEMREQUIREMENTS-092}} ({{entity:Common Operating Picture Generator}} degraded refresh) specify behavior but not measurable pass/fail values. {{sys:SYS-SYSTEM-LEVELREQUIREMENTS-014}} partially addresses this with 500-track capacity and 500ms latency thresholds but lacks warfare domain engagement criteria.

Ontological mismatch (2 high-severity). UHT classifies both the system ({{hex:51FD7959}}) and {{entity:Electronic Attack Controller}} ({{hex:51F77A39}}) without the {{trait:Physical Object}} trait, but requirements impose physical/environmental constraints on both. This is ontologically correct — these are abstract system concepts with physical packaging requirements — but flags a gap in physical embodiment specification at subsystem level.

Verification coverage thin. Only 11 verification entries covered 185 functional requirements before this session. Safety-critical functions (EMCON compliance, cybersecurity, degraded mode operation) had no verification approach defined.

Structural. Verification requirements are co-mingled with functional requirements by AIRGen document structure, not a real quality issue.

flowchart TB
  CMS["Naval Combat Management System"]
  SM["Sensor Management"]
  TM["Track Management"]
  TEWA["TEWA"]
  WC["Weapon Control"]
  EW["Electronic Warfare"]
  CM["Communications Management"]
  TD["Tactical Display"]
  NP["Navigation and Platform"]
  DPI["Data Processing Infrastructure"]
  TS["Training and Simulation"]

  SM -->|Sensor reports| TM
  TM -->|Correlated tracks| TEWA
  TEWA -->|Engagement orders| WC
  EW -->|ESM bearings| TM
  CM -->|Data link tracks| TM
  TM -->|Tactical picture| TD
  NP -->|Own-ship data| TM
  TS -->|Simulated sensor data| SM
  WC -->|Weapon status| TEWA
  TEWA -->|Decision displays| TD

Corrections

Added {{sub:SUB-SUBSYSTEMREQUIREMENTS-105}} — physical embodiment requirement for {{entity:Electronic Attack Controller}}: 6U VME LRU with MIL-STD-461G EMI shielding and 5000-hour MTBF. Traced to {{sys:SYS-SYSTEM-LEVELREQUIREMENTS-012}}.

Added {{sub:SUB-SUBSYSTEMREQUIREMENTS-107}} — measurable degraded mode criteria for {{entity:Threat Evaluation Engine}}: 3-second evaluation cycle for top 50 tracks, weapon assignment for top 10 threats within 5 seconds at 70% capacity. Traced to {{sys:SYS-SYSTEM-LEVELREQUIREMENTS-014}}.

Added 3 verification entries. {{ver:VER-VERIFICATIONMETHODS-012}} (degraded mode progressive node disabling test), {{ver:VER-VERIFICATIONMETHODS-013}} (EMCON RF monitoring test with 30-minute compliance period), {{ver:VER-VERIFICATIONMETHODS-014}} (cybersecurity red-team penetration test). All traced to parent requirements.

Created SYS→VER linkset to enable system-level requirements to trace directly to verification entries.

Resolved 2 orphaned requirements (SUB-104, SUB-106) created by failed jq parsing during the session — traced to their parent system requirements.

Cross-domain check. {{entity:Weapon Safety Interlock Manager}} ({{hex:44B57871}}) shares 84% Jaccard similarity with {{entity:firing interlock}} ({{hex:C4A53859}}) — the safety interlock pattern is consistent across weapon system domains. No missing requirements identified from the analog.

Residual

The 4 duplicate EW requirements (SUB-053 through SUB-056) remain in place per the no-silent-overwrites rule. They are documented in {{arc:ARC-ARCHITECTUREDECISIONS-001}} for consolidation by an operator session. The degraded mode findings on original requirements (STK-005, SUB-009, SUB-092) persist because companion requirements were added rather than modifying originals. The 2 HIGH ontological mismatch findings are accepted as correct UHT classification — the entities are abstract systems with physical packaging constraints, not physical objects per se.

Next

The project is ready for validation (Flow D). The validation session should focus on: (1) whether the 10-subsystem decomposition with 58 components accurately represents a real naval CMS architecture; (2) whether interface protocols and data rates are realistic for military shipboard systems; (3) whether safety-critical requirements (weapon interlocks, EMCON, training mode isolation) meet the standards expected for a defence system at this criticality level; and (4) consolidating the 4 duplicate EW requirements.