System

The {{entity:Fusion Reactor Control System}} is a tokamak control and protection system covering 8 subsystems, 43 PART_OF relationships, 34 CONNECTS relationships, and 145 requirements across stakeholder, system, subsystem, interface, architecture, and verification documents. This QC session addressed traceability completeness and coverage gaps surfaced by lint analysis after the final two decomposition sessions (Plant Control and I&C System, Plasma Diagnostics Integration System) in sessions 394–395.

Entry state: 141 requirements, 118 trace links, 8 orphaned requirements, 35 lint findings (5 high, 30 medium). Exit state: 145 requirements, 131 trace links, 0 orphaned requirements, 30 lint findings (4 high, 26 medium), baseline QC-2026-03-20.

Findings

Orphaned requirements (8/141): All orphans were session-395 additions not yet linked. Six were SUB/IFC requirements lacking parent SYS trace links; two were ARC architecture decisions (ARC-REQ-008 PCIS, ARC-REQ-009 PDIS) with no links at all. The SUB requirements divided into two clusters: degraded-mode watchdog requirements ({{sub:SUB-REQ-058}}, {{sub:SUB-REQ-059}}, {{sub:SUB-REQ-060}}) needing links to {{sys:SYS-REQ-002}} and {{sys:SYS-REQ-001}}, and operational requirements ({{sub:SUB-REQ-050}} MSV state machine, {{sub:SUB-REQ-054}} network zone separation) deriving from {{sys:SYS-REQ-004}}.

Coverage gaps (3 findings): Lint identified three SYS-level concepts without SUB-level decomposition. “Safe state” appeared in {{sys:SYS-REQ-004}} without a subsystem-level definition — the requirement mandates a 5 s transition but nowhere defined what safe state consists of. “Equipment qualified” in {{sys:SYS-REQ-006}} had no corresponding IESS seismic qualification requirement. Both are genuinely missing, not lint artefacts.

Acknowledged findings (4): The {{entity:Disruption Prediction Engine}} carries the Biological/Biomimetic trait because LSTM is biologically inspired — no biocompatibility requirements apply to a purely electronic system. Three System-Essential components ({{entity:emergency shutdown system}}, {{entity:Safety Logic Processor}}, {{entity:Emergency Shutdown Sequencer}}) were flagged for missing redundancy requirements, but {{sub:SUB-REQ-001}} (2oo3 voting), {{sub:SUB-REQ-039}} (1oo2 SLP), and {{sub:SUB-REQ-040}} (watchdog ESS) already cover these; the lint pattern-matcher did not locate them. All four acknowledged and stored as LINT_ACKNOWLEDGED facts in the {{entity:Fusion Reactor Control System}} namespace.

High-severity power gap: The {{entity:Disruption Precursor Monitor}} carries the {{trait:Powered}} trait but had no power supply requirement despite being in the disruption detection chain. The 50 ms detection budget in {{sys:SYS-REQ-002}} has no margin for DPM power loss and switchover dead-time.

Corrections

8 trace links added for orphaned requirements:

• {{sys:SYS-REQ-004}} → {{sub:SUB-REQ-050}} (MSV state machine derives from safety shutdown)
• {{sys:SYS-REQ-004}} → {{sub:SUB-REQ-054}} (network zone separation enforces hardware independence)
• {{sys:SYS-REQ-002}} → {{sub:SUB-REQ-058}} (DPM watchdog maintains disruption mitigation on sensor loss)
• {{sys:SYS-REQ-001}} → {{sub:SUB-REQ-059}} (ERP watchdog maintains equilibrium under solver fault)
• {{sys:SYS-REQ-002}} → {{sub:SUB-REQ-060}} (DPMS supervisory DPE heartbeat preserves mitigation chain)
• {{sys:SYS-REQ-001}} → {{ifc:IFC-REQ-026}} (MDA–RTDSC interface carries signals for equilibrium reconstruction)
• {{sys:SYS-REQ-004}} → ARC-REQ-008 (PCIS architecture supports safety-independence)
• {{sys:SYS-REQ-002}} → ARC-REQ-009 (PDIS architecture enables disruption precursor detection)

3 new requirements created:

• {{sub:SUB-REQ-061}}: IESS seismic qualification to IEEE 344 category I (linked to SYS-REQ-006, verified by {{ver:VER-REQ-035}})
• {{sub:SUB-REQ-062}}: Safe state defined as four-condition: zero plasma current, zero heating power, coils discharged, fuelling valves closed — all verified within 5 s of SCRAM
• {{sub:SUB-REQ-063}}: DPM power supply at 24 VDC ±10%, 150 W budget, 10 ms switchover recovery (linked to SYS-REQ-002)

1 duplicate diagram (Fuel Injection and Burn Control — Internal) removed via deduplicate.

Residual

26 medium-severity lint findings remain: Synthetic manufacturing requirements absent at system level (acceptable — this is a control system specification, not a product build spec), Regulated compliance requirements for PIC and QDS (plant-level nuclear regulatory compliance documents are out of scope for this AIRGen project), and coverage gap for “heating systems” in STK-REQ-010 at system level (the HCDC subsystem covers this implicitly; a future session may add a SYS-level heating-system requirement if the reviewer considers it needed).

The malformed ID REQ-SEFUSIONREACTORCONTROLSYSTEM-009 for SYS-REQ-006 (seismic) indicates it was created without a --document flag in a prior session. The ref is correct; only the internal ID is malformed. No action taken (fixing requires delete+recreate which risks breaking trace links).

Decomposition

flowchart TB
  n0["Fusion Reactor Control System"]
  n1["Plasma Control System"]
  n2["Disruption Prediction and Mitigation System"]
  n3["Heating and Current Drive Control"]
  n4["Magnet Safety and Protection System"]
  n5["Fuel Injection and Burn Control"]
  n6["Plasma Diagnostics Integration System"]
  n7["Plant Control and I&C System"]
  n8["Interlock and Emergency Shutdown System"]
  n0 --> n1
  n0 --> n2
  n0 --> n3
  n0 --> n4
  n0 --> n5
  n0 --> n6
  n0 --> n7
  n0 --> n8

Next

All orphaned requirements are linked. Remaining lint findings are either acknowledged (Biological/Biomimetic DPE, System-Essential redundancy already covered) or categorised as acceptable residual (manufacturing/compliance). The project is ready for SE_VALIDATION: ConOps scenario walkthrough, VER coverage sampling, and mode coverage audit against the eight MSV states defined in {{sub:SUB-REQ-062}}.