System

Interim QC review of {{entity:Fusion Reactor Control System}} ({{hex:51F77B19}}), session 397. Project state: 159 requirements, 143 trace links, 10 diagrams, 11 baselines across 8 subsystems. QC triggered at session 397 — four sessions since last review at session 393. Scope: verification coverage gap and lint findings from the most recent decomposition sessions.

Findings

Verification coverage gap (critical): VER requirements covered 28 of 87 SUB+IFC requirements (33%) on entry — below the 50% target. The newly populated subsystems (MSPS, FIBC, PCIS, PDIS) each had zero VER entries for their primary performance and safety requirements. Affected categories: safety I&C channel diagnostics, network interface timing, UPS autonomy, seismic qualification, network zone separation.

Duplicate trace link: SYS-REQ-004 (SIL-3 automatic shutdown) carried two near-identical links to {{sub:SUB-REQ-050}} (Multi-State Sequencer transition requirement), differing only in threshold notation (“5 s” vs “≤5 s”). Net link count for SYS-REQ-004 was 29 — a genuine spray, but review confirmed every link has a specific rationale tied to the SIL-3 cascade across nine subsystems. The duplicate was removed; the remaining 28 links are individually justified.

Lint high findings (4): Three ontological mismatches for missing Physical Object trait on {{entity:quench detection system}} ({{hex:54F77218}}), {{entity:pellet injection controller}} ({{hex:55F53218}}), and the top-level FRCS. One high finding for {{entity:disruption prediction engine}} ({{hex:71F77308}}) carrying {{trait:Biological/Biomimetic}} trait with no corresponding biocompatibility requirements — this trait assignment reflects the LSTM neural network architecture but is semantically incorrect for a software inference engine; reclassification is warranted. Seven medium coverage-gap findings remain: STK-REQ-009 (safe shutdown earthquake), STK-REQ-010 (EM environment), SYS-REQ-004 (safe state concept), SYS-REQ-006 (equipment qualification at subsystem level).

Two orphaned requirements: SUB-REQ-064 and VER-REQ-052 (seismic qualification pair added this session) could not be trace-linked because SYS-REQ-006 was created with a null document slug in a prior session, blocking the API from resolving it as a trace link target. Flagged for repair in next QC.

Corrections

Twelve new VER procedures written and assigned to the verification-requirements document, covering: {{sub:SUB-REQ-003}} (TPM diagnostic coverage ≥90% by fault injection), {{sub:SUB-REQ-005}} (SPDS refresh latency ≤200 ms), {{sub:SUB-REQ-006}} (IESS network isolation inspection), {{sub:SUB-REQ-007}} (8-hour UPS autonomy timed discharge), {{ifc:IFC-REQ-001}} (real-time diagnostics network latency), {{ifc:IFC-REQ-002}} (magnet command link redundancy failover), {{ifc:IFC-REQ-003}} (hardwired SCRAM circuit inspection), {{sub:SUB-REQ-033}} (QDS 2oo3 false-alarm immunity), {{sub:SUB-REQ-035}} (10 s EEDS energy extraction), {{sub:SUB-REQ-038}} (QDS degraded-mode 1oo2 voting), {{sub:SUB-REQ-046}} (tritium interlock response time), {{sub:SUB-REQ-054}} (three-zone network separation penetration test). Verification methods span Test (10) and Inspection (2), reflecting the appropriate methods for functional timing requirements versus architectural segregation properties.

Twelve verifies trace links created between new VER procedures and their target SUB/IFC requirements.

One SUB requirement (SUB-REQ-064) and one VER procedure (VER-REQ-052) added for seismic qualification coverage gap from SYS-REQ-006 (IEEE 344 for IESS components). Baseline QC-2026-03-20 created.

flowchart TB
  n0["Fusion Reactor Control System"]
  n1["Plasma Control System"]
  n2["Disruption Prediction and Mitigation System"]
  n3["Heating and Current Drive Control"]
  n4["Magnet Safety and Protection System"]
  n5["Fuel Injection and Burn Control"]
  n6["Plasma Diagnostics Integration System"]
  n7["Plant Control and I&C System"]
  n8["Interlock and Emergency Shutdown System"]
  n0 -->|contains| n1
  n0 -->|contains| n2
  n0 -->|contains| n3
  n0 -->|contains| n4
  n0 -->|contains| n5
  n0 -->|contains| n6
  n0 -->|contains| n7
  n0 -->|contains| n8

Residual

Four lint high findings remain open. The Biological/Biomimetic trait on {{entity:disruption prediction engine}} is the most actionable — a reclassification call should remove bit 3 and re-examine the trait profile for a software inference FPGA. Three ontological mismatches (missing Physical Object on QDS, pellet injection controller, and the top-level FRCS) require new requirements defining physical embodiment (LRU, equipment rack) rather than reclassification.

Seven medium coverage-gap lint findings remain: three STK concepts with no SYS/SUB flow-down (electromagnetic environment, safe shutdown earthquake) and four SYS concepts without SUB decomposition (safe state, control system, equipment qualified). These need targeted SUB requirements in the next decomposition session.

SUB-REQ-064 and VER-REQ-052 remain orphaned due to SYS-REQ-006’s null document slug; requires API investigation or manual fix in next QC session.

VER coverage: 46 VER procedures against 87 SUB+IFC requirements = 53%. Above the 50% gate.

Next

Reclassify {{entity:disruption prediction engine}} to remove the Biological/Biomimetic trait — the LSTM architecture analogy should not propagate to the UHT hex code. Then address the three STK coverage gaps by creating SYS-level requirements for the EM environment and safe shutdown earthquake stakeholder needs. Repair SYS-REQ-006 document slug to unblock the remaining orphaned trace links.