System

Fusion Reactor Control System QC session. Project stands at 259 requirements across six documents (10 STK, 15 SYS, 107 SUB, 28 IFC, 8 ARC, 91 VER), 311 trace links, 10 diagrams. Status entering this session: validation-complete. Session scope: full QC on 21 lint findings (5 high, 16 medium), coverage gap analysis, spray pattern review, and entity reclassification.

Findings

Ontological mismatches (5 high, 4 medium): The most significant was {{entity:disruption prediction engine}} ({{hex:71F77308}}) carrying the {{trait:Biological/Biomimetic}} trait despite being a purely algorithmic LSTM ensemble running on GPU compute nodes. The trait was triggered by the term “neural network” being pattern-matched to biological systems. Three other Physical Object mismatches remain on {{entity:quench detection system}} ({{hex:54F77218}}), {{entity:pellet injection controller}} ({{hex:55F53218}}), and {{entity:safety arbiter}} — all lack Physical Object classification despite requirements imposing physical enclosure constraints. Four Ethically Significant mismatches (FRCS top-level, ESS, safety arbiter × 2) flag requirements addressing human safety but with no ethical proportionality requirements; these are residual and likely deliberate omissions in a technical system.

Coverage gaps (9 medium): Lint identified nine concepts in STK or SYS with no corresponding SUB decomposition. Key gaps: “safe state” referenced in {{sys:SYS-REQ-004}} but never defined at subsystem level; “heating systems” in {{stk:STK-REQ-010}} with no HCDC emission control responsibility. Existing {{sub:SUB-REQ-108}} partially covered safe state criteria but was not linked to {{sys:SYS-REQ-004}} — that link was missing. Five additional gaps (maintenance bus, equipment list, IEC standards references, functional safety, safety instrumented systems) are terminology coverage gaps in the lint’s concept extraction rather than genuine decomposition holes.

Spray patterns: {{sys:SYS-REQ-004}} (SIL-3 SCRAM function) carries 32 trace links — the largest spray in the project. All links have null rationale. This is genuinely justified: a SCRAM requirement cascades to every subsystem in a nuclear-class I&C system, as each subsystem must either execute a SCRAM action or be hardwired-independent from it. However, zero-rationale links are technically non-compliant. Flagged for next session to add per-link rationale. {{sys:SYS-REQ-001}}, {{sys:SYS-REQ-002}}, and {{sys:SYS-REQ-003}} each carry 9–11 links that similarly lack rationale.

Rationale and verification fields: All 259 requirements have both fields populated. No orphan requirements. 0 duplicate requirements found.

Corrections

Reclassified {{entity:disruption prediction engine}}: Previous hex {{hex:71F77308}} → new hex {{hex:51F73308}}. Biological/Biomimetic trait removed. Context now explicitly characterises the LSTM ensemble as a mathematical model implemented in software with no biological material, no biomimetic structures, and no sterilisation or biocompatibility requirements. The new classification correctly reflects {{trait:Synthetic}}, {{trait:Powered}}, {{trait:Processes Signals/Logic}}, {{trait:Functionally Autonomous}}, {{trait:System-Essential}}, {{trait:Digital/Virtual}}.

Closed safe state coverage gap: Created {{sub:SUB-REQ-112}} — IESS safe state definition with five enumerated criteria (plasma current < 1 kA, coil currents to dump resistors, ICRH/ECRH/NBI hardwired-inhibited, gas valves closed) and an 8-second SAFE-STATE-CONFIRMED signal window. Linked {{sys:SYS-REQ-004}} → {{sub:SUB-REQ-112}} and also added the missing trace link from {{sys:SYS-REQ-004}} → existing {{sub:SUB-REQ-108}} (ultimate zero-power safe state criteria). Without these links, {{sys:SYS-REQ-004}} had no traceable safe state definition — a verification-blocking gap.

Closed HCDC EMC coverage gap: Created {{sub:SUB-REQ-113}} — Heating and Current Drive Control EMC source control requirement (40 dB filter insertion loss across 50 MHz–170 GHz, bonding to plant EMC reference plane, limiting RF fields at PCS and IESS boundaries to < 10 V/m). Linked {{sys:SYS-REQ-010}} → {{sub:SUB-REQ-113}}. Created {{sub:VER-REQ-098}} — in-situ RF injection test procedure for verifying source control effectiveness. {{sub:SUB-REQ-093}} (Plant I&C cable shielding) remains as the complementary receiving-end immunity requirement.

Residual

Physical Object mismatches on quench detection system, pellet injection controller, and safety arbiter entities: reclassification attempts failed (entity resolution issue with compound names). These entities have correct higher-resolution duplicates ({{entity:Quench Detection System}}, {{entity:Pellet Injection Controller}}, {{entity:HCDC Supervisory and Safety Arbiter}}) with proper classifications; the stale lowercase variants carry the mismatch. Merge or deletion of stale variants would resolve lint findings 2, 3, 4.

Spray link rationale on SYS-REQ-004 (32 links), SYS-REQ-001 (11 links), SYS-REQ-002 (11 links) — all zero-rationale. Justified by safety cascade logic but non-compliant with protocol. Budget was consumed by gap closure; adding 54 individual link rationale entries was not feasible this session.

VER activity linkage: airgen verify run reports 0% coverage (0/256 verified) because VER requirements are linked via trace linksets (“verifies” type) but not registered as verification activities in the AIRGen activity system. The 91 VER requirements exist and are trace-linked; the gap is platform-level activity assignment.

Next

flowchart TB
  FRCS["Fusion Reactor Control System"]
  PCS["Plasma Control System"]
  DPMS["Disruption Prediction and Mitigation System"]
  HCDC["Heating and Current Drive Control"]
  MSPS["Magnet Safety and Protection System"]
  FIBC["Fuel Injection and Burn Control"]
  PDIS["Plasma Diagnostics Integration System"]
  PCIC["Plant Control and I&C System"]
  IESS["Interlock and Emergency Shutdown System"]
  FRCS --> PCS
  FRCS --> DPMS
  FRCS --> HCDC
  FRCS --> MSPS
  FRCS --> FIBC
  FRCS --> PDIS
  FRCS --> PCIC
  FRCS --> IESS

Next session: add per-link rationale to SYS-REQ-004 spray (prioritising the 5 IFC links and the 8 direct IESS subsystem links, as these represent the SCRAM cascade chain). Then merge stale lowercase entity variants (disruption prediction engine, quench detection system, pellet injection controller, safety arbiter) into their correctly classified proper-case counterparts to eliminate the remaining Physical Object lint findings.