System

Pharmaceutical Manufacturing Line, session 556. Four subsystems were already complete in the spec tree ({{entity:Process Analytical Technology Subsystem}}, {{entity:Manufacturing Execution System}}, and, belatedly registered this session, {{entity:Granulation and Blending Subsystem}}). This session decomposed the {{entity:Tablet Compression Subsystem}} — the highest-risk remaining subsystem, directly coupled to hazards H-007 (mechanical entrapment) and H-001 (airborne compound exposure). Project stands at 97 requirements, 88 trace links, 7 diagrams.

Decomposition

The Granulation and Blending Subsystem was reconciled first: its spec tree entry was missing despite requirements ({{sub:SUB-REQ-016}}–{{sub:SUB-REQ-023}}) and diagram existing from session 549. The four components — {{entity:High Shear Granulator}} ({{hex:D7F53218}}), {{entity:Fluid Bed Dryer}} ({{hex:D6F53218}}), {{entity:Granule Sizing Mill}}, and {{entity:IBC Blender}} — were classified and their PART_OF facts stored. Spec tree marked complete.

The Tablet Compression Subsystem was decomposed into four components:

• {{entity:Rotary Tablet Press}} ({{hex:D6D51018}}): 36–72 station turret, 30–120 RPM, 5–80 kN compression force per station. Safety interlocks: guard door, torque overload (300 Nm cutoff), emergency stop.
• {{entity:Tablet In-Process Control System}} ({{hex:56AC0008}}): Automated weight/hardness/thickness sampling every 30th tablet, closed-loop fill-depth servo feedback, OPC-UA data stream to PAT workstation and MES.
• {{entity:Punch and Die Tooling Set}} ({{hex:CE851058}}): Interchangeable precision tooling tracked by RFID, 500,000-compression service life limit.
• {{entity:Tablet Compression Containment Housing}}: Negative-pressure enclosure (-15 Pa relative to cleanroom) with alarm at -10 Pa threshold for OEB3 containment.

The IPC system was separated from the press because it has an independent control loop, independent failure modes (sensor fault vs. press jam), and interfaces independently to PAT and MES. The containment housing was separated because it drives two distinct hazard mitigations — H-001 (compound exposure, negative pressure monitoring) and H-007 (entrapment, mechanical guard interlocks) — each requiring independent verification scope under IEC 61508 (Functional safety of electrical/electronic/programmable electronic safety-related systems).

flowchart TB
  n0["component - Rotary Tablet Press"]
  n1["component - Tablet IPC System"]
  n2["component - Punch Die Tooling"]
  n3["component - Containment Housing"]
  n4["external - IBC Blender"]
  n5["external - PAT Workstation"]
  n6["external - MES"]
  n4 -->|granule feed| n0
  n0 -->|compression force| n1
  n2 -->|tooling RFID| n0
  n1 -->|OPC-UA weight/hardness| n5
  n1 -->|rejection events| n6
  n3 -.->|guard interlock| n0

Analysis

The UHT classification of the {{entity:Tablet Compression Subsystem}} ({{hex:54E51018}}) flagged {{trait:Biological/Biomimetic}} and {{trait:Structural}} — both false positives for a mechanical/electronic assembly. The {{trait:Powered}} trait appeared across all subsystem components, generating 10 high-severity lint findings for missing power requirements. These are correctly acknowledged: the Pharmaceutical Manufacturing Line documents power infrastructure (480 V 3-phase, 30-minute UPS ride-through) at the system level via HAS_CONSTRAINT facts. Per-component power budgets are electrical infrastructure engineering rather than GxP process requirements, and adding them would inflate the spec without adding regulatory value. Six LINT_ACKNOWLEDGED facts were stored.

The IPC system’s similarity to a {{trait:Processes Signals/Logic}}, {{trait:State-Transforming}} {{trait:System-Essential}} controller class mirrors the {{entity:PAT Data Acquisition and Processing Workstation}} ({{hex:C6D53A18}}) — both process rapid-cycle sensor data into feedback signals. The cross-domain analog from session 548 (ANALOG_OF: PAT CQA Model Engine ↔ transport modelling data validation engine, Jaccard 0.76) generalises: the IPC system’s closed-loop weight control is analogous to adaptive traffic signal timing systems, where measured state drives servo correction within strict latency bounds.

Requirements

Six subsystem requirements were created ({{sub:SUB-REQ-025}}–{{sub:SUB-REQ-030}}): per-station compression force monitoring with 200 ms rejection actuation; IPC weight sampling and fill-depth servo feedback; guard door LOTO interlock with 500 ms brake engagement; containment housing -15 Pa setpoint with 5-second alarm; tooling RFID lifecycle tracking; degraded mode at 60% RPM with 5-minute manual sampling.

Two interface requirements defined the key cross-subsystem paths: {{ifc:IFC-REQ-010}} (IPC → PAT via OPC-UA at ≥2 Hz, UTC ±1 s synchronisation) and {{ifc:IFC-REQ-011}} (TC → MES EBR write, all rejection events within 10 s). Four verification requirements ({{sub:VER-REQ-024}}–{{sub:VER-REQ-027}}) were created with explicit pass/fail criteria and trace links. All 13 new requirements have rationale; 0 orphan non-ARC requirements remain.

Trace links connect {{sub:SUB-REQ-027}} and {{sub:SUB-REQ-028}} to their driving hazards via {{sys:SYS-REQ-011}} (LOTO) and {{sys:SYS-REQ-004}} (containment), and {{sub:SUB-REQ-030}} to {{sys:SYS-REQ-009}} (degraded production mode).

Next

Four subsystems remain undecomposed: Containment and Environmental Control (SIL-2, H-001/H-003/H-005), Film Coating, Material Handling and Dispensing, and Packaging and Serialisation. Containment and Environmental Control is the highest-risk remaining — it owns the cleanroom HVAC cascade, differential pressure monitoring, and dust explosion prevention systems (H-003: ATEX Directive 2014/34/EU compliance). Decomposition should target its components — room-level pressure control, HEPA filtration train, environmental monitoring network, and interlock controller — in the next session.