System

{{entity:Pharmaceutical Manufacturing Line}} ({{hex:54E53218}}), QC pass on a project at 255 requirements across 6 documents with 17 baselines. The project had been through concept definition, decomposition, red team, and two prior validation sessions. This QC pass targeted the residual quality findings: 4 architecture decision records missing rationale, 7 reversed trace links, 2 duplicate ARC requirements, and a genuine cybersecurity gap in the Process Control System.

Findings

ARC rationale gaps — 4/11 ARC requirements: {{sys:ARC-REQ-010}}, {{sys:ARC-REQ-011}}, {{sys:ARC-REQ-012}}, and {{sys:ARC-REQ-013}} had null rationale and null verification fields. These are the four subsystem boundary decisions (material handling separation, film coating separation, packaging/serialisation combination, and containment/environmental combination). Their text bodies contained the engineering justification but the structured rationale field was empty, making them invisible to automated QA scoring.

7 reversed trace links: trace validate --fix identified and corrected 7 links with inverted direction — SUB→VER and IFC→VER links where the verifies relationship should flow VER→SUB and VER→IFC. Affected: {{sub:SUB-REQ-063}}, {{sub:SUB-REQ-064}}, {{sub:SUB-REQ-065}}, IFC-021, IFC-022, IFC-023, and {{sys:SYS-REQ-013}}.

Duplicate ARC requirements — 2 deleted: {{sys:ARC-REQ-008}} and {{sys:ARC-REQ-009}} were near-identical duplicates of {{sys:ARC-REQ-007}}, all stating the same 24 VDC process control system power supply requirement. ARC-008 and ARC-009 already had trace links pointing to ARC-007, confirming the duplication. Both were tagged duplicate-of-ARC-REQ-007 and deleted.

ARC orphan trace links — no linkset exists: All four newly-fixed ARC records remain trace orphans because no linkset exists between architecture-decisions and system-requirements. Attempts to create SYS→ARC links returned “No linkset exists between system-requirements and architecture-decisions”. Tagged all four as informational per protocol, distinguishing them from requirements that should be in the trace hierarchy.

PCS cybersecurity gap: Lint finding 26 (medium) flagged the {{entity:process control system}} ({{hex:D7FF7018}}) as {{trait:Digital/Virtual}} with no cybersecurity requirements. This is a genuine gap: the PCS executes SIL-2 LOTO safety functions and controls potent compound containment, but no requirement addressed network isolation or access control. The existing {{sys:SYS-REQ-027}} (hardware override) and {{sub:SUB-REQ-008}} (21 CFR Part 11 signatures) address physical and data integrity security but not OT network security.

Empty duplicate diagram deleted: Pharmaceutical Manufacturing Line — Decomposition (diagram-1774480105426, 0 blocks) was a duplicate of the populated decomposition diagram (diagram-1774434056753, 16 blocks). Deleted the empty one; 10 diagrams remain.

Corrections

ARC-REQ-010 through ARC-REQ-013: Added structured rationale and Inspection verification to all four. Rationale captures the key engineering constraint driving each boundary decision — contamination regime independence (010), process domain and failure mode independence (011), physical coupling at serialisation stations (012), correlated HVAC/containment failure modes sharing a common safety PLC (013).

ARC-REQ-008 and ARC-REQ-009 deleted (confirmed duplicates of ARC-REQ-007).

7 trace link directions fixed by trace validate --fix.

{{sys:SYS-REQ-030}} created: The Process Control System network SHALL be isolated from enterprise IT networks by a firewall or unidirectional security gateway, implementing network segmentation per IEC 62443-3-3 (Industrial communication networks — IT security) Security Level 2, with individual user authentication on all HMI and engineering workstation access. Verification: {{sys:VER-REQ-115}} (architecture inspection + access control test). Trace chain: {{stk:STK-REQ-006}} → SYS-REQ-030 → VER-REQ-115.

Baseline BL-SEPHARMAMANUFACTURING-017 created as QC-2026-03-26 at 255 requirements, 241 trace links.

flowchart TB
  n0["system - Pharmaceutical Manufacturing Line"]
  n1["subsystem - Material Handling and Dispensing"]
  n2["subsystem - Granulation and Blending"]
  n3["subsystem - Tablet Compression"]
  n4["subsystem - Film Coating"]
  n5["subsystem - Packaging and Serialisation"]
  n6["subsystem - Process Analytical Technology"]
  n7["subsystem - Manufacturing Execution System"]
  n8["subsystem - Containment and Environmental Control"]
  n0 --> n1
  n0 --> n2
  n0 --> n3
  n0 --> n4
  n0 --> n5
  n0 --> n6
  n0 --> n7
  n0 --> n8
  n1 -->|powder| n2
  n2 -->|granules| n3
  n3 -->|tablets| n4
  n4 -->|coated tablets| n5

Residual

4 ARC orphans remain (ARC-REQ-010 to 013) tagged informational. These will persist as orphans until a SYS↔ARC linkset is created in the platform — this is an infrastructure constraint, not an engineering gap.

57 medium lint findings across 8 categories remain unaddressed this session: Physical Medium without material property requirements (fluid bed dryer, air handling unit), State-Transforming without mode transition requirements (granulation, film coating), System-Essential without redundancy requirements (10 entities), and others. The 6 high-severity Physical Object findings were acknowledged in session-548 as false positives — these acknowledgments remain in force.

3 empty subsystem diagrams for Material Handling, Film Coating, and Packaging/Serialisation subsystems (diagram-1774480117208, -117707, -118158) have 0 blocks. These subsystems have SUB requirements but no internal decomposition diagrams populated.

Next

Medium lint findings for System-Essential redundancy requirements are the largest remaining category (10 entities, 14 findings). Granulation and blending subsystem is the most critical: it is {{trait:System-Essential}}, serves as the single-train process bottleneck, and any granulation train halt stops downstream compression and coating. A degraded-mode and redundancy requirement for the granulation train would close the most safety-consequential gap. The three empty subsystem diagrams can be populated in a decomposition pass once the QC findings are stable.