System

Requirements engineering review for {{entity:Emergency Diesel Generator for a UK Nuclear Licensed Site}} ({{entity:se-edg-uk-nuclear}}). Entered session at 112 requirements, 108 trace links, 8 baselines. Exit state: 116 requirements, 115 trace links, baseline BL-SEEDGUKNUCLEAR-009.

Quality Improvements

Four requirements held qaScore 71 on entry. The common failures were ambiguous terms (“sufficient”, “fast”, “can”) and texts exceeding the 35-word hard cap.

• {{ifc:IFC-REQ-011}}: “sufficient cranking torque” removed; rewritten as a direct quantified action (25–30 bar, 120 rpm, 1.5 s, -10°C) within 34 words. Score 71 → 100.
• {{sub:SUB-REQ-011}}: “sufficient for 7 days” removed; inventory stated as 7,000 litres sustaining 7-day rated-load operation, CIMAC Class DM retained. Score 71 → 100.
• {{sys:SYS-REQ-011}}: forbidden modal “can” removed; rewritten as SHALL with explicit fire barrier and suppression path preserving alternate train. Score 71 → 100.
• {{sys:SYS-REQ-013}}: “fast-start” flag dropped (ambiguous term “fast”); rewritten as SHALL with enumerated test actions (LOOP simulation, 2-hour 75% run, automated recording). Score 71 → 100.

All four tagged reqs-eng-session-583.

Traceability

Reversed links fixed: airgen trace validate --fix corrected 12 reversed verifies links. These were all of the form SUB/IFC-REQ-xxx → VER-REQ-xxx where the arrow should flow VER → target. Affected pairs include {{sub:SUB-REQ-007}} / {{sub:SUB-REQ-011}} / {{sub:SUB-REQ-014}} / {{sub:SUB-REQ-019}} / {{sub:SUB-REQ-020}} / {{sub:SUB-REQ-023}} and {{ifc:IFC-REQ-003}} / {{ifc:IFC-REQ-005}} / {{ifc:IFC-REQ-006}} / {{ifc:IFC-REQ-007}} / {{ifc:IFC-REQ-014}} / {{ifc:IFC-REQ-015}}. All 108 prior links had empty rationale.

STK→SYS rationale added (7 links): The most architecturally significant links now carry rationale explaining the genuine derivation:

• {{stk:STK-REQ-001}} → {{sys:SYS-REQ-001}}: operator display need drives 10-second start performance specification
• {{stk:STK-REQ-012}} → {{sys:SYS-REQ-004}}: stakeholder 0.975 reliability target flows directly into system probabilistic criterion
• {{stk:STK-REQ-016}} → {{sys:SYS-REQ-009}}: site 0.2g DBE operability requirement drives IEEE 344 seismic qualification
• {{stk:STK-REQ-015}} → {{sys:SYS-REQ-010}}: failure prevention need drives hardwired overspeed and over-temperature trip specification
• {{stk:STK-REQ-011}} → {{sys:SYS-REQ-003}}: deterministic safety case need drives load sequencer specification
• {{stk:STK-REQ-010}} → {{sys:SYS-REQ-012}}: ONR SAP EDG-2 separation requirement drives network isolation boundary
• {{stk:STK-REQ-005}} → {{sys:SYS-REQ-008}}: SBO procedure support need drives 7-day autonomous fuel inventory

New VER→SUB links (3 existing VER reqs linked to uncovered SUBs):

• {{ifc:IFC-REQ-011}} / {{sub:SUB-REQ-012}} / {{sub:SUB-REQ-013}} / {{sub:SUB-REQ-015}}: linked to VER-REQ-002, VER-REQ-011, VER-REQ-005 respectively with rationale confirming genuine coverage

Gap identified — residual: {{sys:SYS-REQ-011}} (fire detection/suppression building requirement) has no SUB child requirement. Fire suppression is a civil/site infrastructure system not decomposed into the EDG subsystem tree; this gap requires an architectural decision on whether to create a Building Services subsystem or treat fire suppression as a site-level interface.

Measures of Performance

MoP requirements reviewed: 23 (all quantified thresholds across STK, SYS, SUB, IFC).

Rationale citations improved on the four new VER requirements:

• REQ-SEEDGUKNUCLEAR-047 (GCB close-time test): MoP basis added — IEC 62271-100 (High-voltage alternating-current circuit-breakers) Class C2 mechanical operating time envelope for 6.6 kV vacuum circuit-breakers justifies the 100 ms threshold.
• REQ-SEEDGUKNUCLEAR-049 (generator trip test): MoP basis added — IEC 60255-151 (Measuring relays and protection equipment) ±5% timing tolerance and generator manufacturer demagnetisation time constant (100–300 ms) justify the 60 ms/200 ms thresholds.

Existing MoP rationale quality: adequate — IEC 60780, ONR SAP EKP.4, IEEE 344, IEC 60255 are cited across the safety-critical subsystem and interface requirements. No further updates were warranted within the session budget.

Diagrams

Diesel Engine Assembly internal decomposition:

flowchart TB
  n0["component - Diesel Engine Block and Crankcase"]
  n1["component - Diesel Fuel Injection System"]
  n2["component - Diesel Engine Turbocharger"]
  n3["component - Engine Governor and Speed Control Unit"]
  n4["component - Engine Protection Relay Package"]
  n5["component - Engine Exhaust System"]
  n6["component - Crankshaft and Flexible Shaft Coupling"]
  n1 -->|Metered high-pressure fuel| n0
  n2 -->|Charged combustion air| n0
  n0 -->|Exhaust gas to turbine| n2
  n0 -->|Post-turbine exhaust gases| n5
  n3 -->|Fuel rack position signal| n0
  n0 -->|Engine speed feedback| n3
  n4 -->|Protective trip signal| n0
  n0 -->|Reciprocating to rotary torque| n6

Statistics

• Requirements: 112 → 116 (4 new VER reqs created)
• Trace links: 108 → 115 (+7 new links)
• Average qaScore before: 92 (4 reqs at 71); after: all scored reqs ≥ 80, 4 previously 71 now 100
• Reversed trace links fixed: 12
• Orphan requirements: 0 (no change)
• Traceability — STK: 100%, SYS: 100%, SUB: 17/28 VER-covered → 21/28 (+4), IFC: 18/18
• New baseline: BL-SEEDGUKNUCLEAR-009 (REQS-ENG-2026-03-26)

Next

Four SUB requirements remain without VER coverage: {{sub:SUB-REQ-016}} (Starting Air Compressor recharge time), {{sub:SUB-REQ-017}} (Moisture Separator dewpoint), {{sub:SUB-REQ-018}} (Pressure Monitoring alarm path), and {{sub:SUB-REQ-022}} (Plant Communication Gateway data diode). The {{sys:SYS-REQ-011}} → SUB traceability gap (fire suppression building requirement) requires an architectural decision before VER coverage can be completed. Remaining 101 trace links (all linksets except the 7 updated) still carry empty rationale — a full rationale pass would require a dedicated session.