System

Emergency Diesel Generator for a UK Nuclear Licensed Site ({{entity:Emergency Diesel Generator for a UK Nuclear Licensed Site}}, project se-edg-uk-nuclear). Session 591 continues subsystem decomposition with four subsystems marked in-progress in the spec tree. Priority is safety-critical first: {{entity:Engine Cooling System}} (SIL 2) and {{entity:Fuel Oil System}} (SIL 2) are addressed this session. Both had components pre-classified in the substrate from a prior session but zero requirements. Project stands at 171 requirements and 158 trace links after this session.

Decomposition

Engine Cooling System decomposes into five components: {{entity:Engine Jacket Water Circuit}}, {{entity:Coolant Circulation Pump}}, {{entity:Radiator/Heat Exchanger}}, {{entity:Thermostatic Control Valve}}, and {{entity:Engine Pre-heat System}}. The architecture is a closed forced-circulation loop with thermostatically controlled radiator bypass, and a separate standby pre-heat circuit energised from the station UPS to maintain jacket water at ≥35°C during blackout. ARC-REQ-006 (prior session) captured the design rationale; no new ARC was needed.

flowchart TB
  n0["component - Engine Jacket Water Circuit"]
  n1["component - Radiator/Heat Exchanger"]
  n2["component - Coolant Circulation Pump"]
  n3["component - Thermostatic Control Valve"]
  n4["component - Engine Pre-heat System"]
  n2 -->|coolant flow| n0
  n0 -->|hot coolant return| n3
  n3 -->|coolant to cooler| n1
  n1 -->|cooled coolant| n2
  n4 -->|standby heat| n0

Fuel Oil System decomposes into: {{entity:Bulk Storage Tank}}, {{entity:Day Tank}}, {{entity:Fuel Transfer Pump}}, {{entity:Fuel Oil Strainer and Filter Assembly}}, and {{entity:Day Tank Level Control and Alarm}}. A new ARC-REQ-008 records the two-level gravity-feed architecture decision: the Day Tank at elevation provides engine fuel supply without a booster pump, eliminating a single-point failure in the supply path.

flowchart TB
  n0["component - Bulk Storage Tank"]
  n1["component - Day Tank"]
  n2["component - Fuel Transfer Pump"]
  n3["component - Fuel Oil Strainer and Filter Assembly"]
  n4["component - Day Tank Level Control and Alarm"]
  n0 -->|bulk fuel supply| n2
  n2 -->|filtered fuel| n3
  n4 -->|start/stop signal| n2
  n2 -->|fuel delivery| n1
  n3 -->|clean fuel to day tank| n1

Requirements

Engine Cooling System (SIL 2): {{sub:SUB-REQ-037}} through {{sub:SUB-REQ-043}} cover jacket water temperature band 75–85°C, standby pre-heat ≥35°C from UPS supply, heat rejection at 110% rated load at 35°C ambient, 200 ms cooling loss trip ({{sub:SUB-REQ-040}} — safe state), coolant pump flow at 150 L/min / 0.8 bar, thermostatic valve control within ±3°C of 80°C setpoint, and seismic survival of the pressure boundary at 0.25g PGA per BS EN 1998 (Eurocode 8 — Design of structures for earthquake resistance). Interface requirements {{ifc:IFC-REQ-022}} through {{ifc:IFC-REQ-025}} specify pump-circuit flow rates with cavitation margin, UPS-backed pre-heat standby interface, thermostat bypass characteristic with 5-second stroke limit, and the SIL 2 dual Pt100 signal plus fail-safe trip output to the I&C system.

Fuel Oil System (SIL 2): {{sub:SUB-REQ-044}} through {{sub:SUB-REQ-050}} cover fuel delivery at 0.3–0.7 bar, bulk tank 110% of 7-day inventory with high/low alarms, Day Tank 4-hour autonomy with 60-minute low alarm, filter cleanliness ISO 4406 ≤16/13/10, automatic transfer pump with 30-minute refill, low-fuel safe-state hardwired trip ({{sub:SUB-REQ-049}}), and ATEX Zone 2 / double-bund containment. Interface requirements {{ifc:IFC-REQ-026}} through {{ifc:IFC-REQ-028}} address transfer rate (50 L/min), fuel temperature at engine inlet (10–40°C for viscosity control), and filter bypass valve set-point relationship with the differential pressure alarm.

Trace links from {{sys:SYS-REQ-001}}, {{sys:SYS-REQ-005}}, {{sys:SYS-REQ-008}}, and {{sys:SYS-REQ-010}} to all key SUB and IFC requirements are established. All 30 requirements created this session have rationale. Eight verification entries were created as REQ-SEEDGUKNUCLEAR-NNN refs because the verification-plan document has no sections; these cannot carry trace links until the section is recreated in a QC session.

Analysis

The {{trait:Biological/Biomimetic}} trait on the {{entity:Engine Cooling System}} (hex {{hex:57D73010}}) is ontologically accurate — closed-loop thermostatically regulated cooling is a structural analogue to mammalian thermoregulation. This trait also appears on the {{entity:Bulk Storage Tank}} ({{hex:CE840018}}), which is unexpected for an inert fuel vessel; this warrants reclassification in a future QC session.

The pre-heat circuit’s dependency on the station UPS introduces a coupling between the EDG (a standby safety system) and the UPS (part of the station electrical distribution). If both fail simultaneously — plausible in a total station blackout — the EDG starts cold. The 35°C threshold at -10°C ambient gives a start margin, but the dependency is worth flagging in the safety case.

Next

Remaining in-progress subsystems: {{entity:Lubrication Oil System}} (SIL 0) and {{entity:Synchronous Generator}} (SIL 0). Both have components classified and diagrams created. A QC session is needed to recreate the verification-plan section, reassign the eight REQ-SEEDGUKNUCLEAR-NNN VER entries to proper VER-REQ-NNN refs, and establish their trace links. {{entity:Bulk Storage Tank}} reclassification ({{trait:Biological/Biomimetic}} anomaly) can be done in the same QC pass.