System

{{entity:Remote Weapon Station (RWS)}} ({{hex:DEF53059}}), a stabilised weapon platform for armoured vehicles providing under-armour engagement capability. The concept phase established the foundational engineering record in a prior session — mission statement, 7 hazards (H-001 through H-007), 5 ConOps scenarios, 6 stakeholders, 4 external interfaces, and 5 operating environment constraints. However, the quality gate for concept-defined was blocked: operating modes had been classified as UHT entities but the HAS_MODE facts linking them to the system were never stored.

ConOps

Eight operating modes now define the RWS lifecycle. The mode state machine follows a strict safe-by-default philosophy — every transition toward a more dangerous state requires deliberate operator action, while every fault condition drives toward the safe state.

The two modes added this session fill gaps identified in the prior concept work. {{entity:Initialization/BIT mode of RWS}} ({{hex:51F53A00}}) gates all operational transitions behind a comprehensive self-test — servo encoder calibration, sensor health, FCS computation check, safety interlock verification, and LRF internal reference. BIT duration is temperature-dependent (30–90s). No transition to Surveillance is permitted until safety-critical checks pass. {{entity:Boresight/Calibration mode of RWS}} handles sensor-to-weapon alignment after maintenance or barrel changes, triggered automatically when BIT detects misalignment exceeding 0.5 mrad.

Cross-domain search for the Emergency Stop mode surfaced {{entity:Emergency Stop mode of Pharmaceutical Manufacturing Line}} — both share the pattern of immediate actuator de-energisation with mechanical braking, and a deliberate reset sequence preventing inadvertent restart. The {{entity:PAT Sensor Drift Degraded Operation Scenario}} from precision approach radar provides a useful analog for the RWS {{entity:Degraded Operation mode of RWS}} ({{hex:00B47200}}), where sensor degradation must be detected, annunciated, and compensated without losing the engagement capability entirely.

Hazard Register

Seven hazards established in the prior session remain unchanged:

ID	Description	Severity	SIL	Safe State
H-001	Uncommanded weapon discharge	Catastrophic	3	Firing circuit interrupted, weapon safed
H-002	Uncommanded turret motion	Critical	2	Drive power removed, brake engaged
H-003	Failure to transition to safe state	Catastrophic	3	Redundant safe-state path
H-004	Friendly fire from misidentification	Catastrophic	2	Operator confirmation gate
H-005	Ammunition cookoff from thermal exposure	Catastrophic	2	Thermal monitoring, auto-safe
H-006	Loss of operator control while armed	Critical	2	Auto-safe on link loss
H-007	Software fault causing uncommanded fire	Catastrophic	3	Independent safety monitor

The mode definitions now explicitly reference these hazards — Emergency Stop addresses H-001, H-002, H-003, and H-006 directly.

Stakeholders

Six stakeholders identified: {{entity:Vehicle Commander (RWS Operator)}}, {{entity:Tactical Commander (Platoon/Company)}}, {{entity:Vehicle Crew (Driver and Loader)}}, {{entity:Dismounted Infantry operating near RWS vehicle}}, {{entity:Weapons System Maintainer}}, and {{entity:RWS System Integrator (OEM)}}. The Boresight/Calibration mode particularly serves the Maintainer’s workflow — post-barrel-change alignment is a safety-critical maintenance task.

Operating Environment

Per MIL-STD-810H: -46°C to +71°C operating, MIL-STD-461G EMC, IP67 turret assembly. Vibration profiles for both wheeled (Cat 4) and tracked (Cat 8) vehicles at 5–500Hz. These constraints directly affect BIT thresholds — servo torque limits and sensor warmup times are temperature-dependent.

External Interfaces

flowchart TB
  n0["Remote Weapon Station (RWS)"]
  n1["Vehicle Commander"]
  n2["Dismounted Infantry"]
  n3["Host Vehicle Platform"]
  n4["Tactical Data Link"]
  n5["Ammunition Supply"]
  n6["GPS/Navigation"]
  n7["Weapons Maintainer"]
  n1 -->|Commands, target designation| n0
  n0 -->|Sensor video, weapon status, BIT| n1
  n3 -->|28VDC power, CAN-bus, mounting| n0
  n0 -->|Sensor imagery, engagement data| n4
  n4 -->|Target handoff, BFT, ROE| n0
  n5 -->|Belted ammunition feed| n0
  n6 -->|Position, heading| n0
  n7 -->|Maintenance, diagnostics| n0
  n0 -->|Fire support, hazard zone| n2

Next

The scaffold session should derive stakeholder requirements from the 5 ConOps scenarios, then system requirements from those. Priority: weapon safety requirements driven by H-001 and H-003 (SIL 3), then sensor subsystem requirements for the engagement and degraded-mode scenarios. The 8 operating modes provide a complete state machine for mode-driven requirements using the EARS “While ” pattern.