Verification Plan (SVP) — ISO/IEC/IEEE 15289 — Plan | IEEE 29148 §6.6
Generated 2026-03-27 — UHT Journal / universalhex.org
| Ref | Requirement | Method | Tags |
|---|---|---|---|
| VER-METHODS-001 | Verify IFC-DEFS-001: Measure PROFINET IRT cycle time under full operational load with 6 cranes running simultaneous dual-command cycles. Pass criteria: cycle time 1 ms or less, no frame drops over 24-hour continuous test, PROFIsafe safety telegram verified on all channels. Rationale: PROFINET IRT timing under full load validates that real-time crane coordination is maintained when all 6 aisles operate concurrently. Unloaded network testing would not reveal timing degradation from traffic contention. | Test | verification, asrs, session-243 |
| VER-METHODS-002 | Verify IFC-DEFS-002: Issue 1,200 storage/retrieval commands per hour via OPC UA interface and confirm all location confirmations are received within 500 ms publish interval. Pass criteria: zero lost commands over 8-hour test, all confirmations received. Rationale: OPC UA interface test at rated throughput verifies the WMS-to-AS/RS command path handles the full 1,200 commands/hr without message loss or latency drift, which would cause missed storage confirmations and inventory position errors. | Test | verification, asrs, session-243 |
| VER-METHODS-003 | Verify IFC-DEFS-003: Run 200 totes per hour through each I/O station for 4 hours. Pass criteria: all totes transferred without jam, all barcodes read successfully at transfer point, no totes lost between AS/RS and material handling conveyor. Rationale: 4-hour endurance test at rated tote rate catches intermittent mechanical jams and barcode read degradation that short-duration tests would miss. Transfer reliability must be demonstrated over multiple shift cycles. | Test | verification, asrs, session-243 |
| VER-METHODS-004 | Verify IFC-DEFS-004: Record position data stream during crane travel at maximum rated speed. Pass criteria: update rate 100 Hz or higher measured over 1,000 consecutive samples, maximum latency 5 ms confirmed via timestamped capture, position accuracy within 2 mm against laser reference. Rationale: Position data stream verification at maximum rated speed confirms the sensing system provides usable position feedback under worst-case dynamics. Lower-speed testing would not reveal encoder signal quality issues at full velocity. | Test | verification, asrs, session-243 |
| VER-METHODS-005 | Verify SUB-REQS-001: Run each crane for 8 continuous hours with randomised dual-command cycle requests at rated frequency. Pass criteria: minimum 200 completed dual-command cycles per hour sustained across the test period with 50 kg totes. Rationale: 8-hour continuous run with randomised requests validates sustained throughput under realistic operational patterns, catching thermal derating and mechanical wear effects that short tests would miss. | Test | verification, asrs, session-243 |
| VER-METHODS-006 | Verify IFC-DEFS-005: Deploy 80 AMR simulators transmitting pose messages at 10 Hz and path command responses. Measure end-to-end message latency and throughput on the production WiFi network. Pass criteria: 99.9 percent of pose messages delivered within 10 ms RTT, zero path command losses over 1-hour test, message size not exceeding 512 bytes. Rationale: 80 simulators represent full fleet load. Testing with fewer units would not stress WiFi infrastructure or fleet management server path planner under realistic concurrent message volumes. | Test | verification, amr-fleet, session-244 |
| VER-METHODS-007 | Verify IFC-DEFS-006: Inject fault conditions on the EtherCAT FSoE safety bus including cable disconnect, message corruption, and timing violation. Measure STO activation time from fault injection. Pass criteria: STO activates within 12 ms of communication loss in all test cases, safety cycle time measured at 4 ms or less, and system enters safe state for all injected faults. Rationale: Safety bus verification requires active fault injection per IEC 61508 verification methodology. Passive monitoring cannot confirm STO activation timing under failure conditions. | Test | verification, amr-fleet, safety, session-244 |
| VER-METHODS-008 | Verify IFC-DEFS-007: Dock an AMR at 10 different I/O transfer stations and perform 100 load/unload cycles per station with totes at 5 kg, 20 kg, and 35 kg. Measure roller height alignment, transfer time, and handshake completion. Pass criteria: roller heights within 5 mm, all transfers complete within 3 seconds, zero tote ejections or failed handshakes across 1,000 cycles. Rationale: 10 stations times 100 cycles times 3 weight classes equals 3000 transfers, providing greater than 99 percent statistical confidence that alignment and timing tolerances are met across the full range of station-to-station variation. | Test | verification, amr-fleet, session-244 |
| VER-METHODS-009 | Verify IFC-DEFS-008: Submit 500 transport orders per hour via REST API from WMS test harness with varied priority levels and deadline timestamps. Measure acknowledgement latency and completion report delay. Pass criteria: all acknowledgements within 200 ms, all completion reports within 5 seconds of simulated event, correct JSON payload schema for all messages. Rationale: 500 orders per hour at varied priority levels exercises the REST API under peak load conditions matching the system throughput requirement. Priority mixing tests the servers ability to maintain latency guarantees under contention. | Test | verification, amr-fleet, session-244 |
| VER-METHODS-010 | Verify IFC-DEFS-009: Operate 10 AMRs through full charge-discharge-charge cycles while monitoring BMS data feed. Measure SoC reporting resolution, runtime estimate accuracy, and charging station occupancy update rate. Pass criteria: SoC values reported at 1 percent resolution at 1 Hz, runtime estimates within 10 percent of actual, station occupancy updates within 1 second of state change. Rationale: Full charge-discharge-charge cycle testing on 10 AMRs captures BMS reporting accuracy across the entire SoC curve, including known nonlinearities in lithium battery voltage-to-SoC mapping at extreme states below 10 percent and above 90 percent SoC. | Test | verification, amr-fleet, session-244 |
| VER-METHODS-011 | Verify IFC-DEFS-010: Load test the Order Processing Engine to Inventory Database interface by submitting 500 concurrent batch reservation requests of 200 SKU-location pairs each. Pass criteria: 100% of requests return within 500ms, all successful reservations are atomically committed (no partial reservations visible), and partial-failure responses correctly identify which SKU-locations could not be reserved. Rationale: 500 concurrent batch requests of 200 pairs each stress-tests database locking and transaction isolation. A single wave may trigger multiple concurrent reservations from parallel order streams during peak periods. | Test | verification, wms, session-245 |
| VER-METHODS-012 | Verify IFC-DEFS-011: Inject 1,000 pick wave messages into the Order Processing Engine to Task Allocation queue, including deliberate consumer failures after 200 messages. Pass criteria: all 1,000 messages are eventually delivered (at-least-once), no duplicate task creation on the consumer side, and message payloads match the transmitted wave ID, task list, and SKU-location data. Rationale: Consumer failure after 200 of 1000 messages tests message persistence and redelivery guarantees under the most common failure mode: consumer crash during processing, which if not handled causes message loss in the pick wave pipeline. | Test | verification, wms, session-245 |
| VER-METHODS-013 | Verify IFC-DEFS-012: Execute 500 task dispatch cycles from Task Allocation to Fleet Management Server, measuring round-trip acknowledgment time. Inject 10% simulated fleet-side timeouts. Pass criteria: 100% of successful dispatches acknowledged within 2 seconds, timed-out tasks trigger re-dispatch within 30 seconds, and task payloads contain all required fields (source, destination, tote ID, priority, deadline). Rationale: 10 percent simulated timeout rate represents a pessimistic fleet failure scenario. 500 cycles provides sufficient statistical confidence to verify acknowledgment latency distribution under both normal and degraded fleet conditions. | Test | verification, wms, session-245 |
| VER-METHODS-014 | Verify IFC-DEFS-013: Establish OPC UA session between Task Allocation Engine and AS/RS Control System test harness. Issue 1,000 storage/retrieval commands at 20 commands/second sustained rate for 50 seconds. Pass criteria: all commands acknowledged within 500ms, completion confirmations received for all commands, and no OPC UA session drops during the test. Rationale: 20 commands per second for 50 seconds represents peak AS/RS utilization during high-throughput wave processing. This rate stresses the OPC UA sessions ability to maintain command ordering and completion confirmation under sustained load. | Test | verification, wms, session-245 |
| VER-METHODS-015 | Verify IFC-DEFS-014: Submit 200 order messages through the ERP Gateway including 20 deliberately malformed messages (missing required fields, invalid data types, schema version mismatches). Pass criteria: 180 valid messages delivered to Order Processing Engine queue with correct schema, all 20 malformed messages routed to dead-letter queue with validation error reports identifying the specific schema violation. Rationale: 10 percent deliberate malformation rate tests the gateway schema validation boundary. In production, ERP schema drift after upgrades is the primary source of invalid messages, and the gateway must reject them cleanly without affecting valid order flow. | Test | verification, wms, session-245 |
| VER-METHODS-016 | Verify IFC-DEFS-015: Trigger 5000 barcode scans at conveyor speeds of 1.0 and 1.5 m/s, measuring time from scanner trigger to Profinet IO output at the divert PLC input. Pass criteria: 100 percent of identification results delivered within 50ms, Profinet cycle time consistently at 1ms. Rationale: Barcode scan latency testing at both conveyor speeds validates that the scanner trigger-to-output timing remains within the PLC scan cycle budget. Speed-dependent read failures would cause tote misrouting. | Test | verification, conveyor, session-246 |
| VER-METHODS-017 | Verify IFC-DEFS-016: Subscribe to OPC UA conveyor status from PLC gateway for 24 continuous hours during peak and off-peak operation. Measure update interval consistency and data completeness. Pass criteria: 99.9 percent of updates received within 1.1 seconds of expected time, all zone status fields populated with valid values. Rationale: 24-hour OPC UA subscription test covers both peak and off-peak network conditions, verifying that conveyor status updates are not lost during traffic bursts or delayed during low-activity periods when keepalive timing matters. | Test | verification, conveyor, session-246 |
| VER-METHODS-018 | Verify IFC-DEFS-017: Perform 200 VRC load/unload cycles at each mezzanine level, measuring roller height alignment with laser level gauge and verifying PLC interlock by attempting simultaneous load during active lift. Pass criteria: roller height within 750mm plus or minus 5mm at all measurement points, interlock prevents all simultaneous load attempts. Rationale: VRC roller height alignment verification with laser level gauge confirms mechanical precision that prevents tote tilting during transfer. Misalignment causes conveyor jams at the VRC interface that cascade into upstream conveyor stoppages. | Test | verification, conveyor, safety, session-246 |
| VER-METHODS-019 | Verify IFC-DEFS-018: Inject a test tote image with 5 known items into the Vision system and measure IPC message delivery latency to the Pick Planning module. Pass criteria: all 5 items produce grasp pose lists with correct 6-DoF format, confidence scores, and gripper mode within 5ms IPC latency. Repeat for 100 consecutive totes with zero message drops. Rationale: IPC message delivery latency from Vision to Pick Planning directly affects pick cycle time. Testing with known items validates both image processing time and inter-process communication overhead under controlled conditions. | Test | verification, robotic-picking, session-247 |
| VER-METHODS-020 | Verify IFC-DEFS-019: With the robot arm in operational mode, command 1000 consecutive pick-and-place trajectories via EtherCAT and measure cycle time jitter, PDO delivery rate, and command-to-motion latency. Pass criteria: cycle time jitter less than 50 microseconds, zero PDO drops over 1000 cycles, command-to-first-motion latency under 5ms. Rationale: 1000 consecutive EtherCAT pick trajectories validates both cycle time consistency and drive controller reliability. EtherCAT jitter or dropped frames would cause pick position errors that degrade grasp success rate. | Test | verification, robotic-picking, session-247 |
| VER-METHODS-021 | Verify IFC-DEFS-020: Submit 500 pick task requests from the Task Allocation Engine to the Pick Planning Module at varying priority levels. Pass criteria: 100% acknowledgement rate within 500ms, correct deserialization of all message fields, priority ordering respected in pick sequence output. Rationale: Priority-level testing validates that the task allocation engine correctly sequences urgent picks ahead of standard picks without starving lower-priority tasks, ensuring order SLA compliance. | Test | verification, robotic-picking, session-247 |
| VER-METHODS-022 | Verify IFC-DEFS-021: Inspect mechanical flange dimensions against ISO 9409-1 drawing. Verify pneumatic pass-through flow rate at 6 bar supply. Measure force-torque sensor data rate on the 24-pin connector. Pass criteria: flange dimensions within ISO tolerance, pneumatic flow sustains 50kPa vacuum at 20 L/min, force-torque data at 1kHz with no dropped samples over 60-second test. Rationale: Mechanical flange inspection per ISO 9409-1 validates physical interchangeability of the end-effector. Pneumatic and electrical pass-through verification ensures the gripper system receives adequate supply pressure and control signals through the tool changer interface. | Inspection | verification, robotic-picking, session-247 |
| VER-METHODS-023 | Verify IFC-DEFS-022: Cycle 200 totes through the pick cell entry and exit ports. Measure photoelectric sensor detection reliability, PROFINET handshake latency, and tote positioning accuracy. Pass criteria: 100% sensor detection, handshake latency under 100ms for all 200 cycles, tote centered within 5mm at pick position. Rationale: 200-tote cycling validates the pick cell conveyor interface reliability under sustained load. Photoelectric sensor detection and PROFINET handshake timing must be confirmed together as they form the tote-present detection chain. | Test | verification, robotic-picking, session-247 |
| VER-METHODS-024 | Verify IFC-DEFS-023: Trigger each safety device (2 e-stops, 2 light curtains, 1 door interlock) individually while robot is in motion. Measure STO activation time and verify dual-channel monitoring detects single-channel faults. Pass criteria: STO within 50ms for all 5 devices, single-channel fault detected within 100ms diagnostic cycle, no spurious triggers over 100 test cycles. Rationale: Individual safety device triggering while the robot is in motion is the most demanding test condition for STO response time. Each device must independently achieve the required response time per ISO 10218-2. | Test | verification, robotic-picking, safety, session-247 |
| VER-METHODS-025 | Verify IFC-DEFS-024: Inject simulated fire alarm events at each detector address on the fire alarm loop. Measure time from detector activation to BMS alarm display. Pass criteria: alarm event with correct zone and detector ID received at BMS within 1 second for all detector addresses. Rationale: Injecting simulated fire alarms at each detector address verifies the full addressable loop path from detector to BMS. Response time measurement confirms that the fire alarm integration meets the EN 54 notification timeline. | Test | verification, bms, session-248 |
| VER-METHODS-026 | Verify IFC-DEFS-025: Trigger confirmed fire alarm and measure time from fire-confirmed relay state change to PA voice alarm initiation and emergency lighting activation. Verify relay operates fail-safe (alarm on wire break). Pass criteria: evacuation sequence initiates within 3 seconds, relay fails to alarm state on open circuit. Rationale: Testing the fire-confirmed relay to PA voice alarm chain validates the critical safety timeline from detection confirmation to building-wide notification. This is the life-safety-critical path that must meet EN 54-16 notification timing. | Test | verification, bms, session-248 |
| VER-METHODS-027 | Verify IFC-DEFS-026: Configure BACnet/IP monitoring between HVAC controllers and BMS. Verify sensor data transmission at 30-second intervals across all monitoring points. Issue damper close command and measure acknowledgment time. Pass criteria: all data points received within polling interval, damper acknowledgment within 2 seconds. Rationale: BACnet/IP interval verification across all monitored zones confirms that HVAC sensor data reaches the BMS at the required 30-second update rate. Missing or delayed updates could mask temperature excursions in chilled storage zones. | Test | verification, bms, session-248 |
| VER-METHODS-028 | Verify IFC-DEFS-027: Simulate zone status changes (normal to evacuating, normal to maintenance) at the BMS controller. Monitor WMS REST API endpoint for zone status update. Pass criteria: WMS receives correct zone status within 5 seconds, WMS suspends task dispatch to affected zone. Rationale: BMS-to-WMS zone status integration test validates that equipment shutdown commands are coordinated with warehouse operations. Without this verification, an evacuation event could leave AMRs running in evacuated zones. | Test | verification, bms, session-248 |
| VER-METHODS-029 | Verify IFC-DEFS-028: Activate evacuation signal and measure time for all electromagnetic door locks to release. Test fail-safe by removing power to lock controller. Pass criteria: all locks release within 1 second of evacuation signal, locks release on power removal. Rationale: Electromagnetic door lock release on evacuation signal is a life-safety function. Fail-safe testing by power removal confirms that locks default to the unlocked (safe) state per EN 13637, preventing personnel entrapment during power failures. | Test | verification, bms, session-248 |
| VER-METHODS-030 | Verify IFC-DEFS-029: Activate evacuation signal with lighting in dimmed/off state. Measure time from evacuation signal to full brightness at all fixture zones. Verify override bypasses DALI controller failure. Pass criteria: full brightness within 500ms, override functions with DALI bus disconnected. Rationale: Emergency lighting activation timing test confirms that evacuating personnel have adequate illumination within the required timeframe. Testing from the dimmed/off state validates the worst-case activation scenario. | Test | verification, bms, session-248 |
| VER-METHODS-031 | Verify IFC-DEFS-030: Present totes with known order contents at packing station conveyor interface. Measure transfer time from tote arrival to content extraction start. Verify barcode scan handshake rejects tote with mismatched order ID. Pass criteria: transfer within 5 seconds, mismatched tote rejected. Rationale: Tote-to-packing-station transfer test with known contents validates the physical handoff mechanism and WMS pick list data correlation. Transfer timing confirms the packing station is not starved or overwhelmed. | Test | verification, packing, session-248 |
| VER-METHODS-032 | Verify IFC-DEFS-031: Induct test cartons at sorter speed with known barcodes. Measure WMS response time to barcode scan event. Verify correct lane assignment for all carrier codes. Test missed-response handling by delaying WMS reply beyond 200ms. Pass criteria: WMS responds within 200ms, correct lane for all test cartons, recirculation on timeout. Rationale: Sorter lane assignment test at rated speed validates the end-to-end sortation path from barcode scan to divert actuation. WMS response time measurement confirms that lane assignment decisions arrive before the carton passes the divert point. | Test | verification, packing, session-248 |
| VER-METHODS-033 | Verify IFC-DEFS-032: Complete trailer loading and trigger departure event. Verify EDI 856 ASN is transmitted to carrier endpoint within 60 seconds. Validate ASN content matches physical manifest (carton count, weight, destination). Verify EDI 214 schedule receipt updates dock assignment display. Pass criteria: ASN within 60s, content match, schedule displayed. Rationale: EDI 856 ASN transmission within 60 seconds of departure validates carrier notification compliance. Late or malformed ASNs cause carrier receiving failures and delivery tracking gaps. | Test | verification, packing, session-248 |
| VER-METHODS-034 | Verify IFC-DEFS-033: Scan test items with known barcodes against a populated PO in WMS. Verify Inventory Database records receipt within 200ms. Confirm stock quantity increments match scanned count. Test with unknown barcode to verify rejection handling. Pass criteria: receipt confirmed within 200ms, stock count correct, unknown item rejected with alert. Rationale: Barcode-to-inventory-receipt pipeline test at 200ms validates the real-time inventory accuracy that downstream put-away assignment depends on. PO matching confirms received goods are linked to the correct purchase order. | Test | verification, receiving, session-248 |
| VER-METHODS-035 | Verify IFC-DEFS-034: Generate put-away assignment for test tote. Verify routing instruction reaches Conveyor PLC within 100ms. Track tote through junction divert points to confirm correct destination AS/RS aisle. Test with invalid destination to verify error handling. Pass criteria: instruction within 100ms, correct aisle arrival, error flagged for invalid destination. Rationale: Put-away routing instruction delivery within 100ms to the Conveyor PLC validates that tote routing decisions are made before the tote reaches the next junction point. Junction tracking confirms the tote follows the assigned path. | Test | verification, receiving, session-248 |
| VER-METHODS-036 | Verify IFC-DEFS-035: Send test EDI 856 ASN to ERP Gateway. Verify dock check-in kiosk displays pre-populated PO lines matching ASN content. Test with mismatched trailer ID to verify discrepancy alert. Pass criteria: PO lines pre-populated within 3 seconds of ASN receipt, mismatch flagged with operator alert. Rationale: EDI ASN to dock kiosk integration test validates the inbound receiving workflow from carrier notification to PO line display. Testing with valid and invalid ASN data confirms error handling for supplier data quality issues. | Test | verification, receiving, session-248 |
| VER-METHODS-040 | Verify IFC-036: Perform penetration test from a simulated compromised ERP endpoint attempting to reach OT controllers. Pass criteria: no direct TCP connection possible from ERP VLAN to OT control VLAN; all cross-zone traffic traverses DMZ firewall; all connection attempts logged to SIEM within 5 seconds; malformed OPC UA and REST payloads rejected at application layer. | Test | verification, cybersecurity, validation, session-250 |
| VER-METHODS-041 | Verify SYS-017: Simulate mains power loss while system operates at rated throughput. Pass criteria: UPS transfers load within 10ms (no equipment fault); safety systems (fire detection, e-stop, access control) remain powered throughout 15-minute test; WMS completes all in-flight database transactions; AS/RS cranes park within 5 minutes; no data corruption detected in post-test database integrity check. | Test | verification, power, validation, session-250 |
| VER-METHODS-042 | Verify SYS-018: Terminate the primary Inventory Database server during sustained 50,000 lines/hr throughput. Pass criteria: hot standby assumes primary role within 30 seconds; no order processing interruption exceeding 30 seconds; post-failover inventory audit shows zero location discrepancies; incremental backup taken within 15 minutes of failover is restorable to a clean database with all transactions intact. | Test | verification, data-resilience, validation, session-250 |
| VER-METHODS-043 | Verify IFC-036: Perform penetration test from a simulated compromised ERP endpoint attempting to reach OT controllers. Pass criteria: no direct TCP connection possible from ERP VLAN to OT control VLAN; all cross-zone traffic traverses DMZ firewall; all connection attempts logged to SIEM within 5 seconds; malformed OPC UA and REST payloads rejected at application layer. | Test | verification, cybersecurity, validation, session-250 |
| VER-METHODS-044 | Verify SYS-017: Simulate mains power loss while system operates at rated throughput. Pass criteria: UPS transfers load within 10ms (no equipment fault); safety systems (fire detection, e-stop, access control) remain powered throughout 15-minute test; WMS completes all in-flight database transactions; AS/RS cranes park within 5 minutes; no data corruption detected in post-test database integrity check. | Test | verification, power, validation, session-250 |
| VER-METHODS-045 | Verify SYS-018: Terminate the primary Inventory Database server during sustained 50,000 lines/hr throughput. Pass criteria: hot standby assumes primary role within 30 seconds; no order processing interruption exceeding 30 seconds; post-failover inventory audit shows zero location discrepancies; incremental backup taken within 15 minutes of failover is restorable to a clean database with all transactions intact. | Test | verification, data-resilience, validation, session-250 |
| Requirement | Verified By | Description |
|---|---|---|
| SYS-018 | VER-039 | |
| SYS-017 | VER-038 | |
| IFC-036 | VER-037 | |
| IFC-DEFS-035 | VER-METHODS-036 | |
| IFC-DEFS-034 | VER-METHODS-035 | |
| IFC-DEFS-033 | VER-METHODS-034 | |
| IFC-DEFS-032 | VER-METHODS-033 | |
| IFC-DEFS-031 | VER-METHODS-032 | |
| IFC-DEFS-030 | VER-METHODS-031 | |
| IFC-DEFS-029 | VER-METHODS-030 | |
| IFC-DEFS-028 | VER-METHODS-029 | |
| IFC-DEFS-027 | VER-METHODS-028 | |
| IFC-DEFS-026 | VER-METHODS-027 | |
| IFC-DEFS-025 | VER-METHODS-026 | |
| IFC-DEFS-024 | VER-METHODS-025 | |
| IFC-DEFS-023 | VER-METHODS-024 | |
| IFC-DEFS-022 | VER-METHODS-023 | |
| IFC-DEFS-021 | VER-METHODS-022 | |
| IFC-DEFS-020 | VER-METHODS-021 | |
| IFC-DEFS-019 | VER-METHODS-020 | |
| IFC-DEFS-018 | VER-METHODS-019 | |
| IFC-DEFS-017 | VER-METHODS-018 | |
| IFC-DEFS-016 | VER-METHODS-017 | |
| IFC-DEFS-015 | VER-METHODS-016 | |
| IFC-DEFS-014 | VER-METHODS-015 | |
| IFC-DEFS-013 | VER-METHODS-014 | |
| IFC-DEFS-012 | VER-METHODS-013 | |
| IFC-DEFS-011 | VER-METHODS-012 | |
| IFC-DEFS-010 | VER-METHODS-011 | |
| IFC-DEFS-009 | VER-METHODS-010 | |
| IFC-DEFS-008 | VER-METHODS-009 | |
| IFC-DEFS-007 | VER-METHODS-008 | |
| IFC-DEFS-006 | VER-METHODS-007 | |
| IFC-DEFS-005 | VER-METHODS-006 | |
| IFC-DEFS-004 | VER-METHODS-004 | |
| IFC-DEFS-003 | VER-METHODS-003 | |
| IFC-DEFS-002 | VER-METHODS-002 | |
| IFC-DEFS-001 | VER-METHODS-001 | |
| SUB-REQS-001 | VER-METHODS-005 |
| Ref | Document | Requirement |
|---|---|---|
| IFC-DEFS-037 | interface-requirements | The interface between the ERP and External Integration Gateway and all OT subsystem controllers (AS/RS Control System, C... |
| IFC-DEFS-038 | interface-requirements | The interface between the ERP and External Integration Gateway and all OT subsystem controllers (AS/RS Control System, C... |
| SYS-REQS-020 | system-requirements | The Automated Warehouse SHALL implement network segmentation between IT and OT zones in accordance with IEC 62443-3-3 Se... |
| SYS-REQS-021 | system-requirements | The Automated Warehouse SHALL maintain uninterruptible power to all safety systems, WMS servers, and AS/RS control syste... |
| SYS-REQS-022 | system-requirements | The Warehouse Management System SHALL maintain a hot standby replica of the Inventory Database with synchronous replicat... |
| SYS-REQS-023 | system-requirements | The Automated Warehouse SHALL implement network segmentation between IT and OT zones in accordance with IEC 62443-3-3 Se... |
| SYS-REQS-024 | system-requirements | The Automated Warehouse SHALL maintain uninterruptible power to all safety systems, WMS servers, and AS/RS control syste... |
| SYS-REQS-025 | system-requirements | The Warehouse Management System SHALL maintain a hot standby replica of the Inventory Database with synchronous replicat... |
| VER-METHODS-040 | verification-plan | Verify IFC-036: Perform penetration test from a simulated compromised ERP endpoint attempting to reach OT controllers. P... |
| VER-METHODS-041 | verification-plan | Verify SYS-017: Simulate mains power loss while system operates at rated throughput. Pass criteria: UPS transfers load w... |
| VER-METHODS-042 | verification-plan | Verify SYS-018: Terminate the primary Inventory Database server during sustained 50,000 lines/hr throughput. Pass criter... |
| VER-METHODS-043 | verification-plan | Verify IFC-036: Perform penetration test from a simulated compromised ERP endpoint attempting to reach OT controllers. P... |
| VER-METHODS-044 | verification-plan | Verify SYS-017: Simulate mains power loss while system operates at rated throughput. Pass criteria: UPS transfers load w... |
| VER-METHODS-045 | verification-plan | Verify SYS-018: Terminate the primary Inventory Database server during sustained 50,000 lines/hr throughput. Pass criter... |