Architectural Contracts ----------------------- The interaction between the Health Evaluation Model and ``HealthDiagnostics`` is governed by a clear input/output contract. Evaluation Model Responsibilities ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The Health Evaluation Model guarantees that: - The aggregated ``HealthState`` is fully determined before diagnostics generation. - Any forced operational condition is explicitly represented in the evaluation result. - Contextual information required for explanation is provided in a structured form. - No partial or transitional states are exposed. The model remains the single authoritative source of truth for the system health classification. Diagnostics Responsibilities ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ``HealthDiagnostics`` guarantees that: - It does not modify or reinterpret the aggregated ``HealthState``. - It generates explanatory messages consistent with the evaluation result. - Forced conditions take precedence over snapshot-derived explanations. - Output messages are deterministic and derived solely from the provided inputs. Boundary Conditions ^^^^^^^^^^^^^^^^^^^ - Diagnostics must not trigger re-evaluation of health. - Evaluation must not depend on diagnostic formatting rules. - Timing and supervision logic remain external to both components. HealthInfo Publication Contract ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The publication of the ``HealthInfo`` attribute follows these guarantees: - Forwarded subsystem ``HealthInfo`` change events are buffered. - For each subscribed subsystem source, only the latest received payload is retained until the next evaluation cycle. - Forwarded updates are merged together with locally generated diagnostics during evaluation. - At most one aggregated ``HealthInfo`` attribute update is emitted per evaluation cycle (subject to change detection). - No redundant publication occurs if the aggregated content is unchanged. This contract ensures that multiple subsystem diagnostic updates occurring in rapid succession are coalesced by the supervision debounce mechanism and do not produce excessive parent-level ``HealthInfo`` events, while preserving deterministic and snapshot-consistent behaviour.