CSP.LMC Observation Supervisor

The CSP.LMC Observation Supervisor specializes the generic supervision mechanism by integrating CSP.LMC-specific state models, subsystem snapshots, and consistency policies.

While the generic supervisor controls when evaluations occur, this component defines what is evaluated and how the resulting observing state is applied to the CSP Subarray.

Role in the architecture

The CSP.LMC Supervisor acts as the bridge between raw subsystem state updates and the CSP.LMC observing state model.

It combines:

  • a coherent snapshot of subsystem observing states,

  • domain-specific consistency rules,

  • command-aware evaluation context when needed,

  • and the CSP.LMC observing state model responsible for publication.

This allows CSP.LMC to reason about system-wide observing state transitions using complete and consistent information.

When subsystem convergence is still in progress, the supervisor may keep the evaluation cycle open for a bounded reconciliation window instead of concluding immediately.

Subsystem snapshot evaluation

Before each evaluation, the supervisor takes an atomic snapshot of the latest known observing state of all relevant subsystems.

This snapshot represents a coherent view of the system at a specific point in time and is used as the sole input to the consistency policy.

Evaluating against a snapshot avoids decisions based on partial updates or transient ordering effects caused by asynchronous event delivery.

If the resulting snapshot is not yet sufficient for a final decision, the supervisor may wait for further subsystem convergence and evaluate again within the same bounded supervision cycle.

Consistency, waiting, and fault handling

At each evaluation, the supervisor delegates the interpretation of the current system snapshot to the CSP.LMC consistency policy.

The CSP.LMC consistency policy analyzes the aggregated observing state in the context of:

  • active observation modes,

  • required subsystems,

  • subsystem-level state combinations,

  • and, where relevant, command execution expectations.

This evaluation may conclude that the aggregated state is:

  • valid and ready to be applied,

  • faulty and requiring a latched fault condition,

  • or not yet conclusive because additional subsystem updates are still expected.

If a hard inconsistency is detected, the supervisor triggers a latched FAULT condition in the observing state model, ensuring that critical violations are not masked by subsequent updates.

If the snapshot is valid and complete, the supervisor applies the final observing state through the model, which handles de-duplication, precedence, and publication.

If the snapshot is still incomplete but compatible with expected subsystem convergence, the supervisor may enter or continue a bounded reconciliation phase before concluding the evaluation.

Separation of responsibilities

The CSP.LMC Observation Supervisor does not publish observing states directly.

Instead, it delegates final state application to the observing state model, preserving a single authoritative path for state transitions.

This separation ensures:

  • predictable state precedence,

  • consistent fault semantics,

  • bounded waiting semantics for incomplete convergence,

  • and clear ownership of state publication logic.