Architectural Contracts
The interaction between the Health Evaluation Model and
HealthDiagnostics is governed by a clear input/output contract.
Evaluation Model Responsibilities
The Health Evaluation Model guarantees that:
The aggregated
HealthStateis fully determined before diagnostics generation.Any forced operational condition is explicitly represented in the evaluation result.
Contextual information required for explanation is provided in a structured form.
No partial or transitional states are exposed.
The model remains the single authoritative source of truth for the system health classification.
Diagnostics Responsibilities
HealthDiagnostics guarantees that:
It does not modify or reinterpret the aggregated
HealthState.It generates explanatory messages consistent with the evaluation result.
Forced conditions take precedence over snapshot-derived explanations.
Output messages are deterministic and derived solely from the provided inputs.
Boundary Conditions
Diagnostics must not trigger re-evaluation of health.
Evaluation must not depend on diagnostic formatting rules.
Timing and supervision logic remain external to both components.
HealthInfo Publication Contract
The publication of the HealthInfo attribute follows these guarantees:
Forwarded subsystem
HealthInfochange events are buffered.For each subscribed subsystem source, only the latest received payload is retained until the next evaluation cycle.
Forwarded updates are merged together with locally generated diagnostics during evaluation.
At most one aggregated
HealthInfoattribute update is emitted per evaluation cycle (subject to change detection).No redundant publication occurs if the aggregated content is unchanged.
This contract ensures that multiple subsystem diagnostic updates
occurring in rapid succession are coalesced by the supervision
debounce mechanism and do not produce excessive parent-level
HealthInfo events, while preserving deterministic and
snapshot-consistent behaviour.