workspace {
  model {
    psim = softwareSystem "University of Twente - Access Control PSIM" {
      description "PSIM architecture for monitoring Access Control Systems (ACS) across 9 key buildings at the University of Twente. It captures card reader events and CCTV footage, validates users via the University Directory, and unlocks doors only if credentials are approved."

      cardReaders = container "Card Readers" "Hardware Devices" "Installed at entrances of Spiegel, Horst, TechMed Centre, Nanolab, DesignLab, Vrijhof, Sports Centre, Bastille, and Campus Housing Blocks A–E to capture access swipes."
      controllers = container "Access Control Panels" "Embedded Controllers" "Collect card data and forward to the central server for decision-making."
      accessServer = container "Access Control Server" "Central ACS" "Receives card data, verifies with directory, decides allow/deny, and sends unlock commands only if approved."
      userDirectory = container "University Directory" "LDAP/Active Directory" "Holds user identities (students, staff, faculty, visitors) and their access rights."
      doorLocks = container "Electromagnetic Door Locks" "Lock Mechanisms" "Physically unlock doors only after receiving approved commands from the Access Control Server."
      cctv = container "CCTV Cameras" "Video Devices" "Record video of all access events and send footage to the SOC."
      analytics = container "Analytics Engine" "PSIM Analytics" "Processes access results and video metadata to detect anomalies and risk trends."
      soc = container "Security Operations Center (SOC)" "Operations Center" "Monitors real-time access and video feeds, manages incidents, and dispatches guards."
      alarms = container "Alarm System" "Alerting" "Triggers audible/visual alarms on unauthorized access."
      guards = container "Physical Security Guards" "Personnel" "Respond to SOC dispatches and verify incidents on-site."

      cardReaders -> controllers "Capture card swipes"
      controllers -> accessServer "Forward card data"
      accessServer -> userDirectory "Request credential verification"
      userDirectory -> accessServer "Respond YES/NO"
      accessServer -> doorLocks "Send unlock command (only if YES)"
      accessServer -> analytics "Send access decision logs"
      cctv -> analytics "Send video metadata"
      analytics -> soc "Send alerts and risk scores"
      cctv -> soc "Stream live video feeds"
      soc -> alarms "Trigger alarms"
      soc -> guards "Dispatch guards"
      soc -> accessServer "Send lock/unlock override commands"
    }
  }

  views {
    systemContext psim {
      include *
      autolayout lr
      title "System Context - University of Twente Access Control PSIM"
    }
    container psim {
      include *
      autolayout lr
      title "Access Control PSIM Architecture"
    }
    theme default
  }
}