workspace "Automatic Clotting Detection" "C4 Context for Philips Medical Systems - Automatic Clotting Detection applictio" { model { group "Hospital" { patient = person "Patient" "Receives care; views results and manages consent." doctor = person "Doctor" "Operates the imaging device and reviews results and recommendations." device = softwareSystem "Vascular Imaging Device" "Hardware edge device that captures images of patient veins; operated by the Doctor." { tags "Hospital", "Edge Device", "Hardware", "External" } } group "Support" { admin = person "Engineer" "Manages system, configurations, rights etc." ds = person "Data Scientist" "Explores datasets and builds AI models." } group "Platform" { central = softwareSystem "Automatic Clotting Detection Platform" "Stores imaging studies, performs analysis & pattern-recognition AI, and hosts the clinician/patient web app." { tags "Central" web = container "Clinician Web App" { description "Doctors review studies and results; receives notifications." tags WebBrowser, Internal technology "Web Application (React/TypeScript)" } patientPortal = container "Patient Web App" { description "Patients view their own images and results." tags WebBrowser, Internal technology "Web Application (React/TypeScript)" } api = container "API Gateway" { description "Entry point for devices and apps; token validation and routing." tags Internal technology "HTTP/REST" } ingestion = container "Ingestion Service" { description "Validates uploads, extracts metadata, creates jobs." tags Internal technology "Service" } objstore = container "Imaging Object Store" { description "Encrypted storage for original and processed images." tags ObjectStorage, Internal technology "Object Storage (e.g., S3/Blob)" } eventbus = container "Event Bus" { description "Asynchronous jobs and events." tags MessageBus, Internal technology "Messaging (e.g., Kafka/SQS)" } pipeline = container "Preprocessing Pipeline" { description "Normalises, cleans, and standardises images." tags Internal technology "Workers" } model = container "AI Inference Service" { description "Runs provided model to assess clotting risk." tags Internal technology "Model Serving" } resultsdb = container "Results Store" "Stores studies, metadata, AI results, and references." { tags Database, Internal technology "NoSQL Database" } access = container "Access Control Service" { description "Enforces patient/doctor scoping; generates signed image URLs." tags Internal technology "Service" } notify = container "Notification Service" { description "Notifies when analysis completes." tags Internal technology "Service" } audit = container "Audit Log" { description "Immutable trail of access and actions." tags Internal technology "Append-only Log" } } } idp = softwareSystem "Identity Provider" "External authentication & authorization system (e.g., OIDC/OAuth2)." { tags "External" } device -> patient "Creates an image of the veins" patient -> central "Views personal imaging results & manages consent" "Web/Mobile App (HTTPS)" doctor -> device "Operates to capture vein images" "On-device UI" doctor -> central "Reviews images and recommendations" "Browser/App (HTTPS)" admin -> central "Configures system, conifugartions, roles and performs maintenance" "Admin Console (HTTPS)" ds -> central "Accesses curated datasets; trains/evaluates models" "Data/ML Workbench (HTTPS)" device -> central "Uploads imaging studies & metadata" "DICOM/HTTPS" central -> device "Sends device configs & receives telemetry" "HTTPS/MQTT" central -> idp "Authenticates users; authorizes access" "OIDC/OAuth2" idp -> central "Issues tokens/claims; SSO" "JWT/OIDC" patient -> patientPortal "Views personal imaging results & manages consent" "Web/Mobile App (HTTPS)" doctor -> web "Reviews images and recommendations" "Browser/App (HTTPS)" device -> api "Uploads imaging studies & metadata" "HTTPS/DICOMweb" api -> ingestion "Route device uploads" ingestion -> objstore "Store raw images" ingestion -> eventbus "Publish preprocessing job" eventbus -> pipeline "Preprocessing jobs" pipeline -> objstore "Read raw; write normalised images" pipeline -> eventbus "Publish inference job" eventbus -> model "Inference jobs" model -> objstore "Read processed images as needed" model -> resultsdb "Persist AI results & metrics" model -> eventbus "Publish results-ready event" eventbus -> notify "Results-ready events" notify -> web "Notify about completed analysis" web -> api "Query cases, results, and signed image links" "HTTPS" patientPortal -> api "View own images and results" "HTTPS" api -> resultsdb "Query/Update study metadata and results" api -> access "Authorisation checks; generate signed URLs" access -> objstore "Create time-limited signed URLs for image access" api -> audit "Record access and actions" web -> idp "Authenticate user" "OIDC" patientPortal -> idp "Authenticate user" "OIDC" api -> idp "Validate tokens" "OIDC/JWT introspection" production_eu = deploymentEnvironment "Production EU" { deploymentNode edge_ct "Hospitals (Catherina)" "Edge Devices" "Vascular Imaging Device fleet (Catherina)" { softwareSystemInstance device } deploymentNode id "Identity (IdP)" "Auth0/Cognito/Entra federation" { softwareSystemInstance idp } deploymentNode edge_eu "Hospitals (EU)" "Edge Devices" "Vascular Imaging Device fleet (EU)" { softwareSystemInstance device } deploymentNode aws "AWS eu-west-1" "Region" { deploymentNode net "VPC" "10.0.0.0/16" { deploymentNode ingress "CloudFront + WAF + API Gateway" "CDN + WAF + API Edge" { containerInstance web containerInstance patientPortal containerInstance api } deploymentNode comp "EKS (Kubernetes)" "Autoscaling node groups" { containerInstance ingestion containerInstance access containerInstance notify containerInstance audit containerInstance pipeline } deploymentNode ml "SageMaker / EKS GPU" "Model Serving" { containerInstance model } deploymentNode msg "SQS + SNS + EventBridge" "Messaging/Event Bus" { containerInstance eventbus } deploymentNode storage "S3 (images) + DynamoDB (results)" { containerInstance objstore containerInstance resultsdb } } } } production_us = deploymentEnvironment "Production US" { deploymentNode edge_us "Hospitals (US)" "Edge Devices" "Vascular Imaging Device fleet (US)" { softwareSystemInstance device } deploymentNode aws_us "AWS us-east-1" "Region" { deploymentNode net_us "VPC" "10.20.0.0/16" { deploymentNode ingress_us "CloudFront + WAF + API Gateway" "CDN + WAF + API Edge" { web_us = containerInstance web patientPortal_us = containerInstance patientPortal api_us = containerInstance api } deploymentNode comp_us "EKS (Kubernetes)" "Autoscaling node groups" { ingestion_us = containerInstance ingestion access_us = containerInstance access notify_us = containerInstance notify audit_us = containerInstance audit pipeline_us = containerInstance pipeline } deploymentNode ml_us "SageMaker / EKS GPU" "Model Serving" { model_us = containerInstance model } deploymentNode msg_us "SQS + SNS + EventBridge" "Messaging/Event Bus" { eventbus_us = containerInstance eventbus } deploymentNode storage_us "S3 (images) + DynamoDB (results)" { objstore_us = containerInstance objstore resultsdb_us = containerInstance resultsdb } deploymentNode id_us "Identity (IdP)" "Auth0/Cognito/Entra federation" { softwareSystemInstance idp } } } } } views { systemContext central "context" { title "System Context - Automatic Clotting Detection" description "Hospital actors and edge device interact with the Central Application; Identity Provider is external." autolayout lr include * } container central "containers" { title "Automatic Clotting Detection - Container View" description "Edge devices upload images; platform securely stores, preprocesses, runs AI inference, stores results, notifies clinicians, and serves clinician/patient apps with strict access control." autolayout lr include * } deployment central production_eu "aws-eu-west-1" "AWS - EU West (Ireland)" { include * autolayout lr } deployment central production_us "aws-us-east-1" "AWS - US East (North Virginia)" { include * autolayout lr } styles { element "Person" { shape Person color #ffffff } element "Hospital" { background #175f8a color #ffffff } element "Central" { background #1168bd color #ffffff } element "External" { background #dddddd color #000000 border dashed } element "Edge Device" { background #f5e6cc color #000000 } element "Internal" { background #1168bd color #ffffff } element "Database" { shape Cylinder } element "ObjectStorage" { shape Cylinder } element "MessageBus" { shape Pipe } element "WebBrowser" { shape WebBrowser } } } }