Next Article in Journal
Does Artificial Intelligence Improve the Operational Resilience of Enterprises? Evidence from the AI Innovative Application Pioneer Zone Policy in China
Previous Article in Journal
Reconstructing the Teaching System of Engineering Materials for Urban Underground Space Engineering: A Systems Perspective with AI Support
Previous Article in Special Issue
Digital Twin Integration for Enhancing Robotic Fastening Systems in Industrial Automation
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Systems
Volume 14
Issue 4
10.3390/systems14040376
systems-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

An Ontology-Based Architecture for Interoperable Healthcare Systems-of-Systems: Structure, Interaction Patterns, and Covenant-Based Governance

by
Mohamed Mogahed
* and
Mo Mansouri
Department of Systems Engineering, Stevens Institute of Technology, Hoboken, NJ 07030, USA
*
Author to whom correspondence should be addressed.
Systems 2026, 14(4), 376; https://doi.org/10.3390/systems14040376
Submission received: 4 February 2026 / Revised: 12 March 2026 / Accepted: 28 March 2026 / Published: 31 March 2026
(This article belongs to the Special Issue Advancing Digital Engineering: Transforming Industries with Model-Based Systems Engineering and Digital Twin Technology)
Browse Figures
Versions Notes

Abstract

Healthcare fragmentation—characterized by poor coordination among independently operating organizations—systematically degrades care quality while escalating costs. While healthcare delivery inherently operates as a System of Systems (SoS), existing approaches lack semantic rigor to bridge governance principles with implementable architectures, and digital engineering paradigms remain disconnected from formal representations of regulatory constraints and organizational interdependencies. This paper presents a comprehensive Web Ontology Language (OWL 2 DL)-based ontology integrating structural, behavioral, and regulatory dimensions of healthcare SoS into a unified, computationally tractable framework. Developed following the Methontology engineering methodology and validated using the HermiT reasoner, the ontology formalizes constituent system categories through functional decomposition, establishes an interaction taxonomy distinguishing intra-category coordination from inter-category integration, and introduces the Covenant class as a novel governance mechanism. The covenant embeds legal frameworks (HIPAA, GDPR), interoperability protocols (FHIR, HL7), and technical standards (SNOMED, LOINC, ICD-11, ISO) as first-class ontological entities with explicit relationships to interaction properties. Governance enforcement is operationalized through a layered validation architecture comprising SWRL rules for deductive compliance checking, SHACL shapes for structural constraint validation, and OWL equivalentClass axioms for automated conflict detection. The ontology is further validated through four operational scenarios that demonstrate automated consent validation, standards compliance verification, protocol interoperability checking, and temporal compliance with conflict detection, alongside extended SPARQL queries that reveal constituent system landscapes, standards coverage, interaction networks, and topological properties through node degree calculation, hub identification, and network density analysis. The ontology enables pre-implementation governance assessments, evidence-based policy simulation, digital twin implementations with continuous compliance monitoring, and resilience planning through network analysis, transforming governance from reactive compliance checking to proactive coordination engineering.

1. Introduction

The contemporary healthcare delivery system faces a crisis of fragmentation that exacts profound human and economic costs. Organizational fragmentation disrupts critical relationships, impedes information flow, and creates misaligned incentives that systematically degrade care quality while escalating costs [1]. Recent systematic reviews confirm that fragmented care—characterized by noncontinuous, low-quality, duplicated, or omitted coordination among multiple providers—directly contributes to worsening chronic illness trajectories, preventable acute care utilization, and inefficient resource allocation [2]. The COVID-19 pandemic starkly exposed these coordination failures, as operational cleavages between public health agencies and medical care systems hampered effective crisis response despite individual system competencies [3]. This fragmentation persists not from isolated failures but from fundamental structural characteristics of healthcare delivery itself.
The persistence of fragmentation within the U.S. healthcare system has become even more evident in the years following the COVID-19 crisis. Recently, Cutler highlighted that, despite the formal end of the public health emergency, the structural weaknesses revealed during the pandemic—particularly fragmented governance, inconsistent data exchange, and poor coordination across public health and medical care sectors—remain largely unresolved [4]. He underscored that the pandemic did not create these failures but rather illuminated long-standing systemic fractures that continue to impede coherent national response capabilities and undermine routine care delivery. These findings reinforce that fragmentation in the United States is not a temporary artifact of crisis conditions but a deeply embedded structural characteristic that continues to shape system performance well into the mid-2020s. This paper presents a fully specified OWL-based ontology that formalizes the multi-layered interactions and dependencies within healthcare delivery systems, providing a semantic foundation for analyzing and mitigating fragmentation.
To understand these fragmentation challenges, healthcare delivery thus demands a systems perspective that recognizes care as a dynamic process integrating people, processes, and technologies across organizational divides, acknowledging that patient complexity cannot be managed through single disciplines or isolated entities. No single facility, specialty, or organizational entity can autonomously deliver comprehensive healthcare; rather, care emerges from intricate interdependencies among these constituent systems [5]. Indeed, governance has emerged as a critical enabler in SoS literature: as Complex System Governance (CSG) scholars argue, the performance and sustained viability of large-scale systems depend on deliberate functions of direction, oversight and accountability [6]. Moreover, as Katina et al. note, modern SoSE must expand governance to include organizational, policy, and human factors [7]. However, existing governance frameworks often stop short of providing a machine-interpretable, model-based means of coordinating autonomy with alignment, especially across the structural, behavioral and policy layers of a healthcare SoS.
In healthcare, Digital Engineering (DE), Digital Twin (DT), and Model-Based Systems Engineering (MBSE) are reshaping systems design by integrating data-driven models, simulations, and collaborative tools across the product lifecycle [8]. Hemdan and Sayed (2025) depict a multi-layer healthcare DT architecture comprising physical devices and patients at the bottom layer, IoT and sensor data processing at the middle layer, and virtual patient models and analytical simulation services at the top layer [9]. They note that AI, blockchain, and DTs together have “revolutionized” diagnostics and care but require robust architectures and governance. This transformative potential extends across sectors: in manufacturing, MBSE has been shown to improve requirement traceability, system integration, and change management compared to traditional document-centric approaches [10]. Furthermore, MBSE serves as a foundational enabler for digital twin development, providing consistency, interoperability, and scalability while creating a unifying structure that links physical systems and virtual representations [11]. In aerospace applications, SysML-based modeling has demonstrated improvements in design consistency, requirement traceability, and stakeholder communication, while reducing integration risk through more informed early-stage design decisions [12]. DE frameworks applied to space robotic systems have shown the capacity to reduce development risk and improve early design validation through digital continuity and rapid iteration [13]. These cross-industry applications collectively demonstrate how digital transformation tools enable more robust, efficient, and adaptive systems design across diverse domains.
The strategic importance of DE in complex systems is increasingly recognized with future planning efforts. The Department of Defense DE Strategy articulates five strategic goals that emphasize formalized information models, integrated digital environments, and authoritative sources of truth to enable model-centric decision-making across system lifecycles [14]. Similarly, the INCOSE Systems Engineering Vision 2025/2035 envisions a future where systems engineering is fully digitally enabled, with seamless integration of models, data, and analysis tools supporting collaborative decision-making across distributed stakeholder communities [15]. These strategic frameworks recognize that modern system complexity—whether in defense, aerospace, or healthcare—demands not merely technological innovation but fundamental transformations in how systems are conceived, designed, integrated, and governed through digital representations.
Despite significant theoretical and empirical advances in understanding healthcare SoS structure, interdependencies, and governance requirements, current approaches exhibit critical limitations that impede operationalization. Structural analyses employing network theory quantitatively assess system properties such as centrality and influence distribution, while SysML models capture architectural relationships and operational flows, but these representations address specific analytical dimensions without providing unified frameworks that integrate structural, behavioral, and governance aspects [6]. More critically, existing DE and MBSE approaches in healthcare lack the semantic rigor necessary to bridge the gap between high-level governance principles and implementable system architectures. While digital twin frameworks offer promising technical architectures for data integration and simulation, they remain disconnected from the formal representation of governance mechanisms, policy constraints, and organizational interdependencies that shape healthcare delivery system behavior. This semantic gap prevents the translation of systems engineering insights into actionable DE implementations that could systematically address healthcare fragmentation.
In response to this research gap, ontology-based approaches offer powerful mechanisms for addressing these integration and formalization challenges. Ontologies provide explicit, formal specifications of conceptual knowledge domains through structured vocabularies of entities, relationships, and axioms expressed in logic-based languages that enable automated reasoning [16]. In systems engineering contexts, ontologies have demonstrated capacity to eliminate syntactic and semantic differences across tools and representations, enabling automation, interoperability, and artificial intelligence applications [17]. The ontology of systems engineering, grounded in ISO/IEC/IEEE 15288 standards and extending from Basic Formal Ontology (BFO), provides process-centric reference frameworks that support semantic integration across the systems engineering lifecycle [18]. Recent developments demonstrate ontology-aligned data structures enabling tool-agnostic interfaces through semantic layers that abstract from proprietary data formats [19], and layered ontology stacks providing modular architectures spanning top-level philosophical foundations through domain-specific implementations [20].
This points to the need for an ontology-driven governance tool that can integrate structural (constituent systems), behavioral (interaction flows) and regulatory (governance protocols) dimensions of a healthcare delivery SoS. This study develops an ontology-driven governance framework that integrates the structural, behavioral, and regulatory dimensions of healthcare Systems of Systems (SoS) into a unified, computationally tractable model. The proposed Web Ontology Language (OWL)-based ontology formalizes seven constituent system types and their interaction patterns derived from real-world analysis, while embedding governance protocols through the Confluence Interoperability Covenant (CIC)—a synthesis of national interoperability and regulatory standards. By embedding legal, procedural, and technical requirements directly into the system architecture, the ontology enables automated reasoning, consistency checking, and semantic querying to assess structure, coordination, and governance compliance across the healthcare SoS.
The proposed ontology advances the state of the art by providing a comprehensive formal framework that unifies healthcare SoS constituent system definitions, interaction semantics, governance mechanisms, and regulatory standards within a single representation. It functions simultaneously as a knowledge repository, capturing domain expertise in machine-readable form; an interoperability enabler, offering shared semantic vocabulary for heterogeneous systems; a governance mechanism, embedding legal and technical standards to ensure traceability between policy and operation; and a reasoning platform, enabling automated consistency checking, semantic querying, and inference. Through this synthesis, the ontology transforms fragmented conceptual insights into an operational, governance-oriented tool for healthcare SoS implementation. Its practical utility is further demonstrated through a set of operational validation scenarios and competency-driven SPARQL queries that explicitly test governance compliance, interoperability constraints, and interaction authorization under both compliant and non-compliant conditions. These validation exercises illustrate how the ontology supports executable oversight, enabling governors to detect violations, assess system readiness, and extract actionable knowledge from complex healthcare SoS configurations.
The remainder of this paper is organized as follows. Section 2 provides background on DE and model-based systems engineering approaches in healthcare, establishing the theoretical and methodological context for ontology-driven governance. Section 3 presents the ontology design and development, detailing the constituent system classification, interaction taxonomy, and covenant-based governance mechanism that form the ontology’s core structure. Section 4 demonstrates ontology operationalization and validation through four representative scenarios that exercise compliance checking, violation detection, and governance enforcement capabilities, followed by extended analytical queries that reveal constituent system landscapes, standards coverage, interaction networks, and topological properties. Section 5 discusses theoretical and practical implications, methodological contributions, limitations, and future research directions. Section 6 concludes by synthesizing the ontology’s contributions to addressing healthcare fragmentation through governance-integrated coordination.

2. Background

2.1. Digital Engineering and Model-Based Systems Engineering Approaches

The evolution of DE and MBSE represents a fundamental shift in managing complex system lifecycles. DE is “an integrated digital approach that uses authoritative sources of system data and models as a continuum across disciplines to support lifecycle activities from concept through disposal” [14]. This paradigm emphasizes integrated digital environments and model-centric decision-making for enterprise engineering [21]. However, applying these approaches to System of Systems (SoS) contexts presents unique opportunities and challenges, as SoS requires specialized constructs for multi-dimensional architectures and dynamic evaluation capable of accommodating changing systems and environments [22,23].
While health systems’ adoption of MBSE differs from mature domains, its use has accelerated over the past twelve years, largely integrating Systems Modeling Language (SysML) and Unified Modeling Language (UML) with diverse simulations to enhance operations [24]. Applications span IoT healthcare, clinical medicine, and process enhancement to meet patient-centric goals. Demonstrating its versatility, MBSE extends beyond operational modeling to roles like requirements engineering and risk management [23]. For example, MBSE frameworks have assessed healthcare facility designs by analyzing 105 evidence-based studies [25], and supported rural disaster preparedness, despite this remaining critically underdeveloped [26]. This highlights MBSE’s potential in managing both routine operations and extraordinary, coordinated responses.
The convergence of MBSE with Digital Twin (DT) technology is vital for complex lifecycle management. Unlike static prototypes, DTs dynamically synchronize with physical counterparts through real-time performance and health data [27]. Integrating DTs with MBSE enables real-time monitoring and predictive analytics via authoritative representations. In healthcare, this synergy is revolutionizing customized care, predictive interventions, and operational optimization [28,29]. Medical digital twins consist of five components: the patient, data connection, in silico representation, interface mechanisms, and synchronization processes [30]. These merge AI with mechanistic modeling for precision diagnosis, balancing individualized models with real-time decision support computational needs. Successfully demonstrated across industries, SysML-based models integrated with simulative functions validate how MBSE acts as a foundation for DT deployments [31], providing proven adoption pathways for healthcare organizations.
MBSE requires sophisticated methods for traceability and lifecycle management. For instance, DE models in defense successfully map enterprise architectures to domain-specific SoS representations using SysML diagrams [32]. This ensures automatic document generation and end-to-end V-model traceability, ultimately lowering development costs by detecting early design inconsistencies and enhancing stakeholder communication. However, the unique independence, evolution, and emergent behaviors of SoS necessitate specialized validation approaches [33]. Effective assurance relies on adaptive, scenario-based Integration, Verification, Validation, Test, and Evaluation (IVVT&E) strategies that recognize that SoS requires continuous lifecycle assessment rather than isolated pre-deployment testing.
Despite its benefits, MBSE’s transformative potential is constrained by deployment challenges. Industry surveys reveal that practical MBSE adoption remains uneven and confined to early lifecycle stages [34]. This gap between theory and implementation predominantly stems from insufficient training, cultural resistance, and unclear return-on-investment, particularly within document-centric organizations transitioning to model-based paradigms. These barriers echo broader findings establishing SoS engineering as an embryonic field, thus requiring advanced methodologies to tackle decentralized governance, system evolution, and emergent behaviors [23]. This immaturity creates a paradox wherein the organizations managing the most distributed systems struggle the most to deploy MBSE.
System complexity frameworks must evolve to incorporate the Industry 5.0 paradigm, which introduces a shift toward human-centricity, sustainability, and resilience atop Industry 4.0’s automation focus [35]. This sociotechnical perspective recognizes that pure technology-centric optimization is insufficient without balancing human well-being and long-term resilience. Within healthcare, future MBSE innovations must integrate advanced AI and hybrid simulations while explicitly representing provider cognitive functions and decision processes [24]. Realizing MBSE’s full healthcare potential, therefore, demands a fundamental reconceptualization merging clinical judgment with organizational structures and technical architectures.
Ultimately, successful MBSE and DE deployments in healthcare rely not just on technical modeling, but on the delivery system’s structure that coordinates autonomous constituent systems. Implementation challenges often signify deeper governance deficits rather than pure technical limits, manifesting as unclear decision rights, misaligned incentives, and unresolved conflicts between interoperability standards. Realizing the transformative potential of MBSE therefore mandates transcending technical modeling to explicitly address the governance architectures shaping system interactions and adaptation. This necessitates a thorough examination of governance evolution and the formalization of governance mechanisms into model-based blueprints for effective SoS integration.

2.2. Evolution and Structuring of Healthcare SoS Governance

Modern healthcare delivery operates as an inherently complex System of Systems, integrating autonomous entities—including hospitals, medical centers, insurance organizations, supply chain providers, and information technology vendors—each pursuing independent operational objectives while performing specialized roles. Mogahed and Mansouri [36] provided foundational theoretical framing for healthcare delivery systems (HDS) as exemplary Collaborative SoS, characterized by voluntary coordination among independent constituents to achieve integrated outcomes exceeding what isolated subsystems could accomplish. Their analysis identified this Collaborative SoS architecture as a fundamental source of healthcare’s enduring fragmentation problems, while simultaneously recognizing interdependence as a key factor influencing overall system effectiveness. Extending this theoretical foundation, they examined established SoS structural classifications [37], demonstrating through concrete case analysis the barriers and practical challenges inherent in transforming healthcare from its existing collaborative form toward alternative organizational configurations. This structural examination culminated in a transformative recommendation: establishing a dedicated governance entity charged with managing and strategically orchestrating interdependencies among constituent systems to ensure emergent behaviors align with healthcare system-level goals.
To substantiate this structural framework with governance theory, Mogahed and Mansouri synthesized insights from 45 empirical studies spanning 37 governance frameworks [38]. This extensive review identified critical governance elements—including accountability structures, iterative feedback mechanisms, and coordination architectures—that facilitate effective multi-entity collaboration and collective goal attainment beyond individual capabilities. Building upon this theoretical synthesis, they articulated a refined SoS governance architecture featuring three core layers: meta-governance (defining strategic vision and policy frameworks), governed entities (the constituent systems themselves), and governing entities (executing coordination functions and oversight mechanisms). This three-tier architecture offers a generalizable abstraction capturing essential governance dimensions applicable across diverse Collaborative SoS contexts, with particular relevance to healthcare.
The practical implementation of this governance architecture within the United States healthcare ecosystem was systematically elaborated in follow-on research [39,40], explicitly mapping institutional actors to governance responsibilities. Meta-governance functions were attributed to governmental authorities responsible for articulating overarching vision and regulatory policy; the governing system role was instantiated through the Department of Health and Human Services (HHS), charged with implementing coordination instruments and enforcing compliance requirements; and the governed system was defined as the comprehensive healthcare SoS, encompassing all clinical providers, payers, suppliers, and ancillary service organizations operating within this governance regime.
Transitioning from abstract models to operational representations, subsequent work [41] systematically characterized the relational structure among constituent systems, revealing the intricate coordination requirements and operational dependencies defining healthcare SoS. Utilizing Systems Modeling Language (SysML) to represent both architectural and operational perspectives, they developed a functionally oriented classification scheme for constituent systems emphasizing operational roles rather than market-based categorizations, ensuring alignment with HHS strategic objectives. Significantly, their interaction identification methodology centered on value flow analysis—tracing how value propagates through interdependent relationships rather than simply cataloging organizational linkages.
Building on this structural foundation, their subsequent investigation [42] systematically categorized interdependency patterns, distinguishing intra-category interactions (occurring within a single functional category, such as Hospital-to-Hospital) from inter-category interactions (spanning distinct functional categories, such as Supplier-to-Provider). Synthesizing evidence from over 40 real-world implementation cases, they constructed a comprehensive interdependence taxonomy organized by interaction characteristics. Intra-category interactions were differentiated into: (1) Collaborative Partnerships—formalized or informal cooperative arrangements pursuing shared goals through resource commitment and knowledge exchange; (2) Resource Pooling and Operational Symbiosis—coordinated sharing of physical assets, workforce, or logistical capabilities to enhance mutual operational efficiency; and (3) Market Negotiation Blocks—collective bargaining formations designed to amplify market power and establish standardized contractual terms. Inter-category interactions were classified as: (1) Supply Chain Linkages—structured transactional relationships satisfying operational requirements; (2) Service Delivery Channels—direct pathways characterized by standardized workflows; (3) Technology Integration—embedded technological solutions enabling interoperability and information exchange; and (4) Strategic Cross-Category Alliances—multi-stakeholder collaborations addressing system-wide challenges through complementary capabilities.
This taxonomic framework enabled a crucial governance observation: that purposeful establishment of integrated regulatory instruments—combining legal mandates, procedural requirements, and technical specifications—ensures constituent system interactions operate within consistent and coherent normative boundaries. Translating this insight into practice, they proposed the CIC [43], an adaptive socio-technical governance mechanism encoding unified legal, procedural, and technical standards. The CIC delineates permissible interaction boundaries among constituent systems—establishing data exchange protocols, privacy protection requirements, consent management procedures, and audit mechanisms—while avoiding constraints on internal system architectures or operational workflows. This design philosophy instantiates the principle of “Regulated Autonomy” or “Structured Freedom,” whereby autonomous systems preserve operational independence while ensuring their interactions conform to overarching SoS mission requirements, values, and performance standards.
This evolutionary progression—from theoretical foundations through empirical validation and computational analysis to operational governance instruments—illuminates the multidimensional character of healthcare SoS governance, spanning structural typologies, institutional roles, interaction taxonomies, network properties, and regulatory frameworks. Yet this very comprehensiveness exposes a critical limitation: although these contributions collectively provide extensive coverage of the governance landscape, they lack a unifying formalism capable of integrating these diverse elements into a coherent, operationalizable whole. No individual conceptual model, analytical technique, or descriptive framework can simultaneously represent this structural complexity, formalize its semantic relationships, enable automated reasoning about governance properties, verify consistency across multiple representations, support computational querying of governance coverage, establish traceability between governance specifications and operational behaviors, integrate seamlessly with complementary engineering tools, and provide machine-interpretable specifications suitable for automated validation and analysis. Table 1 synthesizes these progressive contributions and positions the present work within this research trajectory.

2.3. Ontology-Based Approaches to Systems Engineering, SoS, and Governance

Converging ontology with systems engineering and governance addresses immense complexity and heterogeneity challenges. Yang et al. (2019) extensively surveyed the ontology-based systems engineering (OBSE) landscape across two decades [44]. While highlighting ontologies’ strengths in requirements specification and design verification, their systematic review also noted deficiencies in empirical evidence regarding practical project impacts. Nevertheless, this work cemented ontologies as a viable mechanism for formalizing knowledge and enforcing semantic coherence across SE lifecycles.
To overcome the fragmentation of diverse MBSE formalisms, Lu et al. (2022) introduced the GOPPRRE ontology [6]. This framework successfully provides a shared semantic substrate unifying heterogeneous modeling concepts—proving ontologies can consolidate disparate representation schemas and fluidly exchange execution artifacts. Philosophically, Lukyanenko et al. (2021) championed the Bunge Systemist Ontology (BSO) [45], arguing for a paradigm shift from entity-focused definitions to system-focused architectures. This foregrounds composition, emergent organization, and system inter-reliance, ideas highly pertinent to SoS engineering.
Beyond SE, ontologies secure interoperability across manufacturing [46], Industry 4.0 digital twins [47], cloud computing [48], and context-sensitive designs [49]. Deployed via OWL, ontologies execute formal semantics supporting consistency validation, automated instance subsumption, and knowledge interrogation [50]. Functioning dually as interoperability facilitators and semantic databases, ontologies are remarkably suited to weave disconnected healthcare SoS rules into a coherent deployed framework.
In the SoS realm, Knöös Franzén et al. (2019) leveraged ontologies to capture distinct component interoperability and interaction interfaces in aerospace product development, managing dimensions impossible in monolithic modeling [51]. Advancing this, Feng et al. (2023) deployed a sophisticated dual-ontology architecture—combining the SoS Capability Ontology and Operational Ontology—tied directly to Unified Architecture Frameworks and SysML [52]. Utilizing Protégé to wield advanced OWL properties, their work mathematically tracked state transitions and behavioral workflows.
Ontological frameworks uniquely suit complex governance instrumentation. Qaddoumi et al. (2017) explicitly tackled SoS engineering governance using their OntoSoS.QM.Gov architecture [53]. They proved ontologies function as essential semantic bridges unifying heterogeneous organizational jurisdictions and ensuring continuous, consistent interpretation of policy rules and quality directives across disparate system perimeters.
Augmenting this, Ghosh Mitra et al. (2024) utilized ontology for urban ecosystems across dimensions like Policy, Outcomes, and Administration [54]. Their architecture’s capacity to capture dynamic structural facets provides an invaluable methodological template for comprehensive governance ontologies elsewhere.
Collectively, these scholarly contributions demonstrate that ontology-based methodologies constitute a paradigm transformation toward formal, semantically precise management of system complexity. The synthesis of governance and SoS engineering literature reveals that effective governance necessitates explicit formalization of conventionally tacit concepts—including standards frameworks, policy instruments, stakeholder responsibilities, and decision-making workflows—while simultaneously capturing both structural dimensions (governance architecture) and temporal dimensions (governance processes and impacts). However, important capability gaps remain across existing frameworks. GOPPRRE [6] provides OWL meta-models that unify heterogeneous MBSE formalisms but does not address governance formalization or domain-specific coordination mechanisms. OntoSoS.QM.Gov [53] maps quality standards and policies to SoS development lifecycle phases but does not implement executable validation rules or automated violation detection. The dual-ontology architecture of Feng et al. [52] models SoS capabilities and operational workflows via OWL and UAF/SysML anchoring, yet remains focused on capability-to-operational mapping without governance axiomatization or compliance enforcement. The present work addresses these gaps by combining, within a single healthcare-specific OWL 2 DL ontology, governance formalization through the Covenant class with necessary and sufficient conditions, executable validation through SWRL rules and SHACL shapes, automated conflict and temporal violation detection through OWL equivalentClass axioms, and SPARQL-driven compliance monitoring with network topology analysis—capabilities that have not been jointly realized in prior ontology-based SoS frameworks.
Building upon this substantial foundation, this paper addresses the critical requirement for a formal, integrative architecture that consolidates the distributed insights from healthcare SoS theory, structural characterization, governance mechanisms, and ontology engineering into a unified, computationally tractable artifact. Specifically, we construct an OWL-based ontology for healthcare SoS that operationalizes the governance frameworks, constituent system classifications, and interaction taxonomies established in antecedent research while incorporating the formal semantics, automated reasoning capabilities, and integration potential evidenced in the ontology engineering literature.

3. Healthcare System of Systems Ontology

3.1. Ontology Engineering Methodology

The development of the healthcare SoS ontology followed the Methontology framework, a mature and highly structured engineering methodology that ensures rigorous knowledge acquisition, conceptualization, formalization, and evaluation [55]. Methontology’s lifecycle model was selected due to its alignment with the iterative requirements of complex systems modeling, allowing for continuous refinement of constituent system classes alongside evolving functional requirements.

3.1.1. Competency Questions and Knowledge Acquisition

The conceptualization phase was driven by a formally defined set of Competency Questions (CQs) that the ontology must be able to answer. These CQs served as the functional requirements specification, guiding concept extraction, relationship definition, and axiom formulation. The knowledge acquisition process synthesized insights from U.S. Federal Health IT strategic plans, interoperability standards documentation (FHIR, HL7, ANSI X12), and literature on healthcare SoS governance. Table 2 enumerates the core CQs, mapping them to the specific governance and architectural dimensions they address.

3.1.2. Architecture, Axiomatization, and Design Decisions

The structural architecture of the ontology—specifically the derivation of the seven primary constituent system classes—was not adopted from rigid organizational market sectors, but emerged from iterative functional capability analysis [41]. This design decision ensures that entities acting in dual roles (e.g., a pharmacy acting as both a Supplier and a clinical Provider) are semantically handled based on their interaction context rather than static labels.
During the formalization phase, classes and properties were encoded in the Web Ontology Language (OWL 2 DL). The 'Covenant' class was axiomatized using necessary and sufficient conditions ('owl:equivalentClass'); specifically, a covenant is strictly defined as an entity that governs at least one interaction type ('ex:supportsInteraction some owl:ObjectProperty'). To operationalize governance, we introduced a 'Violation' class hierarchy and SWRL rules capable of executing conflict detection and temporal compliance checks (utilizing 'validFrom' and 'validUntil' data properties).

3.1.3. Implementation and Quantitative Metrics

The ontology was implemented using Protégé version 5.6.7 as the primary development environment [56]. To validate logical consistency, subsumption checking, and rule execution, the HermiT reasoner (version 1.4.3.456) was integrated into the workflow. The ontology operates at the OWL 2 DL expressivity level, ensuring decidability while maintaining sufficient expressiveness for complex governance constraints. Table 3 provides quantitative metrics regarding the scale of the ontology.
Consistency checking via the HermiT reasoner confirmed that the core ontology is fully consistent and free of unsatisfiable classes. When demonstrative conflicts were explicitly introduced (e.g., an entity subjected to conflicting covenants or operating with expired certifications), the reasoner successfully inferred the presence of 'ConflictViolation' and 'QualityManagementViolation' instances, empirically validating the ontology’s diagnostic capabilities.

3.2. Overview and Ontological Foundation

Building upon the foundations established in the related work, this section presents a formal ontology for healthcare SoS that operationalizes the governance frameworks, structural typologies, and interdependency taxonomies discussed previously in [42], implemented using Protégé software version 5.6.7. The ontology is implemented in OWL, providing a computationally tractable representation that enables semantic reasoning, consistency checking, and automated inference about healthcare SoS structures, interactions, and governance mechanisms.
The ontology presented in this work addresses the critical need identified in the literature for formal representations that can bridge technical system engineering concerns, SoS coordination mechanisms, and multi-level governance structures. By formalizing concepts such as constituent systems, interaction patterns, and governance covenants in OWL, the ontology enables both human comprehension and machine processing of complex healthcare delivery system architectures.
Clinically oriented ontologies such as SNOMED CT provide comprehensive standardized vocabularies of medical terms to support consistent clinical documentation and retrieval in electronic health records, while classification systems including ICD-10-CM and CPT underlie billing semantics and financial reporting in healthcare [57]. Standards like LOINC and HL7 FHIR facilitate semantic representation of clinical observations and the structured exchange of healthcare data across heterogeneous systems [58]. These conventional ontological and coding frameworks serve interoperability and terminology alignment objectives, in contrast to the architectural and governance-centric emphasis of the ontology developed herein. However, the fundamental departure from existing healthcare ontologies lies in the recognition that healthcare system fragmentation and coordination failures emerge not primarily from inadequate clinical vocabularies or data exchange formats, but from poorly understood and inadequately modeled system-level interactions and governance structures. While clinical ontologies enable semantic interoperability at the data level, they provide limited support for reasoning about organizational relationships, contractual dependencies, supply chain linkages, and regulatory constraints that characterize healthcare as a complex adaptive SoS. The proposed ontology addresses this gap by elevating interactions and governance mechanisms to first-class ontological constructs, creating a semantic foundation for system-level analysis and transformation.
The primary design objectives of the ontology are threefold. First, it seeks to capture the structural composition of healthcare as an SoS, explicitly modeling constituent systems that retain operational and managerial independence. Second, it aims to represent interactions as first-class entities, recognizing that fragmentation and inefficiencies in healthcare emerge not from isolated systems, but from poorly coordinated inter-system relationships. Third, the ontology is intended to provide a governance-aware semantic foundation capable of supporting policy reasoning, compliance analysis, and future DE applications.
To address governance dimensions, the ontology introduces explicit representations of governance artifacts termed covenants—binding instruments including legal frameworks (HIPAA, GDPR), protocols (FHIR, HL7v2, HL7v3), and technical standards (SNOMED, LOINC, ICD-11, DICOM, ISO standards). Each covenant is semantically linked to the interaction types it governs through the supportsInteraction property, enabling automated compliance evaluation, policy impact assessment, and contract-based coordination mechanisms. This design aligns with emerging DE paradigms emphasizing model-based systems engineering and executable architectures where governance rules are formally specified and computationally enforced.

3.3. Core Ontological Structure

3.3.1. Top-Level Class Hierarchy

The ontology’s class hierarchy is rooted in owl:Thing, from which seven primary constituent system classes are derived. These classes emerge from a systematic functional decomposition of the healthcare system that prioritizes operational interdependencies over conventional market-sector boundaries [41]. The categorization methodology was guided by two fundamental imperatives: (1) functional alignment that enables granular analysis of roles, interactions, and integration dynamics across the healthcare SoS; and (2) operational fidelity that mirrors real-world patterns where organizations may span multiple functional domains simultaneously. For instance, entities like CVS Health operate simultaneously as pharmaceutical distributors (Supplier functionality) through retail pharmacy networks and as clinical care deliverers (Provider functionality) via MinuteClinic facilities [59]. This dual-role reality necessitates a functional categorization approach that emphasizes the nature of interdependence types rather than rigid organizational identities, thereby enabling governance mechanisms precisely tailored to the structural and operational realities of the system.
From this systematic analysis, seven primary constituent system classes were formalized within the ontology structure, each representing fundamental building blocks of healthcare delivery. Figure 1 presents the categorization of the healthcare SoS with two categories’ decomposition.
Primary Constituent System Classes:
  • ProviderSystem: Healthcare delivery entities directly engaged in clinical care provision. It consists of subclasses representing specific provider types such as Clinic, Hospital, RehabilitationCenter, NursingHome, UrgentCareCenter, etc. The classification criterion is the direct delivery of clinical or therapeutic care to patients, regardless of the organization’s market positioning or ownership structure.
  • CareRecipientSystem: Entities representing patients, families, and communities receiving healthcare services. The categorization encompasses not only individual patients but also legal guardians and family members who participate in care decisions, reflecting the reality that healthcare interactions often involve collective decision-making units rather than isolated individuals. This inclusive definition acknowledges the sociotechnical nature of healthcare delivery, where clinical outcomes depend on the engagement and coordination of multiple stakeholders beyond the individual patient.
  • InsuranceSystem: Financial intermediaries managing risk pooling, coverage determination, and reimbursement mechanisms that enable healthcare service delivery. This class emerged from analysis of entities whose functional role centers on financing healthcare access and managing financial risk. The categorization includes both public entities (e.g., Medicare, Medicaid) and private insurers, unified by their common function of determining coverage eligibility, processing claims, and disbursing payments to providers. The functional emphasis prevents artificial separation between public and private financing mechanisms, instead focusing on their shared role in enabling resource flows across the healthcare SoS.
  • SupplierSystem: Organizations providing pharmaceuticals, medical devices, equipment, supplies, and other tangible resources necessary for healthcare operations. This class was identified through analysis of entities that produce or distribute material inputs essential for clinical care delivery but that do not themselves engage in direct patient care. The categorization encompasses manufacturers (e.g., pharmaceutical companies, medical device manufacturers), distributors (e.g., medical equipment suppliers), and logistics providers (e.g., medical transport services). The unifying criterion is the provision of physical goods or logistical services that enable clinical operations.
  • MedicalSupportServiceSystem: Ancillary service providers including non-clinical services such as cleaning services, security, medical waste management, patient transport, and facility maintenance that enable but do not directly constitute clinical care delivery. This class emerged from recognition of services that, while not involving direct clinician–patient therapeutic interactions, are indispensable for safe, efficient, and compliant healthcare operations.
  • InfoComTechSystem: Information and communication technology platforms, systems, and services that enable data exchange, coordination, and operational integration across constituent systems. This class was derived from analysis of technology infrastructures that mediate information flows among other constituent system categories. Given the critical role of information exchange in healthcare coordination, this category represents an essential governance domain where interoperability standards, data security protocols, and access policies must be explicitly defined and enforced.
  • Covenant: A governance artifact class representing the regulatory, legal, procedural, and technical specifications that define permissible interactions among constituent systems. This class operationalizes the CIC concept [43], embedding governance mechanisms directly within the ontological structure. Covenants define interaction boundaries, specify data exchange formats, establish accountability mechanisms, and encode compliance requirements. By representing these governance artifacts as first-class ontological entities, the framework enables computational reasoning about governance consistency, completeness, and effectiveness—supporting automated validation of governance designs and detection of coordination failures.
This classification reflects the functional role-based taxonomy aligned with the U.S. Department of Health and Human Services mission framework [60], ensuring practical applicability to real-world healthcare governance contexts. Notably, the ontology eschews market-based or organizational affiliations in favor of functional roles, recognizing that entities may shift affiliations while maintaining functional identities.
Figure 2 illustrates the operational complexity of healthcare SoS, depicting main categories as nodes and their interdependencies as directed edges. Many relationships exhibit bidirectional properties, reflecting the reciprocal nature of healthcare interactions. Additionally, the color-coded edges represent different interaction types, revealing the heterogeneity of interdependencies. The dashed arches across categories denote inter-category interactions, capturing the flow of information, resources, and value across functional boundaries (e.g., between Providers and Insurers or between Suppliers and Medical Support Services). Conversely, the dashed circles within each category represent intra-category interactions, which occur among entities sharing similar roles or functions (such as collaborations between hospitals or coordination among insurance agencies). This diversity of edge types underscores the multifaceted nature of coordination requirements in healthcare SoS.
The Covenant class is positioned at the top of the hierarchy with connections to owl:ObjectProperty, representing its role in regulating and governing all interactions among constituent systems. This structural placement operationalizes the concept of “Regulated Autonomy” [43] and aligns with the proposal in [37] and the defined roles of the governing system discussed in [39,40], wherein governance mechanisms define interaction parameters without constraining internal system operations.

3.3.2. Governance Mechanism: The Covenant Class

The Covenant class represents a novel ontological construct that formalizes governance artifacts within the SoS structure itself. Unlike traditional ontologies that represent governance as external constraints or documentation, this ontology embeds governance as a first-class entity with explicit relationships to interaction properties.
The Covenant class operationalizes the CIC [43], which specifies integrated legal, procedural, and technical standards governing constituent system interactions. Figure 3 shows the Covenant, its connection to owl:ObjectProperty, and a one-level decomposition of one of its components.
By representing covenants as OWL classes, the ontology enables:
  • Explicit Governance Representation: Governance rules, standards, and protocols become computationally accessible entities that can be queried, analyzed, and validated.
  • Relationship to Interactions: The connection between Covenant and owl:ObjectProperty (visible in Figure 2 and Figure 3) establishes that all interaction properties are subject to governance specifications. This relationship can be formalized through property restrictions, asserting that interactions must satisfy covenant-defined constraints.
  • Adaptivity and Evolution: As OWL classes, covenants can be versioned, extended, and modified, supporting the adaptive governance requirements of evolving SoS contexts.
The CIC was formulated through a detailed review of existing interoperability standards and governance protocols at the national level, encompassing frameworks such as HL7 FHIR, TEFCA, HIPAA, and ONC interoperability specifications (Supplementary Materials). This synthesis ensured that the Covenant’s design principles and compliance clauses are consistent with established data protection, exchange, and auditability requirements.
The formulation represents a deliberate synthesis of existing interoperability, data protection, and governance standards into a unified, governance-oriented construct. Rather than merely cataloging standards, this work integrates their governing logic into a cohesive covenantal structure, thus extends beyond technical interoperability to serve as a compliance-based coordination mechanism.
Figure 4 displays a structured ontology view centered on the technical standard ISO9001, showing both its metadata and its semantic linkages to healthcare entities and interaction types. On the left panel, ISO9001 appears within the broader class hierarchy of TechnicalStandard, alongside other standards such as DICOM, HL7v2, SNOMED, and ISO13485. The right panel reveals that five entities that are annotated as compliant with ISO9001 via the ex:compliesWith property. Additionally, ISO9001 is semantically linked to two interaction types: ResourcePooling and CollaborativePartnership, indicating that this standard supports operational behaviors relevant to shared resource management and inter-organizational coordination. All of the elaboration on this extended structure is detailed below with a full explanation.

3.3.3. Object Property Hierarchy and Interaction Taxonomy

The object property hierarchy (Figure 5) formalizes the interdependency taxonomy derived from real-world case examples [42] and inspired by operations-focused and systems thinking approach [61], providing a structured vocabulary for representing relationships among constituent systems. It formalizes two fundamental types of interactions that capture the coordination patterns within and across constituent system categories. These interaction types, represented as owl:ObjectProperty classes, provide the structural foundation for understanding how healthcare SoS components coordinate their activities, exchange resources, and achieve collective objectives. The hierarchy distinguishes between two archetypal interaction patterns:
Interaction Type Hierarchy
1. Intra-Category Interaction (ex:intraInteraction)—Interactions occurring within a single constituent system category, representing coordination mechanisms among systems that share functional roles and operational contexts.
Intra-Category Interaction Subtypes:
CollaborativePartnership (ex:CollaborativePartnership)—Cooperative relationships within category members that enable joint problem-solving, knowledge sharing, and coordinated action without resource pooling or market-based negotiations. This interaction type is defined as rdfs:subPropertyOf ex:intraInteraction.
ResourcePooling (ex:ResourcePooling)—Shared resource management mechanisms within a category that enable members to collectively manage assets, capabilities, or information to achieve economies of scale and operational efficiency. This interaction type is defined as rdfs:subPropertyOf ex:intraInteraction.
MarketNegotiationBlock (ex:MarketNegotiationBlock)—Collective bargaining and negotiation mechanisms within a category where members coordinate their market positions, pricing strategies, or contractual terms to enhance bargaining power. This interaction type is defined as rdfs:subPropertyOf ex:intraInteraction.
2. Inter-Category Interaction (ex:interInteraction)—Interactions occurring across different constituent system categories, representing coordination mechanisms that bridge functional boundaries and enable cross-category value creation.
Inter-Category Interaction Subtypes:
ServiceDeliveryChannels (ex:ServiceDeliveryChannels)—Direct pathways through which one category provides services to another, establishing operational linkages that enable value transfer and service consumption across category boundaries. This interaction type is defined as rdfs:subPropertyOf ex:interInteraction.
SupplyChainLinkages (ex:SupplyChainLinkages)—Structured exchanges of goods, services, or information between categories to fulfill operational dependencies, representing the material and logistical flows that connect producers with consumers across the healthcare SoS. This interaction type is defined as rdfs:subPropertyOf ex:interInteraction.
TechnologyIntegration (ex:TechnologyIntegration)—Embedding technological tools into workflows to enhance interoperability, representing interactions where information and communication technology systems enable coordination, data exchange, and operational integration across category boundaries. This interaction type is defined as rdfs:subPropertyOf ex:interInteraction.
StrategicCrossCategoryAlliances (ex:StrategicCrossCategoryAlliances)—Multi-category collaborations to design integrated solutions, representing strategic partnerships that transcend individual category boundaries to address complex healthcare challenges requiring coordinated action across multiple functional domains. This interaction type is defined as rdfs:subPropertyOf ex:interInteraction.
By formalizing these interaction types within the ontological structure, the framework enables systematic analysis of coordination requirements, identification of governance gaps, and design of intervention strategies tailored to specific interaction patterns. This interaction typology provides the foundation for computational reasoning about healthcare system integration, enabling automated detection of coordination failures and systematic assessment of governance mechanism effectiveness.
This hierarchical property structure, as shown in Figure 6, enables precise specification of relationship types while supporting inheritance of general interaction characteristics. The taxonomy provides a formal foundation for analyzing interaction patterns, identifying coordination requirements, and detecting structural vulnerabilities in healthcare SoS configurations.
Having established the structural foundation of the ontology and its semantic organization of healthcare system constituents, the next section demonstrates its operationalization and validation. This involves applying the ontology to concrete scenarios and executing targeted capability queries that showcase its reasoning power, governance alignment checks, and support for systemic analysis across interaction types and institutional roles.

4. Ontology Operationalization and Validation Framework

The healthcare SoS ontology developed in this work transcends purely conceptual modeling by incorporating operational semantics that enable computational validation of governance mechanisms and interaction patterns. This section details the operationalization approach, demonstrates validation mechanisms through representative scenarios, and establishes the framework’s capability for automated compliance checking and governance enforcement.

4.1. Model Extensions for Operationalization and Validation

To enable computational reasoning about governance compliance and interaction authorization, we extended the ontology with nine data properties that capture essential system attributes and states (Table 4). For example, the hasConsent property exemplifies the integration of legal and ethical requirements into computational logic. As shown in Figure 6, defined with a domain of CareRecipientSystem and a range of xsd:boolean, the property semantically encodes whether consent has been obtained for each patient entity. When instantiated as “true”^^xsd:boolean, it signals that a patient has provided informed consent for specified data sharing activities, enabling SWRL rules to validate compliance with privacy regulations before permitting inter-system interactions. The compliesWith property establishes explicit linkages between constituent systems and the covenants that govern their interactions, enabling automated verification that required governance mechanisms are in place before authorizing specific coordination activities. These properties bridge the gap between abstract ontological concepts and concrete operational requirements, enabling the reasoner to evaluate compliance conditions and detect violations.
Additionally, we instantiated the ontology with representative entities across operational scenarios that collectively demonstrate the breadth of coordination patterns within healthcare SoS. These instances, detailed in Table 5, provide concrete test cases for validation rules while illustrating how abstract ontological constructs map to real-world healthcare organizations, transactions, and relationships. The table summarizes four illustrative scenarios and the system categories involved in each interaction. Scenario 1 (Patient Care Delivery) spans multiple categories—including provider, care recipient, insurance, and supplier systems—reflecting a cross-category service pathway. Scenario 2 (Hospital Resource Pooling) involves only provider systems, as all participating entities belong to the same category; this scenario is intentionally modeled as a within-category case to examine intra-category collaboration dynamics. Scenario 3 (Technology Integration) again crosses several categories, combining provider, care recipient, insurance, and information/communication technology systems to demonstrate a socio-technical integration pattern mediated by digital infrastructure. Scenario 4 (Temporal Compliance and Conflict Detection) introduces provider instances and covenant entities to stress-test the ontology’s advanced reasoning capabilities, specifically automated detection of governance conflicts arising from mutually exclusive covenants and temporal violations triggered by expired certifications.
Furthermore, the operational semantics of governance requirements are formalized through SWRL rules that encode compliance conditions, authorization prerequisites, and consistency constraints. These rules transform abstract governance principles into executable validation logic, enabling automated detection of violations and warnings. For example, the ConsentValidationRule exemplifies how governance requirements are operationalized. It states that if a provider serves a patient and bills insurance for that service, but the patient’s hasConsent property is false, then the provider is automatically tagged with a ConsentViolation. When executed by a SWRL-enabled reasoner, this rule operates continuously over the knowledge base, detecting violations as new instances are added or existing instances are modified.

4.2. Operational Validation: Scenario Analysis

We demonstrate the validation framework’s operation through detailed analysis of four representative scenarios that illustrate different interaction patterns and governance enforcement mechanisms.

4.2.1. Scenario 1: Cross-Category Service Delivery with Consent Validation

This scenario demonstrates inter-category interactions across Provider, CareRecipient, Insurance, and Supplier systems, with explicit consent and coverage validation. The scenario models a patient receiving urgent care services with prescription medication fulfillment, illustrating how multiple governance mechanisms operate in concert.
The scenario instantiates four constituent system instances with the properties and relationships shown in Table 6.
When the SWRL rule engine processes this scenario, multiple validation rules are triggered:
  • ConsentValidationRule: Evaluates whether Patient_001 has provided consent for data sharing between UrgentCare_QuickHealth and Insurance_BlueCross. Since Patient_001 has hasConsent: true, no violation is detected.
  • HIPAAComplianceRule: Verifies that UrgentCare_QuickHealth complies with HIPAA before serving Patient_001. The rule confirms compliesWith: HIPAA is present, permitting the interaction.
  • CoverageValidationRule: Confirms that Insurance_BlueCross covers Patient_001 before UrgentCare_QuickHealth bills the insurer. The presence of the cover relationship validates this requirement.
The validation results can be queried using SPARQL. The query in Figure 7 retrieves all systems with detected violations; executing this query against Scenario 1 returns an empty result set, indicating full compliance.
To demonstrate violation detection, we introduce a modified scenario as shown in Figure 8. This query extracts systems flagged with ConsentViolation instances, revealing governance-relevant infractions such as unauthorized data sharing. The result shows UrgentCare_QuickHealth as a violating entity, with a semantically annotated description stating that data sharing was attempted without patient consent.
This demonstrates that the ontology successfully operationalizes the governance requirement that patient consent must be obtained before protected health information can be shared, automatically detecting violations and enabling corrective action. By modeling violations as typed entities with descriptive properties, the ontology enables traceable, machine-readable accountability and supports automated compliance auditing across distributed healthcare systems.
Furthermore, to deepen the analysis of Scenario 1, the following query is used to reconstruct the actual pathway of Patient_001 across the involved system categories, as presented in Figure 9. By retrieving the patient’s enrollment, care-seeking, and purchasing interactions, the query exposes the concrete cross-category linkages that operationalize the scenario.
The SPARQL query reconstructs the pathway of Patient_001 by aggregating enrollment, care-seeking, and purchasing interactions across insurance, provider, and supplier systems. This pathway is not merely a record of isolated actions; it is an ontological implication of how the SoS is structured. Because each predicate (enroll, seekCare, purchase) encodes a typed relationship between the patient and distinct system categories, the resulting sequence reveals the underlying connections and interdependencies that shape the patient’s journey. The ontology makes these linkages explicit: enrollment ties the patient to the insurance subsystem, care-seeking connects them to clinical providers, and purchasing links them to supplier networks. Together, these relationships expose the cross-category dependencies that enable a complete episode of care. By modeling these interactions semantically, the ontology provides a machine-interpretable representation of how heterogeneous subsystems rely on one another, supporting deeper analysis of coordination, interoperability, and governance within the healthcare SoS.

4.2.2. Scenario 2: Intra-Category Resource Pooling with Quality Management Validation

This scenario demonstrates intra-category interactions among three hospitals engaging in equipment sharing and disaster preparedness coordination, governed by ISO quality management and safety standards. Three hospital instances establish bidirectional resource pooling relationships (Table 7).
Another way to verify this constraint—beyond executing the query demonstrated in the previous example—is through SHACL shapes, as illustrated in Figure 10, where the EquipmentSharingComplianceShape checks that any subject participating in equipmentSharing possesses a compliesWith relationship to the ISO9001 governance artifact. It validates that hospitals engaging in resource pooling comply with ISO9001 quality management standards. Since all three hospitals have the property compliesWith: ISO9001, the validation passes as presented in the Figure 10.
However, the rule’s importance becomes evident through a negative test case in which Hospital_Community lacks ISO9001 certification. As illustrated in Figure 11, the SHACL validation process evaluates whether hospitals participating in equipmentSharing satisfy the required compliesWith: ISO9001 constraint. The validation engine checks each subject of the equipmentSharing property against the defined EquipmentSharingComplianceShape. The results show that Hospital_Regional, which explicitly asserts compliance with ISO9001, satisfies the constraint and is therefore considered compliant. In contrast, Hospital_Community does not possess the required compliesWith ISO9001 relationship, leading the SHACL validator to generate a constraint violation. This violation is reported in the validation output, demonstrating how SHACL shapes effectively detect governance non-compliance within the ontology by enforcing mandatory regulatory relationships.

4.2.3. Scenario 3: Technology Integration with Protocol Compliance Validation

This scenario demonstrates how technology integration interactions are governed by interoperability protocol requirements, validating that EHR systems and healthcare providers support standardized data exchange formats. An EHR system integrates with multiple providers and an insurance system (Table 8). This table summarizes a technology-integration scenario in which EHR_Epic, an electronic health record vendor, serves as a central interoperability enabler across multiple system categories. As an EHRVendor, Epic complies with key regulatory and interoperability standards—including HIPAA, FHIR, HL7v2, and C-CDA—which positions it as a trusted connector within the healthcare ecosystem. Its integration relationships extend outward to Hospital_Memorial and Clinic_FamilyMed, both of which receive ICT integration that supports clinical data exchange and workflow coordination. Epic also facilitates connectivity with Insurance_BlueCross, enabling administrative and claims-related interoperability, and provides informational and educational interactions to Patient_001 and Patient_002, reflecting patient-facing digital engagement.
To further explain the structure in the ontology model, Figure 12 presents the semantic profile of EHR_Epic. It displays the semantic assertions associated with Epic Systems EHR, including its compliance with major interoperability standards and its formally encoded relationships with patients, providers, and insurers. The interface is divided into three key panels—Annotations, Description, and Property Assertions. In the Annotations panel, Epic is labeled as an “Enterprise EHR platform,” establishing its functional identity. The Description panel classifies it as an EHRVendor, distinguishing it from other system categories such as hospitals or insurers. The Property Assertions panel is the most structurally informative: it lists multiple object property assertions that define Epic’s compliance and interaction footprint. Specifically, Epic is shown to comply with critical interoperability and regulatory standards.
Furthermore, to substantiate Scenario 3, the following semantic interface view of BlueCross HealthPlan illustrates how insurance entities mediate cross-category coordination through formally asserted relationships. Figure 13 presents the ontological footprint of BlueCross HealthPlan, modeled as a HealthInsuranceCompany with active certification status and compliance with HIPAA and ANSI X12 standards. The entity is semantically linked to Patient_001(coverage), QuickHealth Urgent Care (reimbursement), and CVS Pharmacy Network (negotiation), spanning three distinct system categories.
For scenario configuration, Figure 14 presents a SPARQL query designed to evaluate protocol alignment between EHR vendors and provider systems, specifically focusing on compliance with FHIRProtocol and HL7v2Protocol. The query filters for entities where an EHRVendor integrates with a ProviderSystem and both parties comply with at least one of the specified interoperability standards. Since EHR_Epic has compliesWith: FHIRProtocol, integration with both hospitals proceeds without violations.
To demonstrate the effectiveness of the proposed governance mechanisms, a negative test scenario is constructed in which an EHR system does not support the required interoperability standards. In this scenario, a legacy EHR vendor is instantiated without compliance to modern healthcare exchange protocols, while still attempting to integrate with provider systems. This configuration is intentionally designed to violate interoperability requirements, allowing the governance rules to be exercised and their enforcement capability to be empirically validated.
Figure 15 illustrates the outcome of executing a compliance-monitoring SPARQL query over the ontology following reasoning. The query targets EHR vendors that have been annotated with interoperability violations as a result of governance rule enforcement. In the depicted negative test scenario, a legacy EHR system that lacks support for required interoperability standards is intentionally introduced into the model. As shown in the query result table, the system (EHR_Legacy) is explicitly returned and associated with an InteroperabilityViolation, indicating that the interoperability governance rule has fired successfully. This figure demonstrates not only the detection of a non-compliant system but also the traceability of governance decisions, as violations are materialized within the knowledge graph and can be systematically retrieved to support automated monitoring and decision-making. This violation signals that the legacy EHR system cannot support modern data exchange requirements, enabling administrators to prevent integration failures before deployment.

4.2.4. Scenario 4: Temporal Compliance and Conflict Detection Execution

Complex healthcare SoS governance inherently involves temporal boundaries (expiring certifications) and overlapping, sometimes contradictory, jurisdictions. To demonstrate the ontology’s capacity to execute advanced conceptual logic beyond simple structural shapes or SWRL datatypes, we constructed a fourth scenario to stress-test the HermiT reasoner against mathematically modeled conflicts.
The ontology explicitly defines a 'ConflictViolation' entirely through OWL 2 DL 'owl:equivalentClass' axiomatization, leveraging 'owl:intersectionOf' to mathematically define a conflict:
ex:ConflictViolation a owl:Class;
rdfs:subClassOf ex:Violation;
owl:equivalentClass ex:bn-12.
# Where ex:bn-12 resolves to a strictly Skolemized owl:Restriction
# computing the intersection of mutually exclusive compliance requirements
# without risking parser exceptions common to anonymous blank nodes.
In this scenario, an instance (Hospital_Conflict_Demo) is asserted to comply with both the FHIRProtocol and a fictional LocalDataSiloPolicy. In the semantic TBox, these two covenants are explicitly linked via the ex:conflictsWith symmetric property. Upon execution, the HermiT reasoner calculates that the hospital satisfies both halves of the logical intersection—it complies with a covenant and explicitly complies with a second covenant that is mutually exclusionary to the first. As demonstrated in Figure 16, the reasoner automatically flags the hospital with a hasViolation property linked to the ConflictViolation class, validating the system’s ability to detect overlapping governance jurisdictions without human intervention.
Furthermore, the model computationally addresses temporal degradation. An instance (Clinic_Expired_Cert) is appended with specific validFrom and validUntil xsd:dateTime properties binding the scope of its operational certification. When the simulation evaluates these properties against the present timestamp, the certificationStatus devolves. As illustrated in Figure 17, when the reasoner executes over this degenerated state, it natively infers and highlights a QualityManagementViolation for the clinic.

4.3. Ontology Querying for Extended Capability Demonstration and Knowledge Extraction

Beyond operational validation through predefined case scenarios, the ontology is further exercised using targeted SPARQL queries to demonstrate its broader analytical and representational capabilities. The queries presented in this subsection demonstrate four progressively sophisticated analytical dimensions: (1) constituent system enumeration and compliance profiling, (2) population-level governance coverage assessment, (3) operational relationship discovery and network mapping, and (4) graph-theoretic structural analysis enabling strategic governance prioritization. These capabilities collectively transform the ontology from a compliance checking instrument into a comprehensive knowledge base supporting strategic governance planning, risk assessment, and policy development. Each query category addresses distinct but complementary governance questions: basic entity retrieval establishes “what exists and what standards apply,” aggregation queries reveal “where governance gaps and redundancies occur,” relationship queries expose “how systems actually coordinate,” and network metrics identify “which entities are strategically critical.” By enabling these queries through a unified semantic framework, the ontology operationalizes the fundamental premise that effective healthcare SoS governance requires not merely rule enforcement but deep structural understanding of the system being governed.
Additionally, these queries illustrate how the proposed ontology supports exploratory reasoning, interaction tracing, and semantic inspection across heterogeneous healthcare constituent systems. By surfacing typed relationships and encoded constraints, the ontology enables traceable, machine-interpretable insights into system behavior, institutional roles, and structural interdependencies across the healthcare SoS. These capabilities collectively illustrate that the ontology functions not only as a governance enforcement mechanism but also as a comprehensive knowledge base from which actionable insights about the healthcare SoS can be systematically derived.

4.3.1. Constituent Systems Analysis

List All Supplier Systems with Compliance Standards
This query in Figure 18 addresses a foundational governance requirement: maintaining an authoritative registry of supplier entities and their compliance profiles. The SPARQL query retrieves all instances classified as ex:SupplierSystem along with the covenant instances to which each supplier declares compliance via the ex:compliesWith property. The capability to enumerate suppliers by compliance standard is essential for procurement governance—healthcare organizations must verify that prospective suppliers adhere to applicable regulatory, quality, and safety standards before authorizing transactions.
The significance of this query extends beyond simple list generation. By representing compliance relationships as first-class ontological assertions (rather than external metadata or document references), the framework enables procurement systems to programmatically query supplier eligibility. For instance, when a hospital initiates procurement for medical devices, the system can automatically filter suppliers to those complying with ISO13485 (medical device quality management) and UDI (unique device identification) standards, excluding non-compliant entities from consideration. This computational tractability transforms compliance from a manual verification burden into an automated governance constraint—the ontology does not merely document compliance but actively enforces it through query-driven access control. Furthermore, this query validates the functional categorization methodology presented in [41]. By defining SupplierSystem as a distinct constituent class with its own compliance profile, the ontology enables category-specific governance queries that would be impossible under generic “organization” classifications. The query demonstrates that the seven-class structure is not merely taxonomic but analytically productive as it partitions the healthcare SoS in ways that support targeted governance operations aligned with functional roles.

4.3.2. Standards and Compliance Analysis

Count Entities by Compliance Standard
The query in Figure 19 inverts the previous perspective, pivoting from “which standards do entity X comply with” to “how many entities comply with standard Y.” The SPARQL aggregation returns, for each covenant instance (HIPAA, ISO13485, FHIR Protocol, etc.), a count of constituent systems declaring compliance through the ex:compliesWith relationship. This population-level view is critical for governance gap analysis and policy development. Discovering that only three entities comply with ISO13485 while twenty-seven comply with HIPAA suggests potential supply chain governance vulnerabilities—either ISO13485 adoption is inappropriately low, or it is correctly applied only where mandatory. Conversely, near-universal adoption of a standard indicates it functions as a de facto baseline requirement, informing decisions about which covenants should be incorporated into default contracting templates or regulatory mandates.
The analytical value of this query lies in its ability to surface system-wide governance patterns that are invisible at the individual entity level. A single entity’s compliance status reveals nothing about whether that status is typical or anomalous; aggregation across the population contextualizes individual compliance decisions within broader adoption trends. For governance authorities, this information guides resource allocation: standards with low adoption despite regulatory importance may require enforcement campaigns or capability-building interventions, while standards approaching saturation may justify transitioning from voluntary guidance to mandatory requirements. Additionally, this query demonstrates that the ontology supports not just instance-level reasoning (e.g., “does Hospital A comply with HIPAA?”) but population-level analytics essential for strategic governance planning. The ability to count compliant entities per standard validates that covenants are represented as first-class ontological entities—not as metadata tags but as queryable objects with their own properties and relationships, which was initially proposed as an external governing entity in [37]. This design choice enables governance authorities to treat covenants as analytical units, asking questions like “which standards have the highest adoption rates” or “which standards exhibit compliance clustering within specific system categories.”
Standards Coverage by System Type
The query in Figure 20 synthesizes the previous two perspectives into a two-dimensional analysis. aggregates the number of distinct normative artifacts (standards, protocols, regulations) associated with each classified system category, producing a quantitative profile of normative embedding across the ecosystem; this profile is valuable because it converts otherwise diffuse compliance information into actionable governance metrics that reveal which system classes are well-scaffolded by formal instruments and which are under-covered or potentially exposed. Systems that exhibit higher counts of associated standards typically do so because they occupy functionally critical, highly integrated, or highly regulated roles—clinical providers, EHR platforms, and device manufacturers face multiple safety, privacy, interoperability, and quality regimes—while multifunctional hubs and mature vendors pursue numerous certifications to enable market access and customer trust. Higher counts therefore signal both greater normative assurance and greater governance complexity; they indicate that an entity is more thoroughly scaffolded by legal, procedural, and technical instruments, but also that it bears a larger compliance management burden and a higher potential for overlapping or conflicting obligations.
Practically, a high standard count often correlates with increased operational centrality and systemic impact, which makes such entities priority targets for monitoring, audit, and harmonization efforts; conversely, low counts may reveal genuine governance gaps or simply incomplete ontology population, so counts must be interpreted alongside data completeness checks. This validates the ontology’s core methodological choice: functional categorization rather than market-sector or organizational-identity classification [41]. It demonstrates that the seven-class structure is not merely descriptive but enables governance-relevant analytics that surface patterns aligned with how healthcare systems actually function. Identifying these patterns is crucial for assessing whether governance requirements are appropriately tailored to functional responsibilities or whether certain categories are systematically under-governed. Moreover, these coverage counts can be combined with network and interaction metrics to assess whether highly connected or mission-critical system types also possess commensurate normative protections, thereby guiding resilience and risk-mitigation strategies. This supports analysis explained in the fragmentation index developed in [41], whose entropy dimension captures the diversity of standards.

4.3.3. Interaction Patterns Analysis

Inter-Hospital Resource Pooling Network
The query in Figure 21 shifts from static entity properties (compliance profiles) to dynamic operational relationships, specifically mapping the network of resource sharing arrangements among hospital entities. The SPARQL query identifies all instances of ex:Hospital (a subclass of ProviderSystem) and retrieves their outgoing ex:equipmentSharing, ex:disasterPreparedness, and related intra-category interaction properties, constructing an input for a possible network graph where nodes represent hospitals and edges represent resource pooling relationships. It specifically retrieves pairs of hospital entities engaged in predefined collaboration types such as shared medical equipment, coordinated emergency plans, and joint clinical staff training. Understanding these coordination networks is essential for assessing operational resilience; densely connected networks can redistribute capacity during demand surges or supply disruptions, enabling hospitals to access equipment, staff, or bed capacity from network partners. Conversely, isolated hospitals lacking resource pooling arrangements face heightened vulnerability to capacity shortfalls, as they cannot call upon external resources during crises.
The governance implications of this query are substantial. Resource pooling arrangements require specific governance mechanisms—contracts specifying liability allocation, quality standards for shared equipment, protocols for requesting and transferring resources, and data sharing agreements enabling capacity monitoring. By making these relationships computationally visible, the ontology enables governance authorities to ask: which resource pooling relationships lack appropriate contractual foundations? Which networks exhibit structural vulnerabilities such as over-dependence on single hub institutions? Which hospitals are isolated from pooling networks despite operating in regions prone to capacity crises? These questions cannot be answered through entity-level compliance checking alone; they require relationship-level analysis that treats coordination networks as governance targets. This example is for only one subclass of one category. The same logic and rationale apply to all others to explore valuable insights for actionable governance.
Furthermore, this query validates that the ontology captures operational interdependencies, not merely classificatory relationships. The intra-category interaction properties (ex:equipmentSharing, etc.) are not metadata annotations but represent actual coordination patterns that shape how healthcare delivery occurs, as investigated in [43]. By making these patterns queryable, the ontology transforms implicit coordination networks—often known only to the participants—into explicit governance objects that can be analyzed, monitored, and potentially regulated. This capability is essential for SoS governance, where system-level resilience emerges from coordination patterns rather than individual entity capabilities, as discussed in [36].

4.3.4. Check for Bidirectional Relationships

Figure 22 executes a SPARQL pattern that returns pairs of distinct entities where each point to the other via one or more predicates. The result table lists entity pairs together with the two predicates that link them in opposite directions. Rows include symmetric cases (the same predicate in both directions, e.g., “Cleaning-facility coordination” between Building Operations & Maintenance and ServiceMaster Clean) and asymmetric but reciprocal semantics (different predicates that express complementary roles, e.g., “Providers bill Insurance” vs. “Insurance reimburse Providers”). Conceptually, the query surfaces all bidirectional ties encoded in the graph, revealing mutual aid relationships, contractual reciprocity, supplier–buyer loops, and operational integrations that are modeled as two-way links.
Detecting bidirectional relationships is important because reciprocity often signals stronger, negotiated, or legally binding interactions (mutual-aid agreements, contracts, service level reciprocities) and therefore warrants elevated governance attention. From an ontology-validation perspective, these results confirm that the model captures two-way semantics and helps identify modeling artifacts (duplicate predicates, unintended symmetry) or missing reciprocity where one would expect it. Operationally, bidirectional ties mark natural enforcement and monitoring points—entities in reciprocal relationships are prime candidates for joint covenants, coordinated audits, and shared incident response procedures. For resilience and risk analysis, reciprocal links indicate tightly coupled subsystems whose failures can propagate bidirectionally, so they should be prioritized for redundancy, harmonization of standards, and conflict-resolution rules. Finally, comparing observed reciprocity against expected legal or procedural reciprocity supports compliance checks and helps surface gaps where formal covenants should be created or clarified.

4.3.5. Interaction Type–Covenant Mapping

A critical validation capability is verifying that interactions are supported by appropriate governance covenants. This produces a comprehensive mapping (Figure 23) showing which covenants govern each interaction type, enabling validation that required governance mechanisms are in place before authorizing specific coordination activities.
As presented in Figure 23, this ensures that collaborative, transactional, and integrative behaviors across the healthcare SoS are not only semantically encoded but also institutionally grounded. By aggregating supporting covenants for each interaction type, the query reveals whether system behaviors are underpinned by sufficient normative scaffolding. This is beneficial for identifying governance gaps, assessing interoperability readiness, and ensuring that cross-category coordination aligns with policy and compliance expectations. The ontology thus enables proactive governance auditing and strategic alignment across heterogeneous system components.
This matrix demonstrates that the ontology explicitly models governance coverage, ensuring that every interaction pattern is supported by appropriate legal, procedural, or technical standards. By making these alignments machine-interpretable, the ontology enables analysts to verify whether system behaviors rest on a sufficient foundation of norms and requirements, reducing the risk of unsupported or non-compliant interactions. It also exposes areas where governance scaffolding may be weak or uneven, allowing stakeholders to identify gaps, prioritize policy interventions, and strengthen interoperability readiness. In doing so, the model functions not only as a representational tool but as a mechanism for proactive governance assessment across the healthcare System of Systems.

4.4. Network Topology and Complexity Analysis

The ontology also gives insights and capabilities for network and graph theory, enabling structural analyses that reveal how entities are positioned within the broader healthcare SoS. Understanding network topology and complexity is crucial because it exposes patterns of connectivity, dependency, and coordination that are not visible through entity-level inspection alone. Metrics such as node degree, hub identification, and network density illuminate which actors function as central coordinators, which links represent potential bottlenecks or single points of failure, and where structural vulnerabilities or redundancies exist. These graph-theoretic perspectives directly inform governance and resilience planning by showing where stronger standards, oversight mechanisms, or interoperability protocols should be concentrated. In this way, the ontology becomes not only a semantic model but also an analytical instrument for diagnosing systemic fragility and guiding targeted, evidence-based interventions.

4.4.1. Calculate Node Degree (Connections per Entity)

The query in Figure 24 introduces graph-theoretic analysis by computing node degree—the count of relationships each entity maintains with other entities. The SPARQL query iterates over all constituent system instances, counting both incoming and outgoing relationships across all object properties, returning a ranked list of entities ordered by total connection count. Node degree reveals coordination burden: a hospital maintaining thirty relationships must manage thirty sets of governance obligations, data exchange protocols, contracting arrangements, and operational dependencies. High-degree nodes are simultaneously critical (their failure disrupts many partners) and vulnerable (complexity increases failure risk). From a governance perspective, entities with high node degree are strategic targets for compliance monitoring, capability support, and resilience investment—their operational stability has multiplicative impact on network partners.
The analytical value of node degree extends beyond identifying individual high-degree entities. Distribution analysis reveals whether the network exhibits concentrated coordination (a few hubs handling most relationships) or distributed coordination (relationships spread relatively evenly). Concentrated topologies create efficiency through standardization—partners need only integrate with a few hubs—but introduce single-point-of-failure risks. Distributed topologies offer redundancy but complicate standardization efforts. Understanding these topological characteristics informs governance strategy: concentrated networks benefit from hub-focused regulation ensuring critical intermediaries meet high reliability and security standards, while distributed networks require broad capacity-building initiatives ensuring many entities can fulfill coordination roles.
This query demonstrates that the ontology enables graph-theoretic analysis by treating constituent systems as nodes and their interactions as edges. This capability is essential for SoS governance because SoS are fundamentally network phenomena—coordination patterns, not individual entity properties, determine system-level performance. Healthcare governance authorities can move beyond intuition-based assessments (“this hospital seems important”) to quantitative, evidence-based prioritization (“this hospital has 43 relationships, placing it in the 95th percentile of network connectivity”, for example).

4.4.2. Identify Hub Entities

Building on node degree computation, the query in Figure 25 enumerates entities with at least three distinct outgoing relationships and ranks them by the number of such connections. The query groups triples by entity and type, optionally retrieves human-readable labels, and computes a connections count (distinct connected nodes) to surface highly connected actors in the knowledge graph. The resulting table lists a mix of clinical providers (e.g., Community General Hospital, Memorial Hospital, QuickHealth Urgent Care), platform vendors (Epic Systems EHR), and individual patients, each annotated with their ontology class and a connectivity score. Hub entities are strategic governance targets because governance interventions at hubs have multiplicative impact. A health information exchange platform serving fifty provider organizations represents a single point where governance enforcement—FHIR protocol compliance, HIPAA safeguard implementation, and uptime guarantees—affects fifty partners simultaneously. Conversely, hub failure cascades across many dependent entities. Identifying hubs enables risk-based governance prioritization: allocate monitoring resources, technical assistance, and enforcement capacity to entities whose compliance (or non-compliance) affects the largest portions of the SoS.
The governance significance of hub identification extends beyond risk management to capability development. Hubs often emerge organically through market dynamics or voluntary coordination rather than through deliberate design. Governance authorities can leverage hub status by establishing formalized intermediary roles with explicit requirements and corresponding support. For instance, an entity serving as a de facto hub for information exchange might be designated an “approved health information intermediary” subject to enhanced security audits but eligible for technical assistance and liability protections. This approach aligns governance burden with coordination responsibility—entities handling more relationships face more requirements but receive more support. Furthermore, it validates that relationship edges are encoded and retrievable, identifies candidate hub entities that merit prioritized governance, monitoring, or resilience controls, and supplies empirical inputs for downstream analyses (risk weighting, hub-specific policy assignment, and anomaly detection).

4.4.3. Hospital Resource Pooling Network Density

The query in Figure 26 computes network density—the ratio of actual connections to possible connections—for the hospital resource pooling network. Given N hospitals, N(N-1)/2 possible pairwise relationships could exist; network density is the fraction of these potential relationships that are actually instantiated. The SPARQL query counts existing ex:equipmentSharing, ex:disasterPreparedness, and ex:jointTraining relationships among hospital instances. By grouping triples by hospital and ordering by collaboration count, the query surfaces which hospitals participate most actively in these mutual-aid and coordination relationships—here showing Memorial Hospital and Community General Hospital with the highest counts and Regional Medical Center slightly lower. This identifies which institutions are central to regional coordination, where governance instruments (mutual-aid agreements, interoperability protocols, and liability clauses) should be prioritized, and which partnerships merit closer monitoring or formalization.
Dense networks require standardized coordination protocols to prevent chaos—when most hospitals maintain relationships with most others, coordination cannot rely on bilateral customization. Governance interventions should focus on establishing and enforcing common standards (data formats, request procedures, and liability frameworks) that enable any-to-any coordination. Sparse networks face different challenges: many potential coordination opportunities go unrealized, often because transaction costs (negotiating agreements, establishing technical interfaces) exceed benefits. Governance interventions in sparse networks should reduce coordination barriers—providing template agreements, shared technical platforms, or facilitation services that make relationship formation easier. Furthermore, this strengthens the analysis of Scenario 2 by turning the collaboration patterns into measurable counts, the query exposes the degree of structural interdependence, operational alignment, and shared governance within the provider subsystem, showing that these hospitals form a tightly connected, resilience-enhancing cluster rather than isolated units. Because the collaboration types are semantically encoded in the ontology, the resulting density is a machine-interpretable property of the system, enabling comparative reasoning about centrality, robustness, and potential vulnerabilities across hospitals and making the otherwise hidden architecture of intra-category coordination analytically visible.

5. Discussion

This research addresses a fundamental challenge in contemporary healthcare systems: the operationalization of governance mechanisms for SoS characterized by constituent autonomy, emergent behavior, and distributed authority. This work advances the state of the art by developing a comprehensive OWL-based ontology that integrates structural composition, behavioral interaction patterns, and governance mechanisms within a unified computational framework tailored for healthcare SoS.
The proposed ontology makes four principal contributions. First, it formalizes seven constituent system types derived from systematic functional decomposition that prioritizes operational interdependencies over conventional market-sector boundaries. This functional classification enables granular analysis of coordination patterns while accommodating the reality that entities may perform multiple functional roles simultaneously. Second, the ontology introduces the Covenant class as a governance mechanism that operationalizes the CIC by embedding legal frameworks, interoperability protocols, and technical standards as explicit ontological entities linked to interaction properties. Third, it establishes a comprehensive interaction taxonomy distinguishing intra-category coordination from inter-category integration, enabling precise characterization of coordination mechanisms. Fourth, it demonstrates operational validity through four scenarios validating compliance checking, violation detection, conflict identification, and governance enforcement capabilities, alongside analytical queries that reveal constituent system landscapes, standards coverage, interaction networks, and topological properties.
The ontology represents more than a terminology catalog of healthcare actors; it reflects an engineering decision to treat governance as an operational architectural element that can be inspected, queried, and evolved. By coupling governance covenants with typed interaction properties, governance becomes embedded within the structural representation of the system rather than remaining an external policy layer. This integration enables automated reasoning, consistency checking, and semantic querying that support governance analysis in complex healthcare delivery environments.
This work also extends SoS engineering theory by demonstrating how ontological approaches can formalize the concept of “regulated autonomy” [43]. The tension between constituent independence and system-level coordination requirements represents a fundamental SoS governance challenge that existing frameworks primarily address through conceptual models. By representing governance artifacts as explicit entities associated with interaction relationships, this research provides a computational mechanism for specifying coordination constraints while preserving constituent autonomy. The ontology supports queries that evaluate whether interaction patterns are governed, identify governance gaps or redundancies, and verify whether proposed coordination activities satisfy prerequisite compliance requirements. Furthermore, the explicit modeling of interaction relationships enables analysis of emergent behavior in SoS contexts. Healthcare outcomes arise from coordination across constituent systems rather than from isolated organizational capabilities. Modeling interactions as typed relationships with associated governance requirements enables graph-theoretic analysis of coordination networks, revealing properties such as connectivity distributions, hub concentrations, and structural vulnerabilities that influence system resilience.
The ontology also demonstrates how DE paradigms—originally developed in defense and aerospace contexts—can be adapted to healthcare SoS while accounting for healthcare’s distinctive characteristics. Healthcare systems exhibit greater heterogeneity in organizational forms and objectives, more distributed governance authority, overlapping regulatory regimes, and stronger human factors influences than many engineered systems. The ontology accommodates these characteristics by emphasizing interaction governance over hierarchical control, supporting multiple concurrent covenant structures representing distinct regulatory authorities, and enabling both transactional and collaborative coordination mechanisms.
Practically, the ontology supports a transition from periodic, document-based compliance processes toward continuous, data-driven governance. Governance authorities can translate policy intentions into implementable specifications by extending the Covenant class with requirements formalized through OWL restrictions and associated rules. For example, policies mandating privacy-preserving information exchange can be operationalized as property constraints requiring encryption, access control, and audit logging standards for specific interaction types. In addition, governing entities can query the ontology to identify systems lacking required interaction properties, detect interaction relationships operating without covenant coverage, or assess the completeness of governance specifications relative to national standards.
The operationalized ontology also demonstrates how governance principles can be translated into executable validation logic capable of automated compliance checking and violation detection. This capability addresses a central challenge in healthcare SoS governance: ensuring that coordination activities across organizational boundaries adhere to regulatory, legal, and organizational requirements. The approach shifts governance focus from individual entity compliance toward coordination architecture design. Rather than concentrating solely on whether individual entities satisfy regulatory requirements, governance authorities can evaluate whether coordination pathways are adequately governed, whether interaction types lack covenant support, and whether governance mechanisms create structural bottlenecks or disproportionate compliance burdens.
Furthermore, the validation architecture combines complementary reasoning mechanisms to enforce governance constraints at multiple levels. SWRL-based rules enable deductive validation by identifying violations when proposed coordination activities fail to satisfy required conditions. SHACL shapes provide structural validation by verifying that entities satisfy mandatory compliance requirements before logical reasoning is applied. OWL semantic axioms enable detection of logical conflicts, such as mutually exclusive governance requirements imposed on a single entity. Together, these mechanisms form a layered governance validation framework that supports proactive enforcement and continuous compliance assessment across the healthcare SoS.

5.1. Governance Formalization Versus Legal Compliance

An essential epistemological boundary must be clearly delineated: the governance formalization instantiated through this ontology operates within the domain of logical compliance—computationally verifiable structural and relational conditions—rather than legal compliance in the juridical interpretation sense. OWL’s formal semantics enable the reasoner to resolve deterministic Boolean conditions: whether a hasConsent property evaluates to true or false, whether a validUntil timestamp has elapsed, or whether an entity simultaneously complies with mutually exclusive covenants linked by a conflictsWith property. These evaluations are mathematically unambiguous and fully decidable within the OWL 2 DL profile.
However, legal compliance inherently involves interpretive ambiguity—contextual judgment, precedential reasoning, jurisdictional variation, and normative intent—that exceeds the expressive capacity of formal ontological semantics. The ontology does not claim to automate legal enforcement; rather, it captures interaction preconditions and governance constraints as computationally enforceable proxies for the regulatory requirements they represent. The Covenant class encodes the structural manifestation of governance instruments (what standards must be satisfied, what protocols must be supported, what consent must be obtained) without claiming to resolve the interpretive nuances of legal adjudication. This distinction ensures that claims regarding “automated compliance” are properly scoped: the ontology automates the detection of formally specified governance violations, providing decision support for governance authorities who retain ultimate interpretive and enforcement authority.

5.2. Scope of Validation and Demonstrative Nature

While the four scenario validations detailed in Section 4 effectively prove the integration of structural, behavioral, and governance dimensions, it is essential to acknowledge that these instantiations remain illustrative rather than empirical. The SWRL-based consent validation, SHACL compliance shapes, OWL DL conflict detection axioms, graph centrality queries, and network density computations collectively validate the logical coherence and semantic capabilities of the model under controlled conditions. These scenarios were deliberately constructed to exercise different ontological structures and demonstrate distinct governance mechanisms, thereby establishing proof-of-concept for the framework’s operational utility across the heterogeneous coordination patterns characterizing healthcare SoS.
The extended SPARQL queries presented in Section 4.3 and Section 4.4 further represent a curated subset chosen to showcase graph-theoretic analysis, compliance profiling, and topological assessment capabilities. However, the ontology’s actual application potential extends far beyond these examples. Future research must transition this framework into empirical, large-scale clinical testbeds to validate real-time operational effectiveness amidst live data noise and organizational friction. Its ultimate value will grow as healthcare organizations, governance authorities, and technology developers engage with the framework and identify use cases aligned with their specific needs.

5.3. Scalability and Computational Complexity

As the healthcare SoS expands, the reasoning complexity of the underlying ontology becomes a critical operational consideration. The proposed ontology operates strictly within the OWL 2 DL (Description Logic) profile, specifically designed to guarantee decidability and predictable computational bounds, as opposed to OWL Full, which is highly expressive but computationally undecidable. This design choice ensures that consistency checking, subsumption reasoning, and instance classification remain tractable regardless of ontology complexity.
However, even within OWL 2 DL, reasoning performance—particularly ABox reasoning over large datasets of patient interactions and continuously updating sensor logs—can face scalability bottlenecks. While TBox classification (reasoning over the schema and classes) executes in milliseconds, dynamically evaluating SWRL rules and tracing violation inferences across a high-volume data stream (such as a live Digital Twin environment) requires substantial computational overhead. Query response times for complex network topologies and conflict detection algorithms may degrade as instance populations scale into the millions.
To address this, a hybrid architecture is recommended for large-scale, real-time deployments: utilizing the OWL/HermiT reasoner for periodic, high-level governance and architectural validation (design-time and configuration-time), while deploying highly optimized, compiled graph queries for millisecond-latency transactional compliance checking at runtime. This separation of concerns preserves the ontology’s semantic richness for governance design and policy analysis while achieving the performance characteristics required for operational monitoring at scale.

5.4. Implications for Polycentric Governance, System Resilienc, and Simulation

From a policy development perspective, multiple authorities with overlapping jurisdictions issue regulations, standards, and requirements that constituent systems must navigate. Federal agencies (CMS, ONC, FDA), state health departments, professional licensing boards, accreditation organizations (Joint Commission, NCQA), standards development organizations (HL7, SNOMED International), and industry consortia (CommonWell, Carequality) all establish governance artifacts that shape permissible coordination. This multiplicity creates complexity as constituent systems must simultaneously satisfy requirements from multiple sources that may use different terminology, pursue different objectives, and occasionally impose conflicting requirements. In this context, the ontology supports polycentric governance coordination by providing a shared semantic framework that different authorities can reference. Rather than each governance authority developing independent conceptual models that must then be mapped and reconciled, authorities could collaboratively extend and maintain the ontology as a common reference. This shared framework would not constrain authorities’ policy decisions—they remain free to establish distinct requirements—but would ensure their requirements are expressed using consistent terminology and reference the same interaction types and constituent system categories.
A key advantage of the ontological approach is extensibility: as healthcare regulations evolve, new coordination patterns emerge, or organizational governance requirements change, the framework can be extended through addition of new covenant instances, data properties, and SWRL rules without requiring modifications to operational systems. This extensibility enables the governance framework to adapt to changing regulatory and technological landscapes without requiring fundamental architectural changes. This alignment is consistent with the engineering principles articulated in [43], thereby reinforcing the validity of the approach.
The network topology and complexity analyses demonstrated through the ontology’s query capabilities have direct implications for healthcare resilience planning. The identification of hub entities through node degree calculations reveals constituent systems whose failure or compromise would cascade across multiple coordination relationships. Governance interventions can then prioritize these high-connectivity entities for enhanced monitoring, redundancy requirements, and business continuity planning. Similarly, network density analysis reveals whether coordination patterns exhibit concentrated or distributed topologies, informing whether resilience investments should focus on hardening critical intermediaries or building redundant pathways. Such evidence-based resilience planning represents a substantial advancement over current approaches that often rely on intuition or single-point-of-failure analysis without considering systemic coordination dependencies.
The ontology provides a foundation for developing agent-based models (ABMs) and discrete-event simulations of healthcare SoS dynamics. Constituent system classes define agent types with distinct behaviors and objectives; interaction properties define the permissible communication and coordination mechanisms among agents; and covenant specifications define the constraints within which agent behaviors must operate. ABM implementations grounded in the ontology inherit its semantic precision: agent interactions are not arbitrary but reflect formally defined healthcare relationships. Simulation experiments can explore questions such as: How do changes in covenant specifications affect coordination efficiency? What interaction patterns emerge under different governance regimes? How does system performance degrade when specific constituent systems or interaction channels fail?
While this ontology was specifically developed to address healthcare SoS governance challenges, its underlying design principles and methodological approach exhibit substantial transferability to other SoS contexts characterized by distributed autonomy, heterogeneous constituents, and complex interdependencies. Domains such as transportation systems, smart cities, and critical infrastructure face structurally analogous challenges: autonomous entities pursuing independent objectives while requiring coordination to achieve system-level performance goals. The core ontological design pattern demonstrated here—systematically identifying constituent system types, rigorously mapping interdependencies, formalizing governance mechanisms—provides a generalizable template applicable across SoS domains.

5.5. Limitations

While the proposed ontology represents a substantial advance, several limitations and boundary conditions merit acknowledgment. Its design is rooted in the U.S. healthcare context, with constituent system typologies aligned to HHS mission structures and covenant specifications derived from national standards such as HIPAA, TEFCA, and ONC frameworks; thus, adaptation would be required for application in other countries to reflect local governance structures, regulatory frameworks, and interaction patterns. The ontology primarily captures structural and interactional relationships while offering limited representation of behavioral or temporal dynamics—future extensions incorporating process ontologies or temporal logic could address this limitation. Validation thus far has relied on case-based instantiation and standards grounding rather than empirical deployment in live healthcare settings, indicating the need for future pilot implementations to evaluate its practical impact on coordination and performance. Additionally, while OWL reasoning ensures logical consistency, it does not guarantee domain correctness; continuous validation with clinicians, administrators, and policymakers remains essential to maintain conceptual fidelity. Broader adoption also poses socio-technical challenges, as implementation demands alignment of organizational terminologies, IT infrastructures, and personnel capabilities—efforts that may require tool support, reference use cases, and endorsement from standards bodies to lower entry barriers. Finally, large-scale deployment may face computational scalability constraints; optimizing reasoning through modularization, tractable OWL profiles, or hybrid architectures will be necessary to balance semantic richness with operational performance.

6. Conclusions

Healthcare fragmentation represents one of the most persistent and consequential challenges facing modern health systems, exacting profound costs in clinical outcomes, resource efficiency, and patient experience. This fragmentation stems not from isolated failures but from fundamental structural characteristics that prevent effective coordination even when individual constituent systems function competently. Addressing fragmentation therefore requires not merely incremental improvements in individual system capabilities or bilateral coordination agreements, but systematic approaches that can comprehend, analyze, and govern healthcare as an integrated System of Systems.
This research responds to that imperative by developing a comprehensive ontology that unifies the structural, behavioral, and regulatory dimensions of healthcare delivery into a single, computationally tractable framework. The OWL-based ontology formalizes seven constituent system types derived from functional decomposition, establishes a comprehensive taxonomy of intra-category and inter-category interaction patterns, and introduces the Covenant class as a novel mechanism for embedding legal frameworks, interoperability protocols, and technical standards directly within system architecture. Through four validation scenarios and extended analytical queries, the ontology demonstrates capabilities for automated compliance checking, violation detection, conflict identification, temporal compliance monitoring, network topology analysis, and governance impact assessment that transform healthcare SoS governance from a predominantly conceptual concern into a computationally enabled practice. Specifically, the integration of SWRL rules for deductive consent validation, SHACL shapes for structural compliance verification, and OWL 2 DL axioms for automated conflict detection provides a layered governance validation architecture that addresses different categories of compliance requirements at complementary levels of abstraction.
The significance of this contribution extends beyond the specific ontology to the paradigm it represents. By making governance mechanisms machine-interpretable and directly linked to interaction patterns, the ontology enables a fundamental shift from reactive compliance checking focused on individual entities to proactive coordination engineering focused on designing interaction architectures that simultaneously enable necessary collaboration and ensure appropriate constraints. Rather than treating governance as external documentation that constrains system behavior, the ontology positions governance as intrinsic structural elements that shape permissible coordination patterns. This integration enables healthcare organizations and governance authorities to ask fundamentally different questions: not merely “are entities compliant?” but “does the governance architecture enable desired coordination while preventing harmful interactions?”
The practical applications enabled by this ontology are substantial. Healthcare organizations can conduct pre-implementation governance assessments that identify missing governance artifacts, compliance gaps, and protocol mismatches before deploying new coordination capabilities. Policymakers can simulate proposed regulations to understand their coordination implications and design evidence-based interventions. Digital twin implementations can leverage the ontology as a semantic backbone for continuous compliance monitoring and predictive coordination failure detection. Resilience planners can analyze network topologies to identify critical hubs, structural vulnerabilities, and opportunities for redundancy enhancement. Each of these applications addresses specific manifestations of healthcare fragmentation with tools that previous approaches could not provide.
Yet the ontology’s ultimate value may lie not in solving specific problems but in enabling new ways of thinking about healthcare system design and governance. By providing formal structures for representing constituent systems, interaction patterns, and governance mechanisms within a unified framework, the ontology makes visible the deep interdependencies that characterize healthcare delivery. It reveals that patient outcomes emerge not from individual provider capabilities but from coordination quality across organizational boundaries. It demonstrates that governance effectiveness depends not just on regulatory stringency but on alignment between governance architectures and coordination requirements. It shows that system resilience stems not from individual entity robustness but from network topology and relationship redundancy. These insights, made computationally explicit and analytically accessible through the ontology, can fundamentally reshape how stakeholders approach healthcare system improvement.
The limitations acknowledged in this work indicate that substantial work remains to fully realize the ontology’s potential. Future research could further advance this line of inquiry by coupling the ontology with computational simulation environments to evaluate governance dynamics under varying policy, interaction, and compliance conditions. Integrating the ontology with Petri net-based or agent-based models would enable simulation of emergent behaviors in healthcare SoS, allowing quantitative analysis of how different covenant rules, coordination mechanisms, or actor strategies influence system-wide performance, resilience, and fragmentation. The ontology may also serve as a semantic backbone for AI-enabled reasoning systems, supporting automated policy recommendation, anomaly detection in compliance behavior, and adaptive governance where rules evolve in response to changing operational contexts. Finally, formal integration with knowledge graph technologies and linked open data could position the ontology as part of a larger ecosystem of interoperable SoS governance frameworks spanning multiple critical infrastructure domains, thereby contributing to the establishment of a general theory of computational governance for socio-technical SoS.

Supplementary Materials

The following supporting information can be downloaded at: https://www.mdpi.com/article/10.3390/systems14040376/s1.

Author Contributions

Conceptualization, M.M. (Mohamed Mogahed) and M.M. (Mo Mansouri); methodology, M.M. (Mohamed Mogahed); software, M.M. (Mohamed Mogahed); validation, M.M. (Mohamed Mogahed) and M.M. (Mo Mansouri); formal analysis, M.M. (Mohamed Mogahed) and M.M. (Mo Mansouri); investigation, M.M. (Mohamed Mogahed); resources, M.M. (Mo Mansouri); data curation, M.M. (Mohamed Mogahed); writing—original draft preparation, M.M. (Mohamed Mogahed); writing—review and editing, M.M. (Mohamed Mogahed) and M.M. (Mo Mansouri); visualization, M.M. (Mohamed Mogahed); supervision, M.M. (Mo Mansouri); project administration, M.M. (Mo Mansouri); funding acquisition, Not applicable. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The original contributions presented in this study are included in the article/Supplementary Materials. Further inquiries can be directed to the corresponding author.

Acknowledgments

The authors would like to thank colleagues and reviewers whose feedback helped improve the quality of this work.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Cebul, R.D.; Rebitzer, J.B.; Taylor, L.J.; Votruba, M.E. Organizational Fragmentation and Care Quality in the U.S. Healthcare System. J. Econ. Perspect. 2008, 22, 93–113. [Google Scholar] [CrossRef]
  2. Joo, J.Y. Fragmented Care and Chronic Illness Patient Outcomes: A Systematic Review. Nurs. Open 2023, 10, 3460–3473. [Google Scholar] [CrossRef]
  3. Bourdeaux, M.; Sasdi, A.; Oza, S.; Kerry, V.B. Integrating the U.S. Public Health and Medical Care Systems to Improve Health Crisis Response. Health Aff. 2023, 42, 310–317. [Google Scholar] [CrossRef]
  4. Cutler, D.M. Health System Change in the Wake of COVID-19. JAMA Health Forum 2023, 4, e234355. [Google Scholar] [CrossRef] [PubMed]
  5. Keating, C.B.; Katina, P.F. Complex System Governance: Concept, Utility, and Challenges. Syst. Res. Behav. Sci. 2019, 36, 687–705. [Google Scholar] [CrossRef]
  6. Lu, J.; Ma, J.; Zheng, X.; Wang, G.; Li, H.; Kiritsis, D. Design Ontology Supporting Model-Based Systems Engineering Formalisms. IEEE Syst. J. 2022, 16, 5465–5476. [Google Scholar] [CrossRef]
  7. Katina, P.F.; Keating, C.B.; Bobo, J.A.; Toland, T.S. A Governance Perspective for System-of-Systems. Systems 2019, 7, 54. [Google Scholar] [CrossRef]
  8. Wooley, A.; Womack, L. Digital Engineering: A Systematic Literature Review of Strategies, Components, and Implementation Challenges. Systems 2025, 13, 1046. [Google Scholar] [CrossRef]
  9. Hemdan, E.E.-D.; Sayed, A. Smart and Secure Healthcare with Digital Twins: A Deep Dive into Blockchain, Federated Learning, and Future Innovations. Algorithms 2025, 18, 401. [Google Scholar] [CrossRef]
  10. Akundi, A.; Lopez, V. A Review on Application of Model Based Systems Engineering to Manufacturing and Production Engineering Systems. Procedia Comput. Sci. 2021, 185, 101–108. [Google Scholar] [CrossRef]
  11. Lopez, V.; Akundi, A. A Conceptual Model-Based Systems Engineering (MBSE) Approach to Develop Digital Twins. In Proceedings of the 2022 IEEE International Systems Conference (SysCon), Montreal, QC, Canada, 25–28 April 2022; pp. 1–5. [Google Scholar] [CrossRef]
  12. Hossain, N.U.I.; Lutfi, M.; Ahmed, I.; Akundi, A.; Cobb, D. Modeling and Analysis of Unmanned Aerial Vehicle System Leveraging Systems Modeling Language (SysML). Systems 2022, 10, 264. [Google Scholar] [CrossRef]
  13. Molinar, J.; Chacon, A.; Mendoza, C.A.; Reyes, J.; Choudhuri, A.R.; Flores-Abad, A. Digital Engineering Framework to Develop a Small Space Robotic Arm. Aerospace Res. Central 2025, 22, 594–611. [Google Scholar] [CrossRef]
  14. U.S. Department of Defense. Digital Engineering Strategy; Office of the Under Secretary of Defense for Research and Engineering: Washington, DC, USA, 2018. Available online: https://ac.cto.mil/wp-content/uploads/2019/06/2018-Digital-Engineering-Strategy_Approved_PrintVersion.pdf (accessed on 15 January 2026).
  15. International Council on Systems Engineering (INCOSE). INCOSE Systems Engineering Vision 2035: Executive Summary; INCOSE: San Diego, CA, USA, 2023; Available online: https://www.incose.org/docs/default-source/se-vision/incose-se-vision-2035-executive-summary.pdf (accessed on 15 January 2026).
  16. Obrst, L. Ontologies for Semantically Interoperable Systems. In Proceedings of the 12th ACM International Conference on Information and Knowledge Management (CIKM ’03), New Orleans, LA, USA, 3–8 November 2003; pp. 366–369. [Google Scholar] [CrossRef]
  17. Orellana, D.; Mandrick, W. The Ontology of Systems Engineering: Towards a Computational Digital Engineering Semantic Framework. Procedia Comput. Sci. 2019, 153, 268–276. [Google Scholar] [CrossRef]
  18. ISO/IEC/IEEE. ISO/IEC/IEEE 15288:2023 Systems and Software Engineering—System Life Cycle Processes; International Organization for Standardization: Geneva, Switzerland, 2023; Available online: https://www.iso.org/standard/81702.html (accessed on 15 January 2026).
  19. Dunbar, D.; Hagedorn, T.; Blackburn, M.; Dzielski, J.; Hespelt, S.; Kruse, B.; Verma, D.; Yu, Z. Driving Digital Engineering Integration and Interoperability through Semantic Integration of Models with Ontologies. Syst. Eng. 2023, 26, 365–378. [Google Scholar] [CrossRef]
  20. Gregory, J.; Salado, A. Towards a Systems Engineering Ontology Stack. INCOSE Int. Symp. 2024, 34, 1304–1318. [Google Scholar] [CrossRef]
  21. Noguchi, R.A.; Wheaton, M.J.; Martin, J.N. Digital Engineering Strategy to Enable Enterprise Systems Engineering. Syst. Eng. 2020, 30, 1727–1741. [Google Scholar] [CrossRef]
  22. Rhodes, D.H.; Ross, A.M.; Nightingale, D.J. Architecting the System of Systems Enterprise: Enabling Constructs and Methods from the Field of Engineering Systems. In Proceedings of the 3rd Annual IEEE Systems Conference, Vancouver, BC, Canada, 23–26 March 2009; pp. 190–195. [Google Scholar] [CrossRef]
  23. Keating, C.B.; Katina, P.F. Systems of Systems Engineering: Prospects and Challenges for the Emerging Field. Int. J. Syst. Syst. Eng. 2011, 2, 234–256. [Google Scholar] [CrossRef]
  24. Xames, M.D.; Topcu, T.G. A Rapid Review of How Model-Based Systems Engineering Is Used in Healthcare Systems. INCOSE Int. Symp. 2024, 34, 1447–1462. [Google Scholar] [CrossRef]
  25. Golgolnia, T.; Kipouros, T.; Clarkson, P.J.; Marquardt, G.; Kevdzija, M. Implementing the model-based systems engineering (MBSE) approach to develop an assessment framework for healthcare facility design. Proc. Des. Soc. 2024, 4, 1577–1586. [Google Scholar] [CrossRef]
  26. Berg, T.A.; Marino, K.N.; Kintziger, K.W. The Application of Model-Based Systems Engineering to Rural Healthcare System Disaster Planning: A Scoping Review. Int. J. Disaster Risk Sci. 2023, 14, 357–368. [Google Scholar] [CrossRef]
  27. Madni, A.M.; Madni, C.C.; Lucero, S.D. Leveraging Digital Twin Technology in Model-Based Systems Engineering. Systems 2019, 7, 7. [Google Scholar] [CrossRef]
  28. Vallée, A. Digital Twin for Healthcare Systems. Front. Digit. Health 2023, 5, 1253050. [Google Scholar] [CrossRef]
  29. Sun, T.; He, X.; Li, Z. Digital Twin in Healthcare: Recent Updates and Challenges. Digit. Health 2023, 9, 20552076221149651. [Google Scholar] [CrossRef] [PubMed]
  30. Sadée, C.; Testa, S.; Barba, T.; Hartmann, K.; Schuessler, M.; Thieme, A.; Church, G.M.; Okoye, I.; Hernandez-Boussard, T.; Hood, L.; et al. Medical Digital Twins: Enabling Precision Medicine and Medical Artificial Intelligence. Lancet Digit. Health 2025, 7, 100864. [Google Scholar] [CrossRef] [PubMed]
  31. Wang, Y.; Steinbach, T.; Klein, J.; Anderl, R. Integration of Model-Based System Engineering into the Digital Twin Concept. Procedia CIRP 2021, 100, 19–24. [Google Scholar] [CrossRef]
  32. Tsui, R.; Davis, D.; Sahlin, J. Digital Engineering Models of Complex Systems Using Model-Based Systems Engineering (MBSE) from Enterprise Architecture (EA) to Systems of Systems (SoS) Architectures & Systems Development Life Cycle (SDLC). INCOSE Int. Symp. 2018, 28, 760–776. [Google Scholar] [CrossRef]
  33. Luna, S.; Lopes, A.; See Tao, H.Y.; Zapata, F.; Pineda, R. Integration, Verification, Validation, Test, and Evaluation (IVVT&E) Framework for System of Systems (SoS). Procedia Comput. Sci. 2013, 20, 298–305. [Google Scholar] [CrossRef]
  34. Akundi, A.; Ankobiah, W.; Mondragon, O.; Luna, S. Perceptions and the Extent of Model-Based Systems Engineering (MBSE) Use—An Industry Survey. In Proceedings of the 2022 IEEE International Systems Conference (SysCon 2022), Montreal, QC, Canada, 25–28 April 2022; pp. 1–7. [Google Scholar] [CrossRef]
  35. Akundi, A.; Euresti, D.; Luna, S.; Ankobiah, W.; Lopes, A.; Edinbarough, I. State of Industry 5.0—Analysis and Identification of Current Research Trends. Appl. Syst. Innov. 2022, 5, 27. [Google Scholar] [CrossRef]
  36. Mogahed, M.; Mansouri, M. A New Horizon for Healthcare Delivery: A System of Systems Perspective and Governing Proposition. INCOSE Int. Symp. 2024, 34, 1674–1686. [Google Scholar] [CrossRef]
  37. Mogahed, M.; Mansouri, M. Navigating the Complexities of Systems of Systems: Analysis, Challenges, and a Novel Proposed Construct. In Proceedings of the 2024 IEEE International Symposium on Systems Engineering (ISSE), Perugia, Italy, 16–19 October 2024; pp. 1–8. [Google Scholar] [CrossRef]
  38. Mogahed, M.; Mansouri, M. Systems of Systems Governance Frameworks: A Thorough Scoping Review and Synthesis towards Enhancing Healthcare Delivery. IEEE Syst. J. 2025. [Google Scholar] [CrossRef]
  39. Mogahed, M.; Mansouri, M. Enhancing Healthcare Delivery through Systems of Systems Governance: A Multi-Layered Governance Framework. In Proceedings of the 35th Annual INCOSE International Symposium, Ottawa, ON, Canada, 26–31 July 2025; Volume 35, pp. 1392–1405. [Google Scholar] [CrossRef]
  40. Mogahed, M.; Mansouri, M. Advancing Sustainable Healthcare Delivery through Systems of Systems Governance and Sustainability Governance Theories. In Proceedings of the 2025 20th Annual System of Systems Engineering Conference (SoSE), Tirana, Albania, 8–11 June 2025; pp. 1–6. [Google Scholar] [CrossRef]
  41. Mogahed, M.; Elahi, A.; Mansouri, M. Operationalizing Healthcare through HHS Mission-Driven Analysis and Functional Categorization for a Governable System of Systems. In Proceedings of the 2025 IEEE International Symposium on Systems Engineering (ISSE), Palaiseau, France, 28–30 October 2025; pp. 1–8. [Google Scholar] [CrossRef]
  42. Mogahed, M.; Mansouri, M. From Fragmentation to Integration: A Governance-Oriented Architecture Based on Heterogeneous Interactions in Healthcare Systems-of-Systems. In From Fragility to Resilience: A Systems Approach to Critical Infrastructure; Katina, P., Ed.; River Publishers: Aalborg, Denmark, 2026; in press. [Google Scholar]
  43. Mogahed, M.; Mansouri, M. Towards Governance of Socio-Technical System of Systems: Leveraging Lessons from Proven Engineering Principles. Systems 2025, 13, 1113. [Google Scholar] [CrossRef]
  44. Yang, L.; Cormican, K.; Yu, M. Ontology-Based Systems Engineering: A State-of-the-Art Review. Comput. Ind. 2019, 111, 148–171. [Google Scholar]
  45. Lukyanenko, R.; Storey, V.C.; Pastor, O. Foundations of Information Technology Based on Bunge’s Systemist Philosophy of Reality. Softw. Syst. Model. 2021, 20, 921–938. [Google Scholar] [CrossRef] [PubMed]
  46. Lin, H.K.; Harding, J.A.; Shahbaz, M. Manufacturing System Engineering Ontology for Semantic Interoperability across Extended Project Teams. Int. J. Prod. Res. 2004, 42, 5099–5118. [Google Scholar] [CrossRef]
  47. Huang, Y.; Douib, S.; Medinacelli, L.P.; Malenfant, J. Enabling Semantic Interoperability of Asset Administration Shells through an Ontology-Based Modeling Method. In Proceedings of the ACM/IEEE 25th International Conference on Model Driven Engineering Languages and Systems (MODELS 2022), Montréal, QC, Canada, 28 October 2022; pp. 497–502. [Google Scholar]
  48. Rodríguez-García, M.Á.; Valencia-García, R.; García-Sánchez, F.; Samper-Zapater, J.J. Creating a Semantically-Enhanced Cloud Services Environment through Ontology Evolution. Future Gener. Comput. Syst. 2014, 32, 295–306. [Google Scholar] [CrossRef]
  49. Barangi, H.; Rahimi, S.K.; Zamani, B.; Moradi, H. An Ontology-Based Approach to Facilitate Semantic Interoperability of Context-Aware Systems. In Proceedings of the 2023 28th International Computer Conference, Computer Society of Iran (CSICC), Tehran, Iran, 25–26 January 2023; pp. 1–5. [Google Scholar] [CrossRef]
  50. Arp, R.; Smith, B.; Spear, A.D. Building Ontologies with Basic Formal Ontology; MIT Press: Cambridge, MA, USA, 2015. [Google Scholar]
  51. Knöös Franzén, L.; Staack, I.; Jouannet, C.; Krus, P. An Ontological Approach to System of Systems Engineering in Product Development. In Proceedings of the 10th Aerospace Technology Congress, Stockholm, Sweden, 8–9 October 2019; pp. 35–44. [Google Scholar] [CrossRef]
  52. Feng, Y.; Zou, Q.; Zhou, C.; Liu, Y.; Peng, Q. Ontology-Based Architecture Process of System-of-Systems: From Capability Development to Operational Modeling. Appl. Sci. 2023, 13, 5419. [Google Scholar] [CrossRef]
  53. Qaddoumi, E.; Odeh, M.; Khan, Z.; Kossmann, M.; Traish, I.; Tbakhi, A. OntoSoS.QM.Gov: A Quality Governance Framework for Systems of Systems. In Proceedings of the Complex Systems Design and Management Conference, Paris, France, 12–13 December 2017. [Google Scholar]
  54. Ghosh Mitra, S.; Chandra, A.; Ramaprasad, A. The Ontology of Urban Governance: A Framework for Pathways to Sustainable Urban Transition. Urban Sci. 2024, 8, 38. [Google Scholar] [CrossRef]
  55. Fernández-López, M.; Gómez-Pérez, A.; Juristo, N. METHONTOLOGY: From ontological art towards ontological engineering. In Proceedings of the AAAI97 Spring Symposium Series on Ontological Engineering; AAAI Press: Stanford, CA, USA, 1997; pp. 33–40. [Google Scholar]
  56. Protégé 5.6.7, Developed by the Stanford Center for Biomedical Informatics Research, Stanford University School of Medicine, Stanford, CA, USA. Available online: https://protege.stanford.edu (accessed on 15 January 2026).
  57. Wang, K.C. Standard Lexicons, Coding Systems and Ontologies for Interoperability and Semantic Computation in Imaging. J. Digit. Imaging 2018, 31, 353–360. [Google Scholar] [CrossRef]
  58. Chatterjee, A.; Pahari, N.; Prinz, A. HL7 FHIR with SNOMED-CT to Achieve Semantic and Structural Interoperability in Personal Health Data: A Proof-of-Concept Study. Sensors 2022, 22, 3756. [Google Scholar] [CrossRef] [PubMed]
  59. CVS Health. MinuteClinic. CVS Health. Available online: https://www.cvshealth.com/services/health-care-and-wellness/health-services/minuteclinic.html (accessed on 18 January 2025).
  60. U.S. Department of Health and Human Services. About HHS. Available online: https://www.hhs.gov/about/index.html (accessed on 26 January 2025).
  61. Mogahed, M.; Elahi, A.; Mansouri, M. Optimizing Healthcare Clinical Decision Support Systems: A Systems Thinking and Process Modeling Approach. In Proceedings of the 2025 IEEE International Symposium on Systems Engineering (ISSE), Palaiseau, France, 28–30 October 2025; pp. 1–7. [Google Scholar] [CrossRef]
Systems 14 00376 g001
Figure 1. Ontological classification of healthcare system categories.
Figure 1. Ontological classification of healthcare system categories.
Systems 14 00376 g001
Systems 14 00376 g002
Figure 2. Healthcare SoS ontology.
Figure 2. Healthcare SoS ontology.
Systems 14 00376 g002
Systems 14 00376 g003
Figure 3. Ontological structure of the covenant.
Figure 3. Ontological structure of the covenant.
Systems 14 00376 g003
Systems 14 00376 g004
Figure 4. Ontological encoding of ISO9001 compliance and supported interaction types across healthcare entities.
Figure 4. Ontological encoding of ISO9001 compliance and supported interaction types across healthcare entities.
Systems 14 00376 g004
Systems 14 00376 g005
Figure 5. Object property hierarchy for interaction types.
Figure 5. Object property hierarchy for interaction types.
Systems 14 00376 g005
Systems 14 00376 g006
Figure 6. Ontological representation of patient consent metadata using the hasConsent data property.
Figure 6. Ontological representation of patient consent metadata using the hasConsent data property.
Systems 14 00376 g006
Systems 14 00376 g007
Figure 7. SPARQL-based retrieval of healthcare system violations and associated labels.
Figure 7. SPARQL-based retrieval of healthcare system violations and associated labels.
Systems 14 00376 g007
Systems 14 00376 g008
Figure 8. SPARQL-based retrieval of consent violation metadata within the healthcare Systems-of-Systems ontology.
Figure 8. SPARQL-based retrieval of consent violation metadata within the healthcare Systems-of-Systems ontology.
Systems 14 00376 g008
Systems 14 00376 g009
Figure 9. SPARQL reconstruction of the interaction pathway of Patient_001 across healthcare System categories.
Figure 9. SPARQL reconstruction of the interaction pathway of Patient_001 across healthcare System categories.
Systems 14 00376 g009
Systems 14 00376 g010
Figure 10. SHACL shape for validating ISO9001 compliance in equipment-sharing relationships.
Figure 10. SHACL shape for validating ISO9001 compliance in equipment-sharing relationships.
Systems 14 00376 g010
Systems 14 00376 g011
Figure 11. SHACL validation result demonstrating ISO9001 compliance violation in equipment-sharing interaction.
Figure 11. SHACL validation result demonstrating ISO9001 compliance violation in equipment-sharing interaction.
Systems 14 00376 g011
Systems 14 00376 g012
Figure 12. Ontological footprint of Epic systems EHR.
Figure 12. Ontological footprint of Epic systems EHR.
Systems 14 00376 g012
Systems 14 00376 g013
Figure 13. Semantic profile of BlueCross HealthPlan.
Figure 13. Semantic profile of BlueCross HealthPlan.
Systems 14 00376 g013
Systems 14 00376 g014
Figure 14. SPARQL-based evaluation of protocol alignment.
Figure 14. SPARQL-based evaluation of protocol alignment.
Systems 14 00376 g014
Systems 14 00376 g015
Figure 15. SPARQL-based detection of an interoperability violation in a negative test scenario.
Figure 15. SPARQL-based detection of an interoperability violation in a negative test scenario.
Systems 14 00376 g015
Systems 14 00376 g016
Figure 16. Automated conflict inference.
Figure 16. Automated conflict inference.
Systems 14 00376 g016
Systems 14 00376 g017
Figure 17. Automated temporal violation inference.
Figure 17. Automated temporal violation inference.
Systems 14 00376 g017
Systems 14 00376 g018
Figure 18. SPARQL query retrieving all SupplierSystem instances with associated compliance standards.
Figure 18. SPARQL query retrieving all SupplierSystem instances with associated compliance standards.
Systems 14 00376 g018
Systems 14 00376 g019
Figure 19. Aggregation query computing entity counts per covenant standard.
Figure 19. Aggregation query computing entity counts per covenant standard.
Systems 14 00376 g019
Systems 14 00376 g020
Figure 20. Crosstabulation query mapping standards coverage by system type.
Figure 20. Crosstabulation query mapping standards coverage by system type.
Systems 14 00376 g020
Systems 14 00376 g021
Figure 21. Resource pooling relationships among ProviderSystem instances.
Figure 21. Resource pooling relationships among ProviderSystem instances.
Systems 14 00376 g021
Systems 14 00376 g022
Figure 22. Check for bidirectional relationships.
Figure 22. Check for bidirectional relationships.
Systems 14 00376 g022
Systems 14 00376 g023
Figure 23. SPARQL query for interaction type–covenant mapping.
Figure 23. SPARQL query for interaction type–covenant mapping.
Systems 14 00376 g023
Systems 14 00376 g024
Figure 24. Graph metric computation determining relationship counts for each constituent system instance.
Figure 24. Graph metric computation determining relationship counts for each constituent system instance.
Systems 14 00376 g024
Systems 14 00376 g025
Figure 25. Hub entities.
Figure 25. Hub entities.
Systems 14 00376 g025
Systems 14 00376 g026
Figure 26. Network density calculation for hospital resource pooling subgraph.
Figure 26. Network density calculation for hospital resource pooling subgraph.
Systems 14 00376 g026
Table 1. Evolution of healthcare SoS governance research: progressive contributions and the current work.
Table 1. Evolution of healthcare SoS governance research: progressive contributions and the current work.
ReferenceContribution TypeKey Contribution
[36]Theoretical FoundationEstablished HDS as Collaborative SoS; identified interdependence as performance determinant
[37]Structural Typology AnalysisAnalyzed SoS structural types; proposed governance entity for interdependency management
[38]Governance Theory SynthesisSystematic review of 45 studies including 37 frameworks; three-tier governance model (meta-governance, governing, governed)
[39,40]Institutional OperationalizationMapped US healthcare governance roles to theoretical model; defined HHS as governing entity
[41]Operational ModelingSysML-based functional classification; value flow interaction analysis
[42]Interaction TaxonomyClassified intra/inter-category interactions from 40+ cases; comprehensive interdependence taxonomy
[43]Governance ArtifactIntroduced CIC as adaptive socio-technical covenant embedding legal, procedural, technical standards
This StudyOntological Formalization and IntegrationOWL-based ontology unifying structure, behavior, and regulation; enables automated reasoning, compliance checking, semantic querying, and DE integration
Table 2. Core Competency Questions guiding ontology design.
Table 2. Core Competency Questions guiding ontology design.
IDCompetency QuestionAddressed
Dimension		Validation Query Type
CQ1Which specific governance covenants (legal or technical) currently regulate a given constituent system?Compliance ProfilingEntity retrieval and property inference
CQ2Does a proposed interaction between an EHR vendor and a hospital comply with the required FHIR protocol constraints?Interaction AuthorizationRule-based violation detection
CQ3What is the network centrality (node degree) of a specific hospital regarding resource pooling relationships?Structural TopologyGraph metric computation
CQ4Are there mutually exclusive or conflicting governance requirements imposed on a single system by overlapping covenants?Conflict DetectionLogical inconsistency detection
CQ5Which systems currently hold active (unexpired) accreditations allowing them to operate within a strategic cross-category alliance?Temporal GovernanceData property filtering (validUntil)
Table 3. Quantitative ontology scale metrics.
Table 3. Quantitative ontology scale metrics.
Metric TypeCount
Classes35
Object Properties42
Data Properties9
Individuals (Testing Instances)14
Logical Axioms>280
SWRL Validation Rules3
Table 4. Data Properties for Operational Validation.
Table 4. Data Properties for Operational Validation.
PropertyDomainRangePurpose
hasConsentCareRecipientSystemxsd:booleanIndicates patient consent status for data sharing
consentTargetCareRecipientSystemowl:ThingSpecifies entity for which consent was granted
compliesWithowl:ThingCovenantLinks systems to applicable governance Covenants
memberIDCareRecipientSystemxsd:stringInsurance member identification
deviceUDISupplierSystemxsd:stringUnique Device Identifier for traceability
certificationStatusowl:Thingxsd:stringCurrent accreditation or certification state
locationowl:Thingxsd:stringPhysical location or service address
operationalStatusowl:Thingxsd:stringCurrent operational state (active/inactive/maintenance)
isAvailableowl:Thingxsd:booleanResource availability indicator
Table 5. Instantiated scenarios and constituent systems.
Table 5. Instantiated scenarios and constituent systems.
ScenarioDescriptionSystem Categories InvolvedKey Instances
Scenario 1Cross-Category Service Delivery with Consent ValidationProviderSystem, CareRecipientSystem, InsuranceSystem, SupplierSystemUrgentCare_QuickHealth, Patient_001, Insurance_BlueCross, Pharmacy_CVS
Scenario 2Intra-Category Resource Pooling with Quality Management ValidationProviderSystemHospital_Memorial, Hospital_Community, Hospital_Regional
Scenario 3Technology Integration with Protocol Compliance ValidationProviderSystem, CareRecipientSystem, InsuranceSystem, InfoComTechSystemEHR_Epic, Hospital_Memorial, Clinic_FamilyMed, Insurance_BlueCross, Patient_001, Patient_002
Scenario 4Temporal Compliance and Conflict Detection ExecutionProviderSystem, CovenantHospital_Conflict_Demo, Clinic_Expired_Cert, LocalDataSiloPolicy, FHIRProtocol
Table 6. Scenario 1 instance configuration.
Table 6. Scenario 1 instance configuration.
InstanceTypeKey PropertiesRelationships
Patient_001PatienthasConsent: true
memberID: “MEM-2024-12345”		enroll → Insurance_BlueCross
seekCare → UrgentCare_QuickHealth
purchase → Pharmacy_CVS
UrgentCare_QuickHealthUrgentCareCenterlocation: “123 Main St”
operationalStatus: “active”
compliesWith: HIPAA, ISO9001		serve → Patient_001
bill → Insurance_BlueCross
procure → Pharmacy_CVS
Insurance_BlueCrossHealthInsuranceCompanycertificationStatus: “active”
compliesWith: HIPAA, ANSIX12		cover → Patient_001
reimburse → UrgentCare_QuickHealth
negotiate → Pharmacy_CVS
Pharmacy_CVSPharmaceuticalCompanycompliesWith: ISO13485, UDIprovideProducts → Patient_001
supply → UrgentCare_QuickHealth
contract → Insuranc_BlueCross
Table 7. Scenario 2 instance configuration.
Table 7. Scenario 2 instance configuration.
InstanceTypeKey PropertiesIntra-Category Relationships
Hospital_MemorialHospitallocation: “500 University Ave”
compliesWith: HIPAA, ISO9001, ISO45001		equipmentSharing → Hospital_Community, Hospital_Regional
disasterPreparedness → Hospital_Community, Hospital_Regional
jointTraining → Hospital_Community
Hospital_CommunityHospitallocation: “200 Health Drive”
compliesWith: HIPAA, ISO9001, ISO45001		equipmentSharing → Hospital_Memorial, Hospital_Regional
disasterPreparedness → Hospital_Memorial, Hospital_Regional
jointTraining → Hospital_Memorial
Hospital_RegionalHospitallocation: “750 Emergency Blvd”
compliesWith: HIPAA, ISO9001, ISO45001		equipmentSharing → Hospital_Memorial, Hospital_Community
disasterPreparedness → Hospital_Memorial, Hospital_Community
Table 8. Scenario 3 instance configuration.
Table 8. Scenario 3 instance configuration.
InstanceTypeKey PropertiesTechnology Integration Relationships
EHR_EpicEHRVendorcompliesWith: HIPAA, FHIRProtocol, HL7v2Protocol, C_CDAintegrateICTProviders → Hospital_Memorial, Clinic_FamilyMed
connectFacilitate → Insurance_BlueCross
educateInform → Patient_001, Patient_002
Hospital_MemorialHospitalcompliesWith: HIPAA, FHIRProtocol[Receives integration from EHR_Epic]
Clinic_FamilyMedCliniccompliesWith: HIPAA, FHIRProtocol[Receives integration from EHR_Epic]
Insurance_BlueCrossHealthInsuranceCompanycompliesWith: HIPAA, ANSIX12[Receives facilitation from EHR_Epic]
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Mogahed, M.; Mansouri, M. An Ontology-Based Architecture for Interoperable Healthcare Systems-of-Systems: Structure, Interaction Patterns, and Covenant-Based Governance. Systems 2026, 14, 376. https://doi.org/10.3390/systems14040376

AMA Style

Mogahed M, Mansouri M. An Ontology-Based Architecture for Interoperable Healthcare Systems-of-Systems: Structure, Interaction Patterns, and Covenant-Based Governance. Systems. 2026; 14(4):376. https://doi.org/10.3390/systems14040376

Chicago/Turabian Style

Mogahed, Mohamed, and Mo Mansouri. 2026. "An Ontology-Based Architecture for Interoperable Healthcare Systems-of-Systems: Structure, Interaction Patterns, and Covenant-Based Governance" Systems 14, no. 4: 376. https://doi.org/10.3390/systems14040376

APA Style

Mogahed, M., & Mansouri, M. (2026). An Ontology-Based Architecture for Interoperable Healthcare Systems-of-Systems: Structure, Interaction Patterns, and Covenant-Based Governance. Systems, 14(4), 376. https://doi.org/10.3390/systems14040376

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop