One option would be to use a macro on obj creation which will basically check who is the user(or user group he/she belongs to) and restrict the particular use/user group while creating App sys type objects.
But if you do not want to go through the macro way then probably you have to check regularly and merge with the existing app sys library (which I reckon you are doing now).
Thanks a lot Abhijit,
I'm not skilled on macros and scripts, but I can try.
In ARIS the combination of method filters and privileges can usually be used to fo this without having to write macros. With Method filters you can control the types of Models, Objects, Symbols, Connections and Attributes a user is allowed to work with. If it is the case that Project Managers should not even have certain objects available to them then the filter will do this. If they were looking at a model where someone else had created the object it would be "greyed out" and not available for them to work with. If it is the case that the project manager should have read only access to the object so that they can see the details then you would need to use permissions. Create a folder for the Application System objects and move them into it. Assign the "development architect" group RWD premissions and everyone else Read-Only. Note that this would not preclude others from creating new Application System objects in some other folder, but those are fairly easy to manage as they show up outside of the folder where they belong.