Auto sync: 2025-12-05 17:46:13 (15 files changed)

D Writing/ERLM/:w A Writing/ERLM/biblatex.sty M Writing/ERLM/dane_proposal_format.cls M Writing/ERLM/main.aux M Writing/ERLM/main.bbl M Writing/ERLM/main.blg M Writing/ERLM/main.fdb_latexmk M Writing/ERLM/main.fls
2025-12-05 17:46:13 -05:00 · 2025-12-05 17:46:13 -05:00 · 54cc24e2f9
commit 54cc24e2f9
parent 90c328872a
15 changed files with 949 additions and 1496 deletions
--- a/Writing/ERLM/:w
+++ b/Writing/ERLM/:w
@ -1,627 +0,0 @@
 # ERLM Proposal Writing Review - Executive Summary
 **Date**: December 2, 2025 **Reviewer**: Claude Code
 **Framework**: Gopen's Sense of Structure
 ---
 ## Overview
 This proposal demonstrates strong technical content, clear
 methodology, and comprehensive coverage of all required
 elements. The research approach is well-conceived, and the
 progression from problem statement through solution is
 logical. The writing is generally clear and professional.
 **Key Strengths:**
 - Excellent technical depth and specificity
 - Strong motivation established through human factors
 statistics
 - Clear three-thrust research structure
 - Comprehensive risk analysis with concrete contingencies
 - Good use of specific examples (TMI accident, HARDENS
 project)
 **Priority Areas for Revision:**
 - Sentence-level: Strengthen stress positions to emphasize
 key claims
 - Paragraph-level: Sharpen point-issue structure in some
 sections
 - Section-level: Tighten organization in State of the Art
 section
 - Big picture: Strengthen "so what" connections throughout
 ---
 ## Priority Issues (Top 10)
 ### 1. **SOTA Section Length and Organization**
 [SECTION-LEVEL] **Location**: State of the Art section (358
 lines) **Issue**: The SOTA section is the longest in the
 proposal and covers multiple distinct topics (current
 procedures, human factors, HARDENS). While comprehensive, it
 risks overwhelming readers and obscuring your key
 contributions. **Impact**: HIGH - Reviewers may lose track
 of your argument in the density **Recommendation**:
 Consider restructuring with clearer signposting. Each
 subsection should explicitly connect back to what gap
 you're filling. The current "\textbf{LIMITATION:}" callouts
 are excellent—ensure every major subsection has one.
 ### 2. **Weak Stress Positions Throughout** [SENTENCE-LEVEL]
 **Location**: All sections, especially Goals and State of
 the Art **Issue**: Many sentences place old/known
 information in stress position (sentence-final), missing
 opportunities to emphasize new claims **Impact**:
 MEDIUM-HIGH - Reduces rhetorical impact of key claims **See
 Pattern**: "Stress Position Weakness" below for examples and
 fixes
 ### 3. **Missing "So What" Connections** [BIG PICTURE]
 **Location**: Transitions between major sections **Issue**:
 The proposal moves from problem → approach → metrics without
 always explicitly stating "this matters because..." at
 transition points **Impact**: MEDIUM-HIGH - Reviewers may
 not fully grasp significance **Recommendation**: Add
 explicit "if successful, this enables..." statements at the
 end of Goals section and beginning of Metrics section
 ### 4. **Passive Voice Obscuring Agency** [SENTENCE-LEVEL]
 **Location**: Research Approach, especially subsection
 introductions **Issue**: Passive constructions like "will be
 employed" and "will be used" hide who does what and reduce
 directness **Impact**: MEDIUM - Reduces clarity and makes
 writing feel less confident **See Pattern**: "Passive Voice"
 below
 ### 5. **Point-Issue Structure in Paragraphs**
 [PARAGRAPH-LEVEL] **Location**: State of the Art, Risk
 sections **Issue**: Some paragraphs present information
 without first establishing why readers should care (the
 "issue") **Impact**: MEDIUM - Readers may wonder "why are
 you telling me this?" **See Pattern**: "Point-Issue
 Structure" below
 ### 6. **Topic String Breaks** [PARAGRAPH-LEVEL]
 **Location**: Research Approach, subsection transitions
 **Issue**: Topic position doesn't always establish clear
 continuity from previous sentence, forcing readers to
 reconstruct connections **Impact**: MEDIUM - Increases
 cognitive load **See Pattern**: "Topic Position &
 Continuity" below
 ### 7. **Nominalization Hiding Action** [SENTENCE-LEVEL]
 **Location**: Throughout, especially Research Approach
 **Issue**: Action buried in nouns (e.g., "implementation"
 instead of "implement", "verification" instead of "verify")
 **Impact**: MEDIUM - Makes writing feel static rather than
 dynamic **Recommendation**: Convert nominalizations to
 active verbs where possible
 ### 8. **Long Complex Sentences** [SENTENCE-LEVEL]
 **Location**: State of the Art (lines 45-51), Risks (lines
 72-79) **Issue**: Some sentences exceed 40-50 words with
 multiple subordinate clauses, challenging comprehension
 **Impact**: MEDIUM - Reviewers may have to re-read
 **Recommendation**: Break into 2-3 shorter sentences with
 clear logical flow
 ### 9. **Subsection Balance in Risks Section**
 [SECTION-LEVEL] **Location**: Risks and Contingencies
 section **Issue**: Four subsections of vastly different
 lengths (computational tractability gets more space than
 discrete-continuous interface, despite latter being more
 fundamental) **Impact**: LOW-MEDIUM - May suggest misaligned
 priorities **Recommendation**: Consider whether space
 allocation reflects actual risk magnitude
 ### 10. **Broader Impacts Underutilized** [BIG PICTURE]
 **Location**: Broader Impacts section (75 lines vs 358 for
 SOTA) **Issue**: This section is relatively brief given that
 economic impact is a major motivation for SMRs **Impact**:
 LOW-MEDIUM - Missing opportunity to strengthen value
 proposition **Recommendation**: Consider expanding economic
 analysis or adding brief discussion of workforce/educational
 impacts
 ---
 ## Key Patterns Identified
 ### Pattern 1: Stress Position Weakness
 **Principle** (Gopen): The stress position (end of sentence)
 should contain the most important new information. Readers
 expect climax at sentence-end and are disappointed when they
 find old information or weak phrases there.
 **Example 1** (Goals and Outcomes, lines 13-17): ```
 Current: "Currently, nuclear plant operations rely on
 extensively trained human operators who follow detailed
 written procedures and strict regulatory requirements to
 manage reactor control." ```
 - **Issue**: Sentence ends with "manage reactor control"—a
 restatement of the opening. The key claim is buried
 mid-sentence: "extensively trained...detailed
 procedures...strict requirements"
 - **Fixed**: "Currently, nuclear plant operations require
 extensively trained human operators following detailed
 written procedures under strict regulatory requirements."
 **Example 2** (State of the Art, lines 53-54): ``` Current:
 "Procedures lack formal verification of correctness and
 completeness." ```
 - **Issue**: Ends weakly with "completeness" which is minor
 compared to the bigger issue
 - **Fixed**: "Procedures lack formal verification, leaving
 correctness and completeness unproven."
 **Example 3** (Research Approach, lines 41-42): ``` Current:
 "The following sections discuss how these thrusts will be
 accomplished." ```
 - **Issue**: Pure metadiscourse in stress position, provides
 no new information
 - **Fixed**: Delete this sentence—the enumeration provides
 sufficient transition, or combine with previous sentence:
 "...through three main thrusts, each detailed below."
 **Similar instances**:
 - Goals lines 29-32: "...we will combine formal methods..."
 - State of the Art lines 81-85: "...no application of hybrid
 control theory exists..."
 - Research Approach lines 115-116: "...enable progression to
 the next step..."
 - Metrics lines 29-31: "...makes this metric directly
 relevant..."
 - Risks lines 12-13: "...identification of remaining
 barriers to deployment"
 **How to fix**: Identify the most important new claim in
 each sentence and move it to the end. Often this means
 converting from "X does Y to achieve Z" to "X achieves Z by
 doing Y."
 ---
 ### Pattern 2: Passive Voice Obscuring Agency
 **Principle** (Gopen): Passive voice obscures who does what
 and reduces directness. In proposal writing, active voice
 demonstrates confidence and control. Use passive only when
 the agent is truly unimportant or unknown.
 **Example 1** (Research Approach, line 118): ``` Current:
 "We will employ state-of-the-art reactive synthesis
 tools..." ```
 - **Issue**: "Employ" is weak; you're not hiring the tools,
 you're using them
 - **Better**: "We will use Strix, a state-of-the-art
 reactive synthesis tool..."
 - **Best**: "Strix will translate our temporal logic
 specifications into deterministic automata..." (Shows what
 the tool *does*, not just that you'll use it)
 **Example 2** (Research Approach, line 207): ``` Current:
 "Control barrier functions will be employed when..." ```
 - **Issue**: Passive—who employs them? And "employed" sounds
 formal/stuffy
 - **Fixed**: "We will use control barrier functions to
 verify..." or better "Control barrier functions verify..."
 **Example 3** (Metrics, line 67): ``` Current: "This
 milestone delivers an internal technical report..." ```
 - **Issue**: Milestones don't deliver, people do
 - **Fixed**: "We will deliver an internal technical report
 documenting..."
 **Similar instances**:
 - Research Approach lines 161, 175, 206, 220: "will be
 employed", "will be developed", "will be used"
 - Metrics lines 69, 73, 79, 84: "...delivers a [document]"
 - Risks lines 57, 109, 163: various passives
 **How to fix**:
 1. Identify the real agent (usually "we")
 2. Make agent the subject: "We will X" or "X will Y"
 3. Choose strong active verbs: use/apply/develop/verify (not
 employ/utilize)
 ---
 ### Pattern 3: Point-Issue Structure Weakness
 **Principle** (Gopen): Paragraphs should begin by
 establishing (1) the point/claim being made and (2) why it
 matters (the issue). Discussion then supports that point.
 Readers need context before details.
 **Example 1** (State of the Art, lines 88-107): ``` Current
 paragraph begins: "The persistent role of human error in
 nuclear safety incidents, despite decades of
 improvements..." ```
 - **Analysis**: This paragraph immediately dives into the
 "persistent role" without first establishing why we're
 discussing human factors at all. Reader thinks: "Wait,
 weren't we just talking about procedures?"
 - **Fixed**: Add issue statement first: "Human factors
 provide the most compelling motivation for formal automated
 control. Despite decades of improvements in training and
 procedures, human error persists in 70-80% of nuclear
 incidents—suggesting that operator-based control faces
 fundamental, not remediable, limitations."
 **Example 2** (Risks, first paragraph): ``` Current: "This
 research relies on several critical assumptions that, if
 invalidated, would require scope adjustment..." ```
 - **Analysis**: Good—this establishes both point (critical
 assumptions exist) and issue (invalidity requires
 adjustment) immediately. The paragraph then delivers on this
 promise. This is a good model!
 **Example 3** (Research Approach, lines 166-169): ```
 Current: "While discrete system components will be
 synthesized with correctness guarantees, they represent only
 half of the complete system." ```
 - **Analysis**: Good issue statement (discrete alone
 insufficient), but could be sharper about the point. What
 will this section show?
 - **Fixed**: "While discrete system components will be
 synthesized with correctness guarantees, they represent only
 half of the complete system. This section describes how we
 will develop continuous control modes, verify their
 correctness, and address the unique verification challenges
 at the discrete-continuous interface."
 **Similar instances**:
 - State of the Art lines 13-34: long paragraph with delayed
 point
 - Goals lines 103-119: impact paragraph could be tighter
 - Approach lines 178-208: three-mode classification needs
 clearer framing
 **How to fix**:
 1. First sentence should state the paragraph's point
 2. Second sentence (or same sentence) should state why this
 matters
 3. Remaining sentences provide supporting detail
 ---
 ### Pattern 4: Topic Position & Continuity
 **Principle** (Gopen): The topic position (beginning of
 sentence) should contain old/familiar information that links
 to what came before. This creates flow and coherence. Abrupt
 topic shifts disorient readers.
 **Example 1** (Goals, lines 18-23): ``` Sentence 1: "...this
 reliance on human operators prevents the introduction of
 autonomous control capabilities..."
 Sentence 2: "Emerging technologies like small modular
 reactors face significantly higher per-megawatt staffing
 costs..." ```
 - **Issue**: Topic shifts abruptly from "reliance on
 operators" to "emerging technologies". Connection exists
 (both about staffing challenges) but isn't explicit
 - **Fixed**: "...prevents autonomous control capabilities.
 This limitation creates particular challenges for emerging
 technologies like small modular reactors, which face
 significantly higher per-megawatt staffing costs..."
 **Example 2** (State of the Art, lines 234-243): ```
 Sentence about what HARDENS addressed: "...discrete digital
 control logic..."
 Next sentence: "However, the project did not address
 continuous dynamics..." ```
 - **Analysis**: Good use of "however, the project" in topic
 position—maintains focus on HARDENS while pivoting to
 limitation. This is a good model!
 **Example 3** (Research Approach, lines 56-58): ``` Sentence
 1: "...we may be able to translate them into logical
 formulae..."
 Sentence 2: "Linear Temporal Logic (LTL) provides four
 fundamental operators..." ```
 - **Issue**: Abrupt topic shift from "translating
 procedures" to "LTL provides". Missing: why LTL? Why now?
 - **Fixed**: "...translate them into logical formulae. To
 formalize these procedures, we will use Linear Temporal
 Logic (LTL), which provides four fundamental operators..."
 **Similar instances**:
 - Goals lines 23-27: "emerging technologies" → "what is
 needed"
 - State of the Art lines 72-74: control modes → division
 between automated/human
 - Approach lines 183-185: stabilizing mode example →
 transitory mode definition
 **How to fix**:
 1. Identify the topic of the previous sentence
 2. Begin next sentence with something related to that topic
 3. Use transitional phrases when shifting topics: "This
 [previous thing] leads to [new thing]"
 ---
 ### Pattern 5: Long Complex Sentences
 **Principle**: Sentences with multiple subordinate clauses
 (especially over 35-40 words) tax reader working memory.
 Breaking into multiple sentences often improves clarity
 without losing sophistication.
 **Example 1** (State of the Art, lines 48-51): ``` Current
 (51 words): "Procedures undergo technical evaluation,
 simulator validation testing, and biennial review as part of
 operator requalification under 10 CFR 55.59, but despite
 these rigorous development processes, procedures
 fundamentally lack formal verification of key safety
 properties." ```
 - **Issue**: Long sentence with list, subordinate clause,
 and contrast—hard to parse
 - **Fixed (2 sentences)**: "Procedures undergo technical
 evaluation, simulator validation testing, and biennial
 review as part of operator requalification under 10 CFR
 55.59. Despite these rigorous development processes,
 procedures fundamentally lack formal verification of key
 safety properties."
 **Example 2** (Risks, lines 72-78): ``` Current (57 words):
 "Temporal logic operates on boolean predicates, while
 continuous control requires reasoning about differential
 equations and reachable sets, and guard conditions that
 require complex nonlinear predicates may resist boolean
 abstraction, making synthesis intractable." ```
 - **Issue**: Run-on with multiple clauses strung together
 with commas
 - **Fixed (3 sentences)**: "Temporal logic operates on
 boolean predicates, while continuous control requires
 reasoning about differential equations and reachable sets.
 Guard conditions requiring complex nonlinear predicates may
 resist boolean abstraction. This mismatch could make
 synthesis intractable."
 **Similar instances**:
 - State of the Art lines 44-51: procedure development
 description
 - Research Approach lines 40-45: hybrid system description
 - Risks lines 17-24: computational tractability discussion
 - Broader Impacts lines 13-23: economic analysis
 **How to fix**:
 1. Identify natural breakpoints (usually where you have
 "and" or "but")
 2. Create new sentences at these breaks
 3. Ensure each new sentence has clear topic position
 4. May need to repeat/reference previous sentence's subject
 for clarity
 ---
 ## Section-Level Issues
 ### Goals and Outcomes Section **Strengths**: Excellent
 structure with clear goal → problem → approach → outcomes →
 impact progression. The four-paragraph opening is very
 strong.
 **Issues**:
 - Lines 29-53 (Approach paragraph): This is dense and tries
 to cover too much. Consider breaking into two paragraphs:
 one on the approach concept, one on the hypothesis and
 rationale.
 - Outcomes enumeration: Very clear, but could strengthen the
 transition from strategy to outcome in each item. Currently
 reads as "we'll do X. [new sentence] This enables Y."
 Consider: "We'll do X, enabling Y."
 ### State of the Art Section **Strengths**: Comprehensive,
 well-researched, excellent use of the HARDENS case study as
 both positive example and gap identifier.
 **Issues**:
 - **Length**: At 358 lines, this risks losing readers. Most
 concerning: readers may forget your framing by the time they
 reach your contribution.
 - **Organization**: Four major subsections (procedures,
 human factors, HARDENS, research imperative) would benefit
 from a roadmap sentence at the beginning: "To understand the
 need for hybrid control synthesis, we first examine..."
 - **Balance**: HARDENS subsection is 89 lines—nearly 25% of
 SOTA. While impressive, consider whether this should be a
 separate section or whether some detail could move to an
 appendix.
 - **Transition to Approach**: The "Research Imperative"
 subsection is excellent but feels like it belongs at the
 start of Research Approach rather than end of SOTA.
 ### Research Approach Section **Strengths**: Clear
 three-thrust structure, good use of equations and examples,
 strong technical detail.
 **Issues**:
 - **Subsection transitions**: The transitions between the
 three main subsections (Procedures→Temporal,
 Temporal→Discrete, Discrete→Continuous) could be smoother.
 Each starts somewhat abruptly.
 - **SmAHTR introduction**: The SmAHTR demonstration case is
 introduced suddenly at line 253. Consider introducing it
 earlier (perhaps in Goals section or at start of Approach)
 so readers know it's coming.
 - **Three-mode classification**: Lines 178-208 present the
 stabilizing/transitory/expulsory framework, which is
 innovative. This deserves more prominence—consider
 highlighting it as a key contribution.
 ### Metrics of Success Section **Strengths**: TRL framework
 is well-justified, progression through levels is clear.
 **Issues**:
 - **Defensive tone**: Lines 11-30 spend considerable space
 justifying why TRL is appropriate. This is good but could be
 more concise. Consider: one paragraph on why TRLs (lines
 10-19) rather than two.
 - **Grading criteria**: The TRL definitions (3, 4, 5) are
 excellent. Very concrete and measurable.
 ### Risks and Contingencies Section **Strengths**:
 Comprehensive, each risk has indicators and contingencies,
 well-organized.
 **Issues**:
 - **Subsection balance**: Four subsections range from 41
 lines (computational) to 65 lines (discrete-continuous).
 Ensure space reflects actual risk level.
 - **Mitigation vs. contingency**: Some subsections blur
 "mitigation" (preventing problems) and "contingency"
 (response if they occur). Consider clarifying this
 structure.
 ### Broader Impacts Section **Strengths**: Clear economic
 motivation, good connection to SMRs and datacenter
 application.
 **Issues**:
 - **Brevity**: At 75 lines, this is the shortest technical
 section. Given that economic viability is a key motivation,
 consider expanding.
 - **Missed opportunities**: Could briefly mention
 workforce/educational impacts (training future engineers in
 formal methods), equity (providing reliable clean energy to
 underserved areas), broader applicability beyond nuclear.
 ### Budget Section **Brief review**: Budget is
 comprehensive, well-justified, appropriate. Minor note:
 Consider whether the high-performance workstation (Year 1)
 might need upgrades in Year 2-3 as synthesis scales up.
 ### Schedule Section **Brief review**: Schedule is ambitious
 but realistic. Six trimesters for dissertation research is
 reasonable. Publication strategy is smart (nuclear community
 first, then broader control theory community). Minor note:
 Line 73 has a space issue ("t ranslation").
 ---
 ## Big Picture Observations
 ### Narrative and Argument Structure
 **Strengths**:
 - Clear problem-solution arc: operators make errors →
 procedures lack formal guarantees → hybrid control synthesis
 provides guarantees
 - Good use of motivating examples (TMI, human error
 statistics, HARDENS)
 - Technical progression is logical: discrete synthesis →
 continuous verification → integrated system
 **Opportunities**:
 1. **Strengthen "so what" transitions**: The proposal
 sometimes presents information without explicitly stating
 significance. Add more "This matters because..." statements.
 2. **Emphasize novelty earlier**: The three-mode
 classification and discrete-continuous interface
 verification are novel contributions. Signal this earlier
 and more explicitly.
 3. **Create more callbacks**: When describing Research
 Approach, refer back to specific limitations identified in
 State of the Art. Currently these connections are implicit.
 ### Rhetorical Effectiveness
 **Credibility established through**:
 - Comprehensive literature review
 - Specific technical detail
 - Access to industry hardware (Emerson partnership)
 - Prior conference recognition (best student paper)
 **Value proposition**:
 - Clear economic impact (O&M cost reduction)
 - Safety improvement (mathematical guarantees vs. human
 operators)
 - Broader applicability (methodology generalizes)
 **Could strengthen**:
 - More explicit statements of what's novel vs. what's
 established practice
 - Stronger emphasis on the unique combination of discrete
 synthesis + continuous verification (others do one or the
 other, not both)
 ### Content Gaps and Consistency
 **Terminology**:
 - Generally consistent
 - Good introduction of technical terms (hybrid automata,
 temporal logic, reachability analysis)
 - Minor: "correct by construction" vs. "provably
 correct"—used interchangeably, which is fine, but could note
 they're synonymous
 **Scope consistency**:
 - Excellent—stays focused on startup procedures for SmAHTR
 - Appropriately acknowledges limitations (TRL 5, not
 deployment-ready)
 - Risk section addresses what happens if scope must narrow
 **Potential gaps**:
 1. **Cybersecurity**: Not mentioned. For autonomous nuclear
 control, shouldn't there be at least a paragraph on security
 verification?
 2. **Regulatory path**: You mention "regulatory
 requirements" but don't detail what NRC approval process
 would look like. Even a paragraph would strengthen
 credibility.
 3. **Comparison with alternatives**: What about machine
 learning approaches to autonomous control? Worth a paragraph
 explaining why formal methods are superior for
 safety-critical systems.
 ---
 ## Gopen Framework Quick Reference
 **Stress Position**: End of sentence should contain most
 important new information. Readers expect climax there.
 **Topic Position**: Beginning of sentence should contain
 familiar information that links to previous sentence.
 Creates flow.
 **Point-Issue Structure**: Paragraphs should open by stating
 (1) the point/claim and (2) why it matters, before providing
 supporting detail.
 **Topic String**: The chain of topics across sentences in a
 paragraph. Strong topic strings create coherence; broken
 ones confuse readers.
 **Old→New Information Flow**: Information should flow from
 familiar (old) to unfamiliar (new) within sentences and
 paragraphs.
 ---
 ## Next Steps
 1. **Start with Priority Issues 1-3**: These have the
 highest impact
 2. **Apply Patterns**: Use the pattern examples to fix
 similar instances throughout
 3. **Consult Detailed Document**: For comprehensive
 checkbox-by-checkbox revisions
 4. **Section-by-section revision**: Work through one section
 at a time, applying patterns
 5. **Final pass for consistency**: Ensure changes maintain
 consistent terminology and tone
 This proposal has strong technical content and a solid
 structure. The revisions suggested here will strengthen
 clarity, emphasize key contributions, and make the argument
 even more compelling for reviewers. Good luck with your
 revisions!
--- a/Writing/ERLM/biblatex.sty
+++ b/Writing/ERLM/biblatex.sty
--- a/Writing/ERLM/dane_proposal_format.cls
+++ b/Writing/ERLM/dane_proposal_format.cls
@ -28,7 +28,6 @@
 \singlespacing
 \setcounter{secnumdepth}{3}
 \setcounter{tocdepth}{5}
 \bibliographystyle{unsrt}
 % Graphics and figures
 \RequirePackage{graphicx}
--- a/Writing/ERLM/main.aux
+++ b/Writing/ERLM/main.aux
@ -1,26 +1,22 @@
 \relax 
 \bibstyle{unsrt}
 \providecommand \oddpage@label [2]{}
 \@writefile{toc}{\contentsline {section}{\numberline {1}Goals and Outcomes}{1}{}\protected@file@percent }
-\citation{NUREG-0899}
+\citation{NUREG-0899,10CFR50.34}
-\citation{10CFR55}
+\citation{10CFR55.59}
 \citation{WRPS.Description,gentillon_westinghouse_1999}
 \@writefile{toc}{\contentsline {section}{\numberline {2}State of the Art and Limits of Current Practice}{3}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Current Reactor Procedures and Operation}{3}{}\protected@file@percent }
 \citation{operator_statistics}
 \citation{10CFR55}
-\citation{NRC WEBSITE IN ZOTERO FOR PRES}
+\citation{10CFR50.54}
 \citation{ALSO IN PRES FOLDER}
 \citation{10CFR55}
 \citation{NRC WEBSITE IN ZOTERO FOR PRES}
 \citation{ALSO IN PRES FOLDER}
 \citation{Kemeny1979}
-\citation{Kemeny1979}
+\citation{WNA2020}
-\citation{DOE-HDBK-1028-2009,WNA2020}
+\citation{hogberg_root_2013}
-\citation{IAEA-severe-accidents}
+\citation{zhang_analysis_2025}
-\citation{Wang2025}
+\citation{Kiniry2024}
 \citation{Reason1990}
 \@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Human Factors in Nuclear Accidents}{4}{}\protected@file@percent }
-\citation{Kiniry2022}
+\@writefile{toc}{\contentsline {subsection}{\numberline {2.3}HARDENS and Formal Methods}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {2.3}HARDENS and Formal Methods}{5}{}\protected@file@percent }
+\citation{Kiniry2024}
 \@writefile{toc}{\contentsline {section}{\numberline {3}Research Approach}{6}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {3.1}$(Procedures \wedge FRET) \rightarrow Temporal Specifications$}{6}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {3.2}$(TemporalLogic \wedge ReactiveSynthesis) \rightarrow DiscreteAutomata$}{7}{}\protected@file@percent }
@ -38,54 +34,57 @@
 \citation{eesi_datacenter_2024}
 \citation{eia_lcoe_2022}
 \@writefile{toc}{\contentsline {section}{\numberline {6}Broader Impacts}{16}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{\numberline {7}Budget and Budget Justification}{17}{}\protected@file@percent }
+\bibstyle{ieeetr}
 \@writefile{toc}{\contentsline {subsection}{\numberline {7.1}Budget Summary}{17}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {7.2}Budget Justification}{17}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.1}Senior Personnel}{17}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Faculty Advisor}{17}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.2}Other Personnel}{17}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Graduate Research Assistant (Principal Investigator)}{17}{}\protected@file@percent }
 \@writefile{lot}{\contentsline {table}{\numberline {1}{\ignorespaces Proposed Budget by Year and Category}}{18}{}\protected@file@percent }
 \newlabel{tab:budget}{{1}{18}{Budget Summary}{}{}}
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.3}Fringe Benefits}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Faculty Fringe Benefits}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Graduate Research Assistant Fringe Benefits}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.4}Equipment}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.5}Travel}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Conference Travel (\$4,000 per year)}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Industry Collaboration Visits (\$1,500 per year)}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.6}Participant Support Costs}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.7}Other Direct Costs}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Materials and Supplies}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Publication Costs}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Computing and Cloud Services}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.8}H. Indirect Costs (Facilities \& Administrative)}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.9}Cost Sharing}{21}{}\protected@file@percent }
 \newlabel{sec:cost-sharing}{{7.2.9}{21}{Cost Sharing}{}{}}
 \@writefile{toc}{\contentsline {paragraph}{Emerson Process Management Partnership}{21}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{University Infrastructure}{21}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Total In-Kind Contributions}{21}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.10}Budget Inflation and Escalation}{21}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {section}{\numberline {8}Schedule, Milestones, and Deliverables}{21}{}\protected@file@percent }
 \gtt@chartextrasize{0}{164.1287pt}
 \@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Project schedule showing major research thrusts, milestones (orange row), and publications (green row). Red diamonds indicate completion points. Overlapping bars indicate parallel work where appropriate.}}{22}{}\protected@file@percent }
 \newlabel{fig:gantt}{{1}{22}{Schedule, Milestones, and Deliverables}{}{}}
 \@writefile{toc}{\contentsline {subsection}{\numberline {8.1}Milestones and Deliverables}{22}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {section}{\numberline {9}Supplemental Sections}{23}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {9.1}Biosketch}{23}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {9.2}Data Management Plan}{26}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {9.3}Facilities}{30}{}\protected@file@percent }
 \bibdata{references}
 \bibcite{NUREG-0899}{1}
-\bibcite{10CFR55}{2}
+\bibcite{10CFR50.34}{2}
-\bibcite{Kemeny1979}{3}
+\bibcite{10CFR55.59}{3}
-\bibcite{DOE-HDBK-1028-2009}{4}
+\bibcite{WRPS.Description}{4}
-\bibcite{WNA2020}{5}
+\bibcite{gentillon_westinghouse_1999}{5}
-\bibcite{IAEA-severe-accidents}{6}
+\bibcite{operator_statistics}{6}
-\bibcite{Wang2025}{7}
+\bibcite{10CFR55}{7}
-\bibcite{Reason1990}{8}
+\bibcite{10CFR50.54}{8}
-\bibcite{Kiniry2022}{9}
+\bibcite{Kemeny1979}{9}
-\bibcite{eia_lcoe_2022}{10}
+\bibcite{WNA2020}{10}
-\bibcite{eesi_datacenter_2024}{11}
+\bibcite{hogberg_root_2013}{11}
-\@writefile{toc}{\contentsline {section}{References}{31}{}\protected@file@percent }
+\bibcite{zhang_analysis_2025}{12}
-\gdef \@abspage@last{32}
+\bibcite{Kiniry2024}{13}
 \@writefile{toc}{\contentsline {section}{References}{18}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {section}{\numberline {7}Budget and Budget Justification}{19}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {7.1}Budget Summary}{19}{}\protected@file@percent }
 \@writefile{lot}{\contentsline {table}{\numberline {1}{\ignorespaces Proposed Budget by Year and Category}}{19}{}\protected@file@percent }
 \newlabel{tab:budget}{{1}{19}{Budget Summary}{}{}}
 \@writefile{toc}{\contentsline {subsection}{\numberline {7.2}Budget Justification}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.1}Senior Personnel}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Faculty Advisor}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.2}Other Personnel}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Graduate Research Assistant (Principal Investigator)}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.3}Fringe Benefits}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Faculty Fringe Benefits}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Graduate Research Assistant Fringe Benefits}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.4}Equipment}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.5}Travel}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Conference Travel (\$4,000 per year)}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Industry Collaboration Visits (\$1,500 per year)}{20}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.6}Participant Support Costs}{21}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.7}Other Direct Costs}{21}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Materials and Supplies}{21}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Publication Costs}{21}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Computing and Cloud Services}{22}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.8}H. Indirect Costs (Facilities \& Administrative)}{22}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.9}Cost Sharing}{22}{}\protected@file@percent }
 \newlabel{sec:cost-sharing}{{7.2.9}{22}{Cost Sharing}{}{}}
 \@writefile{toc}{\contentsline {paragraph}{Emerson Process Management Partnership}{22}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{University Infrastructure}{22}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {paragraph}{Total In-Kind Contributions}{22}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsubsection}{\numberline {7.2.10}Budget Inflation and Escalation}{22}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {section}{\numberline {8}Schedule, Milestones, and Deliverables}{23}{}\protected@file@percent }
 \gtt@chartextrasize{0}{164.1287pt}
 \@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Project schedule showing major research thrusts, milestones (orange row), and publications (green row). Red diamonds indicate completion points. Overlapping bars indicate parallel work where appropriate.}}{23}{}\protected@file@percent }
 \newlabel{fig:gantt}{{1}{23}{Schedule, Milestones, and Deliverables}{}{}}
 \@writefile{toc}{\contentsline {subsection}{\numberline {8.1}Milestones and Deliverables}{23}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {section}{\numberline {9}Supplemental Sections}{25}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {9.1}Biosketch}{25}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {9.2}Data Management Plan}{28}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {9.3}Facilities}{32}{}\protected@file@percent }
 \gdef \@abspage@last{33}
--- a/Writing/ERLM/main.bbl
+++ b/Writing/ERLM/main.bbl
@ -1,64 +1,44 @@
 \begin{thebibliography}{10}
 \bibitem{NUREG-0899}
-{U.S. Nuclear Regulatory Commission}.
+{U.S. Nuclear Regulatory Commission}, ``Guidelines for the preparation of emergency operating procedures,'' Tech. Rep. NUREG-0899, U.S. Nuclear Regulatory Commission, 1982.
-\newblock Guidelines for the preparation of emergency operating procedures.
+
-\newblock Technical Report NUREG-0899, U.S. Nuclear Regulatory Commission, 1982.
+\bibitem{10CFR50.34}
 {U.S. Nuclear Regulatory Commission}, ``{10 CFR Part 50.34}.'' Code of Federal Regulations.
 \bibitem{10CFR55.59}
 {U.S. Nuclear Regulatory Commission}, ``{10 CFR Part 55.59}.'' Code of Federal Regulations.
 \bibitem{WRPS.Description}
 ``{Westinghouse RPS System Description},'' tech. rep., Westinghouse Electric Corporation.
 \bibitem{gentillon_westinghouse_1999}
 C.~D. Gentillon, D.~Marksberry, D.~Rasmuson, M.~B. Calley, S.~A. Eide, and T.~Wierman, ``Westinghouse reactor protection system unavailability, 1984-1995.''
 \newblock Number: {INEEL}/{CON}-99-00374 Publisher: Idaho National Engineering and Environmental Laboratory.
 \bibitem{operator_statistics}
 {U.S. Nuclear Regulatory Commission}, ``{Operator Licensing}.'' \url{https://www.nrc.gov/reactors/operator-licensing}.
 \bibitem{10CFR55}
-{U.S. Nuclear Regulatory Commission}.
+{U.S. Nuclear Regulatory Commission}, ``{Part 55—Operators' Licenses}.'' \url{https://www.nrc.gov/reading-rm/doc-collections/cfr/part055/full-text}.
-\newblock Operators' licenses.
+
-\newblock 10 CFR Part 55.
+\bibitem{10CFR50.54}
-\newblock Code of Federal Regulations.
+{U.S. Nuclear Regulatory Commission}, ``{§ 50.54 Conditions of Licenses}.'' \url{https://www.nrc.gov/reading-rm/doc-collections/cfr/part050/part050-0054}.
 \bibitem{Kemeny1979}
-John~G. Kemeny et~al.
+J.~G. Kemeny {\em et~al.}, ``Report of the president's commission on the accident at three mile island,'' tech. rep., President's Commission on the Accident at Three Mile Island, October 1979.
 \newblock Report of the president's commission on the accident at three mile island.
 \newblock Technical report, President's Commission on the Accident at Three Mile Island, October 1979.
 \bibitem{DOE-HDBK-1028-2009}
 {U.S. Department of Energy}.
 \newblock Human performance handbook.
 \newblock Handbook DOE-HDBK-1028-2009, U.S. Department of Energy, 2009.
 \bibitem{WNA2020}
-{World Nuclear Association}.
+{World Nuclear Association}, ``Safety of nuclear power reactors.'' \url{https://www.world-nuclear.org/information-library/safety-and-security/safety-of-plants/safety-of-nuclear-power-reactors.aspx}, 2020.
 \newblock Safety of nuclear power reactors.
 \newblock \url{https://www.world-nuclear.org/information-library/safety-and-security/safety-of-plants/safety-of-nuclear-power-reactors.aspx}, 2020.
-\bibitem{IAEA-severe-accidents}
+\bibitem{hogberg_root_2013}
-{International Atomic Energy Agency}.
+L.~Högberg, ``Root causes and impacts of severe accidents at large nuclear power plants,'' vol.~42, no.~3, pp.~267--284.
 \newblock Human error as root cause in severe nuclear accidents.
 \newblock IAEA Safety Report.
 \newblock Analysis of TMI, Chernobyl, and Fukushima accidents.
-\bibitem{Wang2025}
+\bibitem{zhang_analysis_2025}
-Y.~Wang et~al.
+M.~Zhang, L.~Dai, W.~Chen, and E.~Pang, ``Analysis of human errors in nuclear power plant event reports,'' vol.~57, no.~10, p.~103687.
 \newblock Analysis of human error in nuclear power plant operations: A systematic review of events from 2007--2020.
 \newblock {\em Journal of Nuclear Safety}, 2025.
 \newblock Analysis of 190 events at Chinese nuclear power plants.
-\bibitem{Reason1990}
+\bibitem{Kiniry2024}
-James Reason.
+J.~Kiniry, A.~Bakst, S.~Hansen, M.~Podhradsky, and A.~Bivin, ``High assurance rigorous digital engineering for nuclear safety (hardens) final technical report,'' Tech. Rep. TLR-RES-RES/DE-2024-005, Galois, Inc. / U.S. Nuclear Regulatory Commission, 2024.
 \newblock {\em Human Error}.
 \newblock Cambridge University Press, 1990.
 \bibitem{Kiniry2022}
 Joseph Kiniry, Alexander Bakst, Michal Podhradsky, Simon Hansen, and Andrew Bivin.
 \newblock High assurance rigorous digital engineering for nuclear safety (hardens) final technical report.
 \newblock Technical Report ML22326A307, Galois, Inc. / U.S. Nuclear Regulatory Commission, 2022.
 \newblock NRC Contract 31310021C0014.
 \bibitem{eia_lcoe_2022}
 {U.S. Energy Information Administration}.
 \newblock Levelized costs of new generation resources in the annual energy outlook 2022.
 \newblock Report, U.S. Energy Information Administration, March 2022.
 \newblock See Table 1b, page 9.
 \bibitem{eesi_datacenter_2024}
 {Environmental and Energy Study Institute}.
 \newblock Data center energy needs are upending power grids and threatening the climate.
 \newblock Web article, 2024.
 \newblock Accessed: 2025-09-29.
 \end{thebibliography}
--- a/Writing/ERLM/main.blg
+++ b/Writing/ERLM/main.blg
@ -1,63 +1,61 @@
 This is BibTeX, Version 0.99d (TeX Live 2023/Debian)
 Capacity: max_strings=200000, hash_size=200000, hash_prime=170003
 The top-level auxiliary file: main.aux
-The style file: unsrt.bst
+The style file: ieeetr.bst
 White space in argument---line 10 of file main.aux
 : \citation{NRC
 :               WEBSITE IN ZOTERO FOR PRES}
 I'm skipping whatever remains of this command
 White space in argument---line 11 of file main.aux
 : \citation{ALSO
 :                IN PRES FOLDER}
 I'm skipping whatever remains of this command
 White space in argument---line 13 of file main.aux
 : \citation{NRC
 :               WEBSITE IN ZOTERO FOR PRES}
 I'm skipping whatever remains of this command
 White space in argument---line 14 of file main.aux
 : \citation{ALSO
 :                IN PRES FOLDER}
 I'm skipping whatever remains of this command
 Database file #1: references.bib
-You've used 11 entries,
+Warning--entry type for "gentillon_westinghouse_1999" isn't style-file defined
-            1791 wiz_defined-function locations,
+--line 32 of file references.bib
-            514 strings with 5426 characters,
+Warning--entry type for "operator_statistics" isn't style-file defined
-and the built_in function-call counts, 1577 in all, are:
+--line 45 of file references.bib
-= -- 140
+Warning--entry type for "10CFR50.54" isn't style-file defined
-> -- 65
+--line 59 of file references.bib
-< -- 3
+Warning--I didn't find a database entry for "eia_lcoe_2022"
-+ -- 28
+Warning--I didn't find a database entry for "eesi_datacenter_2024"
- -- 17
+Warning--empty author in WRPS.Description
-* -- 41
+Warning--empty year in WRPS.Description
-:= -- 291
+Warning--empty journal in hogberg_root_2013
-add.period$ -- 39
+Warning--empty year in hogberg_root_2013
-call.type$ -- 11
+Warning--empty journal in zhang_analysis_2025
-change.case$ -- 12
+Warning--empty year in zhang_analysis_2025
 You've used 13 entries,
            1876 wiz_defined-function locations,
            544 strings with 5480 characters,
 and the built_in function-call counts, 2138 in all, are:
 = -- 192
 > -- 92
 < -- 2
 + -- 38
 - -- 25
 * -- 130
 := -- 326
 add.period$ -- 14
 call.type$ -- 13
 change.case$ -- 15
 chr.to.int$ -- 0
-cite$ -- 11
+cite$ -- 19
-duplicate$ -- 71
+duplicate$ -- 92
-empty$ -- 166
+empty$ -- 229
-format.name$ -- 17
+format.name$ -- 25
-if$ -- 349
+if$ -- 511
 int.to.chr$ -- 0
-int.to.str$ -- 11
+int.to.str$ -- 13
-missing$ -- 3
+missing$ -- 2
-newline$ -- 64
+newline$ -- 44
-num.names$ -- 11
+num.names$ -- 12
-pop$ -- 43
+pop$ -- 57
 preamble$ -- 1
 purify$ -- 0
 quote$ -- 0
-skip$ -- 20
+skip$ -- 74
 stack$ -- 0
-substring$ -- 0
+substring$ -- 44
-swap$ -- 9
+swap$ -- 22
-text.length$ -- 3
+text.length$ -- 2
 text.prefix$ -- 0
 top$ -- 0
 type$ -- 0
-warning$ -- 0
+warning$ -- 6
-while$ -- 11
+while$ -- 16
-width$ -- 13
+width$ -- 15
-write$ -- 127
+write$ -- 107
-(There were 4 error messages)
+(There were 11 warnings)
--- a/Writing/ERLM/main.fdb_latexmk
+++ b/Writing/ERLM/main.fdb_latexmk
@ -1,13 +1,13 @@
 # Fdb version 4
-["bibtex main"] 1764869648.5559 "main.aux" "main.bbl" "main" 1764869648.59189 2
+["bibtex main"] 1764974760.71217 "main.aux" "main.bbl" "main" 1764974761.6655 0
-  "./references.bib" 1760575541.11204 17887 8c959c4bb228b5a8c44fd08ed0751b05 ""
+  "./references.bib" 1764974759.12837 5129 de2dc116e7908a86456f09f33e7d7ac7 ""
-  "/usr/share/texlive/texmf-dist/bibtex/bst/base/unsrt.bst" 1292289607 18030 1376b4b231b50c66211e47e42eda2875 ""
+  "/usr/share/texlive/texmf-dist/bibtex/bst/base/ieeetr.bst" 1292289607 18361 1a00e58565e7f19bf2b3e1bfb82254ae ""
-  "main.aux" 1764869648.39348 7615 5821c96fe1a36195d8b7d010b233e163 "pdflatex"
+  "main.aux" 1764974761.51097 7608 f4f0b295bef52d13062032206cc95973 "pdflatex"
  (generated)
  "main.bbl"
  "main.blg"
  (rewritten before read)
-["pdflatex"] 1764869647.67076 "main.tex" "main.pdf" "main" 1764869648.59211 0
+["pdflatex"] 1764974760.76605 "main.tex" "main.pdf" "main" 1764974761.66567 0
  "/etc/texmf/web2c/texmf.cnf" 1726065852.27662 475 c0e671620eb5563b2130f56340a5fde8 ""
  "/usr/share/texlive/texmf-dist/fonts/enc/dvips/base/8r.enc" 1165713224 4850 80dc9bab7f31fb78a000ccfed0e27cab ""
  "/usr/share/texlive/texmf-dist/fonts/map/fontname/texfonts.map" 1577235249 3524 cb3e574dea2d1052e39280babc910dc8 ""
@ -243,16 +243,16 @@
  "/var/lib/texmf/web2c/pdftex/pdflatex.fmt" 1726065868 6800790 607442c924ed54405961d2b8ac2a25ae ""
  "broader-impacts/v1.tex" 1762446356.88898 4913 f040011f0dbfa050cad013bb8737b473 ""
  "budget/v1.tex" 1762446356.88898 12864 1341c4cfdaf82dc649f2f47f3cc8ecd7 ""
-  "dane_proposal_format.cls" 1761234879.88179 2596 f4b1a6fb5a74347c13e92ea1ba135818 ""
+  "dane_proposal_format.cls" 1764974397.2375 2570 f29186d8a9397205c58fccc0fcffb76c ""
  "goals-and-outcomes/v6.tex" 1760575541.11104 6070 286ca847b1aac31431e0658cd2989ea2 ""
-  "main.aux" 1764869648.39348 7615 5821c96fe1a36195d8b7d010b233e163 "pdflatex"
+  "main.aux" 1764974761.51097 7608 f4f0b295bef52d13062032206cc95973 "pdflatex"
-  "main.bbl" 1764869648.58848 2497 61aa87b86cf1e92fd5306af01b0a5409 "bibtex main"
+  "main.bbl" 1764974760.75697 2467 75ddd8bc744ac1d7c685bc124699a008 "bibtex main"
-  "main.tex" 1764866127.56542 768 21c161623549be714dc49726837188d5 ""
+  "main.tex" 1764974466.74023 804 d25a45e5732ab0e63adac220a8893f96 ""
  "metrics-of-success/v1.tex" 1760575541.11204 6867 9f08b3208bb158042e2fc9bbfeecae68 ""
  "research-approach/v3.tex" 1760575541.11304 17351 6ed3e4ff3c33dd86d80597dbdb0cf36f ""
  "risks-and-contingencies/v1.tex" 1762446356.89155 15209 c8ff47d0cfbf72d9c457463c5114f2a8 ""
  "schedule/v1.tex" 1764192995.54631 8440 1c6c59ab8379c2aee45e5ad9b447e61d ""
-  "state-of-the-art/v6.tex" 1764869646.62949 14571 be2cbb52663460e4a029066fb8854728 ""
+  "state-of-the-art/v6.tex" 1764972984.45499 13382 928592dcd1dd1113207582a3c5467b68 ""
  "supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf" 1764192995.54731 76839 d12cfa78304f51e96ce0e12460ece1e3 ""
  "supplemental-sections/cv-1786798.pdf" 1764192995.54731 31602 224112b9f507ae1e989c0341a7eb3f42 ""
  "supplemental-sections/v1.tex" 1764192995.54731 2302 accf9c1dd3b7c2f35a3a051140113d63 ""
--- a/Writing/ERLM/main.fls
+++ b/Writing/ERLM/main.fls
@ -483,6 +483,10 @@ INPUT /usr/share/texlive/texmf-dist/tex/latex/psnfss/ts1ptm.fd
 INPUT /usr/share/texlive/texmf-dist/tex/latex/psnfss/ts1ptm.fd
 INPUT /usr/share/texlive/texmf-dist/fonts/tfm/adobe/times/ptmr8c.tfm
 INPUT /usr/share/texlive/texmf-dist/fonts/vf/adobe/times/ptmr8c.vf
 INPUT ./main.bbl
 INPUT ./main.bbl
 INPUT main.bbl
 INPUT /usr/share/texlive/texmf-dist/fonts/tfm/public/cm/cmtt12.tfm
 INPUT ./budget/v1.tex
 INPUT ./budget/v1.tex
 INPUT ./budget/v1.tex
@ -503,8 +507,8 @@ INPUT /usr/share/texlive/texmf-dist/fonts/vf/adobe/times/ptmr8c.vf
 INPUT /usr/share/texlive/texmf-dist/fonts/vf/adobe/times/ptmri7t.vf
 INPUT /usr/share/texlive/texmf-dist/fonts/tfm/adobe/times/ptmri8r.tfm
 INPUT /usr/share/texlive/texmf-dist/fonts/tfm/adobe/times/ptmb8c.tfm
 INPUT /usr/share/texlive/texmf-dist/fonts/tfm/adobe/times/ptmri8c.tfm
 INPUT /usr/share/texlive/texmf-dist/fonts/vf/adobe/times/ptmb8c.vf
 INPUT /usr/share/texlive/texmf-dist/fonts/tfm/adobe/times/ptmri8c.tfm
 INPUT /usr/share/texlive/texmf-dist/fonts/vf/adobe/times/ptmri8c.vf
 INPUT ./schedule/v1.tex
 INPUT ./schedule/v1.tex
@ -554,10 +558,6 @@ INPUT ./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf
 INPUT ./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf
 INPUT ./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf
 INPUT ./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf
 INPUT ./main.bbl
 INPUT ./main.bbl
 INPUT main.bbl
 INPUT /usr/share/texlive/texmf-dist/fonts/tfm/public/cm/cmtt12.tfm
 INPUT main.aux
 INPUT /usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/cm/cmmi10.pfb
 INPUT /usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/cm/cmr10.pfb
--- a/Writing/ERLM/main.log
+++ b/Writing/ERLM/main.log
@ -1,4 +1,4 @@
-This is pdfTeX, Version 3.141592653-2.6-1.40.25 (TeX Live 2023/Debian) (preloaded format=pdflatex 2024.9.11)  4 DEC 2025 12:34
+This is pdfTeX, Version 3.141592653-2.6-1.40.25 (TeX Live 2023/Debian) (preloaded format=pdflatex 2024.9.11)  5 DEC 2025 17:46
 entering extended mode
 restricted \write18 enabled.
 file:line:error style messages enabled.
@ -881,47 +881,49 @@ LaTeX Font Info:    Font shape `OT1/ptm/bx/n' in size <8> not available
 (Font)              Font shape `OT1/ptm/b/n' tried instead on input line 12.
 [1
-{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}{/usr/share/texlive/texmf-dist/fonts/enc/dvips/base/8r.enc}] (./goals-and-outcomes/v6.tex [1]) (./state-of-the-art/v6.tex [2] [3]
+{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}{/usr/share/texlive/texmf-dist/fonts/enc/dvips/base/8r.enc}] (./goals-and-outcomes/v6.tex [1]) (./state-of-the-art/v6.tex [2] [3] [4]) (./research-approach/v3.tex [5]
 LaTeX Warning: Citation `NRC WEBSITE IN ZOTERO FOR PRES' on page 4 undefined on input line 77.
 LaTeX Warning: Citation `ALSO IN PRES FOLDER' on page 4 undefined on input line 79.
 LaTeX Warning: Citation `NRC WEBSITE IN ZOTERO FOR PRES' on page 4 undefined on input line 85.
 LaTeX Warning: Citation `ALSO IN PRES FOLDER' on page 4 undefined on input line 86.
 [4] [5]) (./research-approach/v3.tex
 LaTeX Font Info:    Font shape `OT1/ptm/bx/n' in size <12> not available
 (Font)              Font shape `OT1/ptm/b/n' tried instead on input line 8.
 LaTeX Font Info:    Font shape `OT1/ptm/bx/n' in size <9> not available
 (Font)              Font shape `OT1/ptm/b/n' tried instead on input line 8.
 LaTeX Font Info:    Font shape `OT1/ptm/bx/n' in size <7> not available
 (Font)              Font shape `OT1/ptm/b/n' tried instead on input line 8.
- [6] [7] [8] [9]) (./metrics-of-success/v1.tex [10] [11]) (./risks-and-contingencies/v1.tex [12] [13] [14] [15]) (./broader-impacts/v1.tex
+ [6] [7] [8] [9]) (./metrics-of-success/v1.tex [10] [11]) (./risks-and-contingencies/v1.tex [12] [13] [14]) (./broader-impacts/v1.tex [15]
 LaTeX Font Info:    Trying to load font information for TS1+ptm on input line 14.
 (/usr/share/texlive/texmf-dist/tex/latex/psnfss/ts1ptm.fd
 File: ts1ptm.fd 2001/06/04 font definitions for TS1/ptm.
-) [16]) (./budget/v1.tex
+)
 LaTeX Warning: Citation `eia_lcoe_2022' on page 16 undefined on input line 14.
 LaTeX Warning: Citation `eesi_datacenter_2024' on page 16 undefined on input line 16.
 LaTeX Warning: Citation `eia_lcoe_2022' on page 16 undefined on input line 21.
 [16]) [17] (./main.bbl
 Underfull \hbox (badness 10000) in paragraph at lines 32--33
 \OT1/cmtt/m/n/12 nuclear . org / information -[] library / safety -[] and -[] security / safety -[] of -[]
 []
 ) [18] (./budget/v1.tex
 LaTeX Font Info:    Font shape `OT1/ptm/bx/n' in size <6> not available
 (Font)              Font shape `OT1/ptm/b/n' tried instead on input line 22.
- [17] [18] [19] [20]
+ [19] [20] [21]
 Overfull \hbox (22.53047pt too wide) in paragraph at lines 264--271
 [] []\OT1/ptm/b/n/12 Uni-ver-sity In-fras-truc-ture[] \OT1/ptm/m/n/12 The Uni-ver-sity of Pitts-burgh pro-vides com-pre-hen-sive MAT-LAB/Simulink
 []
-) (./schedule/v1.tex [21]
+) (./schedule/v1.tex [22]
 Missing character: There is no , in font nullfont!
 Overfull \hbox (35.80641pt too wide) in paragraph at lines 61--62
 [][] 
 []
-[22]) (./supplemental-sections/v1.tex
+[23]) (./supplemental-sections/v1.tex [24]
-<supplemental-sections/cv-1786798.pdf, id=110, 614.295pt x 794.97pt>
+<supplemental-sections/cv-1786798.pdf, id=118, 614.295pt x 794.97pt>
 File: supplemental-sections/cv-1786798.pdf Graphic file (type pdf)
 <use supplemental-sections/cv-1786798.pdf>
 Package pdftex.def Info: supplemental-sections/cv-1786798.pdf  used on input line 4.
@ -930,7 +932,7 @@ File: supplemental-sections/cv-1786798.pdf Graphic file (type pdf)
 <use supplemental-sections/cv-1786798.pdf>
 Package pdftex.def Info: supplemental-sections/cv-1786798.pdf  used on input line 4.
 (pdftex.def)             Requested size: 614.29349pt x 794.96806pt.
-<supplemental-sections/cv-1786798.pdf, id=113, page=1, 614.295pt x 794.97pt>
+<supplemental-sections/cv-1786798.pdf, id=121, page=1, 614.295pt x 794.97pt>
 File: supplemental-sections/cv-1786798.pdf Graphic file (type pdf)
 <use supplemental-sections/cv-1786798.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/cv-1786798.pdf , page1 used on input line 4.
@ -939,7 +941,7 @@ File: supplemental-sections/cv-1786798.pdf Graphic file (type pdf)
 <use supplemental-sections/cv-1786798.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/cv-1786798.pdf , page1 used on input line 4.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
- [23]
+ [25]
 File: supplemental-sections/cv-1786798.pdf Graphic file (type pdf)
 <use supplemental-sections/cv-1786798.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/cv-1786798.pdf , page1 used on input line 4.
@ -952,10 +954,10 @@ File: supplemental-sections/cv-1786798.pdf Graphic file (type pdf)
 <use supplemental-sections/cv-1786798.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/cv-1786798.pdf , page1 used on input line 4.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
- [24
+ [26
 <./supplemental-sections/cv-1786798.pdf>]
-<supplemental-sections/cv-1786798.pdf, id=134, page=2, 614.295pt x 794.97pt>
+<supplemental-sections/cv-1786798.pdf, id=141, page=2, 614.295pt x 794.97pt>
 File: supplemental-sections/cv-1786798.pdf Graphic file (type pdf)
 <use supplemental-sections/cv-1786798.pdf, page 2>
 Package pdftex.def Info: supplemental-sections/cv-1786798.pdf , page2 used on input line 4.
@ -967,81 +969,76 @@ Package pdftex.def Info: supplemental-sections/cv-1786798.pdf , page2 used on in
 File: supplemental-sections/cv-1786798.pdf Graphic file (type pdf)
 <use supplemental-sections/cv-1786798.pdf, page 2>
 Package pdftex.def Info: supplemental-sections/cv-1786798.pdf , page2 used on input line 4.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 [25
 <./supplemental-sections/cv-1786798.pdf>]
 <supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, id=138, 614.295pt x 794.97pt>
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf  used on input line 7.
 (pdftex.def)             Requested size: 614.29349pt x 794.96806pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf  used on input line 7.
 (pdftex.def)             Requested size: 614.29349pt x 794.96806pt.
 <supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, id=141, page=1, 614.295pt x 794.97pt>
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.29349pt x 794.96806pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 [26]
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 [27
- <./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>]
+ <./supplemental-sections/cv-1786798.pdf>]
-<supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, id=165, page=2, 614.295pt x 794.97pt>
+<supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, id=145, 614.295pt x 794.97pt>
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
-<use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 2>
+<use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>
-Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page2 used on input line 7.
+Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf  used on input line 7.
 (pdftex.def)             Requested size: 614.29349pt x 794.96806pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf  used on input line 7.
 (pdftex.def)             Requested size: 614.29349pt x 794.96806pt.
 <supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, id=148, page=1, 614.295pt x 794.97pt>
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.29349pt x 794.96806pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 [28]
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
-<use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 2>
+<use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
-Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page2 used on input line 7.
+Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
-<use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 2>
+<use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 1>
-Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page2 used on input line 7.
+Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page1 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 [28
 <./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>]
 <supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, id=169, page=3, 614.295pt x 794.97pt>
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 3>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page3 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 3>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page3 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 3>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page3 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 [29
- <./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>]) [30] (./main.bbl
+ <./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>]
-Underfull \hbox (badness 10000) in paragraph at lines 25--28
+<supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, id=172, page=2, 614.295pt x 794.97pt>
-\OT1/cmtt/m/n/12 nuclear . org / information -[] library / safety -[] and -[] security / safety -[] of -[]
+File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
- []
+<use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 2>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page2 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 2>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page2 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 2>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page2 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 [30
-) [31] (./main.aux)
+ <./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>]
 <supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, id=177, page=3, 614.295pt x 794.97pt>
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 3>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page3 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 3>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page3 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 File: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf Graphic file (type pdf)
 <use supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf, page 3>
 Package pdftex.def Info: supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf , page3 used on input line 7.
 (pdftex.def)             Requested size: 614.58406pt x 795.3441pt.
 [31
 <./supplemental-sections/High_Assurance_Autonomous_Control_Systems.pdf>]) [32] (./main.aux)
 ***********
 LaTeX2e <2023-11-01> patch level 1
 L3 programming layer <2024-01-22>
@ -1050,23 +1047,20 @@ L3 programming layer <2024-01-22>
 LaTeX Warning: There were undefined references.
 LaTeX Warning: Label(s) may have changed. Rerun to get cross-references right.
 ) 
 Here is how much of TeX's memory you used:
- 26054 strings out of 476182
+ 26056 strings out of 476182
- 542860 string characters out of 5795595
+ 542834 string characters out of 5795595
 1947975 words of memory out of 5000000
- 47473 multiletter control sequences out of 15000+600000
+ 47475 multiletter control sequences out of 15000+600000
 596976 words of font info for 119 fonts, out of 8000000 for 9000
 14 hyphenation exceptions out of 8191
 110i,17n,107p,1062b,952s stack positions out of 10000i,1000n,20000p,200000b,200000s
 </usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/cm/cmmi10.pfb></usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/cm/cmr10.pfb></usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/cm/cmsy10.pfb></usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/cm/cmtt12.pfb></usr/share/texlive/texmf-dist/fonts/type1/urw/symbol/usyr.pfb></usr/share/texlive/texmf-dist/fonts/type1/urw/times/utmb8a.pfb></usr/share/texlive/texmf-dist/fonts/type1/urw/times/utmbi8a.pfb></usr/share/texlive/texmf-dist/fonts/type1/urw/times/utmr8a.pfb></usr/share/texlive/texmf-dist/fonts/type1/urw/times/utmri8a.pfb>
-Output written on main.pdf (32 pages, 254817 bytes).
+Output written on main.pdf (33 pages, 254858 bytes).
 PDF statistics:
- 222 PDF objects out of 1000 (max. 8388607)
+ 225 PDF objects out of 1000 (max. 8388607)
- 131 compressed objects within 2 object streams
+ 133 compressed objects within 2 object streams
 0 named destinations out of 1000 (max. 500000)
 164 words of extra memory for PDF output out of 10000 (max. 10000000)
--- a/Writing/ERLM/main.pdf
+++ b/Writing/ERLM/main.pdf
--- a/Writing/ERLM/main.synctex.gz
+++ b/Writing/ERLM/main.synctex.gz
--- a/Writing/ERLM/main.tex
+++ b/Writing/ERLM/main.tex
@ -16,12 +16,14 @@
 \input{metrics-of-success/v1}
 \input{risks-and-contingencies/v1}
 \input{broader-impacts/v1}
 \newpage
 \bibliographystyle{ieeetr}
 \bibliography{references}
 \newpage
 \input{budget/v1}
 \input{schedule/v1}
 \input{supplemental-sections/v1}
 \newpage
 \bibliography{references}
 % White Paper
--- a/Writing/ERLM/references.bib
+++ b/Writing/ERLM/references.bib
@ -1,363 +1,67 @@
-% Foundational Papers
+@techreport{NUREG-0899,
-
+  title       = {Guidelines for the Preparation of Emergency Operating Procedures},
-@article{alur1995algorithmic,
+  author      = {{U.S. Nuclear Regulatory Commission}},
-  title={The algorithmic analysis of hybrid systems},
+  institution = {U.S. Nuclear Regulatory Commission},
-  author={Alur, Rajeev and Courcoubetis, Costas and Halbwachs, Nicolas and Henzinger, Thomas A and Ho, Pei-Hsin and Nicollin, Xavier and Olivero, Alfredo and Sifakis, Joseph and Yovine, Sergio},
+  year        = {1982},
-  journal={Theoretical Computer Science},
+  number      = {NUREG-0899}
  volume={138},
  number={1},
  pages={3--34},
  year={1995},
  publisher={Elsevier}
 }
-@inproceedings{alur1993hybrid,
+@misc{10CFR50.34,
-  title={Hybrid automata: An algorithmic approach to the specification and verification of hybrid systems},
+  title        = {{10 CFR Part 50.34}},
-  author={Alur, Rajeev and Courcoubetis, Costas and Henzinger, Thomas A and Ho, Pei-Hsin},
+  author       = {{U.S. Nuclear Regulatory Commission}},
-  booktitle={Hybrid Systems},
+  howpublished = {Code of Federal Regulations},
-  pages={209--229},
+  urldate     = {2025-12-05},
-  year={1993},
+  url          = {https://www.nrc.gov/reading-rm/doc-collections/cfr/part050/part050-0034}
  publisher={Springer}
 }
-@article{mitchell2005time,
+@misc{10CFR55.59,
-  title={A time-dependent Hamilton-Jacobi formulation of reachable sets for continuous dynamic games},
+  title = {{10 CFR Part 55.59}},
-  author={Mitchell, Ian M and Bayen, Alexandre M and Tomlin, Claire J},
+  author       = {{U.S. Nuclear Regulatory Commission}},
-  journal={IEEE Transactions on Automatic Control},
+  howpublished = {Code of Federal Regulations},
-  volume={50},
+  urldate     = {2025-12-05},
-  number={7},
+  url          = {https://www.nrc.gov/reading-rm/doc-collections/cfr/part055/part055-0059}
  pages={947--957},
  year={2005},
  publisher={IEEE}
 }
-@article{platzer2008differential,
+@techreport{WRPS.Description,
-  title={Differential dynamic logic for hybrid systems},
+    title = {{Westinghouse RPS System Description}},
-  author={Platzer, Andr{\'e}},
+    institution = {Westinghouse Electric Corporation},
-  journal={Journal of Automated Reasoning},
+    url = {https://nrcoe.inl.gov/publicdocs/SystemStudies/rps-w-description.pdf},
-  volume={41},
+    urldate = {2025-12-05}
  number={2},
  pages={143--189},
  year={2008},
  publisher={Springer}
 }
-@article{platzer2017complete,
+@online{gentillon_westinghouse_1999,
-  title={A complete uniform substitution calculus for differential dynamic logic},
+	title = {Westinghouse Reactor Protection System Unavailability, 1984-1995},
-  author={Platzer, Andr{\'e}},
+	url = {https://digital.library.unt.edu/ark:/67531/metadc620476/},
-  journal={Journal of Automated Reasoning},
+	titleaddon = {{PSA} '99, Washington, {DC} ({US}), 08/22/1999--08/25/1999},
-  volume={59},
+	type = {Article},
-  number={2},
+	author = {Gentillon, C. D. and Marksberry, D. and Rasmuson, D. and Calley, M. B. and Eide, S. A. and Wierman, T.},
-  pages={219--265},
+	urldate = {2025-12-05},
-  year={2017},
+	date = {1999-08-01},
-  publisher={Springer}
+	note = {Number: {INEEL}/{CON}-99-00374
 Publisher: Idaho National Engineering and Environmental Laboratory},
 	file = {Full Text PDF:/home/danesabo/Zotero/storage/7QKWQ8NI/Gentillon et al. - 1999 - Westinghouse Reactor Protection System Unavailability, 1984-1995.pdf:application/pdf},
 }
-@inproceedings{donze2010robust,
+@online{operator_statistics,
-  title={Robust satisfaction of temporal logic over real-valued signals},
+	title = {{Operator Licensing}},
-  author={Donz{\'e}, Alexandre and Maler, Oded},
+  author       = {{U.S. Nuclear Regulatory Commission}},
-  booktitle={International Conference on Formal Modeling and Analysis of Timed Systems},
+  howpublished = {\url{https://www.nrc.gov/reactors/operator-licensing}},
-  pages={92--106},
+	urldate = {2025-11-28},
-  year={2010},
+	file = {Operator Licensing | Nuclear Regulatory Commission:/home/danesabo/Zotero/storage/KUP9B5GH/operator-licensing.html:text/html},
  publisher={Springer}
 }
 % Control Theory and Stability
@article{geromel2006stability,
  title={Stability and stabilization of continuous-time switched linear systems},
  author={Geromel, Jos{\'e} C and Colaneri, Patrizio},
  journal={SIAM Journal on Control and Optimization},
  volume={45},
  number={5},
  pages={1915--1930},
  year={2006},
  publisher={SIAM}
 }
@book{liberzon2003switching,
  title={Switching in systems and control},
  author={Liberzon, Daniel},
  year={2003},
  publisher={Birkh{\"a}user Boston}
 }
@article{branicky1998multiple,
  title={Multiple Lyapunov functions and other analysis tools for switched and hybrid systems},
  author={Branicky, Michael S},
  journal={IEEE Transactions on Automatic Control},
  volume={43},
  number={4},
  pages={475--482},
  year={1998},
  publisher={IEEE}
 }
 % Recent Advances (2020-2025)
@article{yang2024learning,
  title={Learning Local Control Barrier Functions for Hybrid Systems},
  author={Yang, Shuo and Chen, Yiwei and Yin, Xiang and Mangharam, Rahul},
  journal={arXiv preprint arXiv:2401.14907},
  year={2024}
 }
@inproceedings{su2024switching,
  title={Switching Controller Synthesis for Hybrid Systems Against STL Formulas},
  author={Su, Mingyu and Vizel, Yakir and Vardi, Moshe Y},
  booktitle={International Symposium on Formal Methods},
  pages={231--248},
  year={2024},
  publisher={Springer}
 }
@article{yao2024model,
  title={Model predictive control of stochastic hybrid systems with signal temporal logic constraints},
  author={Yao, Li and Wang, Yiming and Chen, Xiang},
  journal={Automatica},
  volume={159},
  pages={111037},
  year={2024},
  publisher={Elsevier}
 }
@article{yu2024online,
  title={Online control synthesis for uncertain systems under signal temporal logic specifications},
  author={Yu, Pian and Gao, Yulong and Jiang, Frank J and Johansson, Karl H and Dimarogonas, Dimos V},
  journal={The International Journal of Robotics Research},
  volume={43},
  number={3},
  pages={284--307},
  year={2024},
  publisher={SAGE}
 }
 % Tools and Frameworks
@inproceedings{meyer2018strix,
  title={Strix: Explicit reactive synthesis strikes back!},
  author={Meyer, Philipp J and Luttenberger, Michael},
  booktitle={International Conference on Computer Aided Verification},
  pages={578--586},
  year={2018},
  publisher={Springer}
 }
@techreport{giannakopoulou2022fret,
  title={Capturing and Analyzing Requirements with FRET},
  author={Giannakopoulou, Dimitra and Mavridou, Anastasia and Rhein, Julian and Pressburger, Thomas and Schumann, Johann and Shi, Nija},
  institution={NASA Ames Research Center},
  year={2022},
  number={NASA/TM-20220007610}
 }
@inproceedings{fulton2015keymaera,
  title={KeYmaera X: An axiomatic tactical theorem prover for hybrid systems},
  author={Fulton, Nathan and Mitsch, Stefan and Quesel, Jan-David and V{\"o}lp, Marcus and Platzer, Andr{\'e}},
  booktitle={International Conference on Automated Deduction},
  pages={527--538},
  year={2015},
  publisher={Springer}
 }
@inproceedings{frehse2011spaceex,
  title={SpaceEx: Scalable verification of hybrid systems},
  author={Frehse, Goran and Le Guernic, Colas and Donz{\'e}, Alexandre and Cotton, Scott and Ray, Rajarshi and Lebeltel, Olivier and Ripado, Rodolfo and Girard, Antoine and Dang, Thao and Maler, Oded},
  booktitle={International Conference on Computer Aided Verification},
  pages={379--395},
  year={2011},
  publisher={Springer}
 }
@inproceedings{chen2013flow,
  title={Flow*: An analyzer for non-linear hybrid systems},
  author={Chen, Xin and {\'A}brah{\'a}m, Erika and Sankaranarayanan, Sriram},
  booktitle={International Conference on Computer Aided Verification},
  pages={258--263},
  year={2013},
  publisher={Springer}
 }
@inproceedings{larsen1997uppaal,
  title={UPPAAL in a nutshell},
  author={Larsen, Kim G and Pettersson, Paul and Yi, Wang},
  journal={International Journal on Software Tools for Technology Transfer},
  volume={1},
  number={1-2},
  pages={134--152},
  year={1997},
  publisher={Springer}
 }
 % Reachability and Verification
@INPROCEEDINGS{bansal2017hamilton,
  author={Bansal, Somil and Chen, Mo and Herbert, Sylvia and Tomlin, Claire J.},
  booktitle={2017 IEEE 56th Annual Conference on Decision and Control (CDC)}, 
  title={Hamilton-Jacobi reachability: A brief overview and recent advances}, 
  year={2017},
  volume={},
  pages={2242-2253},
  keywords={Games;Safety;Tools;Trajectory;Tutorials;Level set;Aircraft},
  doi={10.1109/CDC.2017.8263977}
 }
@article{althoff2021set,
  title={Set propagation techniques for reachability analysis},
  author={Althoff, Matthias and Frehse, Goran and Girard, Antoine},
  journal={Annual Review of Control, Robotics, and Autonomous Systems},
  volume={4},
  pages={369--395},
  year={2021},
  publisher={Annual Reviews}
 }
@inproceedings{tabuada2004compositional,
  title={Compositional abstractions of hybrid control systems},
  author={Tabuada, Paulo and Pappas, George J and Lima, Pedro},
  journal={Discrete Event Dynamic Systems},
  volume={14},
  number={2},
  pages={203--238},
  year={2004},
  publisher={Springer}
 }
 % Applications
@article{varaiya1993smart,
  title={Smart cars on smart roads: Problems of control},
  author={Varaiya, Pravin},
  journal={IEEE Transactions on Automatic Control},
  volume={38},
  number={2},
  pages={195--207},
  year={1993},
  publisher={IEEE}
 }
@article{verlinden2024hybrid,
  title={Hybrid reliability modeling of nuclear safety systems: A case study on the reactor protection system of a research reactor},
  author={Verlinden, S and Deridder, F and Wagemans, P},
  journal={Nuclear Engineering and Design},
  volume={417},
  pages={112868},
  year={2024},
  publisher={Elsevier}
 }
 % Competitions and Benchmarks
@inproceedings{hscc2024proceedings,
  title={Proceedings of the 27th ACM International Conference on Hybrid Systems: Computation and Control},
  booktitle={HSCC '24},
  year={2024},
  publisher={ACM},
  address={New York, NY, USA}
 }
@inproceedings{jacobs2017syntcomp,
  title={The 4th reactive synthesis competition (SYNTCOMP 2017): Benchmarks, participants \& results},
  author={Jacobs, Swen and Bloem, Roderick and Brenguier, Romain and others},
  booktitle={6th Workshop on Synthesis},
  year={2017},
  series={EPTCS},
  volume={260}
 }
 % Supporting Papers
@article{wabersich2018linear,
  title={Linear model predictive safety certification for learning-based control},
  author={Wabersich, Kim P and Zeilinger, Melanie N},
  journal={Automatica},
  volume={97},
  pages={48--59},
  year={2018},
  publisher={Elsevier}
 }
@inproceedings{prajna2004safety,
  title={Safety verification of hybrid systems using barrier certificates},
  author={Prajna, Stephen and Jadbabaie, Ali},
  booktitle={International Workshop on Hybrid Systems: Computation and Control},
  pages={477--492},
  year={2004},
  publisher={Springer}
 }
@article{ames2017control,
  title={Control barrier function based quadratic programs for safety critical systems},
  author={Ames, Aaron D and Xu, Xiangru and Grizzle, Jessy W and Tabuada, Paulo},
  journal={IEEE Transactions on Automatic Control},
  volume={62},
  number={8},
  pages={3861--3876},
  year={2017},
  publisher={IEEE}
 }
@article{srinivasan2018control,
  title={Control of mobile robots using barrier functions under temporal logic specifications},
  author={Srinivasan, Mohit and Coogan, Samuel},
  journal={IEEE Transactions on Robotics},
  volume={37},
  number={2},
  pages={363--374},
  year={2021},
  publisher={IEEE}
 }
 %broader impacts
@techreport{eia_lcoe_2022,
  author       = {{U.S. Energy Information Administration}},
  title        = {Levelized Costs of New Generation Resources in the Annual Energy Outlook 2022},
  institution  = {U.S. Energy Information Administration},
  year         = {2022},
  month        = {March},
  type         = {Report},
  url          = {https://www.eia.gov/outlooks/aeo/pdf/electricity_generation.pdf},
  note         = {See Table 1b, page 9}
 }
@misc{eesi_datacenter_2024,
  author       = {{Environmental and Energy Study Institute}},
  title        = {Data Center Energy Needs Are Upending Power Grids and Threatening the Climate},
  howpublished = {Web article},
  year         = {2024},
  url          = {https://www.eesi.org/articles/view/data-center-energy-needs-are-upending-power-grids-and-threatening-the-climate},
  note         = {Accessed: 2025-09-29}
 }
@techreport{DOE-HDBK-1028-2009,
  title        = {Human Performance Handbook},
  author       = {{U.S. Department of Energy}},
  institution  = {U.S. Department of Energy},
  year         = {2009},
  number       = {DOE-HDBK-1028-2009},
  type         = {Handbook}
 }
@misc{WNA2020,
  title        = {Safety of Nuclear Power Reactors},
  author       = {{World Nuclear Association}},
  year         = {2020},
  howpublished = {\url{https://www.world-nuclear.org/information-library/safety-and-security/safety-of-plants/safety-of-nuclear-power-reactors.aspx}}
 }
@article{Wang2025,
  title   = {Analysis of Human Error in Nuclear Power Plant Operations: A Systematic Review of Events from 2007--2020},
  author  = {Wang, Y. and others},
  journal = {Journal of Nuclear Safety},
  year    = {2025},
  note    = {Analysis of 190 events at Chinese nuclear power plants}
 }
@misc{10CFR55,
-  title        = {Operators' Licenses},
+	title = {{Part 55—Operators' Licenses}},
-  author       = {{U.S. Nuclear Regulatory Commission}},
+	author = {{U.S. Nuclear Regulatory Commission}},
-  howpublished = {10 CFR Part 55},
+	howpublished = {\url{https://www.nrc.gov/reading-rm/doc-collections/cfr/part055/full-text}},
-  note         = {Code of Federal Regulations}
+}
@online{10CFR50.54,
 	title = {{§ 50.54 Conditions of Licenses}},
  author = {{U.S. Nuclear Regulatory Commission}},
 	howpublished = {\url{https://www.nrc.gov/reading-rm/doc-collections/cfr/part050/part050-0054}},
 	urldate = {2025-11-28},
 	file = {§ 50.54 Conditions of licenses. | Nuclear Regulatory Commission:/home/danesabo/Zotero/storage/THTZUD3T/part050-0054.html:text/html},
 }
@techreport{Kemeny1979,
@ -368,180 +72,53 @@
  month       = {October}
 }
-@misc{10CFR50,
+@misc{WNA2020,
-  title        = {Domestic Licensing of Production and Utilization Facilities},
+  title        = {Safety of Nuclear Power Reactors},
-  author       = {{U.S. Nuclear Regulatory Commission}},
+  author       = {{World Nuclear Association}},
-  howpublished = {10 CFR Part 50},
+  year         = {2020},
-  note         = {Code of Federal Regulations}
+  howpublished = {\url{https://www.world-nuclear.org/information-library/safety-and-security/safety-of-plants/safety-of-nuclear-power-reactors.aspx}}
 }
-@techreport{NUREG-0899,
+@article{hogberg_root_2013,
-  title       = {Guidelines for the Preparation of Emergency Operating Procedures},
+	title = {Root Causes and Impacts of Severe Accidents at Large Nuclear Power Plants},
-  author      = {{U.S. Nuclear Regulatory Commission}},
+	volume = {42},
-  institution = {U.S. Nuclear Regulatory Commission},
+	issn = {0044-7447},
-  year        = {1982},
+	url = {https://pmc.ncbi.nlm.nih.gov/articles/PMC3606704/},
-  number      = {NUREG-0899}
+	doi = {10.1007/s13280-013-0382-x},
 	pages = {267--284},
 	number = {3},
 	journaltitle = {Ambio},
 	shortjournal = {Ambio},
 	author = {Högberg, Lars},
 	urldate = {2025-12-05},
 	date = {2013-04},
 	pmid = {23423737},
 	pmcid = {PMC3606704},
 	file = {Full Text:/home/danesabo/Zotero/storage/E8F2QZGR/Högberg - 2013 - Root Causes and Impacts of Severe Accidents at Large Nuclear Power Plants.pdf:application/pdf},
 }
-@techreport{IAEA-TECDOC-1580,
+@article{zhang_analysis_2025,
-  title       = {Good Practices for Cost Effective Maintenance of Nuclear Power Plants},
+	title = {Analysis of human errors in nuclear power plant event reports},
-  author      = {{International Atomic Energy Agency}},
+	volume = {57},
-  institution = {International Atomic Energy Agency},
+	issn = {1738-5733},
-  year        = {2007},
+	url = {https://www.sciencedirect.com/science/article/pii/S1738573325002554},
-  number      = {TECDOC-1580}
+	doi = {10.1016/j.net.2025.103687},
 	pages = {103687},
 	number = {10},
 	journaltitle = {Nuclear Engineering and Technology},
 	shortjournal = {Nuclear Engineering and Technology},
 	author = {Zhang, Meihui and Dai, Licao and Chen, Wenming and Pang, Ensheng},
 	urldate = {2025-12-05},
 	date = {2025-10-01},
 	keywords = {Active errors, {HFACS} model, Latent errors, Licensee event reports},
 	file = {ScienceDirect Snapshot:/home/danesabo/Zotero/storage/N5R2Z3GL/S1738573325002554.html:text/html},
 }
-@techreport{NUREG-2114,
+@techreport{Kiniry2024,
  title       = {Cognitive Basis for Human Reliability Analysis},
  author      = {{U.S. Nuclear Regulatory Commission}},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {2016},
  number      = {NUREG-2114}
 }
@article{Zerovnik2023,
  title   = {Knowledge Transfer Challenges in Nuclear Operations},
  author  = {\v{Z}erovnik, Gašper and others},
  journal = {Nuclear Engineering and Design},
  year    = {2023},
  note    = {Analysis of knowledge transfer from experienced operators}
 }
@article{Jo2021,
  title   = {Automation Paradox in Nuclear Power Plant Control: Effects on Operator Situation Awareness},
  author  = {Jo, Y. and others},
  journal = {Nuclear Engineering and Technology},
  year    = {2021},
  note    = {Empirical study of automation effects on operator performance}
 }
@techreport{IAEA2008,
  title       = {Modern Instrumentation and Control for Nuclear Power Plants: A Guidebook},
  author      = {{International Atomic Energy Agency}},
  institution = {International Atomic Energy Agency},
  year        = {2008},
  number      = {Technical Reports Series No. 387}
 }
@article{Lee2019,
  title   = {Autonomous Control of Nuclear Reactors Using Long Short-Term Memory Networks},
  author  = {Lee, D. and others},
  journal = {Nuclear Engineering and Technology},
  year    = {2019},
  note    = {Demonstration of LSTM-based autonomous control in LOC and SGTR scenarios}
 }
@inproceedings{IEEE2019,
  title     = {Formal Verification Challenges for Nuclear I\&C Systems},
  author    = {{IEEE Working Group}},
  booktitle = {IEEE Conference on Nuclear Power Instrumentation, Control and Human-Machine Interface Technologies},
  year      = {2019},
  note      = {Discussion of state space explosion in formal verification}
 }
@misc{IAEA-severe-accidents,
  title        = {Human Error as Root Cause in Severe Nuclear Accidents},
  author       = {{International Atomic Energy Agency}},
  howpublished = {IAEA Safety Report},
  note         = {Analysis of TMI, Chernobyl, and Fukushima accidents}
 }
@article{Dumas1999,
  title   = {Worker Error and Safety in Nuclear Facilities},
  author  = {Dumas, Lloyd},
  journal = {Journal of Nuclear Safety},
  year    = {1999},
  note    = {Study of incidents at 10 nuclear centers}
 }
@techreport{IAEA-INSAG-1,
  title       = {Summary Report on the Post-Accident Review Meeting on the Chernobyl Accident},
  author      = {{International Nuclear Safety Advisory Group}},
  institution = {International Atomic Energy Agency},
  year        = {1986},
  number      = {INSAG-1}
 }
@techreport{IAEA-INSAG-7,
  title       = {The Chernobyl Accident: Updating of INSAG-1},
  author      = {{International Nuclear Safety Advisory Group}},
  institution = {International Atomic Energy Agency},
  year        = {1992},
  number      = {INSAG-7}
 }
@techreport{NUREG-CR-1278,
  title       = {Handbook of Human Reliability Analysis with Emphasis on Nuclear Power Plant Applications (THERP)},
  author      = {Swain, A. D. and Guttmann, H. E.},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {1983},
  number      = {NUREG/CR-1278}
 }
@techreport{NUREG-CR-6883,
  title       = {The SPAR-H Human Reliability Analysis Method},
  author      = {Gertman, D. and others},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {2005},
  number      = {NUREG/CR-6883}
 }
@techreport{NUREG-2127,
  title       = {International HRA Empirical Study: Phase 1 Report},
  author      = {{U.S. Nuclear Regulatory Commission}},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {2013},
  number      = {NUREG-2127}
 }
@article{Rasmussen1983,
  title   = {Skills, Rules, and Knowledge; Signals, Signs, and Symbols, and Other Distinctions in Human Performance Models},
  author  = {Rasmussen, J.},
  journal = {IEEE Transactions on Systems, Man, and Cybernetics},
  year    = {1983},
  volume  = {SMC-13},
  number  = {3},
  pages   = {257--266}
 }
@article{Miller1956,
  title   = {The Magical Number Seven, Plus or Minus Two: Some Limits on Our Capacity for Processing Information},
  author  = {Miller, George A.},
  journal = {Psychological Review},
  year    = {1956},
  volume  = {63},
  number  = {2},
  pages   = {81--97}
 }
@techreport{NUREG-2256,
  title       = {Integrated Human Event Analysis System for Emergency Crew Actions (IDHEAS-ECA)},
  author      = {{U.S. Nuclear Regulatory Commission}},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {2022},
  number      = {NUREG-2256}
 }
@book{Reason1990,
  title     = {Human Error},
  author    = {Reason, James},
  publisher = {Cambridge University Press},
  year      = {1990}
 }
@article{Lee2018,
  title   = {Deep Reinforcement Learning for Autonomous Nuclear Reactor Control},
  author  = {Lee, D. and others},
  journal = {Nuclear Engineering and Design},
  year    = {2018},
  note    = {Demonstration of autonomous control superior to human-plus-automation}
 }
@techreport{Kiniry2022,
  title       = {High Assurance Rigorous Digital Engineering for Nuclear Safety (HARDENS) Final Technical Report},
-  author      = {Kiniry, Joseph and Bakst, Alexander and Podhradsky, Michal and Hansen, Simon and Bivin, Andrew},
+  author      = {Kiniry, Joseph and Bakst, Alexander and Hansen, Simon and Podhradsky, Michal and Bivin, Andrew},
  institution = {Galois, Inc. / U.S. Nuclear Regulatory Commission},
-  year        = {2022},
+  year        = {2024},
-  number      = {ML22326A307},
+  number      = {TLR-RES-RES/DE-2024-005},
  note        = {NRC Contract 31310021C0014}
 }
--- a/Writing/ERLM/references_old.bib
+++ b/Writing/ERLM/references_old.bib
@ -0,0 +1,547 @@
 % Foundational Papers
@article{alur1995algorithmic,
  title={The algorithmic analysis of hybrid systems},
  author={Alur, Rajeev and Courcoubetis, Costas and Halbwachs, Nicolas and Henzinger, Thomas A and Ho, Pei-Hsin and Nicollin, Xavier and Olivero, Alfredo and Sifakis, Joseph and Yovine, Sergio},
  journal={Theoretical Computer Science},
  volume={138},
  number={1},
  pages={3--34},
  year={1995},
  publisher={Elsevier}
 }
@inproceedings{alur1993hybrid,
  title={Hybrid automata: An algorithmic approach to the specification and verification of hybrid systems},
  author={Alur, Rajeev and Courcoubetis, Costas and Henzinger, Thomas A and Ho, Pei-Hsin},
  booktitle={Hybrid Systems},
  pages={209--229},
  year={1993},
  publisher={Springer}
 }
@article{mitchell2005time,
  title={A time-dependent Hamilton-Jacobi formulation of reachable sets for continuous dynamic games},
  author={Mitchell, Ian M and Bayen, Alexandre M and Tomlin, Claire J},
  journal={IEEE Transactions on Automatic Control},
  volume={50},
  number={7},
  pages={947--957},
  year={2005},
  publisher={IEEE}
 }
@article{platzer2008differential,
  title={Differential dynamic logic for hybrid systems},
  author={Platzer, Andr{\'e}},
  journal={Journal of Automated Reasoning},
  volume={41},
  number={2},
  pages={143--189},
  year={2008},
  publisher={Springer}
 }
@article{platzer2017complete,
  title={A complete uniform substitution calculus for differential dynamic logic},
  author={Platzer, Andr{\'e}},
  journal={Journal of Automated Reasoning},
  volume={59},
  number={2},
  pages={219--265},
  year={2017},
  publisher={Springer}
 }
@inproceedings{donze2010robust,
  title={Robust satisfaction of temporal logic over real-valued signals},
  author={Donz{\'e}, Alexandre and Maler, Oded},
  booktitle={International Conference on Formal Modeling and Analysis of Timed Systems},
  pages={92--106},
  year={2010},
  publisher={Springer}
 }
 % Control Theory and Stability
@article{geromel2006stability,
  title={Stability and stabilization of continuous-time switched linear systems},
  author={Geromel, Jos{\'e} C and Colaneri, Patrizio},
  journal={SIAM Journal on Control and Optimization},
  volume={45},
  number={5},
  pages={1915--1930},
  year={2006},
  publisher={SIAM}
 }
@book{liberzon2003switching,
  title={Switching in systems and control},
  author={Liberzon, Daniel},
  year={2003},
  publisher={Birkh{\"a}user Boston}
 }
@article{branicky1998multiple,
  title={Multiple Lyapunov functions and other analysis tools for switched and hybrid systems},
  author={Branicky, Michael S},
  journal={IEEE Transactions on Automatic Control},
  volume={43},
  number={4},
  pages={475--482},
  year={1998},
  publisher={IEEE}
 }
 % Recent Advances (2020-2025)
@article{yang2024learning,
  title={Learning Local Control Barrier Functions for Hybrid Systems},
  author={Yang, Shuo and Chen, Yiwei and Yin, Xiang and Mangharam, Rahul},
  journal={arXiv preprint arXiv:2401.14907},
  year={2024}
 }
@inproceedings{su2024switching,
  title={Switching Controller Synthesis for Hybrid Systems Against STL Formulas},
  author={Su, Mingyu and Vizel, Yakir and Vardi, Moshe Y},
  booktitle={International Symposium on Formal Methods},
  pages={231--248},
  year={2024},
  publisher={Springer}
 }
@article{yao2024model,
  title={Model predictive control of stochastic hybrid systems with signal temporal logic constraints},
  author={Yao, Li and Wang, Yiming and Chen, Xiang},
  journal={Automatica},
  volume={159},
  pages={111037},
  year={2024},
  publisher={Elsevier}
 }
@article{yu2024online,
  title={Online control synthesis for uncertain systems under signal temporal logic specifications},
  author={Yu, Pian and Gao, Yulong and Jiang, Frank J and Johansson, Karl H and Dimarogonas, Dimos V},
  journal={The International Journal of Robotics Research},
  volume={43},
  number={3},
  pages={284--307},
  year={2024},
  publisher={SAGE}
 }
 % Tools and Frameworks
@inproceedings{meyer2018strix,
  title={Strix: Explicit reactive synthesis strikes back!},
  author={Meyer, Philipp J and Luttenberger, Michael},
  booktitle={International Conference on Computer Aided Verification},
  pages={578--586},
  year={2018},
  publisher={Springer}
 }
@techreport{giannakopoulou2022fret,
  title={Capturing and Analyzing Requirements with FRET},
  author={Giannakopoulou, Dimitra and Mavridou, Anastasia and Rhein, Julian and Pressburger, Thomas and Schumann, Johann and Shi, Nija},
  institution={NASA Ames Research Center},
  year={2022},
  number={NASA/TM-20220007610}
 }
@inproceedings{fulton2015keymaera,
  title={KeYmaera X: An axiomatic tactical theorem prover for hybrid systems},
  author={Fulton, Nathan and Mitsch, Stefan and Quesel, Jan-David and V{\"o}lp, Marcus and Platzer, Andr{\'e}},
  booktitle={International Conference on Automated Deduction},
  pages={527--538},
  year={2015},
  publisher={Springer}
 }
@inproceedings{frehse2011spaceex,
  title={SpaceEx: Scalable verification of hybrid systems},
  author={Frehse, Goran and Le Guernic, Colas and Donz{\'e}, Alexandre and Cotton, Scott and Ray, Rajarshi and Lebeltel, Olivier and Ripado, Rodolfo and Girard, Antoine and Dang, Thao and Maler, Oded},
  booktitle={International Conference on Computer Aided Verification},
  pages={379--395},
  year={2011},
  publisher={Springer}
 }
@inproceedings{chen2013flow,
  title={Flow*: An analyzer for non-linear hybrid systems},
  author={Chen, Xin and {\'A}brah{\'a}m, Erika and Sankaranarayanan, Sriram},
  booktitle={International Conference on Computer Aided Verification},
  pages={258--263},
  year={2013},
  publisher={Springer}
 }
@inproceedings{larsen1997uppaal,
  title={UPPAAL in a nutshell},
  author={Larsen, Kim G and Pettersson, Paul and Yi, Wang},
  journal={International Journal on Software Tools for Technology Transfer},
  volume={1},
  number={1-2},
  pages={134--152},
  year={1997},
  publisher={Springer}
 }
 % Reachability and Verification
@INPROCEEDINGS{bansal2017hamilton,
  author={Bansal, Somil and Chen, Mo and Herbert, Sylvia and Tomlin, Claire J.},
  booktitle={2017 IEEE 56th Annual Conference on Decision and Control (CDC)}, 
  title={Hamilton-Jacobi reachability: A brief overview and recent advances}, 
  year={2017},
  volume={},
  pages={2242-2253},
  keywords={Games;Safety;Tools;Trajectory;Tutorials;Level set;Aircraft},
  doi={10.1109/CDC.2017.8263977}
 }
@article{althoff2021set,
  title={Set propagation techniques for reachability analysis},
  author={Althoff, Matthias and Frehse, Goran and Girard, Antoine},
  journal={Annual Review of Control, Robotics, and Autonomous Systems},
  volume={4},
  pages={369--395},
  year={2021},
  publisher={Annual Reviews}
 }
@inproceedings{tabuada2004compositional,
  title={Compositional abstractions of hybrid control systems},
  author={Tabuada, Paulo and Pappas, George J and Lima, Pedro},
  journal={Discrete Event Dynamic Systems},
  volume={14},
  number={2},
  pages={203--238},
  year={2004},
  publisher={Springer}
 }
 % Applications
@article{varaiya1993smart,
  title={Smart cars on smart roads: Problems of control},
  author={Varaiya, Pravin},
  journal={IEEE Transactions on Automatic Control},
  volume={38},
  number={2},
  pages={195--207},
  year={1993},
  publisher={IEEE}
 }
@article{verlinden2024hybrid,
  title={Hybrid reliability modeling of nuclear safety systems: A case study on the reactor protection system of a research reactor},
  author={Verlinden, S and Deridder, F and Wagemans, P},
  journal={Nuclear Engineering and Design},
  volume={417},
  pages={112868},
  year={2024},
  publisher={Elsevier}
 }
 % Competitions and Benchmarks
@inproceedings{hscc2024proceedings,
  title={Proceedings of the 27th ACM International Conference on Hybrid Systems: Computation and Control},
  booktitle={HSCC '24},
  year={2024},
  publisher={ACM},
  address={New York, NY, USA}
 }
@inproceedings{jacobs2017syntcomp,
  title={The 4th reactive synthesis competition (SYNTCOMP 2017): Benchmarks, participants \& results},
  author={Jacobs, Swen and Bloem, Roderick and Brenguier, Romain and others},
  booktitle={6th Workshop on Synthesis},
  year={2017},
  series={EPTCS},
  volume={260}
 }
 % Supporting Papers
@article{wabersich2018linear,
  title={Linear model predictive safety certification for learning-based control},
  author={Wabersich, Kim P and Zeilinger, Melanie N},
  journal={Automatica},
  volume={97},
  pages={48--59},
  year={2018},
  publisher={Elsevier}
 }
@inproceedings{prajna2004safety,
  title={Safety verification of hybrid systems using barrier certificates},
  author={Prajna, Stephen and Jadbabaie, Ali},
  booktitle={International Workshop on Hybrid Systems: Computation and Control},
  pages={477--492},
  year={2004},
  publisher={Springer}
 }
@article{ames2017control,
  title={Control barrier function based quadratic programs for safety critical systems},
  author={Ames, Aaron D and Xu, Xiangru and Grizzle, Jessy W and Tabuada, Paulo},
  journal={IEEE Transactions on Automatic Control},
  volume={62},
  number={8},
  pages={3861--3876},
  year={2017},
  publisher={IEEE}
 }
@article{srinivasan2018control,
  title={Control of mobile robots using barrier functions under temporal logic specifications},
  author={Srinivasan, Mohit and Coogan, Samuel},
  journal={IEEE Transactions on Robotics},
  volume={37},
  number={2},
  pages={363--374},
  year={2021},
  publisher={IEEE}
 }
 %broader impacts
@techreport{eia_lcoe_2022,
  author       = {{U.S. Energy Information Administration}},
  title        = {Levelized Costs of New Generation Resources in the Annual Energy Outlook 2022},
  institution  = {U.S. Energy Information Administration},
  year         = {2022},
  month        = {March},
  type         = {Report},
  url          = {https://www.eia.gov/outlooks/aeo/pdf/electricity_generation.pdf},
  note         = {See Table 1b, page 9}
 }
@misc{eesi_datacenter_2024,
  author       = {{Environmental and Energy Study Institute}},
  title        = {Data Center Energy Needs Are Upending Power Grids and Threatening the Climate},
  howpublished = {Web article},
  year         = {2024},
  url          = {https://www.eesi.org/articles/view/data-center-energy-needs-are-upending-power-grids-and-threatening-the-climate},
  note         = {Accessed: 2025-09-29}
 }
@techreport{DOE-HDBK-1028-2009,
  title        = {Human Performance Handbook},
  author       = {{U.S. Department of Energy}},
  institution  = {U.S. Department of Energy},
  year         = {2009},
  number       = {DOE-HDBK-1028-2009},
  type         = {Handbook}
 }
@misc{WNA2020,
  title        = {Safety of Nuclear Power Reactors},
  author       = {{World Nuclear Association}},
  year         = {2020},
  howpublished = {\url{https://www.world-nuclear.org/information-library/safety-and-security/safety-of-plants/safety-of-nuclear-power-reactors.aspx}}
 }
@article{Wang2025,
  title   = {Analysis of Human Error in Nuclear Power Plant Operations: A Systematic Review of Events from 2007--2020},
  author  = {Wang, Y. and others},
  journal = {Journal of Nuclear Safety},
  year    = {2025},
  note    = {Analysis of 190 events at Chinese nuclear power plants}
 }
@misc{10CFR55,
  title        = {Operators' Licenses},
  author       = {{U.S. Nuclear Regulatory Commission}},
  howpublished = {10 CFR Part 55},
  note         = {Code of Federal Regulations}
 }
@techreport{Kemeny1979,
  title       = {Report of the President's Commission on the Accident at Three Mile Island},
  author      = {Kemeny, John G. and others},
  institution = {President's Commission on the Accident at Three Mile Island},
  year        = {1979},
  month       = {October}
 }
@misc{10CFR50,
  title        = {Domestic Licensing of Production and Utilization Facilities},
  author       = {{U.S. Nuclear Regulatory Commission}},
  howpublished = {10 CFR Part 50},
  note         = {Code of Federal Regulations}
 }
@techreport{NUREG-0899,
  title       = {Guidelines for the Preparation of Emergency Operating Procedures},
  author      = {{U.S. Nuclear Regulatory Commission}},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {1982},
  number      = {NUREG-0899}
 }
@techreport{IAEA-TECDOC-1580,
  title       = {Good Practices for Cost Effective Maintenance of Nuclear Power Plants},
  author      = {{International Atomic Energy Agency}},
  institution = {International Atomic Energy Agency},
  year        = {2007},
  number      = {TECDOC-1580}
 }
@techreport{NUREG-2114,
  title       = {Cognitive Basis for Human Reliability Analysis},
  author      = {{U.S. Nuclear Regulatory Commission}},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {2016},
  number      = {NUREG-2114}
 }
@article{Zerovnik2023,
  title   = {Knowledge Transfer Challenges in Nuclear Operations},
  author  = {\v{Z}erovnik, Gašper and others},
  journal = {Nuclear Engineering and Design},
  year    = {2023},
  note    = {Analysis of knowledge transfer from experienced operators}
 }
@article{Jo2021,
  title   = {Automation Paradox in Nuclear Power Plant Control: Effects on Operator Situation Awareness},
  author  = {Jo, Y. and others},
  journal = {Nuclear Engineering and Technology},
  year    = {2021},
  note    = {Empirical study of automation effects on operator performance}
 }
@techreport{IAEA2008,
  title       = {Modern Instrumentation and Control for Nuclear Power Plants: A Guidebook},
  author      = {{International Atomic Energy Agency}},
  institution = {International Atomic Energy Agency},
  year        = {2008},
  number      = {Technical Reports Series No. 387}
 }
@article{Lee2019,
  title   = {Autonomous Control of Nuclear Reactors Using Long Short-Term Memory Networks},
  author  = {Lee, D. and others},
  journal = {Nuclear Engineering and Technology},
  year    = {2019},
  note    = {Demonstration of LSTM-based autonomous control in LOC and SGTR scenarios}
 }
@inproceedings{IEEE2019,
  title     = {Formal Verification Challenges for Nuclear I\&C Systems},
  author    = {{IEEE Working Group}},
  booktitle = {IEEE Conference on Nuclear Power Instrumentation, Control and Human-Machine Interface Technologies},
  year      = {2019},
  note      = {Discussion of state space explosion in formal verification}
 }
@misc{IAEA-severe-accidents,
  title        = {Human Error as Root Cause in Severe Nuclear Accidents},
  author       = {{International Atomic Energy Agency}},
  howpublished = {IAEA Safety Report},
  note         = {Analysis of TMI, Chernobyl, and Fukushima accidents}
 }
@article{Dumas1999,
  title   = {Worker Error and Safety in Nuclear Facilities},
  author  = {Dumas, Lloyd},
  journal = {Journal of Nuclear Safety},
  year    = {1999},
  note    = {Study of incidents at 10 nuclear centers}
 }
@techreport{IAEA-INSAG-1,
  title       = {Summary Report on the Post-Accident Review Meeting on the Chernobyl Accident},
  author      = {{International Nuclear Safety Advisory Group}},
  institution = {International Atomic Energy Agency},
  year        = {1986},
  number      = {INSAG-1}
 }
@techreport{IAEA-INSAG-7,
  title       = {The Chernobyl Accident: Updating of INSAG-1},
  author      = {{International Nuclear Safety Advisory Group}},
  institution = {International Atomic Energy Agency},
  year        = {1992},
  number      = {INSAG-7}
 }
@techreport{NUREG-CR-1278,
  title       = {Handbook of Human Reliability Analysis with Emphasis on Nuclear Power Plant Applications (THERP)},
  author      = {Swain, A. D. and Guttmann, H. E.},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {1983},
  number      = {NUREG/CR-1278}
 }
@techreport{NUREG-CR-6883,
  title       = {The SPAR-H Human Reliability Analysis Method},
  author      = {Gertman, D. and others},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {2005},
  number      = {NUREG/CR-6883}
 }
@techreport{NUREG-2127,
  title       = {International HRA Empirical Study: Phase 1 Report},
  author      = {{U.S. Nuclear Regulatory Commission}},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {2013},
  number      = {NUREG-2127}
 }
@article{Rasmussen1983,
  title   = {Skills, Rules, and Knowledge; Signals, Signs, and Symbols, and Other Distinctions in Human Performance Models},
  author  = {Rasmussen, J.},
  journal = {IEEE Transactions on Systems, Man, and Cybernetics},
  year    = {1983},
  volume  = {SMC-13},
  number  = {3},
  pages   = {257--266}
 }
@article{Miller1956,
  title   = {The Magical Number Seven, Plus or Minus Two: Some Limits on Our Capacity for Processing Information},
  author  = {Miller, George A.},
  journal = {Psychological Review},
  year    = {1956},
  volume  = {63},
  number  = {2},
  pages   = {81--97}
 }
@techreport{NUREG-2256,
  title       = {Integrated Human Event Analysis System for Emergency Crew Actions (IDHEAS-ECA)},
  author      = {{U.S. Nuclear Regulatory Commission}},
  institution = {U.S. Nuclear Regulatory Commission},
  year        = {2022},
  number      = {NUREG-2256}
 }
@book{Reason1990,
  title     = {Human Error},
  author    = {Reason, James},
  publisher = {Cambridge University Press},
  year      = {1990}
 }
@article{Lee2018,
  title   = {Deep Reinforcement Learning for Autonomous Nuclear Reactor Control},
  author  = {Lee, D. and others},
  journal = {Nuclear Engineering and Design},
  year    = {2018},
  note    = {Demonstration of autonomous control superior to human-plus-automation}
 }
@techreport{Kiniry2022,
  title       = {High Assurance Rigorous Digital Engineering for Nuclear Safety (HARDENS) Final Technical Report},
  author      = {Kiniry, Joseph and Bakst, Alexander and Podhradsky, Michal and Hansen, Simon and Bivin, Andrew},
  institution = {Galois, Inc. / U.S. Nuclear Regulatory Commission},
  year        = {2022},
  number      = {ML22326A307},
  note        = {NRC Contract 31310021C0014}
 }
--- a/Writing/ERLM/state-of-the-art/v6.tex
+++ b/Writing/ERLM/state-of-the-art/v6.tex
@ -17,11 +17,11 @@ Emergency Operating Procedures (EOPs) for design-basis accidents, Severe
 Accident Management Guidelines (SAMGs) for beyond-design-basis events, and
 Extensive Damage Mitigation Guidelines (EDMGs) for catastrophic damage
 scenarios. These procedures must comply with 10 CFR 50.34(b)(6)(ii) and are
-developed using guidance from NUREG-0899~\cite{NUREG-0899}, but their
+developed using guidance from NUREG-0900~\cite{NUREG-0899, 10CFR50.34}, but their
 development process relies fundamentally on expert judgment and simulator
 validation rather than formal verification. Procedures undergo technical
 evaluation, simulator validation testing, and biennial review as part of
-operator requalification under 10 CFR 55.59~\cite{10CFR55}. Despite these
+operator requalification under 10 CFR 55.59~\cite{10CFR55.59}. Despite these
 rigorous development processes, procedures fundamentally lack formal
 verification of key safety properties. There is no mathematical proof that
 procedures cover all possible plant states, that required actions can be
@ -38,29 +38,30 @@ computer-based procedure systems lack the formal guarantees that automated
 reasoning could provide.
 Nuclear plants operate with multiple control modes: automatic control where the
-reactor control system maintains target parameters through continuous rod
+reactor control system maintains target parameters through continuous reactivity
-adjustment, manual control where operators directly manipulate control rods, and
+adjustment, manual control where operators directly manipulate the reactor, and
 various intermediate modes. In typical pressurized water reactor operation, the
-reactor control system automatically maintains a floating average temperature,
+reactor control system automatically maintains a floating average temperature
-compensating for changes in power demand with reactivity feedback loops alone.
+and compensates for changes in power demand with reactivity feedback loops
-Safety systems instead operate with implemented automation. Reactor
+alone. Safety systems instead operate with implemented automation. Reactor
 Protection Systems trip automatically on safety signals with millisecond
 response times, and engineered safety features actuate automatically on accident
 signals without operator action required.
-The current division between automated and human-controlled functions
+% \textbf{LIMITATION:} \textit{Current practice treats continuous plant
-reveals the fundamental challenge of hybrid control. Highly
+% dynamics and discrete control logic separately.} No application of
-automated systems handle reactor protection like automatic trips on safety
+% hybrid control theory exists that could provide mathematical guarantees
-parameters, emergency core cooling actuation, containment isolation,
+% across mode transitions, verify timing properties formally, or optimize
-and basic process control. Human operators, however, retain control of
+% the automation-human interaction trade-off with provable safety bounds.
-strategic decision-making such as power level changes, startup/shutdown
+%
-sequences, mode transitions, and procedure implementation. %%%NEED MORE
+The current division between automated and human-controlled functions reveals
-
+the fundamental challenge of hybrid control. Highly automated systems handle
-\textbf{LIMITATION:} \textit{Current practice treats continuous plant
+reactor protection like automatic trips on safety parameters, emergency core
-dynamics and discrete control logic separately.} No application of
+cooling actuation, containment isolation, and basic process
-hybrid control theory exists that could provide mathematical guarantees
+control~\cite{WRPS.Description, gentillon_westinghouse_1999}. Human operators,
-across mode transitions, verify timing properties formally, or optimize
+however, retain control of strategic decision-making such as power level
-the automation-human interaction trade-off with provable safety bounds.
+changes, startup/shutdown sequences, mode transitions, and procedure
 implementation. %%%NEED MORE
 \subsection{Human Factors in Nuclear Accidents}
@ -70,50 +71,39 @@ most compelling motivation for formal automated control with
 mathematical safety guarantees.
 Current generation nuclear power plants employ 3,600+ active NRC-licensed
-reactor operators in the United States. These operators are divided into Reactor
+reactor operators in the United States~\cite{operator_statistics}. These
 Operators (ROs) who manipulate reactor controls and Senior Reactor Operators
 (SROs) who direct plant operations and serve as shift
 supervisors~\cite{10CFR55}. Staffing typically requires 2+ ROs with at least one
 SRO for current generation units~\cite{NRC WEBSITE IN ZOTERO FOR PRES}. To
 become a reactor operator, an individual spends several years to pass completed
 training~\cite{ALSO IN PRES FOLDER}. Current generation nuclear power plants
 employ 3,600+ active NRC-licensed reactor operators in the United States. These
 operators are divided into Reactor Operators (ROs) who manipulate reactor
 controls and Senior Reactor Operators (SROs) who direct plant operations and
 serve as shift supervisors~\cite{10CFR55}. Staffing typically requires 2+ ROs
-with at least one SRO for current generation units~\cite{NRC WEBSITE IN ZOTERO
+with at least one SRO for current generation units~\cite{10CFR50.54}. To become
-FOR PRES}. To become a reactor operator, an individual spends several years to
+a reactor operator, an individual spends several years to pass completed
-pass completed training~\cite{ALSO IN PRES FOLDER}.
+training.
 The role of these human operators is paradoxically both critical and
 problematic. Operators hold legal authority under 10 CFR Part 55 to make
 critical decisions including departing from normal regulations during
-emergencies. The Three Mile Island (TMI) accident demonstrated how ``combination
+emergencies. The Three Mile Island (TMI) accident demonstrated how combination
-of personnel error, design deficiencies, and component failures'' led to partial
+of personnel error, design deficiencies, and component failures led to partial
-meltdown when operators ``misread confusing and contradictory readings and shut
+meltdown when operators misread confusing and contradictory readings and shut
-off the emergency water system''~\cite{Kemeny1979}. The President's Commission
+off the emergency water system~\cite{Kemeny1979}. The President's Commission on
-on TMI identified a fundamental ambiguity: placing ``responsibility and
+TMI identified a fundamental ambiguity: placing responsibility and
-accountability for safe power plant operations...on the licensee in all
+accountability for safe power plant operations on the licensee in all
-circumstances'' without formal verification that operators can fulfill this
+circumstances without formal verification that operators can fulfill this
-responsibility under all conditions~\cite{Kemeny1979}.% CHECK THIS SOURCE...
+responsibility under all conditions does not guarantee safety. This tension
-This tension between operational flexibility and safety assurance remains
+between operational flexibility and safety assurance remains unresolved in
-unresolved in current practice as the person responsible for reactor safety
+current practice as the person responsible for reactor safety simultaneously is
-simultaneously is usually the root cause of a failure.
+usually the root cause of a failure.
-Multiple independent analyses converge on a striking statistic: 70--80\%
+Multiple independent analyses converge on a striking statistic: 70--80\% of all
-of all nuclear power plant events are attributed to human error versus
+nuclear power plant events are attributed to human error versus approximately
-approximately 20\% to equipment failures~\cite{DOE-HDBK-1028-2009,WNA2020}. More
+20\% to equipment failures~\cite{WNA2020}. More significantly, the root cause of
-significantly, the International Atomic Energy Agency concluded that ``human
+all severe accidents at nuclear power plants such as those at Three Mile Island,
-error was the root cause of all severe accidents at nuclear power plants''---a
+Chernobyl, and Fukushima Daiichi, has been identified as poor safety management
-categorical statement spanning Three Mile Island, Chernobyl, and Fukushima
+and poor safety culture--primarily human factors~\cite{hogberg_root_2013}. A
-Daiichi~\cite{IAEA-severe-accidents}. A detailed analysis of 190 events at
+detailed analysis of 190 events at Chinese nuclear power plants from
-Chinese nuclear power plants from 2007--2020~\cite{Wang2025} found that 53\% of
+2007--2020~\cite{zhang_analysis_2025} found that 53\% of events involved active
-events involved active errors while 92\% were associated with latent errors
+errors while 92\% were associated with latent errors (organizational and
-(organizational and systemic weaknesses that create conditions for failure). The
+systemic weaknesses that create conditions for failure). 
 persistence of this 70--80\% human error contribution despite four decades of
 continuous improvements in operator training, control room design, procedures,
 and human factors engineering. This suggests fundamental cognitive limitations
 rather than remediable deficiencies. %check all of these sources
 %%%%% This seems like a bad paragraph. Doesn't really connect with the idea of 
 %%%%% autonomy. Seems more like a design issue for the control room. With more
@ -139,37 +129,31 @@ rather than remediable deficiencies. %check all of these sources
 % assessed through expert judgment and historical data alone. 
 % % how does autonomy fix these issues exactly? This seems like
-\textbf{LIMITATION:} \textit{Human factors impose fundamental reliability
+\textbf{LIMITATION:} \textit{Human factors impose fundamental reliability limits
-limits that cannot be overcome through training alone.} Response time
+that cannot be overcome through training alone.} The persistent human
-limitations constrain human effectiveness---reactor protection systems
+error contribution despite four decades of improvements demonstrates that these
-must respond in milliseconds, 100--1000 times faster than human
+limitations are fundamental rather than remediable part of human-driven control.
 operators. Cognitive biases systematically distort judgment:
 confirmation bias, overconfidence, and anchoring bias are inherent
 features of human cognition, not individual failings~\cite{Reason1990}.
 The persistent 70--80\% human error contribution despite four decades of
 improvements demonstrates that these limitations are fundamental
 rather than remediable part of human-driven control.
 \subsection{HARDENS and Formal Methods}
 The High Assurance Rigorous Digital Engineering for Nuclear Safety (HARDENS)
 project represents the most advanced application of formal methods to nuclear
-reactor control systems to date. HARDENS aimed to address the nuclear industry's
+reactor control systems to date~\cite{Kiniry2024}. HARDENS aimed to address the nuclear industry's
 fundamental dilemma: existing U.S. nuclear control rooms rely on analog
 technologies from the 1950s--60s. This technology is woefully out of date
 compared to modern control technologies, and incurs significant risk and cost to
-plant operation. The NRC contracted Galois to demonstrate that Model-Based
+plant operation. The NRC contracted Galois, a company of formal methods experts,
-Systems Engineering and formal methods could design, verify, and implement a
+to demonstrate that Model-Based Systems Engineering and formal methods could
-complex protection system meeting regulatory criteria at a fraction of typical
+design, verify, and implement a complex protection system meeting regulatory
-cost. The project delivered a Reactor Trip System (RTS) implementation with full
+criteria at a fraction of typical cost. The project delivered a Reactor Trip
-traceability from NRC Request for Proposals and IEEE standards through
+System (RTS) implementation with full traceability from NRC Request for
-formal architecture specifications to formally verified binaries and
+Proposals and IEEE standards through formal architecture specifications to
-hardware running on FPGA demonstrator boards.
+formally verified software.
 %%% did it actually do an FPGA demonstration? Dubious.
 HARDENS employed an array of formal methods tools and techniques across the
 verification hierarchy. High-level specifications used Lando, SysMLv2, and FRET
-(NASA JPL's Formal Requirements Elicitation Tool) to capture stakeholder
+(NASA Formal Requirements Elicitation Tool) to capture stakeholder
 requirements, domain engineering, certification requirements, and safety
 requirements. % this sentence is long af
 Requirements were formally analyzed for consistency, completeness,
@ -202,8 +186,8 @@ safety margins.
 HARDENS produced a demonstrator system at Technology Readiness Level 2--3
 (analytical proof of concept with laboratory breadboard validation) rather than
 a deployment-ready system validated through extended operational testing. The
-NRC Final Report explicitly notes~\cite{Kiniry2022}: ``All material is
+NRC Final Report explicitly notes~\cite{Kiniry2024} that all material is
-considered in development and not a finalized product'' and ``The demonstration
+considered in development and not a finalized product and ``The demonstration
 of its technical soundness was to be at a level consistent with satisfaction of
 the current regulatory criteria, although with no explicit demonstration of how
 regulatory requirements are met.'' The project did not include deployment in