\section{State of the Art and Limits of Current Practice}

UNDER CONSTRUCTION

Basically this section is going to talk about:
\begin{enumerate}
  \item How operating procedures are written today
  \item How nuclear operators are trained and what their jobs are
  \item HARDENS - an early work trying to build a reactor emergency shutdown
    system with formal methods, by doing a lot of this translation stuff.
\end{enumerate}

Some key limits are:
\begin{enumerate}
  \item Operating procedures are written in natural language. This makes them
    unavoidable ambiguous and leaves instructions up to interpretation

  \item Human operators can make human errors. Discuss how most nuclear
    accidents are actually people driven, and not the fault of the plant itself.

  \item HARDENS does not consider continuous dynamics, nor did they really test
    anything to validate their system works. Dan says TRL 3. I begrudgingly
    agree.

\end{enumerate}