\section{Goals and Outcomes} % GOAL PARAGRAPH This research develops a methodology for creating autonomous hybrid control systems that provide mathematical guarantees of safe and correct behavior. % INTRODUCTORY PARAGRAPH Hook Nuclear power plants require the highest levels of control system reliability. Control system failures cause significant economic losses, service interruptions, or radiological release. % Known information Nuclear plant operations rely on extensively trained human operators who follow detailed written procedures and strict regulatory requirements to manage reactor control. These operators decide when to switch between different control modes based on their interpretation of plant conditions and procedural guidance. % Gap This reliance on human operators prevents autonomous control and creates a fundamental economic challenge for next-generation reactor designs. Small modular reactors face per-megawatt staffing costs far exceeding those of conventional plants, threatening their economic viability. The nuclear industry therefore needs autonomous control systems that safely manage complex operational sequences without constant human supervision while maintaining higher assurance than human-operated systems. % APPROACH PARAGRAPH Solution We combine formal methods with control theory to build hybrid control systems that are correct by construction. % Rationale Hybrid systems mirror how operators work: discrete logic switches between continuous control modes. Existing formal methods generate provably correct switching logic from written requirements but cannot handle the continuous dynamics during transitions between modes. Control theory verifies continuous behavior but lacks tools for proving correctness of discrete switching decisions. This gap between discrete and continuous verification prevents end-to-end correctness guarantees. % Hypothesis Our approach closes this gap by synthesizing discrete mode transitions directly from written operating procedures and verifying continuous behavior between transitions. We formalize existing procedures into logical specifications and verify continuous dynamics against transition requirements, enabling autonomous controllers provably free from design defects. This work is conducted within the University of Pittsburgh Cyber Energy Center, which provides access to industry collaboration and Emerson control hardware, ensuring that developed solutions align with practical implementation requirements. % OUTCOMES PARAGRAPHS If this research is successful, we will be able to do the following: \begin{enumerate} % OUTCOME 1 Title \item \textbf{Translate written procedures into verified control logic.} % Strategy We will develop a methodology for converting existing written operating procedures into formal specifications that can be automatically synthesized into discrete control logic. This process will use structured intermediate representations to bridge natural language procedures and mathematical logic. % Outcome Control system engineers will generate verified mode-switching controllers directly from regulatory procedures without formal methods expertise, lowering the barrier to high-assurance control systems. % OUTCOME 2 Title \item \textbf{Verify continuous control behavior across mode transitions.} % Strategy We will establish methods for analyzing continuous control modes to verify they satisfy discrete transition requirements. Classical control theory for linear systems and reachability analysis for nonlinear dynamics will verify that each continuous mode safely reaches its intended transitions. % Outcome Engineers will design continuous controllers using standard practices while maintaining formal correctness guarantees. Mode transitions will provably occur safely and at the correct times. % OUTCOME 3 Title \item \textbf{Demonstrate autonomous reactor startup control with safety guarantees.} % Strategy We will apply this methodology to develop an autonomous controller for nuclear reactor startup procedures, implementing it on a small modular reactor simulation using industry-standard control hardware. This demonstration will prove correctness across multiple coordinated control modes from cold shutdown through criticality to power operation. % Outcome We will demonstrate that autonomous hybrid control can be realized in the nuclear industry with current equipment, establishing a path toward reduced operator staffing while maintaining safety. \end{enumerate} % IMPACT PARAGRAPH Innovation These three outcomes—procedure translation, continuous verification, and hardware demonstration—together establish a complete methodology from regulatory documents to deployed systems. \textbf{The key innovation} unifies discrete synthesis with continuous verification, enabling end-to-end correctness guarantees for hybrid systems. Formal methods can verify discrete logic. Control theory can verify continuous dynamics. No existing methodology bridges both with compositional guarantees. This work establishes that bridge by treating discrete specifications as contracts that continuous controllers must satisfy. This enables independent verification of each layer while guaranteeing correct composition. % Outcome Impact If successful, control engineers will create autonomous controllers from existing procedures with mathematical proofs of correct behavior. High-assurance autonomous control will become practical for safety-critical applications. % Impact/Pay-off This capability is essential for the economic viability of next-generation nuclear power. Small modular reactors offer a promising solution to growing energy demands, but their success depends on reducing per-megawatt operating costs through increased autonomy. This research will provide the tools to achieve that autonomy while maintaining the exceptional safety record the nuclear industry requires.