\contentsline {section}{Contents}{ii}{}%
\contentsline {section}{\numberline {1}Goals and Outcomes}{1}{}%
\contentsline {section}{\numberline {2}State of the Art and Limits of Current Practice}{3}{}%
\contentsline {subsection}{\numberline {2.1}Current Reactor Procedures and Operation}{3}{}%
\contentsline {subsection}{\numberline {2.2}Human Factors in Nuclear Accidents}{3}{}%
\contentsline {subsection}{\numberline {2.3}HARDENS and Formal Methods}{4}{}%
\contentsline {section}{\numberline {3}Research Approach}{6}{}%
\contentsline {subsection}{\numberline {3.1}System Requirements and Specifications}{7}{}%
\contentsline {subsection}{\numberline {3.2}Discrete Controller Synthesis}{10}{}%
\contentsline {subsection}{\numberline {3.3}Continuous Controllers}{10}{}%
\contentsline {subsubsection}{\numberline {3.3.1}Transitory Modes}{11}{}%
\contentsline {subsubsection}{\numberline {3.3.2}Stabilizing Modes}{12}{}%
\contentsline {subsubsection}{\numberline {3.3.3}Expulsory Modes}{13}{}%
\contentsline {subsection}{\numberline {3.4}Industrial Implementation}{14}{}%
\contentsline {section}{\numberline {4}Metrics for Success}{15}{}%
\contentsline {paragraph}{TRL 3 \textit {Critical Function and Proof of Concept}}{15}{}%
\contentsline {paragraph}{TRL 4 \textit {Laboratory Testing of Integrated Components}}{15}{}%
\contentsline {paragraph}{TRL 5 \textit {Laboratory Testing in Relevant Environment}}{15}{}%
\contentsline {section}{\numberline {5}Risks and Contingencies}{17}{}%
\contentsline {subsection}{\numberline {5.1}Computational Tractability of Synthesis}{17}{}%
\contentsline {subsection}{\numberline {5.2}Discrete-Continuous Interface Formalization}{17}{}%
\contentsline {subsection}{\numberline {5.3}Procedure Formalization Completeness}{18}{}%
\contentsline {section}{\numberline {6}Broader Impacts}{20}{}%
\contentsline {section}{\numberline {7}Schedule, Milestones, and Deliverables}{22}{}%
\contentsline {subsection}{\numberline {7.1}Milestones and Deliverables}{22}{}%
\contentsline {section}{References}{23}{}%