Validation
After applying supervisor synthesis it is time to analyze the resulting supervisor model. Verification to ensure that the synthesized supervisor satisfies its specified requirements is superfluous, as the synthesized model is correct-by-construction.
The supervisor should however still be validated to ensure it behaves as intended. The specified requirements could not be the desired requirements, as they could for instance be wrongly specified or too strict, resulting in the system being controlled by the controller exhibiting unwanted or insufficient behavior.
The CIF simulator can be used to simulate CIF specifications. Especially when combining this with SVG visualization and interactive simulation, it is a very powerful way to validate whether the supervisory controller controls the system as intended. This may for instance reveal that additional requirements are needed, or existing requirements need to be adapted.
In case any issues are revealed through validation, for instance by means of simulation, these need to be addressed. Typically this involves changes to either the plant model or requirements model. After such changes, the supervisor can be re-synthesized automatically. Changes can be made iteratively, until confidence in the correctness of the controller is high enough.
The next step in the process to apply synthesis-based engineering in practice is to implement the supervisory controller.