-
Judo: A User-Friendly Open-Source Package for Sampling-Based Model Predictive Control
Authors:
Albert H. Li,
Brandon Hung,
Aaron D. Ames,
Jiuguang Wang,
Simon Le Cleac'h,
Preston Culbertson
Abstract:
Recent advancements in parallel simulation and successful robotic applications are spurring a resurgence in sampling-based model predictive control. To build on this progress, however, the robotics community needs common tooling for prototyping, evaluating, and deploying sampling-based controllers. We introduce Judo, a software package designed to address this need. To facilitate rapid prototyping…
▽ More
Recent advancements in parallel simulation and successful robotic applications are spurring a resurgence in sampling-based model predictive control. To build on this progress, however, the robotics community needs common tooling for prototyping, evaluating, and deploying sampling-based controllers. We introduce Judo, a software package designed to address this need. To facilitate rapid prototyping and evaluation, Judo provides robust implementations of common sampling-based MPC algorithms and standardized benchmark tasks. It further emphasizes usability with simple but extensible interfaces for controller and task definitions, asynchronous execution for straightforward simulation-to-hardware transfer, and a highly customizable interactive GUI for tuning controllers interactively. While written in Python, the software leverages MuJoCo as its physics backend to achieve real-time performance, which we validate across both consumer and server-grade hardware. Code at https://github.com/bdaiinstitute/judo.
△ Less
Submitted 20 June, 2025;
originally announced June 2025.
-
Categorical Lyapunov Theory II: Stability of Systems
Authors:
Aaron D. Ames,
Sébastien Mattenet,
Joe Moeller
Abstract:
Lyapunov's theorem provides a foundational characterization of stable equilibrium points in dynamical systems. In this paper, we develop a framework for stability for F-coalgebras. We give two definitions for a categorical setting in which we can study the stability of a coalgebra for an endofunctor F. One is minimal and better suited for concrete settings, while the other is more intricate and pr…
▽ More
Lyapunov's theorem provides a foundational characterization of stable equilibrium points in dynamical systems. In this paper, we develop a framework for stability for F-coalgebras. We give two definitions for a categorical setting in which we can study the stability of a coalgebra for an endofunctor F. One is minimal and better suited for concrete settings, while the other is more intricate and provides a richer theory. We prove a Lyapunov theorem for both notions of setting for stability, and a converse Lyapunov theorem for the second.
△ Less
Submitted 28 May, 2025;
originally announced May 2025.
-
Secure Safety Filter: Towards Safe Flight Control under Sensor Attacks
Authors:
Xiao Tan,
Junior Sundar,
Renzo Bruzzone,
Pio Ong,
Willian T. Lunardi,
Martin Andreoni,
Paulo Tabuada,
Aaron D. Ames
Abstract:
Modern autopilot systems are prone to sensor attacks that can jeopardize flight safety. To mitigate this risk, we proposed a modular solution: the secure safety filter, which extends the well-established control barrier function (CBF)-based safety filter to account for, and mitigate, sensor attacks. This module consists of a secure state reconstructor (which generates plausible states) and a safet…
▽ More
Modern autopilot systems are prone to sensor attacks that can jeopardize flight safety. To mitigate this risk, we proposed a modular solution: the secure safety filter, which extends the well-established control barrier function (CBF)-based safety filter to account for, and mitigate, sensor attacks. This module consists of a secure state reconstructor (which generates plausible states) and a safety filter (which computes the safe control input that is closest to the nominal one). Differing from existing work focusing on linear, noise-free systems, the proposed secure safety filter handles bounded measurement noise and, by leveraging reduced-order model techniques, is applicable to the nonlinear dynamics of drones. Software-in-the-loop simulations and drone hardware experiments demonstrate the effectiveness of the secure safety filter in rendering the system safe in the presence of sensor attacks.
△ Less
Submitted 11 May, 2025;
originally announced May 2025.
-
Secure Safety Filter Design for Sampled-data Nonlinear Systems under Sensor Spoofing Attacks
Authors:
Xiao Tan,
Pio Ong,
Paulo Tabuada,
Aaron D. Ames
Abstract:
This paper presents a secure safety filter design for nonlinear systems under sensor spoofing attacks. Existing approaches primarily focus on linear systems which limits their applications in real-world scenarios. In this work, we extend these results to nonlinear systems in a principled way. We introduce exact observability maps that abstract specific state estimation algorithms and extend them t…
▽ More
This paper presents a secure safety filter design for nonlinear systems under sensor spoofing attacks. Existing approaches primarily focus on linear systems which limits their applications in real-world scenarios. In this work, we extend these results to nonlinear systems in a principled way. We introduce exact observability maps that abstract specific state estimation algorithms and extend them to a secure version capable of handling sensor attacks. Our generalization also applies to the relaxed observability case, with slightly relaxed guarantees. More importantly, we propose a secure safety filter design in both exact and relaxed cases, which incorporates secure state estimation and a control barrier function-enabled safety filter. The proposed approach provides theoretical safety guarantees for nonlinear systems in the presence of sensor attacks. We numerically validate our analysis on a unicycle vehicle equipped with redundant yet partly compromised sensors.
△ Less
Submitted 11 May, 2025;
originally announced May 2025.
-
Dynamic Safety in Complex Environments: Synthesizing Safety Filters with Poisson's Equation
Authors:
Gilbert Bahati,
Ryan M. Bena,
Aaron D. Ames
Abstract:
Synthesizing safe sets for robotic systems operating in complex and dynamically changing environments is a challenging problem. Solving this problem can enable the construction of safety filters that guarantee safe control actions -- most notably by employing Control Barrier Functions (CBFs). This paper presents an algorithm for generating safe sets from perception data by leveraging elliptic part…
▽ More
Synthesizing safe sets for robotic systems operating in complex and dynamically changing environments is a challenging problem. Solving this problem can enable the construction of safety filters that guarantee safe control actions -- most notably by employing Control Barrier Functions (CBFs). This paper presents an algorithm for generating safe sets from perception data by leveraging elliptic partial differential equations, specifically Poisson's equation. Given a local occupancy map, we solve Poisson's equation subject to Dirichlet boundary conditions, with a novel forcing function. Specifically, we design a smooth guidance vector field, which encodes gradient information required for safety. The result is a variational problem for which the unique minimizer -- a safety function -- characterizes the safe set. After establishing our theoretical result, we illustrate how safety functions can be used in CBF-based safety filtering. The real-time utility of our synthesis method is highlighted through hardware demonstrations on quadruped and humanoid robots navigating dynamically changing obstacle-filled environments.
△ Less
Submitted 10 May, 2025;
originally announced May 2025.
-
Control Barrier Function Synthesis for Nonlinear Systems with Dual Relative Degree
Authors:
Gilbert Bahati,
Ryan K. Cosner,
Max H. Cohen,
Ryan M. Bena,
Aaron D. Ames
Abstract:
Control barrier functions (CBFs) are a powerful tool for synthesizing safe control actions; however, constructing CBFs remains difficult for general nonlinear systems. In this work, we provide a constructive framework for synthesizing CBFs for systems with dual relative degree -- where different inputs influence the outputs at two different orders of differentiation; this is common in systems with…
▽ More
Control barrier functions (CBFs) are a powerful tool for synthesizing safe control actions; however, constructing CBFs remains difficult for general nonlinear systems. In this work, we provide a constructive framework for synthesizing CBFs for systems with dual relative degree -- where different inputs influence the outputs at two different orders of differentiation; this is common in systems with orientation-based actuation, such as unicycles and quadrotors. In particular, we propose dual relative degree CBFs (DRD-CBFs) and show that these DRD-CBFs can be constructively synthesized and used to guarantee system safety. Our method constructs DRD-CBFs by leveraging the dual relative degree property -- combining a CBF for an integrator chain with a Lyapunov function certifying the tracking of safe inputs generated for this linear system. We apply these results to dual relative degree systems, both in simulation and experimentally on hardware using quadruped and quadrotor robotic platforms.
△ Less
Submitted 31 March, 2025;
originally announced April 2025.
-
Layered Nonlinear Model Predictive Control for Robust Stabilization of Hybrid Systems
Authors:
Zachary Olkin,
Aaron D. Ames
Abstract:
Computing the receding horizon optimal control of nonlinear hybrid systems is typically prohibitively slow, limiting real-time implementation. To address this challenge, we propose a layered Model Predictive Control (MPC) architecture for robust stabilization of hybrid systems. A high level "hybrid" MPC is solved at a slow rate to produce a stabilizing hybrid trajectory, potentially sub-optimally,…
▽ More
Computing the receding horizon optimal control of nonlinear hybrid systems is typically prohibitively slow, limiting real-time implementation. To address this challenge, we propose a layered Model Predictive Control (MPC) architecture for robust stabilization of hybrid systems. A high level "hybrid" MPC is solved at a slow rate to produce a stabilizing hybrid trajectory, potentially sub-optimally, including a domain and guard sequence. This domain and guard sequence is passed to a low level "fixed mode" MPC which is a traditional, time-varying, state-constrained MPC that can be solved rapidly, e.g., using nonlinear programming (NLP) tools. A robust version of the fixed mode MPC is constructed by using tracking error tubes that are not guaranteed to have finite size for all time. Using these tubes, we demonstrate that the speed at which the fixed mode MPC is re-calculated is directly tied to the robustness of the system, thereby justifying the layered approach. Finally, simulation examples of a five link bipedal robot and a controlled nonlinear bouncing ball are used to illustrate the formal results.
△ Less
Submitted 17 March, 2025;
originally announced March 2025.
-
Computationally Efficient Safe Control of Linear Systems under Severe Sensor Attacks
Authors:
Xiao Tan,
Pio Ong,
Paulo Tabuada,
Aaron D. Ames
Abstract:
Cyber-physical systems are prone to sensor attacks that can compromise safety. A common approach to synthesizing controllers robust to sensor attacks is secure state reconstruction (SSR) -- but this is computationally expensive, hindering real-time control. In this paper, we take a safety-critical perspective on mitigating severe sensor attacks, leading to a computationally efficient solution. Nam…
▽ More
Cyber-physical systems are prone to sensor attacks that can compromise safety. A common approach to synthesizing controllers robust to sensor attacks is secure state reconstruction (SSR) -- but this is computationally expensive, hindering real-time control. In this paper, we take a safety-critical perspective on mitigating severe sensor attacks, leading to a computationally efficient solution. Namely, we design feedback controllers that ensure system safety by directly computing control actions from past input-output data. Instead of fully solving the SSR problem, we use conservative bounds on a control barrier function (CBF) condition, which we obtain by extending the recent eigendecomposition-based SSR approach to severe sensor attack settings. Additionally, we present an extended approach that solves a smaller-scale subproblem of the SSR problem, taking on some computational burden to mitigate the conservatism in the main approach. Numerical comparisons confirm that the traditional SSR approaches suffer from combinatorial issues, while our approach achieves safety guarantees with greater computational efficiency.
△ Less
Submitted 28 February, 2025;
originally announced February 2025.
-
Categorical Lyapunov Theory I: Stability of Flows
Authors:
Aaron D. Ames,
Joe Moeller,
Paulo Tabuada
Abstract:
Lyapunov's theorem provides a fundamental characterization of the stability of dynamical systems. This paper presents a categorical framework for Lyapunov theory, generalizing stability analysis with Lyapunov functions categorically. Core to our approach is the set of axioms underlying a setting for stability, which give the necessary ingredients for ``doing Lyapunov theory'' in a category of inte…
▽ More
Lyapunov's theorem provides a fundamental characterization of the stability of dynamical systems. This paper presents a categorical framework for Lyapunov theory, generalizing stability analysis with Lyapunov functions categorically. Core to our approach is the set of axioms underlying a setting for stability, which give the necessary ingredients for ``doing Lyapunov theory'' in a category of interest. With these minimal assumptions, we define the stability of equilibria, formulate Lyapunov morphisms, and demonstrate that the existence of Lyapunov morphisms is necessary and sufficient for establishing the stability of flows. To illustrate these constructions, we show how classical notions of stability, e.g., for continuous and discrete time dynamical systems, are captured by this categorical framework for Lyapunov theory. Finally, to demonstrate the extensibility of our framework, we illustrate how enriched categories, e.g., Lawvere metric spaces, yield settings for stability enabling one to ``do Lyapunov theory'' in enriched categories.
△ Less
Submitted 21 February, 2025;
originally announced February 2025.
-
Learning for Layered Safety-Critical Control with Predictive Control Barrier Functions
Authors:
William D. Compton,
Max H. Cohen,
Aaron D. Ames
Abstract:
Safety filters leveraging control barrier functions (CBFs) are highly effective for enforcing safe behavior on complex systems. It is often easier to synthesize CBFs for a Reduced order Model (RoM), and track the resulting safe behavior on the Full order Model (FoM) -- yet gaps between the RoM and FoM can result in safety violations. This paper introduces \emph{predictive CBFs} to address this gap…
▽ More
Safety filters leveraging control barrier functions (CBFs) are highly effective for enforcing safe behavior on complex systems. It is often easier to synthesize CBFs for a Reduced order Model (RoM), and track the resulting safe behavior on the Full order Model (FoM) -- yet gaps between the RoM and FoM can result in safety violations. This paper introduces \emph{predictive CBFs} to address this gap by leveraging rollouts of the FoM to define a predictive robustness term added to the RoM CBF condition. Theoretically, we prove that this guarantees safety in a layered control implementation. Practically, we learn the predictive robustness term through massive parallel simulation with domain randomization. We demonstrate in simulation that this yields safe FoM behavior with minimal conservatism, and experimentally realize predictive CBFs on a 3D hopping robot.
△ Less
Submitted 5 December, 2024;
originally announced December 2024.
-
Rectified Control Barrier Functions for High-Order Safety Constraints
Authors:
Pio Ong,
Max H. Cohen,
Tamas G. Molnar,
Aaron D. Ames
Abstract:
This paper presents a novel approach for synthesizing control barrier functions (CBFs) from high relative degree safety constraints: Rectified CBFs (ReCBFs). We begin by discussing the limitations of existing High-Order CBF approaches and how these can be overcome by incorporating an activation function into the CBF construction. We then provide a comparative analysis of our approach with related…
▽ More
This paper presents a novel approach for synthesizing control barrier functions (CBFs) from high relative degree safety constraints: Rectified CBFs (ReCBFs). We begin by discussing the limitations of existing High-Order CBF approaches and how these can be overcome by incorporating an activation function into the CBF construction. We then provide a comparative analysis of our approach with related methods, such as CBF backstepping. Our results are presented first for safety constraints with relative degree two, then for mixed-input relative degree constraints, and finally for higher relative degrees. The theoretical developments are illustrated through simple running examples and an aircraft control problem.
△ Less
Submitted 4 December, 2024;
originally announced December 2024.
-
Minimizing Conservatism in Safety-Critical Control for Input-Delayed Systems via Adaptive Delay Estimation
Authors:
Yitaek Kim,
Ersin Das,
Jeeseop Kim,
Aaron D. Ames,
Joel W. Burdick,
Christoffer Sloth
Abstract:
Input delays affect systems such as teleoperation and wirelessly autonomous connected vehicles, and may lead to safety violations. One promising way to ensure safety in the presence of delay is to employ control barrier functions (CBFs), and extensions thereof that account for uncertainty: delay adaptive CBFs (DaCBFs). This paper proposes an online adaptive safety control framework for reducing th…
▽ More
Input delays affect systems such as teleoperation and wirelessly autonomous connected vehicles, and may lead to safety violations. One promising way to ensure safety in the presence of delay is to employ control barrier functions (CBFs), and extensions thereof that account for uncertainty: delay adaptive CBFs (DaCBFs). This paper proposes an online adaptive safety control framework for reducing the conservatism of DaCBFs. The main idea is to reduce the maximum delay estimation error bound so that the state prediction error bound is monotonically non-increasing. To this end, we first leverage the estimation error bound of a disturbance observer to bound the state prediction error. Second, we design two nonlinear programs to update the maximum delay estimation error bound satisfying the prediction error bound, and subsequently update the maximum state prediction error bound used in DaCBFs. The proposed method ensures the maximum state prediction error bound is monotonically non-increasing, yielding less conservatism in DaCBFs. We verify the proposed method in an automated connected truck application, showing that the proposed method reduces the conservatism of DaCBFs.
△ Less
Submitted 26 November, 2024;
originally announced November 2024.
-
Zero-Order Control Barrier Functions for Sampled-Data Systems with State and Input Dependent Safety Constraints
Authors:
Xiao Tan,
Ersin Das,
Aaron D. Ames,
Joel W. Burdick
Abstract:
We propose a novel zero-order control barrier function (ZOCBF) for sampled-data systems to ensure system safety. Our formulation generalizes conventional control barrier functions and straightforwardly handles safety constraints with high-relative degrees or those that explicitly depend on both system states and inputs. The proposed ZOCBF condition does not require any differentiation operation. I…
▽ More
We propose a novel zero-order control barrier function (ZOCBF) for sampled-data systems to ensure system safety. Our formulation generalizes conventional control barrier functions and straightforwardly handles safety constraints with high-relative degrees or those that explicitly depend on both system states and inputs. The proposed ZOCBF condition does not require any differentiation operation. Instead, it involves computing the difference of the ZOCBF values at two consecutive sampling instants. We propose three numerical approaches to enforce the ZOCBF condition, tailored to different problem settings and available computational resources. We demonstrate the effectiveness of our approach through a collision avoidance example and a rollover prevention example on uneven terrains.
△ Less
Submitted 8 April, 2025; v1 submitted 25 November, 2024;
originally announced November 2024.
-
Safety-Critical Controller Synthesis with Reduced-Order Models
Authors:
Max H. Cohen,
Noel Csomay-Shanklin,
William D. Compton,
Tamas G. Molnar,
Aaron D. Ames
Abstract:
Reduced-order models (ROMs) provide lower dimensional representations of complex systems, capturing their salient features while simplifying control design. Building on previous work, this paper presents an overarching framework for the integration of ROMs and control barrier functions, enabling the use of simplified models to construct safety-critical controllers while providing safety guarantees…
▽ More
Reduced-order models (ROMs) provide lower dimensional representations of complex systems, capturing their salient features while simplifying control design. Building on previous work, this paper presents an overarching framework for the integration of ROMs and control barrier functions, enabling the use of simplified models to construct safety-critical controllers while providing safety guarantees for complex full-order models. To achieve this, we formalize the connection between full and ROMs by defining projection mappings that relate the states and inputs of these models and leverage simulation functions to establish conditions under which safety guarantees may be transferred from a ROM to its corresponding full-order model. The efficacy of our framework is illustrated through simulation results on a drone and hardware demonstrations on ARCHER, a 3D hopping robot.
△ Less
Submitted 25 November, 2024;
originally announced November 2024.
-
Dynamic Tube MPC: Learning Tube Dynamics with Massively Parallel Simulation for Robust Safety in Practice
Authors:
William D. Compton,
Noel Csomay-Shanklin,
Cole Johnson,
Aaron D. Ames
Abstract:
Safe navigation of cluttered environments is a critical challenge in robotics. It is typically approached by separating the planning and tracking problems, with planning executed on a reduced order model to generate reference trajectories, and control techniques used to track these trajectories on the full order dynamics. Inevitable tracking error necessitates robustification of the nominal plan t…
▽ More
Safe navigation of cluttered environments is a critical challenge in robotics. It is typically approached by separating the planning and tracking problems, with planning executed on a reduced order model to generate reference trajectories, and control techniques used to track these trajectories on the full order dynamics. Inevitable tracking error necessitates robustification of the nominal plan to ensure safety; in many cases, this is accomplished via worst-case bounding, which ignores the fact that some trajectories of the planning model may be easier to track than others. In this work, we present a novel method leveraging massively parallel simulation to learn a dynamic tube representation, which characterizes tracking performance as a function of actions taken by the planning model. Planning model trajectories are then optimized such that the dynamic tube lies in the free space, allowing a balance between performance and safety to be traded off in real time. The resulting Dynamic Tube MPC is applied to the 3D hopping robot ARCHER, enabling agile and performant navigation of cluttered environments, and safe collision-free traversal of narrow corridors.
△ Less
Submitted 22 November, 2024;
originally announced November 2024.
-
Dynamically Feasible Path Planning in Cluttered Environments via Reachable Bezier Polytopes
Authors:
Noel Csomay-Shanklin,
William D. Compton,
Aaron D. Ames
Abstract:
The deployment of robotic systems in real world environments requires the ability to quickly produce paths through cluttered, non-convex spaces. These planned trajectories must be both kinematically feasible (i.e., collision free) and dynamically feasible (i.e., satisfy the underlying system dynamics), necessitating a consideration of both the free space and the dynamics of the robot in the path p…
▽ More
The deployment of robotic systems in real world environments requires the ability to quickly produce paths through cluttered, non-convex spaces. These planned trajectories must be both kinematically feasible (i.e., collision free) and dynamically feasible (i.e., satisfy the underlying system dynamics), necessitating a consideration of both the free space and the dynamics of the robot in the path planning phase. In this work, we explore the application of reachable Bezier polytopes as an efficient tool for generating trajectories satisfying both kinematic and dynamic requirements. Furthermore, we demonstrate that by offloading specific computation tasks to the GPU, such an algorithm can meet tight real time requirements. We propose a layered control architecture that efficiently produces collision free and dynamically feasible paths for nonlinear control systems, and demonstrate the framework on the tasks of 3D hopping in a cluttered environment.
△ Less
Submitted 20 November, 2024;
originally announced November 2024.
-
Bezier Reachable Polytopes: Efficient Certificates for Robust Motion Planning with Layered Architectures
Authors:
Noel Csomay-Shanklin,
Aaron D. Ames
Abstract:
Control architectures are often implemented in a layered fashion, combining independently designed blocks to achieve complex tasks. Providing guarantees for such hierarchical frameworks requires considering the capabilities and limitations of each layer and their interconnections at design time. To address this holistic design challenge, we introduce the notion of Bezier Reachable Polytopes -- cer…
▽ More
Control architectures are often implemented in a layered fashion, combining independently designed blocks to achieve complex tasks. Providing guarantees for such hierarchical frameworks requires considering the capabilities and limitations of each layer and their interconnections at design time. To address this holistic design challenge, we introduce the notion of Bezier Reachable Polytopes -- certificates of reachable points in the space of Bezier polynomial reference trajectories. This approach captures the set of trajectories that can be tracked by a low-level controller while satisfying state and input constraints, and leverages the geometric properties of Bezier polynomials to maintain an efficient polytopic representation. As a result, these certificates serve as a constructive tool for layered architectures, enabling long-horizon tasks to be reasoned about in a computationally tractable manner.
△ Less
Submitted 20 November, 2024;
originally announced November 2024.
-
Robust Adaptive Safe Robotic Grasping with Tactile Sensing
Authors:
Yitaek Kim,
Jeeseop Kim,
Albert H. Li,
Aaron D. Ames,
Christoffer Sloth
Abstract:
Robotic grasping requires safe force interaction to prevent a grasped object from being damaged or slipping out of the hand. In this vein, this paper proposes an integrated framework for grasping with formal safety guarantees based on Control Barrier Functions. We first design contact force and force closure constraints, which are enforced by a safety filter to accomplish safe grasping with finger…
▽ More
Robotic grasping requires safe force interaction to prevent a grasped object from being damaged or slipping out of the hand. In this vein, this paper proposes an integrated framework for grasping with formal safety guarantees based on Control Barrier Functions. We first design contact force and force closure constraints, which are enforced by a safety filter to accomplish safe grasping with finger force control. For sensory feedback, we develop a technique to estimate contact point, force, and torque from tactile sensors at each finger. We verify the framework with various safety filters in a numerical simulation under a two-finger grasping scenario. We then experimentally validate the framework by grasping multiple objects, including fragile lab glassware, in a real robotic setup, showing that safe grasping can be successfully achieved in the real world. We evaluate the performance of each safety filter in the context of safety violation and conservatism, and find that disturbance observer-based control barrier functions provide superior performance for safety guarantees with minimum conservatism. The demonstration video is available at https://youtu.be/Cuj47mkXRdg.
△ Less
Submitted 12 November, 2024;
originally announced November 2024.
-
A Contract Theory for Layered Control Architectures
Authors:
Manuel Mazo Jr.,
Will Compton,
Max H. Cohen,
Aaron D. Ames
Abstract:
Autonomous systems typically leverage layered control architectures with a combination of discrete and continuous models operating at different timescales. As a result, layered systems form a new class of hybrid systems composed of systems operating on a diverse set of continuous and discrete signals. This paper formalizes the notion of a layered (hierarchical) control architecture through a theor…
▽ More
Autonomous systems typically leverage layered control architectures with a combination of discrete and continuous models operating at different timescales. As a result, layered systems form a new class of hybrid systems composed of systems operating on a diverse set of continuous and discrete signals. This paper formalizes the notion of a layered (hierarchical) control architecture through a theory of relations between its layers. This theory enables us to formulate contracts within layered control systems -- these define interfaces between layers and isolate the design of each layer, guaranteeing that composition of contracts at each layer results in a contract capturing the desired system-wide specification. Thus, the proposed theory yields the ability to analyze layered control architectures via a compositional approach.
△ Less
Submitted 23 September, 2024;
originally announced September 2024.
-
Bilevel Optimization for Real-Time Control with Application to Locomotion Gait Generation
Authors:
Zachary Olkin,
Aaron D. Ames
Abstract:
Model Predictive Control (MPC) is a common tool for the control of nonlinear, real-world systems, such as legged robots. However, solving MPC quickly enough to enable its use in real-time is often challenging. One common solution is given by real-time iterations, which does not solve the MPC problem to convergence, but rather close enough to give an approximate solution. In this paper, we extend t…
▽ More
Model Predictive Control (MPC) is a common tool for the control of nonlinear, real-world systems, such as legged robots. However, solving MPC quickly enough to enable its use in real-time is often challenging. One common solution is given by real-time iterations, which does not solve the MPC problem to convergence, but rather close enough to give an approximate solution. In this paper, we extend this idea to a bilevel control framework where a "high-level" optimization program modifies a controller parameter of a "low-level" MPC problem which generates the control inputs and desired state trajectory. We propose an algorithm to iterate on this bilevel program in real-time and provide conditions for its convergence and improvements in stability. We then demonstrate the efficacy of this algorithm by applying it to a quadrupedal robot where the high-level problem optimizes a contact schedule in real-time. We show through simulation that the algorithm can yield improvements in disturbance rejection and optimality, while creating qualitatively new gaits.
△ Less
Submitted 18 September, 2024;
originally announced September 2024.
-
Hierarchical Event-Triggered Systems: Safe Learning of Quasi-Optimal Deadline Policies
Authors:
Pio Ong,
Manuel Mazo Jr.,
Aaron D. Ames
Abstract:
We present a hierarchical architecture to improve the efficiency of event-triggered control (ETC) in reducing resource consumption. This paper considers event-triggered systems generally as an impulsive control system in which the objective is to minimize the number of impulses. Our architecture recognizes that traditional ETC is a greedy strategy towards optimizing average inter-event times and i…
▽ More
We present a hierarchical architecture to improve the efficiency of event-triggered control (ETC) in reducing resource consumption. This paper considers event-triggered systems generally as an impulsive control system in which the objective is to minimize the number of impulses. Our architecture recognizes that traditional ETC is a greedy strategy towards optimizing average inter-event times and introduces the idea of a deadline policy for the optimization of long-term discounted inter-event times. A lower layer is designed employing event-triggered control to guarantee the satisfaction of control objectives, while a higher layer implements a deadline policy designed with reinforcement learning to improve the discounted inter-event time. We apply this scheme to the control of an orbiting spacecraft, showing superior performance in terms of actuation frequency reduction with respect to a standard (one-layer) ETC while maintaining safety guarantees.
△ Less
Submitted 15 September, 2024;
originally announced September 2024.
-
Safety of Linear Systems under Severe Sensor Attacks
Authors:
Xiao Tan,
Pio Ong,
Paulo Tabuada,
Aaron D. Ames
Abstract:
Cyber-physical systems can be subject to sensor attacks, e.g., sensor spoofing, leading to unsafe behaviors. This paper addresses this problem in the context of linear systems when an omniscient attacker can spoof several system sensors at will. In this adversarial environment, existing results have derived necessary and sufficient conditions under which the state estimation problem has a unique s…
▽ More
Cyber-physical systems can be subject to sensor attacks, e.g., sensor spoofing, leading to unsafe behaviors. This paper addresses this problem in the context of linear systems when an omniscient attacker can spoof several system sensors at will. In this adversarial environment, existing results have derived necessary and sufficient conditions under which the state estimation problem has a unique solution. In this work, we consider a severe attacking scenario when such conditions do not hold. To deal with potential state estimation uncertainty, we derive an exact characterization of the set of all possible state estimates. Using the framework of control barrier functions, we propose design principles for system safety in offline and online phases. For the offline phase, we derive conditions on safe sets for all possible sensor attacks that may be encountered during system deployment. For the online phase, with past system measurements collected, a quadratic program-based safety filter is proposed to enforce system safety. A 2D-vehicle example is used to illustrate the theoretical results.
△ Less
Submitted 12 September, 2024;
originally announced September 2024.
-
Constructive Nonlinear Control of Underactuated Systems via Zero Dynamics Policies
Authors:
William Compton,
Ivan Dario Jimenez Rodriguez,
Noel Csomay-Shanklin,
Yisong Yue,
Aaron D. Ames
Abstract:
Stabilizing underactuated systems is an inherently challenging control task due to fundamental limitations on how the control input affects the unactuated dynamics. Decomposing the system into actuated (output) and unactuated (zero) coordinates provides useful insight as to how input enters the system dynamics. In this work, we leverage the structure of this decomposition to formalize the idea of…
▽ More
Stabilizing underactuated systems is an inherently challenging control task due to fundamental limitations on how the control input affects the unactuated dynamics. Decomposing the system into actuated (output) and unactuated (zero) coordinates provides useful insight as to how input enters the system dynamics. In this work, we leverage the structure of this decomposition to formalize the idea of Zero Dynamics Policies (ZDPs) -- a mapping from the unactuated coordinates to desired actuated coordinates. Specifically, we show that a ZDP exists in a neighborhood of the origin, and prove that combining output stabilization with a ZDP results in stability of the full system state. We detail a constructive method of obtaining ZDPs in a neighborhood of the origin, and propose a learning-based approach which leverages optimal control to obtain ZDPs with much larger regions of attraction. We demonstrate that such a paradigm can be used to stabilize the canonical underactuated system of the cartpole, and showcase an improvement over the nominal performance of LQR.
△ Less
Submitted 26 August, 2024;
originally announced August 2024.
-
Constructive Safety-Critical Control: Synthesizing Control Barrier Functions for Partially Feedback Linearizable Systems
Authors:
Max H. Cohen,
Ryan K. Cosner,
Aaron D. Ames
Abstract:
Certifying the safety of nonlinear systems, through the lens of set invariance and control barrier functions (CBFs), offers a powerful method for controller synthesis, provided a CBF can be constructed. This paper draws connections between partial feedback linearization and CBF synthesis. We illustrate that when a control affine system is input-output linearizable with respect to a smooth output f…
▽ More
Certifying the safety of nonlinear systems, through the lens of set invariance and control barrier functions (CBFs), offers a powerful method for controller synthesis, provided a CBF can be constructed. This paper draws connections between partial feedback linearization and CBF synthesis. We illustrate that when a control affine system is input-output linearizable with respect to a smooth output function, then, under mild regularity conditions, one may extend any safety constraint defined on the output to a CBF for the full-order dynamics. These more general results are specialized to robotic systems where the conditions required to synthesize CBFs simplify. The CBFs constructed from our approach are applied and verified in simulation and hardware experiments on a quadrotor.
△ Less
Submitted 4 June, 2024;
originally announced June 2024.
-
Flow-Based Synthesis of Reactive Tests for Discrete Decision-Making Systems with Temporal Logic Specifications
Authors:
Josefine B. Graebener,
Apurva S. Badithela,
Denizalp Goktas,
Wyatt Ubellacker,
Eric V. Mazumdar,
Aaron D. Ames,
Richard M. Murray
Abstract:
Designing tests to evaluate if a given autonomous system satisfies complex specifications is challenging due to the complexity of these systems. This work proposes a flow-based approach for reactive test synthesis from temporal logic specifications, enabling the synthesis of test environments consisting of static and reactive obstacles and dynamic test agents. The temporal logic specifications des…
▽ More
Designing tests to evaluate if a given autonomous system satisfies complex specifications is challenging due to the complexity of these systems. This work proposes a flow-based approach for reactive test synthesis from temporal logic specifications, enabling the synthesis of test environments consisting of static and reactive obstacles and dynamic test agents. The temporal logic specifications describe desired test behavior, including system requirements as well as a test objective that is not revealed to the system. The synthesized test strategy places restrictions on system actions in reaction to the system state. The tests are minimally restrictive and accomplish the test objective while ensuring realizability of the system's objective without aiding it (semi-cooperative setting). Automata theory and flow networks are leveraged to formulate a mixed-integer linear program (MILP) to synthesize the test strategy. For a dynamic test agent, the agent strategy is synthesized for a GR(1) specification constructed from the solution of the MILP. If the specification is unrealizable by the dynamics of the test agent, a counterexample-guided approach is used to resolve the MILP until a strategy is found. This flow-based, reactive test synthesis is conducted offline and is agnostic to the system controller. Finally, the resulting test strategy is demonstrated in simulation and experimentally on a pair of quadrupedal robots for a variety of specifications.
△ Less
Submitted 15 April, 2024;
originally announced April 2024.
-
Risk-Aware Robotics: Tail Risk Measures in Planning, Control, and Verification
Authors:
Prithvi Akella,
Anushri Dixit,
Mohamadreza Ahmadi,
Lars Lindemann,
Margaret P. Chapman,
George J. Pappas,
Aaron D. Ames,
Joel W. Burdick
Abstract:
The need for a systematic approach to risk assessment has increased in recent years due to the ubiquity of autonomous systems that alter our day-to-day experiences and their need for safety, e.g., for self-driving vehicles, mobile service robots, and bipedal robots. These systems are expected to function safely in unpredictable environments and interact seamlessly with humans, whose behavior is no…
▽ More
The need for a systematic approach to risk assessment has increased in recent years due to the ubiquity of autonomous systems that alter our day-to-day experiences and their need for safety, e.g., for self-driving vehicles, mobile service robots, and bipedal robots. These systems are expected to function safely in unpredictable environments and interact seamlessly with humans, whose behavior is notably challenging to forecast. We present a survey of risk-aware methodologies for autonomous systems. We adopt a contemporary risk-aware approach to mitigate rare and detrimental outcomes by advocating the use of tail risk measures, a concept borrowed from financial literature. This survey will introduce these measures and explain their relevance in the context of robotic systems for planning, control, and verification applications.
△ Less
Submitted 9 September, 2024; v1 submitted 27 March, 2024;
originally announced March 2024.
-
A Constructive Method for Designing Safe Multirate Controllers for Differentially-Flat Systems
Authors:
Devansh R. Agrawal,
Hardik Parwana,
Ryan K. Cosner,
Ugo Rosolia,
Aaron D. Ames,
Dimitra Panagou
Abstract:
We present a multi-rate control architecture that leverages fundamental properties of differential flatness to synthesize controllers for safety-critical nonlinear dynamical systems. We propose a two-layer architecture, where the high-level generates reference trajectories using a linear Model Predictive Controller, and the low-level tracks this reference using a feedback controller. The novelty l…
▽ More
We present a multi-rate control architecture that leverages fundamental properties of differential flatness to synthesize controllers for safety-critical nonlinear dynamical systems. We propose a two-layer architecture, where the high-level generates reference trajectories using a linear Model Predictive Controller, and the low-level tracks this reference using a feedback controller. The novelty lies in how we couple these layers, to achieve formal guarantees on recursive feasibility of the MPC problem, and safety of the nonlinear system. Furthermore, using differential flatness, we provide a constructive means to synthesize the multi-rate controller, thereby removing the need to search for suitable Lyapunov or barrier functions, or to approximately linearize/discretize nonlinear dynamics. We show the synthesized controller is a convex optimization problem, making it amenable to real-time implementations. The method is demonstrated experimentally on a ground rover and a quadruped robotic system.
△ Less
Submitted 26 March, 2024;
originally announced March 2024.
-
Safety-Critical Control for Autonomous Systems: Control Barrier Functions via Reduced-Order Models
Authors:
Max H. Cohen,
Tamas G. Molnar,
Aaron D. Ames
Abstract:
Modern autonomous systems, such as flying, legged, and wheeled robots, are generally characterized by high-dimensional nonlinear dynamics, which presents challenges for model-based safety-critical control design. Motivated by the success of reduced-order models in robotics, this paper presents a tutorial on constructive safety-critical control via reduced-order models and control barrier functions…
▽ More
Modern autonomous systems, such as flying, legged, and wheeled robots, are generally characterized by high-dimensional nonlinear dynamics, which presents challenges for model-based safety-critical control design. Motivated by the success of reduced-order models in robotics, this paper presents a tutorial on constructive safety-critical control via reduced-order models and control barrier functions (CBFs). To this end, we provide a unified formulation of techniques in the literature that share a common foundation of constructing CBFs for complex systems from CBFs for much simpler systems. Such ideas are illustrated through formal results, simple numerical examples, and case studies of real-world systems to which these techniques have been experimentally applied.
△ Less
Submitted 14 March, 2024;
originally announced March 2024.
-
Rollover Prevention for Mobile Robots with Control Barrier Functions: Differentiator-Based Adaptation and Projection-to-State Safety
Authors:
Ersin Das,
Aaron D. Ames,
Joel W. Burdick
Abstract:
This paper develops rollover prevention guarantees for mobile robots using control barrier function (CBF) theory, and demonstrates the method experimentally. We consider a safety measure based on a zero moment point condition through the lens of CBFs. However, these conditions depend on time-varying and noisy parameters. To address this issue, we present a differentiator-based safety-critical cont…
▽ More
This paper develops rollover prevention guarantees for mobile robots using control barrier function (CBF) theory, and demonstrates the method experimentally. We consider a safety measure based on a zero moment point condition through the lens of CBFs. However, these conditions depend on time-varying and noisy parameters. To address this issue, we present a differentiator-based safety-critical controller that estimates these parameters and pairs Input-to-State Stable (ISS) differentiator dynamics with CBFs to achieve rigorous safety guarantees. Additionally, to ensure safety in the presence of disturbances, we utilize a time-varying extension of Projection-to-State Safety (PSSf). The effectiveness of the proposed method is demonstrated via experiments on a tracked robot with a rollover potential on steep slopes.
△ Less
Submitted 15 June, 2024; v1 submitted 13 March, 2024;
originally announced March 2024.
-
Bounding Stochastic Safety: Leveraging Freedman's Inequality with Discrete-Time Control Barrier Functions
Authors:
Ryan K. Cosner,
Preston Culbertson,
Aaron D. Ames
Abstract:
When deployed in the real world, safe control methods must be robust to unstructured uncertainties such as modeling error and external disturbances. Typical robust safety methods achieve their guarantees by always assuming that the worst-case disturbance will occur. In contrast, this paper utilizes Freedman's inequality in the context of discrete-time control barrier functions (DTCBFs) and c-marti…
▽ More
When deployed in the real world, safe control methods must be robust to unstructured uncertainties such as modeling error and external disturbances. Typical robust safety methods achieve their guarantees by always assuming that the worst-case disturbance will occur. In contrast, this paper utilizes Freedman's inequality in the context of discrete-time control barrier functions (DTCBFs) and c-martingales to provide stronger (less conservative) safety guarantees for stochastic systems. Our approach accounts for the underlying disturbance distribution instead of relying exclusively on its worst-case bound and does not require the barrier function to be upper-bounded, which makes the resulting safety probability bounds more directly useful for intuitive safety constraints such as signed distance. We compare our results with existing safety guarantees, such as input-to-state safety (ISSf) and martingale results that rely on Ville's inequality. When the assumptions for all methods hold, we provide a range of parameters for which our guarantee is stronger. Finally, we present simulation examples, including a bipedal walking robot, that demonstrate the utility and tightness of our safety guarantee.
△ Less
Submitted 4 November, 2024; v1 submitted 8 March, 2024;
originally announced March 2024.
-
Collision Avoidance and Geofencing for Fixed-wing Aircraft with Control Barrier Functions
Authors:
Tamas G. Molnar,
Suresh K. Kannan,
James Cunningham,
Kyle Dunlap,
Kerianne L. Hobbs,
Aaron D. Ames
Abstract:
Safety-critical failures often have fatal consequences in aerospace control. Control systems on aircraft, therefore, must ensure the strict satisfaction of safety constraints, preferably with formal guarantees of safe behavior. This paper establishes the safety-critical control of fixed-wing aircraft in collision avoidance and geofencing tasks. A control framework is developed wherein a run-time a…
▽ More
Safety-critical failures often have fatal consequences in aerospace control. Control systems on aircraft, therefore, must ensure the strict satisfaction of safety constraints, preferably with formal guarantees of safe behavior. This paper establishes the safety-critical control of fixed-wing aircraft in collision avoidance and geofencing tasks. A control framework is developed wherein a run-time assurance (RTA) system modulates the nominal flight controller of the aircraft whenever necessary to prevent it from colliding with other aircraft or crossing a boundary (geofence) in space. The RTA is formulated as a safety filter using control barrier functions (CBFs) with formal guarantees of safe behavior. CBFs are constructed and compared for a nonlinear kinematic fixed-wing aircraft model. The proposed CBF-based controllers showcase the capability of safely executing simultaneous collision avoidance and geofencing, as demonstrated by simulations on the kinematic model and a high-fidelity dynamical model.
△ Less
Submitted 27 January, 2025; v1 submitted 4 March, 2024;
originally announced March 2024.
-
Towards a Theory of Control Architecture: A quantitative framework for layered multi-rate control
Authors:
Nikolai Matni,
Aaron D. Ames,
John C. Doyle
Abstract:
This paper focuses on the need for a rigorous theory of layered control architectures (LCAs) for complex engineered and natural systems, such as power systems, communication networks, autonomous robotics, bacteria, and human sensorimotor control. All deliver extraordinary capabilities, but they lack a coherent theory of analysis and design, partly due to the diverse domains across which LCAs can b…
▽ More
This paper focuses on the need for a rigorous theory of layered control architectures (LCAs) for complex engineered and natural systems, such as power systems, communication networks, autonomous robotics, bacteria, and human sensorimotor control. All deliver extraordinary capabilities, but they lack a coherent theory of analysis and design, partly due to the diverse domains across which LCAs can be found. In contrast, there is a core universal set of control concepts and theory that applies very broadly and accommodates necessary domain-specific specializations. However, control methods are typically used only to design algorithms in components within a larger system designed by others, typically with minimal or no theory. This points towards a need for natural but large extensions of robust performance from control to the full decision and control stack. It is encouraging that the successes of extant architectures from bacteria to the Internet are due to strikingly universal mechanisms and design patterns. This is largely due to convergent evolution by natural selection and not intelligent design, particularly when compared with the sophisticated design of components. Our aim here is to describe the universals of architecture and sketch tentative paths towards a useful design theory.
△ Less
Submitted 26 January, 2024;
originally announced January 2024.
-
Generative Modeling of Residuals for Real-Time Risk-Sensitive Safety with Discrete-Time Control Barrier Functions
Authors:
Ryan K. Cosner,
Igor Sadalski,
Jana K. Woo,
Preston Culbertson,
Aaron D. Ames
Abstract:
A key source of brittleness for robotic systems is the presence of model uncertainty and external disturbances. Most existing approaches to robust control either seek to bound the worst-case disturbance (which results in conservative behavior), or to learn a deterministic dynamics model (which is unable to capture uncertain dynamics or disturbances). This work proposes a different approach: traini…
▽ More
A key source of brittleness for robotic systems is the presence of model uncertainty and external disturbances. Most existing approaches to robust control either seek to bound the worst-case disturbance (which results in conservative behavior), or to learn a deterministic dynamics model (which is unable to capture uncertain dynamics or disturbances). This work proposes a different approach: training a state-conditioned generative model to represent the distribution of error residuals between the nominal dynamics and the actual system. In particular we introduce the Online Risk-Informed Optimization controller (ORIO), which uses Discrete-Time Control Barrier Functions, combined with a learned, generative disturbance model, to ensure the safety of the system up to some level of risk. We demonstrate our approach in both simulations and hardware, and show our method can learn a disturbance model that is accurate enough to enable risk-sensitive control of a quadrotor flying aggressively with an unmodelled slung load. We use a conditional variational autoencoder (CVAE) to learn a state-conditioned dynamics residual distribution, and find that the resulting probabilistic safety controller, which can be run at 100Hz on an embedded computer, exhibits less conservative behavior while retaining theoretical safety properties.
△ Less
Submitted 13 November, 2023; v1 submitted 9 November, 2023;
originally announced November 2023.
-
Safety-Critical Control of Nonholonomic Vehicles in Dynamic Environments using Velocity Obstacles
Authors:
Aurora Haraldsen,
Martin S. Wiig,
Aaron D. Ames,
Kristin Y. Pettersen
Abstract:
This paper considers collision avoidance for vehicles with first-order nonholonomic constraints maintaining nonzero forward speeds, moving within dynamic environments. We leverage the concept of control barrier functions (CBFs) to synthesize control inputs that prioritize safety, where the safety criteria are derived from the velocity obstacle principle. Existing instantiations of CBFs for collisi…
▽ More
This paper considers collision avoidance for vehicles with first-order nonholonomic constraints maintaining nonzero forward speeds, moving within dynamic environments. We leverage the concept of control barrier functions (CBFs) to synthesize control inputs that prioritize safety, where the safety criteria are derived from the velocity obstacle principle. Existing instantiations of CBFs for collision avoidance, e.g., based on maintaining a minimal distance, can result in control inputs that make the vehicle stop or even reverse. The proposed formulation effectively separates speed control from steering, allowing the vehicle to maintain a forward motion without compromising safety. This is beneficial for ensuring that the vehicle advances towards its desired destination, and it is moreover an underlying requirement for certain vehicles such as marine vessels and fixed-wing UAVs. Theoretical safety guarantees are provided, and numerical simulations demonstrate the efficiency of the strategy in environments containing moving obstacles.
△ Less
Submitted 1 October, 2023;
originally announced October 2023.
-
Characterizing Smooth Safety Filters via the Implicit Function Theorem
Authors:
Max H. Cohen,
Pio Ong,
Gilbert Bahati,
Aaron D. Ames
Abstract:
Optimization-based safety filters, such as control barrier function (CBF) based quadratic programs (QPs), have demonstrated success in controlling autonomous systems to achieve complex goals. These CBF-QPs can be shown to be continuous, but are generally not smooth, let alone continuously differentiable. In this paper, we present a general characterization of smooth safety filters -- smooth contro…
▽ More
Optimization-based safety filters, such as control barrier function (CBF) based quadratic programs (QPs), have demonstrated success in controlling autonomous systems to achieve complex goals. These CBF-QPs can be shown to be continuous, but are generally not smooth, let alone continuously differentiable. In this paper, we present a general characterization of smooth safety filters -- smooth controllers that guarantee safety in a minimally invasive fashion -- based on the Implicit Function Theorem. This characterization leads to families of smooth universal formulas for safety-critical controllers that quantify the conservatism of the resulting safety filter, the utility of which is demonstrated through illustrative examples.
△ Less
Submitted 22 September, 2023;
originally announced September 2023.
-
Composing Control Barrier Functions for Complex Safety Specifications
Authors:
Tamas G. Molnar,
Aaron D. Ames
Abstract:
The increasing complexity of control systems necessitates control laws that guarantee safety w.r.t. complex combinations of constraints. In this letter, we propose a framework to describe compositional safety specifications with control barrier functions (CBFs). The specifications are formulated as Boolean compositions of state constraints, and we propose an algorithmic way to create a single cont…
▽ More
The increasing complexity of control systems necessitates control laws that guarantee safety w.r.t. complex combinations of constraints. In this letter, we propose a framework to describe compositional safety specifications with control barrier functions (CBFs). The specifications are formulated as Boolean compositions of state constraints, and we propose an algorithmic way to create a single continuously differentiable CBF that captures these constraints and enables safety-critical control. We describe the properties of the proposed CBF, and we demonstrate its efficacy by numerical simulations.
△ Less
Submitted 3 December, 2023; v1 submitted 12 September, 2023;
originally announced September 2023.
-
On the Safety of Connected Cruise Control: Analysis and Synthesis with Control Barrier Functions
Authors:
Tamas G. Molnar,
Gabor Orosz,
Aaron D. Ames
Abstract:
Connected automated vehicles have shown great potential to improve the efficiency of transportation systems in terms of passenger comfort, fuel economy, stability of driving behavior and mitigation of traffic congestions. Yet, to deploy these vehicles and leverage their benefits, the underlying algorithms must ensure their safe operation. In this paper, we address the safety of connected cruise co…
▽ More
Connected automated vehicles have shown great potential to improve the efficiency of transportation systems in terms of passenger comfort, fuel economy, stability of driving behavior and mitigation of traffic congestions. Yet, to deploy these vehicles and leverage their benefits, the underlying algorithms must ensure their safe operation. In this paper, we address the safety of connected cruise control strategies for longitudinal car following using control barrier function (CBF) theory. In particular, we consider various safety measures such as minimum distance, time headway and time to conflict, and provide a formal analysis of these measures through the lens of CBFs. Additionally, motivated by how stability charts facilitate stable controller design, we derive safety charts for existing connected cruise controllers to identify safe choices of controller parameters. Finally, we combine the analysis of safety measures and the corresponding stability charts to synthesize safety-critical connected cruise controllers using CBFs. We verify our theoretical results by numerical simulations.
△ Less
Submitted 31 August, 2023;
originally announced September 2023.
-
Input-to-State Stability in Probability
Authors:
Preston Culbertson,
Ryan K. Cosner,
Maegan Tucker,
Aaron D. Ames
Abstract:
Input-to-State Stability (ISS) is fundamental in mathematically quantifying how stability degrades in the presence of bounded disturbances. If a system is ISS, its trajectories will remain bounded, and will converge to a neighborhood of an equilibrium of the undisturbed system. This graceful degradation of stability in the presence of disturbances describes a variety of real-world control implemen…
▽ More
Input-to-State Stability (ISS) is fundamental in mathematically quantifying how stability degrades in the presence of bounded disturbances. If a system is ISS, its trajectories will remain bounded, and will converge to a neighborhood of an equilibrium of the undisturbed system. This graceful degradation of stability in the presence of disturbances describes a variety of real-world control implementations. Despite its utility, this property requires the disturbance to be bounded and provides invariance and stability guarantees only with respect to this worst-case bound. In this work, we introduce the concept of ``ISS in probability (ISSp)'' which generalizes ISS to discrete-time systems subject to unbounded stochastic disturbances. Using tools from martingale theory, we provide Lyapunov conditions for a system to be exponentially ISSp, and connect ISSp to stochastic stability conditions found in literature. We exemplify the utility of this method through its application to a bipedal robot confronted with step heights sampled from a truncated Gaussian distribution.
△ Less
Submitted 27 April, 2023;
originally announced April 2023.
-
Sample-and-Hold Safety with Control Barrier Functions
Authors:
Gilbert Bahati,
Pio Ong,
Aaron D. Ames
Abstract:
A common assumption on the deployment of safeguarding controllers on the digital platform is that high sampling frequency translates to a small violation of safety. This paper investigates and formalizes this assumption through the lens of Input-to-State Safety. From this perspective, and leveraging control barrier functions (CBFs), we propose an alternative solution for maintaining safety of samp…
▽ More
A common assumption on the deployment of safeguarding controllers on the digital platform is that high sampling frequency translates to a small violation of safety. This paper investigates and formalizes this assumption through the lens of Input-to-State Safety. From this perspective, and leveraging control barrier functions (CBFs), we propose an alternative solution for maintaining safety of sample-and-hold controlled systems without any violation to the original safe set. Our approach centers around modulating the sampled control input in order to guarantee a more robust safety condition. We analyze both the time-triggered and the event-triggered sample-and-hold implementations, including the characterization of sampling frequency requirements and trigger conditions. We demonstrate the effectiveness of our approach in the context of adaptive cruise control through simulations.
△ Less
Submitted 2 October, 2023; v1 submitted 17 April, 2023;
originally announced April 2023.
-
Intermittent Safety Filters for Event-Triggered Safety Maneuvers with Application to Satellite Orbit Transfers
Authors:
Pio Ong,
Aaron D. Ames
Abstract:
In balancing safety with the nominal control objectives, e.g., stabilization, it is desirable to reduce the time period when safety filters are in effect. Inspired by traditional spacecraft maneuvers, and with the ultimate goal of reducing the duration when safety is of concern, this paper proposes an event-triggered control framework with switching state-based triggers. Our first trigger in the s…
▽ More
In balancing safety with the nominal control objectives, e.g., stabilization, it is desirable to reduce the time period when safety filters are in effect. Inspired by traditional spacecraft maneuvers, and with the ultimate goal of reducing the duration when safety is of concern, this paper proposes an event-triggered control framework with switching state-based triggers. Our first trigger in the scheme monitors safety constraints encoded by barrier functions, and thereby ensures safety without the need to alter the nominal controller--and when the boundary of the safety constraint is approached, the controller drives the system to the region where control actions are not needed. The second trigger condition determines if the safety constraint has improved enough for the success of the first trigger. We begin by motivating this framework for impulsive control systems, e.g., a satellite orbiting an asteroid. We then expand the approach to more general nonlinear system through the use of safety filtered controllers. Simulation results demonstrating satellite orbital maneuvers illustrate the utility of the proposed event-triggered framework.
△ Less
Submitted 17 April, 2023;
originally announced April 2023.
-
Lipschitz Continuity of Signal Temporal Logic Robustness Measures: Synthesizing Control Barrier Functions from One Expert Demonstration
Authors:
Prithvi Akella,
Apurva Badithela,
Richard M. Murray,
Aaron D. Ames
Abstract:
Control Barrier Functions (CBFs) allow for efficient synthesis of controllers to maintain desired invariant properties of safety-critical systems. However, the problem of identifying a CBF remains an open question. As such, this paper provides a constructive method for control barrier function synthesis around one expert demonstration that realizes a desired system specification formalized in Sign…
▽ More
Control Barrier Functions (CBFs) allow for efficient synthesis of controllers to maintain desired invariant properties of safety-critical systems. However, the problem of identifying a CBF remains an open question. As such, this paper provides a constructive method for control barrier function synthesis around one expert demonstration that realizes a desired system specification formalized in Signal Temporal Logic (STL). First, we prove that all STL specifications have Lipschitz-continuous robustness measures. Second, we leverage this Lipschitz continuity to synthesize a time-varying control barrier function. By filtering control inputs to maintain the positivity of this function, we ensure that the system trajectory satisfies the desired STL specification. Finally, we demonstrate the effectiveness of our approach on the Robotarium.
△ Less
Submitted 7 April, 2023;
originally announced April 2023.
-
Bounding Optimality Gaps for Non-Convex Optimization Problems: Applications to Nonlinear Safety-Critical Systems
Authors:
Prithvi Akella,
Aaron D. Ames
Abstract:
Efficient methods to provide sub-optimal solutions to non-convex optimization problems with knowledge of the solution's sub-optimality would facilitate the widespread application of nonlinear optimal control algorithms. To that end, leveraging recent work in risk-aware verification, we provide two algorithms to (1) probabilistically bound the optimality gaps of solutions reported by novel percenti…
▽ More
Efficient methods to provide sub-optimal solutions to non-convex optimization problems with knowledge of the solution's sub-optimality would facilitate the widespread application of nonlinear optimal control algorithms. To that end, leveraging recent work in risk-aware verification, we provide two algorithms to (1) probabilistically bound the optimality gaps of solutions reported by novel percentile optimization techniques, and (2) probabilistically bound the maximum optimality gap reported by percentile approaches for repetitive applications, e.g. Model Predictive Control (MPC). Notably, our results work for a large class of optimization problems. We showcase the efficacy and repeatability of our results on a few, benchmark non-convex optimization problems and the utility of our results for controls in a Nonlinear MPC setting.
△ Less
Submitted 7 April, 2023;
originally announced April 2023.
-
Parameterized Barrier Functions to Guarantee Safety under Uncertainty
Authors:
Anil Alan,
Tamas G. Molnar,
Aaron D. Ames,
Gábor Orosz
Abstract:
Deploying safety-critical controllers in practice necessitates the ability to modulate uncertainties in control systems. In this context, robust control barrier functions -- in a variety of forms -- have been used to obtain safety guarantees for uncertain systems. Yet the differing types of uncertainty experienced in practice have resulted in a fractured landscape of robustification -- with a vari…
▽ More
Deploying safety-critical controllers in practice necessitates the ability to modulate uncertainties in control systems. In this context, robust control barrier functions -- in a variety of forms -- have been used to obtain safety guarantees for uncertain systems. Yet the differing types of uncertainty experienced in practice have resulted in a fractured landscape of robustification -- with a variety of instantiations depending on the structure of the uncertainty. This paper proposes a framework for generalizing these variations into a single form: parameterized barrier functions (PBFs), which yield safety guarantees for a wide spectrum of uncertainty types. This leads to controllers that enforce robust safety guarantees while their conservativeness scales by the parameterization. To illustrate the generality of this approach, we show that input-to-state safety (ISSf) is a special case of the PBF framework, whereby improved safety guarantees can be given relative to ISSf.
△ Less
Submitted 20 March, 2023;
originally announced March 2023.
-
An Input-to-State Stability Perspective on Robust Locomotion
Authors:
Maegan Tucker,
Aaron D. Ames
Abstract:
Uneven terrain necessarily transforms periodic walking into a non-periodic motion. As such, traditional stability analysis tools no longer adequately capture the ability of a bipedal robot to locomote in the presence of such disturbances. This motivates the need for analytical tools aimed at generalized notions of stability -- robustness. Towards this, we propose a novel definition of robustness,…
▽ More
Uneven terrain necessarily transforms periodic walking into a non-periodic motion. As such, traditional stability analysis tools no longer adequately capture the ability of a bipedal robot to locomote in the presence of such disturbances. This motivates the need for analytical tools aimed at generalized notions of stability -- robustness. Towards this, we propose a novel definition of robustness, termed \emph{$δ$-robustness}, to characterize the domain on which a nominal periodic orbit remains stable despite uncertain terrain. This definition is derived by treating perturbations in ground height as disturbances in the context of the input-to-state-stability (ISS) of the extended Poincaré map associated with a periodic orbit. The main theoretic result is the formulation of robust Lyapunov functions that certify $δ$-robustness of periodic orbits. This yields an optimization framework for verifying $δ$-robustness, which is demonstrated in simulation with a bipedal robot walking on uneven terrain.
△ Less
Submitted 8 June, 2023; v1 submitted 17 March, 2023;
originally announced March 2023.
-
Probabilistic Guarantees for Nonlinear Safety-Critical Optimal Control
Authors:
Prithvi Akella,
Wyatt Ubellacker,
Aaron D. Ames
Abstract:
Leveraging recent developments in black-box risk-aware verification, we provide three algorithms that generate probabilistic guarantees on (1) optimality of solutions, (2) recursive feasibility, and (3) maximum controller runtimes for general nonlinear safety-critical finite-time optimal controllers. These methods forego the usual (perhaps) restrictive assumptions required for typical theoretical…
▽ More
Leveraging recent developments in black-box risk-aware verification, we provide three algorithms that generate probabilistic guarantees on (1) optimality of solutions, (2) recursive feasibility, and (3) maximum controller runtimes for general nonlinear safety-critical finite-time optimal controllers. These methods forego the usual (perhaps) restrictive assumptions required for typical theoretical guarantees, e.g. terminal set calculation for recursive feasibility in Nonlinear Model Predictive Control, or convexification of optimal controllers to ensure optimality. Furthermore, we show that these methods can directly be applied to hardware systems to generate controller guarantees on their respective systems.
△ Less
Submitted 10 March, 2023;
originally announced March 2023.
-
Safety-Critical Control with Bounded Inputs via Reduced Order Models
Authors:
Tamas G. Molnar,
Aaron D. Ames
Abstract:
Guaranteeing safe behavior on complex autonomous systems -- from cars to walking robots -- is challenging due to the inherently high dimensional nature of these systems and the corresponding complex models that may be difficult to determine in practice. With this as motivation, this paper presents a safety-critical control framework that leverages reduced order models to ensure safety on the full…
▽ More
Guaranteeing safe behavior on complex autonomous systems -- from cars to walking robots -- is challenging due to the inherently high dimensional nature of these systems and the corresponding complex models that may be difficult to determine in practice. With this as motivation, this paper presents a safety-critical control framework that leverages reduced order models to ensure safety on the full order dynamics -- even when these models are subject to disturbances and bounded inputs (e.g., actuation limits). To handle input constraints, the backup set method is reformulated in the context of reduced order models, and conditions for the provably safe behavior of the full order system are derived. Then, the input-to-state safe backup set method is introduced to provide robustness against discrepancies between the reduced order model and the actual system. Finally, the proposed framework is demonstrated in high-fidelity simulation, where a quadrupedal robot is safely navigated around an obstacle with legged locomotion by the help of the unicycle model.
△ Less
Submitted 6 March, 2023;
originally announced March 2023.
-
Robust Safety under Stochastic Uncertainty with Discrete-Time Control Barrier Functions
Authors:
Ryan K. Cosner,
Preston Culbertson,
Andrew J. Taylor,
Aaron D. Ames
Abstract:
Robots deployed in unstructured, real-world environments operate under considerable uncertainty due to imperfect state estimates, model error, and disturbances. Given this real-world context, the goal of this paper is to develop controllers that are provably safe under uncertainties. To this end, we leverage Control Barrier Functions (CBFs) which guarantee that a robot remains in a ``safe set'' du…
▽ More
Robots deployed in unstructured, real-world environments operate under considerable uncertainty due to imperfect state estimates, model error, and disturbances. Given this real-world context, the goal of this paper is to develop controllers that are provably safe under uncertainties. To this end, we leverage Control Barrier Functions (CBFs) which guarantee that a robot remains in a ``safe set'' during its operation -- yet CBFs (and their associated guarantees) are traditionally studied in the context of continuous-time, deterministic systems with bounded uncertainties. In this work, we study the safety properties of discrete-time CBFs (DTCBFs) for systems with discrete-time dynamics and unbounded stochastic disturbances. Using tools from martingale theory, we develop probabilistic bounds for the safety (over a finite time horizon) of systems whose dynamics satisfy the discrete-time barrier function condition in expectation, and analyze the effect of Jensen's inequality on DTCBF-based controllers. Finally, we present several examples of our method synthesizing safe control inputs for systems subject to significant process noise, including an inverted pendulum, a double integrator, and a quadruped locomoting on a narrow path.
△ Less
Submitted 23 February, 2023; v1 submitted 14 February, 2023;
originally announced February 2023.
-
Barrier-Based Test Synthesis for Safety-Critical Systems Subject to Timed Reach-Avoid Specifications
Authors:
Prithvi Akella,
Mohamadreza Ahmadi,
Richard M. Murray,
Aaron D. Ames
Abstract:
We propose an adversarial, time-varying test-synthesis procedure for safety-critical systems without requiring specific knowledge of the underlying controller steering the system. From a broader test and evaluation context, determination of difficult tests of system behavior is important as these tests would elucidate problematic system phenomena before these mistakes can engender problematic outc…
▽ More
We propose an adversarial, time-varying test-synthesis procedure for safety-critical systems without requiring specific knowledge of the underlying controller steering the system. From a broader test and evaluation context, determination of difficult tests of system behavior is important as these tests would elucidate problematic system phenomena before these mistakes can engender problematic outcomes, e.g. loss of human life in autonomous cars, costly failures for airplane systems, etc. Our approach builds on existing, simulation-based work in the test and evaluation literature by offering a controller-agnostic test-synthesis procedure that provides a series of benchmark tests with which to determine controller reliability. To achieve this, our approach codifies the system objective as a timed reach-avoid specification. Then, by coupling control barrier functions with this class of specifications, we construct an instantaneous difficulty metric whose minimizer corresponds to the most difficult test at that system state. We use this instantaneous difficulty metric in a game-theoretic fashion, to produce an adversarial, time-varying test-synthesis procedure that does not require specific knowledge of the system's controller, but can still provably identify realizable and maximally difficult tests of system behavior. Finally, we develop this test-synthesis procedure for both continuous and discrete-time systems and showcase our test-synthesis procedure on simulated and hardware examples.
△ Less
Submitted 23 January, 2023;
originally announced January 2023.
-
End-to-End Imitation Learning with Safety Guarantees using Control Barrier Functions
Authors:
Ryan K. Cosner,
Yisong Yue,
Aaron D. Ames
Abstract:
Imitation learning (IL) is a learning paradigm which can be used to synthesize controllers for complex systems that mimic behavior demonstrated by an expert (user or control algorithm). Despite their popularity, IL methods generally lack guarantees of safety, which limits their utility for complex safety-critical systems. In this work we consider safety, formulated as set-invariance, and the assoc…
▽ More
Imitation learning (IL) is a learning paradigm which can be used to synthesize controllers for complex systems that mimic behavior demonstrated by an expert (user or control algorithm). Despite their popularity, IL methods generally lack guarantees of safety, which limits their utility for complex safety-critical systems. In this work we consider safety, formulated as set-invariance, and the associated formal guarantees endowed by Control Barrier Functions (CBFs). We develop conditions under which robustly-safe expert controllers, utilizing CBFs, can be used to learn end-to-end controllers (which we refer to as CBF-Compliant controllers) that have safety guarantees. These guarantees are presented from the perspective of input-to-state safety (ISSf) which considers safety in the context of disturbances, wherein it is shown that IL using robustly safe expert demonstrations results in ISSf with the disturbance directly related to properties of the learning problem. We demonstrate these safety guarantees in simulated vision-based end-to-end control of an inverted pendulum and a car driving on a track.
△ Less
Submitted 21 December, 2022;
originally announced December 2022.
-
Learning Disturbances Online for Risk-Aware Control: Risk-Aware Flight with Less Than One Minute of Data
Authors:
Prithvi Akella,
Skylar X. Wei,
Joel W. Burdick,
Aaron D. Ames
Abstract:
Recent advances in safety-critical risk-aware control are predicated on apriori knowledge of the disturbances a system might face. This paper proposes a method to efficiently learn these disturbances online, in a risk-aware context. First, we introduce the concept of a Surface-at-Risk, a risk measure for stochastic processes that extends Value-at-Risk -- a commonly utilized risk measure in the ris…
▽ More
Recent advances in safety-critical risk-aware control are predicated on apriori knowledge of the disturbances a system might face. This paper proposes a method to efficiently learn these disturbances online, in a risk-aware context. First, we introduce the concept of a Surface-at-Risk, a risk measure for stochastic processes that extends Value-at-Risk -- a commonly utilized risk measure in the risk-aware controls community. Second, we model the norm of the state discrepancy between the model and the true system evolution as a scalar-valued stochastic process and determine an upper bound to its Surface-at-Risk via Gaussian Process Regression. Third, we provide theoretical results on the accuracy of our fitted surface subject to mild assumptions that are verifiable with respect to the data sets collected during system operation. Finally, we experimentally verify our procedure by augmenting a drone's controller and highlight performance increases achieved via our risk-aware approach after collecting less than a minute of operating data.
△ Less
Submitted 12 December, 2022;
originally announced December 2022.
