Parameter-Conditioned Reachable Sets for Updating Safety Assurances Online

TL;DR

This work addresses the challenge of maintaining safety assurances for autonomous systems as environment and system factors change online. It introduces parameter-conditioned reachable sets by augmenting the state with a parameter vector $\beta$ and computing a family of value functions $V_{\theta}(x,t;\beta)$ offline with DeepReach, enabling real-time safety queries as conditions evolve. The approach extends DeepReach to high-dimensional, parameter-dependent settings and demonstrates effectiveness across four case studies, including high-dimensional Rocket Landing and multi-vehicle scenarios. The contribution enables scalable, online-safe operation by avoiding recomputation from scratch and providing a unified framework to adapt safety guarantees to online variations in disturbances, control authority, and target sets.

Abstract

Hamilton-Jacobi (HJ) reachability analysis is a powerful tool for analyzing the safety of autonomous systems. However, the provided safety assurances are often predicated on the assumption that once deployed, the system or its environment does not evolve. Online, however, an autonomous system might experience changes in system dynamics, control authority, external disturbances, and/or the surrounding environment, requiring updated safety assurances. Rather than restarting the safety analysis from scratch, which can be time-consuming and often intractable to perform online, we propose to compute \textit{parameter-conditioned} reachable sets. Assuming expected system and environment changes can be parameterized, we treat these parameters as virtual states in the system and leverage recent advances in high-dimensional reachability analysis to solve the corresponding reachability problem offline. This results in a family of reachable sets that is parameterized by the environment and system factors. Online, as these factors change, the system can simply query the corresponding safety function from this family to ensure system safety, enabling a real-time update of the safety assurances. Through various simulation studies, we demonstrate the capability of our approach in maintaining system safety despite the system and environment evolution.

Figures (6)

• Figure 1: (Air3D) BRT slices corresponding to different values of $\beta_u$ for the relative heading of $\theta=\pi/2$. As the value of $\beta_u$ decreases from 1.5 (the leftmost plot) to -1.5 (the rightmost plot), the BRT gradually increases.
• Figure 2: (Top) BRT slices in relative coordinates before, during, and after the engine failure. The nominal model fails to consider the growth in the unsafe states (light blue region), ultimately leading to a collision. (Bottom left) Trajectory in absolute coordinates and distance between vehicles for the parameter-conditioned safety controller, the collision was closely avoided. (Bottom right) Trajectory in absolute coordinates and distance between vehicles under the nominal safety controller, leading to a collision between the vehicles.
• Figure 3: Rocket landing scenario. The position of the landing pad (the green patched region) might change online.
• Figure 4: Trajectories for the center of mass of the rocket. The target set (landing platform) is shown in green with a 3D tube representing the evolution of its positions over time. The adaptive safety controller can account for the movement in the landing pad, ultimately resulting in a successful landing.
• Figure 5: Trajectories for a confidence-parameterized FRT. The human moves towards its target (shaded blue), but its trajectory (blue) shows a sudden change of direction to avoid the unmodeled obstacle (black). This causes the human's FRT to update and expand, which leads the robot to deviate from its nominal trajectory (gray) to an adjusted trajectory (orange) to avoid collision with the human or the obstacle.