Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Advanced safety filter based on SOS Control Barrier and Lyapunov Functions

Michael Schneeberger, Silvia Mastellone, Florian Dörfler

TL;DR

This work addresses safely augmenting a pre-existing controller without altering its nominal behavior. It proposes an SOS-based framework that jointly synthesizes multiple CBFs and a CLF to define a safe set $\mathcal{X}_s$ and a nominal region $\mathcal{X}_n$, while enforcing forward invariance and finite-time convergence toward $\mathcal{X}_n$. A two-stage approach then yields a Lipschitz safety filter $u_s(x)$ that coincides with the legacy action on $\mathcal{X}_n$ and satisfies CBF/CLF conditions on $\mathcal{X}_s$; quadratic input constraints are accommodated via a QCQP formulation with state-dependent slack $r(x)$. The framework is demonstrated on a three-phase AC/DC power converter, showing formal guarantees of safety and minimal intervention, with an accompanying software framework for automated design. This approach offers a principled, automatable path toward industrially deployable safety filters that preserve established control behavior while enforcing hard state and input constraints.

Abstract

This paper presents a novel safety filter framework that ensures both safety and the preservation of the legacy control action within a nominal region. This modular design allows the safety filter to be integrated into the control hierarchy without compromising the performance of the existing legacy controller during nominal operation. For a control-affine system, this is accomplished by formulating multiple Control Barrier Functions (CBFs) and Control Lyapunov-like Functions (CLFs) conditions, alongside a forward invariance condition for the legacy controller, as sum-of-squares constraints. Additionally, the state-dependent inequality constraints of the resulting Quadratic Program (QP) -- encoding the CBF and CLF conditions -- are designed to remain inactive within the nominal region, ensuring preservation of the legacy control action and performance. Our safety filter design is also the first to include quadratic input constraints, and does not need an explicit specification of the attractor, as it is implicitly defined by the legacy controller. To avoid the chattering effect and guarantee the uniqueness and Lipschitz continuity of solutions, the state-dependent inequality constraints of the Quadratic Program are selected to be regular. Finally, we demonstrate the method in a detailed case study involving the control of a three-phase ac/dc power converter.

Advanced safety filter based on SOS Control Barrier and Lyapunov Functions

TL;DR

This work addresses safely augmenting a pre-existing controller without altering its nominal behavior. It proposes an SOS-based framework that jointly synthesizes multiple CBFs and a CLF to define a safe set and a nominal region , while enforcing forward invariance and finite-time convergence toward . A two-stage approach then yields a Lipschitz safety filter that coincides with the legacy action on and satisfies CBF/CLF conditions on ; quadratic input constraints are accommodated via a QCQP formulation with state-dependent slack . The framework is demonstrated on a three-phase AC/DC power converter, showing formal guarantees of safety and minimal intervention, with an accompanying software framework for automated design. This approach offers a principled, automatable path toward industrially deployable safety filters that preserve established control behavior while enforcing hard state and input constraints.

Abstract

This paper presents a novel safety filter framework that ensures both safety and the preservation of the legacy control action within a nominal region. This modular design allows the safety filter to be integrated into the control hierarchy without compromising the performance of the existing legacy controller during nominal operation. For a control-affine system, this is accomplished by formulating multiple Control Barrier Functions (CBFs) and Control Lyapunov-like Functions (CLFs) conditions, alongside a forward invariance condition for the legacy controller, as sum-of-squares constraints. Additionally, the state-dependent inequality constraints of the resulting Quadratic Program (QP) -- encoding the CBF and CLF conditions -- are designed to remain inactive within the nominal region, ensuring preservation of the legacy control action and performance. Our safety filter design is also the first to include quadratic input constraints, and does not need an explicit specification of the attractor, as it is implicitly defined by the legacy controller. To avoid the chattering effect and guarantee the uniqueness and Lipschitz continuity of solutions, the state-dependent inequality constraints of the Quadratic Program are selected to be regular. Finally, we demonstrate the method in a detailed case study involving the control of a three-phase ac/dc power converter.
Paper Structure (20 sections, 2 theorems, 37 equations, 6 figures, 2 tables)

This paper contains 20 sections, 2 theorems, 37 equations, 6 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Preliminaries & Notation
  3. Notation
  4. Specifications and Problem statement
  5. Specifications
  6. CBF and CLF conditions formalizing the specifications
  7. Problem statement
  8. Constructing CBF and CLF using SOS optimization
  9. SOS formulation of CBF and CLF conditions
  10. Resulting SOS problem
  11. Alternating Algorithm
  12. Safety Filter Implementation
  13. Upper bounds on $r(x)$
  14. Lower bounds on $r(x)$
  15. Resulting SOS Problem
  16. ...and 5 more sections

Key Result

Lemma 1

Given a Lipschitz-continuous controller $u_s: \mathbb{R}^n \to \mathbb{R}^m$ that satisfies condition eq:clf_condition with $u := u_s(x)$ and renders the safe set $\mathcal{X}_s$ forward invariant, then for all trajectories of system $\dot x = f(x) + G(x) u_s(x)$ starting in the safe set $\mathcal{X

Figures (6)

  • Figure 1: The safe set $\mathcal{X}_s$, defined as the zero sublevel set of the CBF $B(x)$, specifies the set of states for which safety can be guaranteed. The safe set must be contained within the allowable set $\mathcal{X}_a$, which encodes the system's state constraints. Finally, the nominal region $\mathcal{X}_n$, defined as the zero sublevel set of the CLF $V(x)$, must be contained within the safe set $\mathcal{X}_s$.
  • Figure 2: The safety filter $u_s(u_n, x)$ adjusts the legacy control action $u_n(x)$ -- if necessary -- to guarantee safe operation.
  • Figure 3: The advanced safety filter is characterized by the following specifications: (a) the safe set $\mathcal{X}_s$ is forward invariant as encoded in \ref{['eq:cbf_condition']}, (b) it ensures finite-time convergence towards the nominal region $\mathcal{X}_n$ as encoded in \ref{['eq:clf_condition']}, and (c) the nominal region is forward invariant under the legacy controller $u_n(x)$ as encoded in \ref{['eq:forward_invariant_nominal_region']} assuming $d(x) = 0$.
  • Figure 4: \ref{['prob:finding_cbfs_and_clf']} involves searching for compatible CBF $B(x)$ and CLF $V(x)$ using SOS tools. Based on $B(x)$ and $V(x)$, the linear constraints of the QP given by $C(x)$, $b(x)$ and $r(x)$ are determined.
  • Figure 5: The schematic is presented in the (dq) rotating frame, compromising a DC-link, 3-phase bridge, and an ac-line connected to an infinite bus $v_g$. Assuming the average-value model for the 3-phase bridge, the input $\bar{u} = m_dm_q^\top$ determines the converter voltage $v_c$ as a function of the dc-link voltage $v_{dc}$. Likewise, the dc-current flowing into the capacitor $c_{dc}$ is given by the input $\bar{u}$ and the ac-line current $i = i_di_q^\top$. The states consisting of the dc-link voltage $v_{dc}$ and the line-current $i$ are measured.
  • ...and 1 more figures

Theorems & Definitions (7)

  • Definition 1
  • Lemma 1
  • Remark 1
  • Remark 2
  • Remark 3
  • Theorem 1
  • Remark 4