Better Safe Than Sorry: Enhancing Arbitration Graphs for Safe and Robust Autonomous Decision-Making

TL;DR

The paper addresses the challenge of safe autonomous decision-making in dynamic environments by extending arbitration graphs with a domain-specific verifier $\mathcal{V}$ and structured fallback layers, ensuring that only verified commands $f(\bm{s}) \to \bm{u}$ with the best option $a^*$ are executed. The core contributions are the integration of runtime verification into the arbitration loop, the introduction of hierarchical fallback mechanisms for fault tolerance, and demonstrations in Pac-Man and autonomous driving, accompanied by a ready-to-use header-only C++ library under the MIT license. The verification centers on safety criteria such as kinematic/dynamic constraints and worst-case occupancy predictions, accompanied by fail-safe trajectories to preserve safety under uncertainty. Practically, this approach enables incorporating immature or experimental behaviors without compromising safety, offering graceful degradation and improved robustness for real-world autonomous systems.

Abstract

This paper introduces an extension to the arbitration graph framework designed to enhance the safety and robustness of autonomous systems in complex, dynamic environments. Building on the flexibility and scalability of arbitration graphs, the proposed method incorporates a verification step and structured fallback layers in the decision-making process. This ensures that only verified and safe commands are executed while enabling graceful degradation in the presence of unexpected faults or bugs. The approach is demonstrated using a Pac-Man simulation and further validated in the context of autonomous driving, where it shows significant reductions in accident risk and improvements in overall system safety. The bottom-up design of arbitration graphs allows for an incremental integration of new behavior components. The extension presented in this work enables the integration of experimental or immature behavior components while maintaining system safety by clearly and precisely defining the conditions under which behaviors are considered safe. The proposed method is implemented as a ready to use header-only C++ library, published under the MIT License. Together with the Pac-Man demo, it is available at github.com/KIT-MRT/arbitration_graphs.

Figures (10)

• Figure 1: The Pac-Man simulation used to demonstrate the presented extension to the arbitration graph framework. Leveraging the framework's flexibility and scalability, we incorporate a verification step and fallback layers to ensure robust and safe decision-making.
• Figure 2: A basic arbitration graph for playing Pac-Man.
• Figure 3: A scenario where EatClosestDot fails to produce a valid command.
• Figure 4: The extended arbitration graph with fallback layers. The components highlighted in red were rejected by the verifier. The safety buoy indicates a last resort fallback which does not need to pass verification.
• Figure 5: A minimalistic arbitration graph for automated driving as introduced in orzechowskiDecisionMakingAutomatedVehicles2020, extended by fallback layers (underlined).