Safety Monitoring of Machine Learning Perception Functions: a Survey
Raul Sena Ferreira, Joris Guérin, Kevin Delmas, Jérémie Guiochet, Hélène Waeselynck
TL;DR
This survey tackles the safety monitoring of ML-based perception in safety-critical systems by adopting a top-down, hazard-analysis–driven framework. It develops a comprehensive taxonomy of runtime threats (in-distribution errors, novelty, distributional shift, and adversarial inputs) and maps these to both internal and external detection mechanisms, including uncertainty estimation, domain knowledge, input/output monitoring, and multi-sensor coherence. It further surveys recovery strategies and evaluation practices, emphasizing system-level performance, certification needs, and standardized benchmarks. The work provides a structured guide for safety practitioners and ML researchers to design robust SMs, integrate them into real-time systems, and pursue certification under evolving safety standards.
Abstract
Machine Learning (ML) models, such as deep neural networks, are widely applied in autonomous systems to perform complex perception tasks. New dependability challenges arise when ML predictions are used in safety-critical applications, like autonomous cars and surgical robots. Thus, the use of fault tolerance mechanisms, such as safety monitors, is essential to ensure the safe behavior of the system despite the occurrence of faults. This paper presents an extensive literature review on safety monitoring of perception functions using ML in a safety-critical context. In this review, we structure the existing literature to highlight key factors to consider when designing such monitors: threat identification, requirements elicitation, detection of failure, reaction, and evaluation. We also highlight the ongoing challenges associated with safety monitoring and suggest directions for future research.