Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Refining Almost-Safe Value Functions on the Fly

Sander Tonkens, Sosuke Kojima, Chenhao Liu, Judy Masri, Sylvia Herbert

Abstract

Control Barrier Functions (CBFs) are a powerful tool for ensuring robotic safety, but designing or learning valid CBFs for complex systems is a significant challenge. While Hamilton-Jacobi Reachability provides a formal method for synthesizing safe value functions, it scales poorly and is typically performed offline, limiting its applicability in dynamic environments. This paper bridges the gap between offline synthesis and online adaptation. We introduce refineCBF for refining an approximate CBF - whether analytically derived, learned, or even unsafe - via warm-started HJ reachability. We then present its computationally efficient successor, HJ-Patch, which accelerates this process through localized updates. Both methods guarantee the recovery of a safe value function and can ensure monotonic safety improvements during adaptation. Our experiments validate our framework's primary contribution: in-the-loop, real-time adaptation, in simulation (with detailed value function analysis) and on physical hardware. Our experiments on ground vehicles and quadcopters show that our framework can successfully adapt to sudden environmental changes, such as new obstacles and unmodeled wind disturbances, providing a practical path toward deploying formally guaranteed safety in real-world settings.

Refining Almost-Safe Value Functions on the Fly

Abstract

Control Barrier Functions (CBFs) are a powerful tool for ensuring robotic safety, but designing or learning valid CBFs for complex systems is a significant challenge. While Hamilton-Jacobi Reachability provides a formal method for synthesizing safe value functions, it scales poorly and is typically performed offline, limiting its applicability in dynamic environments. This paper bridges the gap between offline synthesis and online adaptation. We introduce refineCBF for refining an approximate CBF - whether analytically derived, learned, or even unsafe - via warm-started HJ reachability. We then present its computationally efficient successor, HJ-Patch, which accelerates this process through localized updates. Both methods guarantee the recovery of a safe value function and can ensure monotonic safety improvements during adaptation. Our experiments validate our framework's primary contribution: in-the-loop, real-time adaptation, in simulation (with detailed value function analysis) and on physical hardware. Our experiments on ground vehicles and quadcopters show that our framework can successfully adapt to sudden environmental changes, such as new obstacles and unmodeled wind disturbances, providing a practical path toward deploying formally guaranteed safety in real-world settings.
Paper Structure (34 sections, 13 theorems, 26 equations, 10 figures, 2 tables, 4 algorithms)

This paper contains 34 sections, 13 theorems, 26 equations, 10 figures, 2 tables, 4 algorithms.

Table of Contents

  1. Introduction
  2. Related work
  3. Control Barrier Functions (CBFs)
  4. Hamilton-Jacobi Reachability (HJR)
  5. Bridging the Gap
  6. Contributions
  7. Organization
  8. Preliminaries
  9. Control Barrier Functions
  10. HJR-based Control Barrier Value Functions
  11. Solutions to HJR value functions
  12. Single-Boundary PDE Formulation MitchellBayenEtAl2005
  13. Variational Inequality Formulation FisacChenEtAl2015
  14. Refining CBFs
  15. Guarantees underlying refining CBFs
  16. ...and 19 more sections

Key Result

Proposition 1

Applying a discount factor $\gamma_{}$ online eq:online-cbf-qp-full for a CBVF that is constructed eq:cbvf_trajectory with $\lambda{} \leq \gamma_{}$ maintains control invariance of the safe set.

Figures (10)

  • Figure 1: Comparison of converged value functions for refineCBF, HJ-Patch, HJR, and jointCBF at a fixed robot orientation (see arrow) and velocity ($v=1.0$m/s) slice. (Left) The 0-level sets show that naively combining constraints (jointCBF) incorrectly merges the safe sets, creating an unsafe region between the obstacles. HJ-Patch and refineCBF both produce safe, comparable boundaries compared to the HJR baseline. (Right) The difference plots highlight that HJ-Patch's value function is a close match to the HJR solution, while refineCBF is more conservative (negative differences) and jointCBF is dangerously optimistic (large positive differences).
  • Figure 2: Online performance with limited-range obstacle detection. These plots show system behavior across 10 simulation rollouts where obstacles are discovered online. (Left) shows the trajectories for all methods (with dotted lines for trajectories post collision) for multiple rollouts. We additionally visualize the detection points based on the limited range of the sensor. (Right) visualizes the value function (with the safety boundary). These rollouts demonstrate the need for refinement, as HJR and jointCBF lead to collision. Additionally, when a GPU is not available, HJ-Patch's computational efficiency enables patching rapidly to provide safety, whereas refineCBF (CPU) fails.
  • Figure 3: Online adaptation and deadlock avoidance in a quadcopter navigation task. The quadcopter must navigate to a goal in a region initially occluded by an obstacle. (Left) Trajectories show refineCBF successfully discovering a path over the obstacle, progressively incorporating the newly seen free space (yellow) into the safe set, then iteratively incorporating this new information into its safe set. In contrast, the backupCBF method gets stuck in a deadlock, unable to find a path to the goal with its fixed backup policy. (Right) The value function confirms this behavior. refineCBF's value dips as it navigates the obstacle and unseen space boundary, and then recovers as the safe set expands. The backupCBF value drops and oscillates near the safety boundary (value=0), indicating a persistent deadlock. Further analysis on why refineCBF avoids deadlock is provided in Fig. \ref{['fig:sub1']}.
  • Figure 4: A snapshot of the Jackal hardware experiment. The robot detects the suddenly fallen obstacle blocking its path. The top-right inset shows the robot's internal map at the moment of detection; the safe set (green) has not yet been updated to incorporate the new SDF map (black), highlighting the need for rapid, in-the-loop replanning to ensure safety.
  • Figure 5: Trajectory comparison for the Jackal hardware experiment. These plots show time snapshots of the system's trajectory after the environment is altered at $t=3.0s$. The fully adaptive refineCBF (blue) successfully backtracks to find a new, safe path. The non-adaptive baseline (refineCBF (no online detection), orange) operates on a stale map, leading directly to a collision with the new obstacle.
  • ...and 5 more figures

Theorems & Definitions (35)

  • Definition 1: Robust Control Invariant Set
  • Definition 2: Viability Kernel, AubinBayenEtAl2011
  • Definition 3: Control Barrier Function Ames2017ControlBF
  • Remark 1: Differentiating a CBVF from a CBF
  • Proposition 1: Forward completeness and safety with larger online discount rate
  • proof
  • Remark 2: Convergence of CBVF
  • Theorem 1: Convergence to a safe CBVF
  • Lemma 1: Convergence to a control invariant set
  • proof
  • ...and 25 more