- The paper presents a unified framework for backup-based safety filters, systematically comparing Backup CBF, MPS, and Gatekeeper through recoverable and inactive sets.
- Empirical evaluations across various scenarios demonstrate that Gatekeeper achieves higher nominal command acceptance and reduced conservatism relative to other methods.
- The theoretical analysis using set-inclusion relationships offers actionable insights for designing less intrusive, safety-certified control schemes in nonlinear systems.
Comparative Analysis of Backup-Based Safety Filters: Backup CBF, MPS, and Gatekeeper
Introduction
This work presents a comprehensive analysis of three canonical backup-based safety filters in nonlinear control: Backup Control Barrier Functions (Backup CBF), Model Predictive Shielding (MPS), and gatekeeper. These approaches ensure formal safety guarantees for nonlinear systems, particularly when nominal planners and controllers—such as those used in reinforcement learning or sampling-based motion planning—lack robust safety assurances. The methodological comparison leverages a unified abstraction based on recoverable sets and filter-inactive sets, offering new insight into the relative conservatism and connective structure of these leading methods.
Unified Framework for Backup-Based Safety Filters
The paper formalizes the notion of a safety filter πsf​ sitting between the plant and a nominal policy πnom​. It intervenes only when necessary to ensure invariance within a predefined safe set C and guarantees eventual entry into a controlled-invariant terminal set S0​. All considered filters are predicated on a backup policy πb​ capable of consistently recovering the system into S0​ from an associated recoverable set.
The primary innovation in analysis is the introduction of the filter-inactive set Isf​, defined as states where the nominal input is left unchanged. Comparisons among filters are then reduced to set-inclusion relations among these inactive sets, providing an interpretable and system-agnostic measure of intervention conservatism.
Theoretical Comparison of Safety Filters
Backup CBF
Backup CBF defines an implicit safe set S as the TB​-horizon recoverable set under the backup policy, where online safety is enforced via a quadratic program (QP) which minimally perturbs the nominal input to remain within S. Crucially, Backup CBF does not make a binary choice between the nominal and backup policies; rather, it projects the nominal input onto the maximal safe admissible subset.
Model Predictive Shielding (MPS)
MPS, originally defined for discrete-time systems, is recast here in continuous-time for formal comparison. At each digital update time, MPS checks if executing the nominal policy for a single interval πnom​0 followed by the backup policy guarantees safety (i.e., the validity test for a fixed switching time). If not, it switches immediately to the backup.
Gatekeeper
Gatekeeper extends MPS by searching over a set of admissible switching times πnom​1, accepting the nominal input as long as some nonzero segment of nominal execution can be safely certified before switching to the backup. This modification systematically reduces intervention conservatism by exploiting the potential to delay the commitment to backup without violating safety.
Figure 1: Recovered safe sets (light-colored regions) and filter-inactive sets (dark-colored regions) for different filters on a double-integrator slice. The viability kernel from HJ reachability provides the ground truth.
Set Relationships
The paper establishes two main theoretical inclusions:
Empirical Evaluation
Planar Double Integrator
In a 4D planar double-integrator, the hierarchy of conservatism across the filters is visualized. The viability kernel computed via Hamilton-Jacobi reachability provides the true safety set. Backup CBF and MPS display substantial conservatism, rejecting states where later switching would suffice for safety. Gatekeeper’s inactive set is visibly larger, confirming the reduction in unnecessary intervention.
Dynamic Reach-Avoid
In a 2D navigation scenario with a moving obstacle, gatekeeper enables the ego agent to reach the goal by hiding in a safety pocket only when truly necessary, in contrast to the persistent retreat enforced by the more conservative filters. Quantitative metrics confirm a significantly higher rate of nominal input acceptance for gatekeeper.
Figure 3: Reach-avoid scenario with a dynamic obstacle. (a) Trajectories generated by each filter. (b) Evolution of the Backup CBF value. (c) Certified switching times πnom​5 for MPS and gatekeeper.
Highway Overtake—Dynamic Bicycle Model
Utilizing a high-dimensional, nonlinear vehicle model, the gatekeeper filter eliminates unnecessary evasive maneuvers triggered prematurely by MPS and Backup CBF, permitting uninterrupted nominal tracking when actual risk is not present. The result is πnom​6 nominal controller usage for gatekeeper, versus substantial intervention fractions for the alternatives.
Figure 4: Highway overtake scenario. (a) Vehicle trajectories under each filter. (b) Backup CBF value time course. (c) Certified switching times πnom​7 for MPS and gatekeeper.
Discussion, Limitations, and Implications
The main structural limitation exposed is what the paper terms safety evaluation on backup: all existing backup-based safety filters, despite different search strategies, restrict their acceptance of the nominal policy based on anticipated feasibility of an immediate or near-future backup maneuver. Thus, safety can be enforced conservatively, even when the nominal trajectory itself would not lead to constraint violation. Gatekeeper addresses the lag between conservatism and actual safety threat by optimizing the switching time, but the quality of the backup policy and the model's fidelity remain fundamental bottlenecks.
From a practical perspective, the parallelized version of gatekeeper offers computational efficiency compatible with real-time deployment, narrowing the gap between permissiveness and tractability. Theoretically, the inclusion relations provide a formal basis for understanding guarantees and limitations, supporting future development of even less-intrusive filters, potentially incorporating lookahead over the full nominal trajectory or fusing with statistical risk estimation.
Conclusion
This review rigorously compares Backup CBF, MPS, and gatekeeper within a common formal framework, elucidating their algorithmic structure, theoretical connections, and empirical performance. The results demonstrate that gatekeeper’s search over switching times yields a strictly less conservative intervention policy than MPS and encompasses the interior acceptance region of Backup CBF. The unified perspective provided here clarifies both the potential and the structural sources of conservatism in backup-based safety filters, guiding future research toward less intrusive, more permissive safety-certified control schemes.
Strong empirical results confirm up to πnom​8 nominal command acceptance for gatekeeper in dynamic scenarios, with computation speeds suitable for online use, while highlighting persistently conservative behavior in other methods. These findings have direct implications for the deployment of safety filters in high-dimensional, safety-critical robotic systems, and suggest promising directions for further integration of model-predictive planning and backup-based certification.