Papers
Topics
Authors
Recent
Search
2000 character limit reached

Sampling-Based Safety Filter with Probabilistic Restrictiveness Guarantee

Published 24 Apr 2026 in eess.SY | (2604.22149v1)

Abstract: Ensuring safety is a critical requirement for autonomous systems, yet providing formal guarantees for nominal controllers remains a significant challenge. In this paper, we propose a modular sampling-based safety filter to ensure the safety of arbitrary nominal control inputs. At each timestep, the filter evaluates the safety of the nominal input by leveraging control sequence samples generated via Stein Variational Model Predictive Control (SV-MPC). This approach approximates a safety-conditioned posterior distribution over control sequences, enabling the filter to effectively capture multimodal safe regions in complex, non-convex environments. The filter guarantees safety by overriding the nominal input when all sampled control sequence candidates are deemed unsafe. By leveraging the scenario approach, the proposed method provides a probabilistic guarantee on its restrictiveness. We validate the filter through collision avoidance tasks in both single- and multi-vehicle settings, demonstrating its efficacy in navigating cluttered environments where nominal controllers may fail.

Summary

  • The paper proposes a sampling-based safety filter that uses SV-MPC to construct a safety-conditioned posterior, ensuring minimal intervention when safe trajectories exist.
  • It leverages a scenario approach to provide finite-sample probabilistic restrictiveness guarantees, balancing safety and performance in high-dimensional tasks.
  • Empirical results in collision avoidance for single and multi-agent systems demonstrate that the filter outperforms unimodal alternatives by reducing unnecessary interventions.

Sampling-Based Safety Filter with Probabilistic Restrictiveness Guarantee

Introduction and Motivation

The paper "Sampling-Based Safety Filter with Probabilistic Restrictiveness Guarantee" (2604.22149) addresses the challenge of certifying safety in autonomous systems, particularly when nominal controllers—often optimized for objectives like efficiency or performance—lack formal guarantees for constraint satisfaction. Safety filters provide modular, supervisory control by monitoring the nominal controller's inputs and overriding them only when safety constraints are at risk. Existing certification mechanisms, such as Hamilton-Jacobi (HJ) reachability and Control Barrier Functions (CBF), suffer from scalability and synthesis limitations. Sampling-based filters founded on Model Predictive Control (MPC) offer flexibility but struggle with non-smooth and non-convex objectives in high-dimensional spaces.

This paper proposes a sampling-based safety filter that provides a probabilistic guarantee on restrictiveness. At each time step, control sequence candidates are sampled using Stein Variational Model Predictive Control (SV-MPC), forming an explicit safety-conditioned posterior. The filter intervenes only when all sampled candidate trajectories are unsafe, thus operating with minimal restrictiveness. This is formalized using the scenario approach, resulting in finite-sample guarantees. The method is evaluated in collision avoidance tasks for single and multi-vehicle scenarios.

Filter Algorithm and Safety Conditioned Sampling

The safety filter algorithm operates as follows: Given a discrete-time dynamical system, the filter samples NN control sequences Ut+1iU_{t+1}^i from an approximated safety-conditioned posterior distribution q~t+1(U)\tilde q_{t+1}(U). Each sequence is rolled out through the dynamics to generate predicted trajectories. Safety is assessed via a level function l(â‹…)l(\cdot); the maximum negative value over the horizon quantifies potential constraint violation. If at least one sampled trajectory is safe, the nominal input is accepted; otherwise, a backup control sequence is applied.

The key technical advance is leveraging SV-MPC to construct the sampling distribution. SV-MPC, using Stein Variational Gradient Descent (SVGD), enables particle-based (multi-modal) approximation of the posterior, capturing arbitrarily complex safe sets and mitigating issues associated with unimodal Gaussian distributions. This is critical in non-convex or disjoint feasible regions often encountered in practical control problems. Figure 1

Figure 1: Comparison of closed-loop trajectories obtained under filters based on SV-MPC and CEM, illustrating superior trajectory planning with multimodal sampling.

Figure 2

Figure 2: Comparison of trajectory samples using SV-MPC (multimodal) vs CEM (unimodal), demonstrating more comprehensive safe coverage via SV-MPC.

Theoretical Guarantee: Safety and Restrictiveness

The filter's intervention policy is formalized via the concept of ϵ\epsilon-restrictiveness: interventions occur only when the probability of sampling a safe sequence from q~t+1(U)\tilde q_{t+1}(U) is less than ϵ\epsilon. By applying the scenario approach [campi2009scenario], the filter guarantees, with confidence 1−β1-\beta, that the probability of unsafe intervention is bounded by ϵ\epsilon if NN samples are used:

Ut+1iU_{t+1}^i0

This result is significant, as it provides a quantifiable bound on unnecessary override actions, directly tied to sample complexity and the quality of the sampling distribution. The SV-MPC-based filter demonstrates fewer unnecessary interventions relative to CEM-based filters, owing to better posterior coverage.

Empirical Validation: Collision Avoidance

Single-Robot Scenario

In cluttered environments, a single robot with Dubins-like dynamics was tasked with goal-reaching behavior while avoiding obstacles. The SV-MPC-based filter outperformed CEM-based filters both in successful navigation and in minimizing deadlock scenarios. Restrictiveness statistics, measured as number of interventions and maximum safe sample rates, validate the theoretical bound, with SV-MPC consistently outperforming CEM for all tested Ut+1iU_{t+1}^i1 thresholds.

Multi-Vehicle Intersection

In a multi-agent intersection coordination task, a GPT-based Decision Transformer was used as the nominal controller. Without filtering, collision rates were substantial. Applying the safety filter eliminated all collisions, albeit with an increased intervention rate, especially as the number of agents increased. These results underscore the effectiveness of the filter in real-time, high-dimensional control problems. Figure 3

Figure 3: Visualization of a collision case: nominal controller results in collision; filter-induced intervention prevents collision by modulating vehicle 2's velocity profile.

Implications and Future Directions

Practically, the proposed safety filter enables end-to-end safe operation of arbitrary nominal controllers without requiring explicit certificate construction or differentiable constraints, making it compatible with model-free controllers, deep RL policies, and sequence models. The multimodal sampling provided by SV-MPC is critical in complex environments and high-dimensional systems.

Theoretically, the probabilistic restrictiveness guarantee represents a substantial advance for sampling-based filters, offering a finite-sample statistical assurance. However, as noted, the guarantee is distribution-dependent; further research is needed to relate restrictiveness to backwards reachable sets or neural reachability tubes. Integration with formal verification and certified scenario optimization methods remains an open challenge.

Continued advancement in adaptive, multimodal safety-conditioned sampling and tighter integration with structure-aware scenario optimization is expected to further reduce interventions and improve sample efficiency, especially for large-scale autonomous fleets and agile robot platforms.

Conclusion

The paper presents a modular sampling-based safety filter with a formal probabilistic restrictiveness guarantee. By employing SV-MPC to approximate the safety-conditioned posterior, the filter effectively balances intervention frequency against safety, outperforming unimodal alternatives in both empirical and theoretical terms. The approach is validated in single-robot and multi-agent settings, providing strong evidence for its practical utility in safety-critical autonomous control. Future directions include formalizing restrictiveness guarantees in terms of reachable tubes and extending the framework to adversarial or uncertain environments.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Collections

Sign up for free to add this paper to one or more collections.