Value-Aligned Operational Design Domains
- Value-Aligned Operational Design Domains are defined operational envelopes where AI systems operate under constraints derived from stakeholder values and measurable risk thresholds.
- They extend traditional Operational Design Domains by explicitly linking value commitments with entry, invariant, and exit conditions to ensure context-sensitive, auditable performance.
- Applications include autonomous traffic systems and broader AI assurance, providing structured methodologies to convert ethical and safety values into operational criteria.
Value-Aligned Operational Design Domains (VODDs) are operational design domains in which the operating conditions, task scope, and autonomy permissions of an AI-based or autonomous system are explicitly constrained by stakeholder value commitments, measurable requirements, and risk thresholds. In recent formulations, VODDs extend the ODD concept from Automated Driving Systems to broader AI assurance by binding values to application scope, users and agents, vectors, protected characteristics, assets, or, in traffic-agent work, to a Scope of Autonomy together with entry, invariant, and exit conditions for delegation. The concept is intended to make value alignment operational rather than declarative: values are translated into constraints, prohibitions, confidence thresholds, and auditable claims within a delimited operational envelope rather than asserted as global properties of a model or system (Khlaaf, 28 Jun 2026, Rakow et al., 24 Jul 2025).
1. Conceptual lineage and rationale
The immediate conceptual precursor of the VODD is the Operational Design Domain. In the general AI assurance formulation, an ODD is a description of the specific operating conditions and contexts in which an AI system is designed to properly behave. It delineates the system’s safety envelope, that is, the boundary within which hazards and harms can be determined and managed. This generalization was introduced because many AI audits attempted to assess general properties without an operational envelope, making safety evaluation of general multi-modal models intractable due to their innumerable applications (Khlaaf, 28 Jun 2026).
Within this line of work, the central motivation for a VODD is not that value alignment replaces safety, but that value commitments can be encoded as requirements attached to the operational envelope. The same literature explicitly distinguishes safety from alignment: “value alignment” is treated as a kind of system requirement, whereas safety is preventing a system from impacting its environment in an undesirable or harmful way even when it is meeting its intended specifications. A recurrent misconception is therefore that aligned intent is equivalent to safe deployment. The assurance-oriented position is the opposite: alignment measures do not replace safety risk assessments, and unqualified claims such as “safe,” “secure,” or “value-aligned” are misleading unless they are bounded by a concrete ODD and supported by evidence (Khlaaf, 28 Jun 2026).
A second strand of motivation arises in autonomous traffic systems. There, VODDs are presented as a way to structure autonomy according to context-dependent value priorities and explicit conditions for entering, maintaining, and exiting autonomous control. The emphasis shifts from solving moral dilemmas at runtime to anticipating and structuring value-sensitive behavior during development. This reframing is significant because it makes value-sensitive conduct a design-time property of scoped autonomy, rather than a purely online decision problem (Rakow et al., 24 Jul 2025).
2. Formal structures and mathematical representations
The literature does not use a single formalization, but the main formulations are compatible.
| Formalization | Core object | Key elements |
|---|---|---|
| General AI assurance (Khlaaf, 28 Jun 2026) | Operating conditions, task scope, safety envelope, value constraints | |
| Formal value alignment (Sierra et al., 2021) | Normative world | Preferences over state pairs, norms as transition modifiers, path-based alignment |
| MDP-based alignment (Barez et al., 2023) | Normative world over an MDP | State transitions, value-based revealed preferences, policy-weighted alignment |
| Traffic-agent VODD (Rakow et al., 24 Jul 2025) | Scope of Autonomy, entry/invariants/exit, confidence thresholds, delegation |
In the ODD-centric AI assurance framework, the world relevant to operation is decomposed into environment and context variables and task scope , and the ODD is an allowed operating set . The safety envelope is a subset . A VODD arises when stakeholder value commitments are mapped into measurable constraints , prohibitions , and risk thresholds 0, yielding
1
This formulation makes the operational envelope itself the carrier of value commitments rather than treating values as free-floating objectives (Khlaaf, 28 Jun 2026).
The formal value-alignment literature provides the transition-level semantics underlying this move. In one formulation, the world is a labelled transition system 2, values are represented as preferences over pairs of world states,
3
and norms alter the transition structure to yield a normative world 4. Alignment is then defined as the average change in value-based preferences across transitions in paths of that normative world, with a Monte Carlo estimator for tractability (Sierra et al., 2021). The MDP-based variant uses the same basic idea, but frames the world as an MDP and defines alignment as an average or expectation of value-based preference change across transitions under norms and, optionally, under a policy (Barez et al., 2023).
The traffic-agent formulation introduces a structurally different, but compatible, representation. A VODD is written as
5
where 6 is the Scope of Autonomy, typically a partial hierarchy of goals that the agent may autonomously trade off; 7, 8, and 9 are entry conditions, invariants, and exit conditions. Each condition is associated with a confidence threshold,
0
and exit conditions map to designated authorities through a delegation function 1. This version makes autonomy boundaries, confidence, and handover targets explicit parts of value alignment (Rakow et al., 24 Jul 2025).
These formalisms suggest a common interpretation: a VODD is not merely an environment subset, but an operationally enforced subset of states, tasks, actions, and transfers in which value commitments are made measurable and govern admissibility.
3. Translating stakeholder values into operational constraints
The most explicit general method for constructing a VODD is given in the AI assurance framework. It begins by identifying stakeholders and eliciting value commitments 2, such as fairness across protected characteristics, nonmaleficence toward data labelers, safety of end users, or privacy of data subjects. The application or domain and task scope 3 are then selected for the intended use, with the explicit insistence on per-application assessments for general multi-modal models (Khlaaf, 28 Jun 2026).
The ODD taxonomy used for this translation is broad. It includes Application/Domain; Users/Agents, including Human-in-the-Loop roles such as Fine-Tuning & Corrective, Resilience, Justificatory, Dignitary, Accountability, Stand-in, Friction, Warm body, and Interface link; Vector, including Physical/Cyber-physical, Data, Model, Software infrastructure, Interface, and Deployment & Distribution; Protected Characteristics; and Assets. Values are operationalized by attaching constraints to these categories. For Users/Agents, this means defining precise human roles, decision authority, escalation paths, and obligations toward data subjects and labelers. For Vectors, it means restricting interfaces and deployment modes, and defining data provenance, curation obligations, and secure handling. For Protected Characteristics, it means specifying representational adequacy and evaluation stratification, and defining prohibited differential harms. For Assets, it means setting confidentiality, integrity, and availability protections when their violation could cause safety hazards (Khlaaf, 28 Jun 2026).
The same framework then specifies capabilities and limitations, including operating ranges, calibration limits, and contexts explicitly excluded from 4. Acceptable risk thresholds 5 are defined using Hazard Severity Categories and qualitative likelihood classes. Scenarios are enumerated by permuting ODD category values; hazards and harms are identified for each scenario; Hazard Risk Index values are computed; safety requirements and mitigations are derived; and the process iterates until risks meet thresholds or deployment is narrowed. Claims, evidence, and traceability links are then recorded against ODD elements and values (Khlaaf, 28 Jun 2026).
The formal value-alignment literature supplies a parallel, transition-level construction. Stakeholders 6 and values 7 are represented through pairwise preferences 8. Preferences can be aggregated across values and agents using the paper’s operators or arithmetic means, and candidate norms or ODD configurations are compared by the alignment they induce over trajectories in the normative world. In this view, a VODD is obtained by encoding a candidate ODD as a set of norms 9, then computing an alignment functional such as
0
This places VODD design in the space of norm selection and transition shaping rather than only in descriptive scoping (Sierra et al., 2021).
A closely related MDP formulation defines a candidate VODD as a state-action subset 1 together with norms and a control policy, and evaluates it by a policy-weighted expectation of transition-level preference changes. In that setting, a Value-Aligned ODD for value 2 at threshold 3 is any 4 such that the estimated alignment meets or exceeds 5 (Barez et al., 2023).
4. Hazard assessment, assurance, and verification inside a VODD
The assurance-oriented literature treats the VODD as the boundary condition for hazard identification and harm analysis. Using the ODD taxonomy, scenarios are enumerated by varying Application/Domain, Users/Agents, Vector, Protected Characteristics, and Assets. For each scenario, hazards are identified, mapped to harms or losses, assigned a severity category, and paired with a qualitative likelihood estimate. Hazard Severity Categories are Catastrophic, Critical, Major, and Minor; likelihood classes are Frequent, Probable, Occasional, Remote, and Improbable; and the Hazard Risk Index is computed through the MIL-STD-882e matrix, producing cells such as 1A or 3D. The underlying risk relation is written as
6
with an aggregated abstraction
7
The same work cautions that determining precise 8 for AI is an open problem, so qualitative and quantitative evidence must be combined and iterated until risk is eliminated or reduced ALARP (Khlaaf, 28 Jun 2026).
Assurance activities are then tied directly to the VODD boundary. Verification and validation include boundary and stress testing tailored to the ODD; robustness testing of autonomy software and infrastructure faults; data governance and documentation through Datasheets for Datasets and Model Cards; and STPA and safety cases to reason about emergent, system-level hazards beyond component failures. Monitoring and incident response belong to the Deployment & Distribution vector and include runtime monitors for ODD violations such as out-of-distribution detection or subgroup performance drift, incident classification aligned with Hazard Severity Categories, and rollback when thresholds are exceeded. Claims are required to be explicitly bounded by the VODD, with residual risk stated rather than hidden behind generic safety language (Khlaaf, 28 Jun 2026).
A verification-oriented reading extends this logic by treating a VODD as an ODD 9 together with a finite test suite 0 that functions as a “driver’s test” for alignment. In that formulation, exact alignment is expressed as 1, approximate alignment as an 2-bounded value gap, and the objective is a minimal test suite that reliably distinguishes aligned from misaligned behavior. The same work proves that exact value alignment verification from black-box action observation alone is impossible in a finite number of queries, and studies exact and approximate tests based on reward weights, reward samples, value-function queries, and preference queries (Brown et al., 2020). Within a VODD framework, this suggests that assurance artifacts can include not only risk registers and safety cases but also compact, domain-bounded alignment tests.
5. Traffic-agent VODDs and conflict-sensitive autonomy
In autonomous traffic systems, VODDs are developed around a conflict-sensitive design methodology. The underlying conflict model distinguishes goals, beliefs, and behaviors, and defines conflict in terms of the absence of a clearly dominant strategy given an agent’s beliefs. The framework also distinguishes believed conflicts from actual conflicts, allowing designers to analyze whether problems arise from incompatible goals, incorrect beliefs, or insufficient action capabilities. VODDs use this analysis to structure autonomy through explicit value-guided goal hierarchies and explicit conditions under which autonomy may be exercised or must be transferred (Rakow et al., 24 Jul 2025).
The Scope of Autonomy is central in this literature. It specifies which goals an autonomous traffic agent may trade off, and at what priority. Goals may be partially ordered, with incomparabilities allowed. The Domain component then defines entry conditions, invariants, and exit conditions, each with required confidence levels and, for exits, designated delegation targets such as a driver, remote operator, or ethical oversight module. This arrangement gives the VODD two simultaneous functions: it restricts operation to contexts where value-sensitive decision-making is authorized, and it defines when uncertainty, conflict, or degraded confidence requires curtailment of autonomy (Rakow et al., 24 Jul 2025).
The paper’s highway example illustrates this structure. The Scope includes minimizing emissions, minimizing travel time, and supporting smooth traffic flow. Entry and invariant conditions include not planning to leave within 60 seconds, not exiting within 30 seconds, having a mission to reach a destination, and being on a highway in normal traffic. Exit conditions include a predicted travel-time increase exceeding 20% with 85% confidence, which triggers a request for driver input, and a need to exit the highway within 30 seconds with 70% confidence, which triggers transfer of control. The operational significance is that value trade-offs are permitted only while the VODD’s confidence-bounded domain conditions continue to hold (Rakow et al., 24 Jul 2025).
Other traffic examples show how VODDs absorb contested social and moral expectations. In narrowing-road scenarios, safety, legality, courtesy, and efficiency interact when two vehicles cannot simultaneously achieve all goals without coordination. In cyclist interactions, legal compliance may still leave vulnerable road users uncomfortable, prompting changes in perception, overtaking distance, or efficiency goals. In overtaking-truck scenarios, timely delivery competes with support for traffic flow. In each case, the VODD does not eliminate conflict; it determines which conflicts can be handled autonomously, under what hierarchy of values, and when unresolved ambiguity must be delegated (Rakow et al., 24 Jul 2025).
The MDP-based alignment literature provides a compatible quantitative rendering of this same idea. ODD features such as weather, lighting, road class, geofence, speed limits, traffic density, and vehicle state are encoded in the state space; norms disable actions or alter transition probabilities; values are defined through predicates such as safety, comfort, and efficiency; and candidate ODD slices are evaluated by the expected transition-level preference change they induce. The illustrative autonomous-vehicle example shows that a safety-prioritizing VODD can include clear, rain, and snow only when action choices are restricted to “Drive Slow,” whereas a more aggressive “fast-when-safe” mode may be excluded from rain and snow if the alignment threshold is not met (Barez et al., 2023).
6. Limitations, misconceptions, and open problems
Several limitations recur across the literature. The first is terminological and conceptual. Conflating value alignment with safety, treating hazards as threats, or using “red teaming” without distinguishing boundary testing for safety from adversarial security assessment produces overclaimed assurance. The same papers also criticize the direct transplantation of hardware reliability methods such as FMEA to ML behavior, because those methods assume random part failures and known MTBF or MTTF, whereas ML failures are systematic, emergent, non-deterministic, and scale-driven. Likewise, cybersecurity threat scoring methods such as DREAD or CVSS are described as unsuitable substitutes for hazard risk assessment, even though security remains essential within a security-informed safety framework (Khlaaf, 28 Jun 2026).
A second limitation is formal underdetermination. In the transition-based value-alignment model, the construction of 3, the choice of the function used in the preference equation, and the aggregation functions across agents and values are deliberately left open. The same work assumes equiprobable transitions unless otherwise modeled, provides a Monte Carlo estimator for alignment, and does not give formal variance bounds or convergence rates. This means that a VODD derived from these tools is only as stable as the chosen preference representation, aggregation scheme, and transition model (Sierra et al., 2021).
The MDP-based alignment formulation highlights related issues. Although alignment scores are bounded in 4, the paper notes uncertainty in value formalization, possible misspecification of predicates and mappings, partial observability, distribution shift at ODD boundaries, and the need for robust or conservative ODD definitions when generalization is doubtful. This suggests that VODDs are not static certificates; they are hypotheses about domains in which a norm-policy pair remains sufficiently aligned under the chosen model (Barez et al., 2023).
The conflict-sensitive traffic literature emphasizes additional socio-technical limits. Open contexts and imperfect beliefs can produce divergence between believed and actual conflicts. Designing and maintaining a VODD network is not yet fully automated. Continuous updates are needed as norms evolve, and early delegation may reduce overall autonomy in cases of contested norms or inadequate confidence. The paper also identifies open questions about formalizing moral agency and principled measures of moral adequacy, indicating that VODDs currently operationalize value sensitivity more readily than they resolve foundational questions in machine ethics (Rakow et al., 24 Jul 2025).
Across these strands, the main enduring significance of the VODD concept is methodological. It reframes value alignment as a problem of scoping, constraints, evidence, and governed transitions. This suggests a shift away from model-centric claims about globally aligned systems toward bounded claims about where, how, and under whose values a system may legitimately operate.