A Barrier Certificate-based Simplex Architecture for Systems with Approximate and Hybrid Dynamics

TL;DR

This paper introduces Bb-Simplex, a provably correct runtime assurance framework for continuous and hybrid systems using barrier certificates, enabling safe control switching even with approximate dynamics and neural network controllers.

Contribution

It presents a new automated, computationally efficient method for deriving switching conditions from barrier certificates, extending the Simplex architecture to hybrid and approximate dynamics systems.

Findings

Successfully derived switching conditions for complex systems

Ensured safety under adversarial attacks with approximate models

Validated on high-fidelity power system simulations

Abstract

We present Barrier-based Simplex (Bb-Simplex), a new, provably correct design for runtime assurance of continuous dynamical systems. Bb-Simplex is centered around the Simplex control architecture, which consists of a high-performance advanced controller that is not guaranteed to maintain safety of the plant, a verified-safe baseline controller, and a decision module that switches control of the plant between the two controllers to ensure safety without sacrificing performance. In Bb-Simplex, Barrier certificates are used to prove that the baseline controller ensures safety. Furthermore, Bb-Simplex features a new automated method for deriving, from the barrier certificate, the conditions for switching between the controllers. Our method is based on the Taylor expansion of the barrier certificate and yields computationally inexpensive switching conditions. We also propose extensions to Bb-Simplex to enable its use in hybrid systems, which have multiple modes each with its own dynamics, and to support its use when only approximate dynamics (not exact dynamics) are available, for both continuous-time and hybrid dynamical systems. We consider significant applications of Bb-Simplex to microgrids featuring advanced controllers in the form of neural networks trained using reinforcement learning. These microgrids are modeled in RTDS, an industry-standard high-fidelity, real-time power systems simulator. Our results demonstrate that Bb-Simplex can automatically derive switching conditions for complex continuous-time and hybrid systems, the switching conditions are not overly conservative, and Bb-Simplex ensures safety even in the presence of adversarial attacks on the neural controller when only approximate dynamics (with an error bound) are available.