Conflict-Free Policy Languages for Probabilistic ML Predicates: A Framework and Case Study with the Semantic Router DSL

TL;DR

This paper introduces a framework for conflict detection in probabilistic ML-based policy languages, proposing a softmax-based partitioning method to prevent silent conflicts without retraining, demonstrated in the Semantic Router DSL.

Contribution

It characterizes conflict detection as a hierarchy and offers a practical softmax-based solution for embedding conflicts in policy languages, implemented in a production routing language.

Findings

Embedding conflicts can be prevented with softmax partitioning.

The hierarchy clarifies decidability levels for different conflict types.

Implementation in Semantic Router DSL shows practical effectiveness.

Abstract

Conflict detection in policy languages is a solved problem -- as long as every rule condition is a crisp Boolean predicate. BDDs, SMT solvers, and NetKAT all exploit that assumption. But a growing class of routing and access-control systems base their decisions on probabilistic ML signals: embedding similarities, domain classifiers, complexity estimators. Two such signals, declared over categories the author intended to be disjoint, can both clear their thresholds on the same query and silently route it to the wrong model. Nothing in the compiler warns about this. We characterize the problem as a three-level decidability hierarchy -- crisp conflicts are decidable via SAT, embedding conflicts reduce to spherical cap intersection, and classifier conflicts are undecidable without distributional knowledge -- and show that for the embedding case, which dominates in practice, replacing independent thresholding with a temperature-scaled softmax partitions the embedding space into Voronoi regions where co-firing is impossible. No model retraining is needed. We implement the detection and prevention mechanisms in the Semantic Router DSL, a production routing language for LLM inference, and discuss how the same ideas apply to semantic RBAC and API gateway policy.