Synergistic Simplex: Cooperative Runtime Assurance for Safety-Critical Autonomous Systems

TL;DR

Synergistic Simplex introduces a novel integration of ML components with safety monitors in autonomous systems, enhancing performance while maintaining formal safety guarantees through bidirectional cooperation.

Contribution

It proposes a new architecture that allows safety monitors to utilize ML outputs, improving system performance without compromising safety guarantees.

Findings

Formal conditions for safe ML-monitor integration derived.

Performance improvements demonstrated in AV obstacle detection.

Bidirectional integration enhances safety-critical system efficiency.

Abstract

Autonomous systems increasingly rely on machine-learning (ML) components for safety-critical tasks such as perception and control in autonomous vehicles (AVs). While ML enables essential capabilities, it inevitably exhibits long-tail faults that make it unsuitable for safety-critical tasks. Runtime assurance (RTA) mitigates this issue by pairing ML components with verifiable safety monitors, e.g., Control Simplex and Perception Simplex architectures. However, the limited performance of safety monitors remains a major bottleneck. The Synergistic Simplex (SS) architecture improves system performance by enabling bidirectional integration between ML components and safety monitors while preserving formal safety guarantees. The key innovation here is allowing safety monitors to use ML outputs, which is typically prohibited in RTA systems. We formally derive conditions under which this integration preserves safety and demonstrate the performance benefits. We present the design, analysis, and evaluation of SS for AV obstacle detection.