[Paper] LUCID: Learning-Enabled Uncertainty-Aware Certification of Stochastic Dynamical Systems

Source: arXiv - 2512.11750v1

Overview

The paper presents LUCID, a verification engine that can certify the safety of stochastic dynamical systems that contain opaque, black‑box AI components (e.g., neural‑network controllers). By learning control barrier certificates directly from a finite set of observed state transitions, LUCID delivers quantified, distribution‑aware safety guarantees—something traditional formal methods struggle to provide for modern, data‑driven control loops.

Key Contributions

• First data‑driven safety certifier for black‑box stochastic systems that works from a finite dataset of random transitions.
• Introduces a conditional mean embedding of transition data into a reproducing kernel Hilbert space (RKHS) and builds an ambiguity set that captures out‑of‑distribution uncertainty.
• Develops a finite Fourier kernel expansion that turns a semi‑infinite, non‑convex barrier‑certificate problem into a linear program solvable at scale.
• Leverages the Fast Fourier Transform (FFT) to compute the relaxed problem efficiently, enabling verification on high‑dimensional benchmarks.
• Provides a modular, well‑documented software stack (LUCID) that can be extended with alternative kernels, barrier forms, or robustness models.

Methodology

1. Data Collection – Gather a finite set of state‑transition samples ((x_t, u_t, x_{t+1})) from the stochastic system (including the black‑box controller).
2. Kernel Embedding – Use conditional mean embeddings to map the transition distribution into an RKHS. This yields a feature representation that captures the stochastic dynamics without needing an explicit model.
3. Ambiguity Set Construction – Define a set of plausible transition distributions around the empirical embedding (a “distributional ball”). The size of the ball is tuned to reflect confidence in the data and to guard against out‑of‑distribution events.
4. Barrier Certificate Learning – Search for a function (h(x)) (the barrier) that satisfies:
   • (h(x) \ge 0) for all safe states,
   • Expected decrease of (h) across the ambiguity set for unsafe transitions,
   • A margin that quantifies safety probability.
5. Fourier Spectral Reformulation – Approximate the kernel with a finite Fourier series. This converts the infinite‑dimensional constraints into a linear program whose variables are the Fourier coefficients of (h).
6. Optimization & Certification – Solve the LP (via standard solvers) and obtain a spectral barrier together with a certified lower bound on the probability of staying safe.

The whole pipeline is automated: feed in data, pick a kernel, set confidence parameters, and LUCID spits out a barrier and a safety guarantee.

Results & Findings

• Benchmark Validation – LUCID was tested on several challenging stochastic control tasks (e.g., a double‑integrator with noisy actuation, a lane‑keeping scenario with a neural‑network steering policy).
• Scalability – Thanks to the FFT‑based spectral formulation, verification times grew linearly with the number of Fourier modes and remained under a few seconds for state spaces up to 6 dimensions.
• Robustness – By inflating the RKHS ambiguity set, LUCID maintained safety guarantees even when the test data exhibited distribution shifts not seen during training (e.g., sudden wind gusts).
• Quantified Guarantees – The method produced explicit lower bounds on safety probability (e.g., “≥ 99.3 % chance of staying within lane for 10 s”), which were tighter than those obtained by naïve Monte‑Carlo sampling.

Practical Implications

Because LUCID works directly from data, it fits naturally into continuous integration pipelines: after each model training run, a verification step can confirm that the updated controller still satisfies the required safety probability before it reaches production.

Limitations & Future Work

• Data Dependence – Guarantees are only as good as the collected transition dataset; sparse coverage of rare events can lead to conservative (over‑cautious) barriers.
• Kernel Choice Sensitivity – The quality of the RKHS embedding hinges on selecting an appropriate kernel and bandwidth; poor choices may inflate the ambiguity set unnecessarily.
• Scalability to Very High Dimensions – While the Fourier approach scales linearly with modes, the number of modes needed grows exponentially with state dimension, limiting direct application to systems beyond ~8–10 dimensions without further dimensionality reduction.
• Dynamic Environments – Current formulation assumes a stationary stochastic kernel; extending LUCID to handle time‑varying or context‑dependent dynamics is an open research direction.

Future work outlined by the authors includes adaptive kernel learning to reduce conservatism, hierarchical decomposition for high‑dimensional systems, and integration with online monitoring to tighten safety bounds as more data becomes available.

Authors

• Ernesto Casablanca
• Oliver Schön
• Paolo Zuliani
• Sadegh Soudjani

Paper Information

• arXiv ID: 2512.11750v1
• Categories: eess.SY, cs.LG
• Published: December 12, 2025
• PDF: Download PDF