Verification and Synthesis of Compatible Control Lyapunov and Control Barrier Functions

Hongkai Dai^∗1, Chuanrui Jiang^∗2, Hongchao Zhang², and Andrew Clark² ¹Hongkai Dai is with the Toyota Research Institute, Los Altos, CA, USA. Email: [email protected]²Chuanrui Jiang, Hongchao Zhang and Andrew Clark are with the Electrical and Systems Engineering Department, McKelvey School of Engineering, Washington University in St. Louis, St. Louis, MO 63130 {[email protected], hongchao, andrewclark}@wustl.edu^∗ denotes equal contributionThis work was supported by the Air Force Office of Scientific Research grants FA9550-22-1-0054 and FA9550-23-1-0208 and NSF grant CNS-1941670.

Abstract

Safety and stability are essential properties of control systems. Control Barrier Functions (CBFs) and Control Lyapunov Functions (CLFs) have been proposed to ensure safety and stability respectively. However, previous approaches typically verify and synthesize the CBFs and CLFs separately, satisfying their respective constraints, without proving that the CBFs and CLFs are compatible with each other, namely at every state, there exists control actions that satisfy both the CBF and CLF constraints simultaneously. There exists some recent works that synthesized compatible CLF and CBF, but relying on nominal polynomial or rational controllers, which is just a sufficient but not necessary condition for compatibility. In this work, we investigate verification and synthesis of compatible CBF and CLF independent from any nominal controllers. We derive exact necessary and sufficient conditions for compatibility, and further formulate Sum-Of-Squares program for the compatibility verification. Based on our verification framework, we also design an alternating nominal-controller-free synthesis method. We evaluate our method in a linear toy, a non-linear toy, and a power converter example.

I Introduction

Safety and stability are essential for control systems that must be ensured to prevent catastrophic economic damage and loss of human life, while still achieve the desired goal [1, 2, 3, 4]. Lyapunov stability guarantees that all trajectories starting within the system’s region-of-attraction (RoA) will converge to the goal state. Meanwhile, safety properties are normally formulated as the positive invariance [5] of given regions in the state space.

The importance of safety has motivated numerous methods such as artificial potential fields [6], reachability analysis[7], Hamilton–Jacobi analysis[8], model predictive control [9], and control barrier functions [10] to synthesize safe control strategies. Among these methods, energy-based methodologies such as barrier certificates [11] and Control Barrier Functions (CBFs) [10] have been proposed that construct an energy function that is positive if the system is safe, and then demonstrate safety by proving that the energy function remains positive for all time. Similarly, Lyapunov stability is certified by a Lyapunov function [12] or a Control Lyapunov function (CLF) [13], which remains non-negative and decreasing along any trajectories, and achieves the minimal value at the goal state. One major benefit of CLFs/CBFs is that they can be incorporated as constraints within optimization-based controllers, resulting in CLF-CBF control policies for joint safety and stability [5, 14]. Such techniques have been widely used in safety critical scenarios such as adaptive cruise control[5, 15], bipedal robot control [10, 16], and multi-waypoint navigation [3], with many different approaches to synthesize the CLF-CBF functions [17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31].

A key challenge in CLF-CBF-based safe control policies is the compatibility of the CLF and CBF constraints, namely the existence of at least one admissible control action satisfying both CLF and CBF constraints simultaneously at every state in the safe region. Most previous approaches address incompatibility by relaxing the CLF constraints [5], and thus prioritizing safety over stability. However, this may sacrifice the stability and result in the system remaining in undesired states [32]. Recent efforts [33, 34] have utilized Sum-Of-Squares (SOS) methods [35, 36] to verify and synthesize compatible CLF and CBF based on nominal controllers. In such methods, a nominal controller is parameterized as a polynomial (or rational) function of state; these methods search for the CLF/CBF together with this nominal controller, such that this nominal controller simultaneously satisfies both the CLF and CBF constraints. The disadvantages of this approach is that it is only a sufficient but not necessary condition for compatibility, as there might exist a non-polynomial (or non-rational) compatible controller, which cannot be captured by the explicit parameterization. A related but orthogonal direction of research synthesizes closed-form controllers for CBF and CLF that are known to be compatible [37].

In this paper, we study the problem of exact verification and synthesis of compatible CLF/CBF for all states in the safe region. We consider a nonlinear control-affine system, both with and without input limits, and derive necessary and sufficient conditions for compatibility using Farkas’ Lemma and the algebraic-geometric Postivstellensatz. We formulate the verification as a SOS program and further simplify it using S-procedure. To synthesize compatible CLF/CBF, we propose a bi-linear alternating method based on the simplified verification program. To summarize, this paper makes the following contributions.

•

We derived the necessary and sufficient condition for CLF-CBF compatibility, and formulated a SOS program independent from any nominal controllers for compatibility verification.
•

We next proposed an alternating method based on verification program to synthesis compatible CBF and CLF, also independent from any nominal controllers.
•

We demonstrated our method in a linear toy, a non-linear toy and a power converter examples.

The rest of the paper is organized as follows. Section II introduces the mathematical background on Positivstellensatz and Farkas’ lemma. Section III presents the definition of the system model, CBF and CLF. The proposed verification and synthesis framework are introduced in Section IV. Section V gives the simulation results, and we conclude the paper in Section VI.

Notation: We use lower case letter ( $x$ ) to denote a scalar, bold lower case ( $\mathbf{x}$ ) to denote a vector, upper case letter ( $X$ ) for a matrix, and calligraphic letter ( $\mathcal{X}$ ) to denote a set.

II Mathematical background

A polynomial $p(\mathbf{x})$ is sum-of-squares (sos) iff

p(\mathbf{x})=\sum_{i=1}^{n}(p_{i}(\mathbf{x}))^{2}

for some polynomials $p_{i}(\mathbf{x})$ . A sos polynomial is non-negative. It can be verified that a polynomial is sos through convex optimization.

The cone generated from a set of polynomials $\phi_{1},\ldots,\phi_{s}$ is given by

\Sigma[\phi_{1},\ldots,\phi_{s}]=\left\{\sum_{S\subseteq\{1,\ldots,s\}}{\alpha% _{S}(\mathbf{x})\prod_{i\in S}{\phi_{i}(\mathbf{x})}}:\right.\\ \left.\alpha_{S}(\mathbf{x})\in\mbox{ SOS }\forall S\subseteq\{1,\ldots,s\}% \right\}.

The ideal generated from polynomials $\psi_{1},\ldots,\psi_{r}$ is given by

\mathbb{I}[\psi_{1},\ldots,\psi_{r}]=\left\{\sum_{l=1}^{r}{a_{i}(\mathbf{x})% \psi_{l}(\mathbf{x})}:a_{1},\ldots,a_{r}\mbox{ polynomials}\right\}.

Theorem 1 (Positivstellensatz (P-satz)[36])

Let $\left(\phi_{j}\right)_{j=1,\ldots,s}$ , $\left(\psi_{\ell}\right)_{\ell=1,\ldots,r}$ be finite families of polynomials in $\mathbb{R}\left[\mathbf{x}\right]$ . Denote the cone generated from $\left(\phi_{j}\right)_{j=1,\ldots,s}$ by $\Sigma[\phi_{1},\ldots,\phi_{s}]$ , and the ideal generated from $\left(\psi_{\ell}\right)_{\ell=1,\ldots,r}$ by $\mathbb{I}[\psi_{1},\ldots,\psi_{r}]$ . Then, the following statements are equivalent:

The set

\left\{\begin{array}[]{l|ll}\mathbf{x}\in\mathbb{R}^{n}&\begin{array}[]{ll}% \phi_{j}(\mathbf{x})\geq 0,&j=1,\ldots,s\\ \psi_{\ell}(\mathbf{x})=0,&l=1,\ldots,r\end{array}\end{array}\right\}

is empty.

2.

There exist $\theta(\mathbf{x})\in\Sigma,\lambda(\mathbf{x})\in\mathbb{I}$ such that $\lambda(\mathbf{x})+\theta(\mathbf{x})+1=0$ .

In Positivstellensatz, (2) is a necessary and sufficient condition for (1). On the other hand, (2) requires computing the cone $\Sigma$ , which needs exponential number of polynomials $\alpha_{S}(\mathbf{x})$ (as $S$ permutes over all subsets of $\{1,\ldots,s\}$ ). To remedy this computation challenge, people often resort to S-procedure[36], which replaces the cone $\Sigma$ with the quadratic module $\mathcal{Q}$

\mathcal{Q}[\phi_{1},\ldots,\phi_{s}]=\\ \{\alpha_{0}(\mathbf{x})+\alpha_{1}(\mathbf{x})\phi_{1}(\mathbf{x})+\ldots+% \alpha_{s}(\mathbf{x})\phi_{s}(\mathbf{x}),\alpha_{i}(\mathbf{x})\in\text{SOS}\}.

Lemma 1 (S-procedure)

Eq. (2) in theorem 1 is a sufficient condition for (1) if we replace the cone $\theta\in\Sigma$ with the quadratic module $\theta\in\mathcal{Q}[\phi_{1},\ldots,\phi_{s}]$ .¹¹1Under some stronger assumptions on $\phi(\mathbf{x}),\psi(\mathbf{x})$ , such as Archimedean, S-procedure also gives a necessary and sufficient condition [38].

Farkas’ Lemma gives conditions for non-existence of solutions to linear inequalities and is presented as follows.

Lemma 2 (Farkas’ Lemma [39])

Let $\Lambda\in\mathbf{R}^{m\times n}$ be a matrix, and $\mathbf{\xi}\in\mathbb{R}^{m}$ be a vector. Then the system of inequalities $\Lambda{\mathbf{x}}\leq\mathbf{\xi}$ has a solution if and only if the set $\{\mathbf{z}\;|\;\mathbf{z}\geq 0,\mathbf{z}^{T}\Lambda=\mathbf{0}^{T},\mathbf% {\xi}^{T}\mathbf{z}=-1\}$ is empty.

III Problem statement

III-A System Model

We consider a continuous-time nonlinear control-affine system in the form


	$\displaystyle\dot{\mathbf{x}}=\mathbf{f}(\mathbf{x})+g(\mathbf{x})\mathbf{u}$		(1a)
	$\displaystyle\mathbf{u}\in\mathcal{U}=\{\mathbf{u}\;\|\;A\mathbf{u}\leq\mathbf{% c}\},$		(1b)

where $\mathbf{x}\in\mathcal{X}\subset\mathbb{R}^{n_{x}}$ is the state and $\mathbf{u}\in\mathcal{U}\subset\mathbb{R}^{n_{u}}$ is the control input. We also assume that $f:\mathcal{X}\rightarrow\mathbb{R}^{n_{x}}$ and $g:\mathcal{X}\rightarrow\mathbb{R}^{n_{x}\times n_{u}}$ are polynomial functions of $\mathbf{x}$ . The set of admissible control $\mathcal{U}$ is represented as a polyhedron $A\mathbf{u}\leq\mathbf{c},A\in\mathbb{R}^{p\times n_{u}},\mathbf{c}\in\mathbb{% R}^{p}$ . Note that this parameterization of $\mathcal{U}$ includes the entire set $\mathcal{R}^{n_{u}}$ (unconstrained control) as a special case, where $A$ and $\mathbf{c}$ are empty, hence we can model systems with or without input limits. A control policy $\mu:\mathcal{X}\rightarrow\mathcal{U}$ maps a state $\mathbf{x}$ to a control input $\mathbf{u}$ . Without loss of generality we assume the equilibrium state is $\mathbf{x}=\mathbf{0}$ . The state space $\mathcal{X}$ is divided into a safe region $\mathcal{X}_{s}$ and an unsafe region $\mathcal{X}_{u}=\mathcal{X}-\mathcal{X}_{s}$ . Our goal is to design a control policy $\mu$ which renders $\mathcal{X}_{s}$ positively invariant, and the trajectories converging to $\mathbf{x}=\mathbf{0}$ .

III-B Control Barrier Function (CBF) and Control Lyapunov Function (CLF)

We consider safety constraints that are specified as super-level sets of differentiable functions $b:\mathcal{X}\rightarrow\mathbb{R}$ . In particular, we consider sets $\mathcal{C}$ that satisfy

\displaystyle\mathcal{C}

\displaystyle=\{\mathbf{x}\;|\;b(\mathbf{x})\geq 0\}.

If $\mathcal{C}\subseteq\mathcal{X}_{s}$ and $\mathcal{C}$ is positively invariant, then any trajectory with $\mathbf{x}(0)\in\mathcal{C}$ will be safe for all time $t$ .

Definition 1 (CBF [10])

A function $b(\mathbf{x})$ is a CBF if

\sup_{\mathbf{u}\in\mathcal{U}}\{L_{f}b(\mathbf{x})+L_{g}b(\mathbf{x})\mathbf{% u}+\kappa_{b}(b(\mathbf{x}))\}\geq 0

(2)

for all $\mathbf{x}\in\mathcal{C}$ , where $L_{f}b(\mathbf{x})=\frac{\partial b(\mathbf{x})}{\partial\mathbf{x}}\mathbf{f}% (\mathbf{x})$ , $L_{g}b(x)=\frac{\partial b(\mathbf{x})}{\partial\mathbf{x}}g(\mathbf{x})$ , and $\kappa_{b}(\cdot)$ is an extended class $\kappa$ function²²2Recall function $\kappa(.)$ is extended class $\kappa$ if it is monotone, increasing, and satisfies $\kappa(0)=0$ ..

A special class of Definition 1 consists of Exponential Control Barrier Functions, for which $\kappa_{b}(b(\mathbf{x}))=\kappa_{b}b(\mathbf{x})$ where $\kappa_{b}$ is a positive constant. Constraint (2) ensures the set $\mathcal{C}$ positive invariant for system represented by (1) [10].

A control Lyapunov function is defined as follows.

Definition 2 (CLF [40])

A differentiable function $V:\mathcal{X}\rightarrow\mathbb{R}$ is a Control Lyapunov Function if $V(\mathbf{0})=0$ , $V(\mathbf{x})>0\text{ if }\mathbf{x}\neq 0$ and

\inf_{\mathbf{u}\in\mathcal{U}}\{L_{f}V(\mathbf{x})+L_{g}V(\mathbf{x})\mathbf{% u}+\kappa_{V}(V(\mathbf{x}))\}\leq 0

(3)

for all $\{\mathbf{x}\;|\;V(\mathbf{x})\leq 1\}$ , where $\kappa_{V}(.)$ is also an extended class $\kappa$ function. This proves that the sub-level set $\{\mathbf{x}\;|\;V(\mathbf{x})\leq 1\}$ is an inner approximation of the region-of-attraction (ROA).

If a system satisfies constraint (3) for all time $t$ , then the system can be stabilized to the origin [40]. Also, in this paper, we use exponential stability so that $\kappa_{V}(V(\mathbf{x}))=\kappa_{V}V(\mathbf{x})$ , where $\kappa_{V}$ is a positive constant.

IV Methodology

In this section, we first present our algorithm to verify compatibility of CLF and CBF through convex optimization (section IV-A); then build upon the verification formulation, we present our algorithm to synthesize compatible CLF/CBF through solving a sequence of convex optimization problems (section IV-B).

IV-A Verification of compatibility

For a candidate CBF $b(\mathbf{x})$ and a candidate CLF $V(\mathbf{x})$ , define 0-super-level set $\mathcal{C}=\{\mathbf{x}\;|\;b(\mathbf{x})\geq 0\}$ and the 1-sub-level set $\mathcal{D}:=\{\mathbf{x}\;|\;V(\mathbf{x})\leq 1\}$ (this 1-sub-level set will be an inner approximation of the region-of-attraction). We formally state the compatible CLF-CBF as follows

Problem 1 (Compatible CLF-CBF)

Given positive constants $\kappa_{V}$ , $\kappa_{b}$ , a positive definite function $V(\mathbf{x})$ , and a function $b(\mathbf{x})$ such that $\mathcal{C}\subseteq\mathcal{X}_{s}$ , verify that $\forall\mathbf{x}\in\mathcal{C}\cap\mathcal{D}$ , there exists $\mathbf{u}$ such that

\begin{bmatrix}L_{f}V(\mathbf{x})\\ -L_{f}b(\mathbf{x})\\ \mathbf{0}\end{bmatrix}+\begin{bmatrix}L_{g}V(\mathbf{x})\\ -L_{g}b(\mathbf{x})\\ A\end{bmatrix}\mathbf{u}\leq\begin{bmatrix}-\kappa_{V}V(\mathbf{x})\\ \kappa_{b}b(\mathbf{x})\\ \mathbf{c}\end{bmatrix}

(4)

namely there exists $\mathbf{u}\in\mathcal{U}$ satisfying both the CBF condition (1) and the CLF condition (2) simultaneously. The region $\mathcal{C}\cap\mathcal{D}$ is certified to be safe and stabilizable.

We call the functions $V(\mathbf{x})$ and $b(\mathbf{x})$ compatible CLF and CBF if they satisfy the conditions of Problem 1, with $\mathcal{C}\cap\mathcal{D}$ as the compatible region.

IV-A1 Exact Verification

Verifying the condition (4) is equivalent to verifying that there exists a solution $\mathbf{u}$ for the inequality

\Lambda(\mathbf{x})\mathbf{u}\leq\xi(\mathbf{x}),\ \forall\mathbf{x}\in% \mathcal{C}\cap\mathcal{D}

(5)

where

\Lambda(\mathbf{x})=\begin{bmatrix}L_{g}V(\mathbf{x})\\ -L_{g}b(\mathbf{x})\\ A\end{bmatrix},\mathbf{\xi}(\mathbf{x})=\begin{bmatrix}-\kappa_{V}V(\mathbf{x}% )-L_{f}V(\mathbf{x})\\ \kappa_{b}b(\mathbf{x})+L_{f}b(\mathbf{x})\\ \mathbf{c}\end{bmatrix}.

Note that $\Lambda(\mathbf{x})\in\mathbb{R}^{(p+2)\times n_{u}}$ and $\mathbf{\xi}(\mathbf{x})\in\mathbb{R}^{p+2}$ . We let $\Lambda_{i}(\mathbf{x})$ denote the $i$ -th column of $\Lambda(\mathbf{x})$ .

Based on Farkas’ Lemma, we give an equivalent condition (Lemma 3) for CLF-CBF compatibility.

Lemma 3

The CBF $b(\mathbf{x})$ and CLF $V(\mathbf{x})$ are compatible if and only if the following set is empty:

\{(\mathbf{x},\mathbf{z})\;|\;b(\mathbf{x})\geq 0,V(\mathbf{x})\leq 1,\\ \mathbf{z}^{T}\Lambda(\mathbf{x})=\mathbf{0}^{T},\mathbf{\xi}(\mathbf{x})^{T}% \mathbf{z}=-1,\mathbf{z}\geq\mathbf{0}\},

(6)

where $\mathbf{z}\in\mathbb{R}^{p+2}$ and $(\mathbf{x},\mathbf{z})\in\mathbb{R}^{n_{x}+p+2}$ is a concatenated vector.

The conclusion of Lemma 3 can be further simplified. Define the element-wise squared operation of vector $\mathbf{y}=[y_{1},\dots,y_{p+2}]^{T}$ as $\mathbf{y}^{2}=[y_{1}^{2},\dots,y_{p+2}^{2}]^{T}$ . Then an equivalent formulation of Lemma 3 is as follows.

Lemma 4

The CBF $b(\mathbf{x})$ and CLF $V(\mathbf{x})$ are compatible if and only if the following set is empty:

\{(\mathbf{x},\mathbf{y})\;|\;b(\mathbf{x})\geq 0,V(\mathbf{x})\leq 1,\\ (\mathbf{y}^{2})^{T}\Lambda(\mathbf{x})=\mathbf{0}^{T},\mathbf{\xi}(\mathbf{x}% )^{T}\mathbf{y}^{2}=-1\},

(7)

where $\mathbf{y}^{2}\in\mathbb{R}_{\geq 0}^{p+2}$ and $(\mathbf{x},\mathbf{y})\in\mathbb{R}^{n_{x}+p+2}$ is a concatenated vector. Namely, we replace the vector $\mathbf{z}$ and the non-negative constraint $\mathbf{z}\geq 0$ with a new vector $\mathbf{y}^{2}$ which is non-negative by construction.

Applying P-satz to Lemma 4 gives the following theorem. Noted that $(\mathbf{y}^{2})^{T}\Lambda(\mathbf{x})\in\mathbb{R}^{n_{u}}$ , each element of $(\mathbf{y}^{2})^{T}\Lambda(\mathbf{x})$ is computed by $(\mathbf{y}^{2})^{T}\Lambda_{i}(\mathbf{x}),i=1,2\dots n_{u}$ , and also, $\mathbf{\xi}(\mathbf{x})^{T}\mathbf{y}^{2}$ is a scalar.

Theorem 2

The given CLF $V(\mathbf{x})$ and CBF $b(\mathbf{x})$ are compatible if and only if there exist polynomials $\lambda(\mathbf{x},\mathbf{y}),\theta(\mathbf{x},\mathbf{y})$ satisfying:

1.

$\theta(\mathbf{x},\mathbf{y})\in\Sigma[b(\mathbf{x}),1-V(\mathbf{x})]$
2.

$\lambda(\mathbf{x},\mathbf{y})\in\mathbb{I}[(\mathbf{y}^{2})^{T}\Lambda_{1}(% \mathbf{x}),\dots,(\mathbf{y}^{2})^{T}\Lambda_{n_{u}}(\mathbf{x}),\mathbf{\xi}% (\mathbf{x})^{T}\mathbf{y}^{2}+1]$
3.

$\theta(\mathbf{x},\mathbf{y})+\lambda(\mathbf{x},\mathbf{y})+1=0$

As explained in section II, directly applying P-satz might be computationally challenging. To remedy this, we could apply the S-procedure (Lemma 1) and formulate the following convex optimization problem to verify compatibility


Find	$\displaystyle\;\mathbf{s}_{0}(\mathbf{x},\mathbf{y}),s_{1}(\mathbf{x},\mathbf{% y}),s_{2}(\mathbf{x},\mathbf{y}),s_{3}(\mathbf{x},\mathbf{y})$	(8a)
$\displaystyle\begin{split}\text{s.t }&-1-\mathbf{s}_{0}(\mathbf{x},\mathbf{y})% ^{T}((\mathbf{y}^{2})^{T}\Lambda(\mathbf{x}))-s_{1}(\mathbf{x},\mathbf{y})(% \mathbf{\xi}(\mathbf{x})^{T}\mathbf{y}^{2}+1)\\ &\qquad-s_{2}(\mathbf{x},\mathbf{y})(1-V(\mathbf{x}))-s_{3}(\mathbf{x},\mathbf% {y})b(\mathbf{x})\in\text{SOS}\end{split}$		(8b)
	$\displaystyle s_{2}(\mathbf{x},\mathbf{y}),s_{3}(\mathbf{x},\mathbf{y})\in% \text{SOS}.$	(8c)

A given pair of CLF $V(\mathbf{x})$ and CBF $b(\mathbf{x})$ are compatible if we can find the polynomials $s_{i}(\mathbf{x},\mathbf{y}),i=0,1,2,3$ in program (8).

IV-A2 CBF Correctness Verification

In addition to verifying the CLF-CBF compatibility, we must also ensure that the set $\{\mathbf{x}\;|\;b(\mathbf{x})\geq 0\}$ is contained in the desired safe region, i.e., $\{\mathbf{x}|b(\mathbf{x})\geq 0\}$ implies $\mathbf{x}\in\mathcal{X}_{s}$ Assume an unsafe region presented by:

\mathcal{X}_{u}=\cup_{j=1}^{K}\{\mathbf{x}|h_{j}(\mathbf{x})\leq 0\}.

(9)

Using the S-procedure, we can formulate the correctness verification program:


Find	$\displaystyle q_{1}(\mathbf{x})\dots q_{K}(\mathbf{x}),p_{1}(\mathbf{x})\dots p% _{K}(\mathbf{x})\in\text{SOS}$
s.t.	$\displaystyle-1+q_{j}(\mathbf{x})b(\mathbf{x})+p_{j}(\mathbf{x})h_{j}(\mathbf{% x})\in\text{SOS},\;j=1,\dots K.$	(10a)

On the other hand, if the unsafe region is defined as

\mathcal{X}_{u}=\cap_{j=1}^{K}\{\mathbf{x}|h_{j}(\mathbf{x})\leq 0\},

(11)

then the correctness verification program is given by


Find	$\displaystyle q(\mathbf{x}),p_{1}(\mathbf{x})\dots p_{K}(\mathbf{x})\in\text{SOS}$
s.t.	$\displaystyle-1+q(\mathbf{x})b(\mathbf{x})+\sum_{j=1}^{K}p_{j}(\mathbf{x})h_{j% }(\mathbf{x})\in\text{SOS}.$	(12a)

If the unsafe region is only characterized by single polynomial, then (10) and (12) are the same and we would have single $q(\mathbf{x})$ and $p(\mathbf{x})$ .

Both problems (10) and (12) can be solved

IV-B Compatible CBF and CLF synthesis

Based on the previous verification framework, we next propose an alternating method to synthesize compatible CBF and CLF. We first formulate the synthesis problem, and then introduce the overall structure of the alternating algorithm and each component of the algorithm in detail. Finally we prove the compatibility of the synthesized CLF and CBF. For simplicity, in the following derivations, we use (9) as the definition of unsafe region and use the constraints in (10) as CBF correctness constraint.

Problem 2

Given a system (1), with equilibrium state $\mathbf{x}^{*}=\mathbf{0}$ , constants $\kappa_{V}$ , $\kappa_{b}$ , and polynomials $h_{1}(\mathbf{x})\dots h_{K}(\mathbf{x})$ characterizing the unsafe region, find a positive definite function $V(\mathbf{x})$ and a function $b(\mathbf{x})$ such that there always exist a $\mathbf{u}\in\mathcal{U}$ satisfying (4) for all the $\mathbf{x}\in\mathcal{D}\cap\mathcal{C}$ , where $\mathcal{C}=\{\mathbf{x}\;|\;b(\mathbf{x})\geq 0\}$ , and $\mathcal{D}=\{\mathbf{x}\;|\;V(\mathbf{x})\leq 1\}$ . We call the region $\mathcal{C}\cap\mathcal{D}$ as the “compatible region”, and our goal is to maximize some objective function $\gamma(\mathcal{C}\cap\mathcal{D})$ on this compatible region. One example of the objective function is the volume $\gamma(\mathcal{C}\cap\mathcal{D})=\text{Vol}(\mathcal{C}\cap\mathcal{D})$ .

Mathematically, our goal is to solve the following optimization problem


	$\displaystyle\max_{\begin{subarray}{c}V(\mathbf{x}),b(\mathbf{x}),\\ p(\mathbf{x}),q(\mathbf{x}),s(\mathbf{x})\end{subarray}}\gamma(\mathcal{C}\cap% \mathcal{D})$	(13a)
s.t	$\displaystyle V(\mathbf{0})=0,V(\mathbf{x})\in\text{ SOS}$	(13b)
	$\displaystyle\text{Constraint }\eqref{eq:verify_S-procedure_constraint},\eqref% {eq:cbf_safe_constraint}$	(13c)
	$\displaystyle s_{2}(\mathbf{x},\mathbf{y}),s_{3}(\mathbf{x},\mathbf{y}),q_{i}(% \mathbf{x}),p_{i}(\mathbf{x})\in\text{ SOS},i=1,\ldots,K.$	(13d)

Unlike the verification problem (8) and (10) where $V(\mathbf{x})$ and $b(\mathbf{x})$ are given, now we need to jointly search for $V(\mathbf{x}),b(\mathbf{x})$ together with the Lagrangian multipliers $p(\mathbf{x}),q(\mathbf{x}),s(\mathbf{x})$ in (13). Notice that all the constraints in problem (13) are convex, except for (8b) and (10a), which are bi-linear in the decision variable $V(\mathbf{x}),b(\mathbf{x}),p(\mathbf{x}),q(\mathbf{x}),s(\mathbf{x})$ , and hence cannot be directly handled by convex optimization. To remedy this, we resort to bilinear alternation, a common technique in SOS-based controller design [36, 41]. Where we alternate between

1.

Lagrangian searching: fix $V(\mathbf{x}),b(\mathbf{x})$ , search for the Lagrangian multipliers $p(\mathbf{x}),q(\mathbf{x}),s(\mathbf{x})$ .
2.

Update CLF-CBF: fix the Lagrangian multiplier, search for $V(\mathbf{x}),b(\mathbf{x})$ while maximizing a surrogate function of $\gamma(\mathcal{C}\cap\mathcal{D})$ .

Step 1 is the verification problem (8) and (10) discussed in the previous subsection. In step 2, we consider two different choices of objective function $\gamma(\mathcal{C}\cap\mathcal{D})$

•

Maximize the volume $\text{Vol}(\mathcal{C}\cap\mathcal{D})$ .
•

Given a set of predefined “candidate states” $\mathbf{x}^{(1)},\ldots,\mathbf{x}^{(L)}$ , we want the compatible region $\mathcal{C}\cap\mathcal{D}$ to cover as many “candidate states” as possible.

We next present how to search for $V(\mathbf{x}),b(\mathbf{x})$ to optimize these two objectives respectively, while fixing the Lagrangian multipliers.

IV-B1 Maximize volume

To maximize the volume of the compatible region, we need to solve the following optimization problem


	$\displaystyle\max_{V(\mathbf{x}),b(\mathbf{x})}\;\text{Vol}(\mathcal{C}\cap% \mathcal{D})$	(14a)
s.t	$\displaystyle V(\mathbf{0})=0,V(\mathbf{x})\in\text{ SOS}$	(14b)
	$\displaystyle\text{Constraint }\eqref{eq:verify_S-procedure_constraint},\eqref% {eq:cbf_safe_constraint}.$	(14c)

Directly maximing the volume of the semi-algebraic set $\text{Vol}(\mathcal{C}\cap\mathcal{D})$ can be challenging³³3There exists some work to compute the volume of a given basic semi-algebraic set through a sequence of semidefinite programs with increasing sizes [42], but cannot be directly applied to maximize volume of the basic semi-algebraic set while searching for its defining polynomials., hence we seek an alternative approach to grow the compatible region, as shown in Appendix VII-A.

IV-B2 Cover many candidate states

Alternatively we can grow the compatible region $\mathcal{C}\cap\mathcal{D}$ to cover the candidate states $\mathbf{x}^{(1)},\ldots,\mathbf{x}^{(L)}$ . We know that the candidate state $\mathbf{x}^{(i)}\in\mathcal{C}\cap\mathcal{D}$ iff $V(\mathbf{x}^{(i)})\leq 1$ and $b(\mathbf{x}^{(i)})\geq 0$ . Hence we can design the objective function as

\displaystyle\min_{V(\mathbf{x}),b(\mathbf{x})}\sum_{i=1}^{L}c_{1}\text{ReLU}(% V(\mathbf{x}^{(i)})-1)+c_{2}\text{ReLU}(-b(\mathbf{x}^{(i))}),

(15)

where $c_{1},c_{2}>0$ are given positive weights, and Eq (15) penalizes the violation of $x^{(i)}\notin\mathcal{C}\cap\mathcal{D}$ . To avoid arbitrary scaling of CBF $b(\mathbf{x})$ (if $b(\mathbf{x})$ is a valid CBF, the scaling it as $k*b(\mathbf{x})$ by any positive constant $k$ is still a valid CBF, and the cost function becomes unbounded under infinite scaling), we impose an additional constraint $b(\mathbf{0})\leq 1$ . As a result, the optimization problem is written as


	$\displaystyle\text{Objective }\eqref{eq:candidate_states_cost}$	(16a)
s.t	$\displaystyle V(\mathbf{0})=0,V(\mathbf{x})\in\text{ SOS}$	(16b)
	$\displaystyle\text{Constraint }\eqref{eq:verify_S-procedure_constraint},\eqref% {eq:cbf_safe_constraint}$	(16c)
	$\displaystyle b(\mathbf{0})\leq 1$	(16d)

The optimization problems (14) and (16) are convex optimization problems when searching over $V(\mathbf{x}),b(\mathbf{x})$ .

To summarize, we outline our synthesis algorithm in Algorithm 1

Algorithm 1 Synthesize compatible CLF-CBF

1:Given system dynamics (1), positive constants

\kappa_{V},\kappa_{b}

and unsafe region

\mathcal{X}_{u}

in (9).

2:Initialize

V^{(0)}(\mathbf{x}),b^{(0)}(\mathbf{x})

i=0

3:while

i<\text{MaxIter}

4: Fix

V^{(i)}(\mathbf{x}),b^{(i)}(\mathbf{x})

, solve (8) and (10) to find the Lagrangian multipliers

p^{(i)}(\mathbf{x}),q^{(i)}(\mathbf{x}),s^{(i)}(\mathbf{x},\mathbf{y})

5: Fix

p^{(i)}(\mathbf{x}),q^{(i)}(\mathbf{x}),s^{(i)}(\mathbf{x},\mathbf{y})

, find CLF-CBF

V^{(i+1)}(\mathbf{x}),b^{(i+1)}(\mathbf{x})

through solving either (14) or (16).

i\leftarrow i+1

7:end while

In line 2 of Algorithm 1, we can initialize the CLF/CBF in many ways, for example a good candidate is to linearize the dynamics around the equilibrium state and use the LQR cost-to-go to design the initial guess.

With a feasible initial guess $V^{(0)}$ and $b^{(0)}$ , by induction, the CLF $V^{(i)}$ and CBF $b^{(i)}$ are also compatible in each iteration.

V Numerical Simulation

In this section, we evaluate our proposed exact verification method and compatible CLF/CBF synthesis approach. We demonstrate that our verification can differentiate compatible and incompatible CLF/CBF by solving convex optimization problems. We show that our proposed synthesis approach construct CLF/CBF candidates by enlarging the compatible region while ensuring the compatibility. All case studies are written in Python based on Drake [43] and MOSEK [44], and are conducted on a laptop with an Intel Core i5 6300HQ CPU and 8GB RAM. The detailed parameter settings can be found in our code.

V-A Verification

We evaluate the proposed verification framework using the 2-D first order integrator example mentioned in [32]. In order to show the framework’s capability of differentiating incompatible and compatible CLF-CBF, we first construct an incompatible CBF and CLF and show that they fail to pass the verification. We then verify a compatible CBF/CLF pair.

We evaluate our verification approach on the 2D first-order integrator $\dot{\mathbf{x}}=\mathbf{u}$ , where $\mathbf{x}\in\mathbb{R}^{2}$ , $\mathbf{u}\in\mathcal{U}\subset\mathbb{R}^{2}$ . The unsafe region $\mathcal{X}_{u}$ is represented by $\mathcal{X}_{u}=\{\mathbf{x}\;|\;\mathbf{x}_{1}^{2}+(\mathbf{x}_{2}-3)^{2}-1.5% ^{2}\leq 0\}$ . We also consider the linear input constraint $\mathcal{U}=\{\mathbf{u}\;|\;|\mathbf{u}_{1}|\leq 3,|\mathbf{u}_{2}|\leq 3\}$ . We let parameters $\kappa_{V}=0.01$ and $\kappa_{b}=0.01$ .

V-A1 Incompatible Example

In this example, we use the following given pair of incompatible CLF and CBF:

		$\displaystyle\text{CLF: }V(\mathbf{x})=0.05\mathbf{x}_{1}^{2}+0.0125\mathbf{x}% _{2}^{2}$
		$\displaystyle\text{CBF: }b(x)=\mathbf{x}_{1}^{2}+(\mathbf{x}_{2}-3)^{2}-1.5^{2}.$		(17)

The incompatibility is checked by finding a state $\hat{\mathbf{x}}=[0,5]^{T}$ at which there does not exist $\mathbf{u}\in\mathcal{U}$ satisfying CLF and CBF constraints. We then give this pair of CLF-CBF to the verification SOS program. The degrees of the Lagrangian polynomials are set to be $2$ . The convex optimization (8) reports infeasibility, which is consistent with the incompatible state $[0,5]^{T}$ .

V-A2 Compatible Example

We use the idea of CLBF [3] and give the verification framework a CLBF pair:

		$\displaystyle\text{CLF: }V(\mathbf{x})=\mathbf{x}_{1}^{2}+\mathbf{x}_{2}^{2}$
		$\displaystyle\text{CBF: }b(\mathbf{x})=1-V(\mathbf{x}).$		(18)

In this example, the polynomial degrees for compatible Lagrangian polynomials are set to be $2$ . The solver solves the verification SOS program successfully, which certifies the compatibility of the CLF and CBF in (V-A2) are compatible, and the given CBF is correct.

The results for these two examples show that our proposed verification approach can verify compatibility of CBF-CLF, while also differentiating between compatible and incompatible CBF-CLF pairs.

V-B Synthesis

We next evaluate our proposed bilinear alternation synthesis method. We investigate a linear example, a nonlinear example [45] and a power converter example [33]. We set parameters $\kappa_{V}=0.01$ , and $\kappa_{b}=0.01$ . Since the compatible region may infinitely enlarged if $\mathcal{X}_{s}$ is an open set, then the synthesis loop may not terminate. Hence, we set maximum number of iterations as a hard stop** condition (MaxIter=25) during experiments.

V-B1 Linear Example

For the linear toy example, we use the following system dynamics:

\begin{bmatrix}\dot{\mathbf{x}}_{1}\\ \dot{\mathbf{x}}_{2}\end{bmatrix}=\begin{bmatrix}1&2\\ -2&3\end{bmatrix}\begin{bmatrix}\mathbf{x}_{1}\\ \mathbf{x}_{2}\end{bmatrix}+\begin{bmatrix}1&0\\ 0&1\end{bmatrix}\begin{bmatrix}\mathbf{u}_{1}\\ \mathbf{u}_{2}\end{bmatrix}.

(19)

The obstacle is represented as $\mathcal{X}_{u}=\{\mathbf{x}\;|\;\mathbf{x}_{1}+\mathbf{x}_{2}+3\leq 0\}$ . We construct a compatible CBF and CLF using a heuristic method that solves a linear quadratic regulator (LQR) problem in a neighborhood of an equilibrium point to initialize CLF/CBF. We set the cost matrices of LQR as $Q=I_{2},R=I_{2}$ , where $I_{2}$ is $2\times 2$ identity matrix.

Figure 1(a) shows the initial compatible region and the compatible region after synthesis. We observe that our alternating synthesis method can enlarge the compatible region and incorporates the initial compatible region. The synthesis loop stops after maximum number of iterations.

V-B2 Nonlinear Example

In this example, the following dynamics [21] is used:

\begin{bmatrix}\dot{\mathbf{x}}_{1}\\ \dot{\mathbf{x}}_{2}\end{bmatrix}=\begin{bmatrix}0\\ -\mathbf{x}_{1}+\frac{\mathbf{x}_{1}^{3}}{6}\end{bmatrix}+\begin{bmatrix}1\\ -1\end{bmatrix}\begin{bmatrix}u\end{bmatrix}.

(20)

We pick $\mathbf{x}_{eq}=[0,0]^{T},u_{eq}=0$ as the equilibrium point and linearize the system around this point to compute the LQR. The obstacle for this example is the same as linear toy example. The cost matrices of LQR are set as $Q=I_{2},R=1$ .The synthesis results for this example are shown by Figure 1(b). We observe that the proposed alternating synthesis can enlarge the compatible region in this example.

V-B3 Power Converter Example

The dynamical model of the power converter is given in [33] as follows

\begin{bmatrix}\dot{\mathbf{x}}_{1}\\ \dot{\mathbf{x}}_{2}\\ \dot{\mathbf{x}}_{3}\end{bmatrix}=\begin{bmatrix}-0.05\mathbf{x}_{1}-57.9% \mathbf{x}_{2}+0.00919\mathbf{x}_{3}\\ 1710\mathbf{x}_{1}+314\mathbf{x}_{3}\\ -0.271\mathbf{x}_{1}-314\mathbf{x}_{2}\end{bmatrix}+\\ \begin{bmatrix}0.05-57.9\mathbf{x}_{2}&-57.9\mathbf{x}_{3}\\ 1710+1710\mathbf{x}_{1}&0\\ 0&1710+1710\mathbf{x}_{1}\end{bmatrix}\begin{bmatrix}\mathbf{u}_{1}\\ \mathbf{u}_{2}\end{bmatrix}.

(21)

The unsafe region is presented as:

	$\displaystyle\mathcal{X}_{u}=\{\mathbf{x}\|$	$\displaystyle-\mathbf{x}_{1}+0.2\leq 0,\mathbf{x}_{1}+0.8\leq 0,$
		$\displaystyle-(\mathbf{x}_{2}-0.001)^{2}-\mathbf{x}_{3}^{2}+1.2^{2}\leq 0\}.$		(22)

The equilibrium point of the system is $\mathbf{x}_{eq}=[0,0,0]^{T},\mathbf{u}_{eq}=[0,0]^{T}$ . We linearize the system near the equilibrium point and compute the LQR. We set the cost matrices of LQR as $Q=I_{3},R=I_{2}$ , where $I_{3}$ is $3\times 3$ identity matrix. The initialized and synthesised compatible regions for power converter example are shown by Figure 1(c). The proposed synthesis method enlarges the compatible region for the power converter. The syntehsis loop stops after 7 number of iterations because the compatible region can not be enlarged further according to optimization problem (16). The returned CLF-CBF are verified to be compatible. Together with Figure 1(a) and Figure 1(b), we can conclude that the proposed alternating synthesis method enlarges the compatible region and returns compaitble CLF-CBF for all the investigated examples.

VI Conclusion

In this paper, for control affine systems both with and without input limits, we studied the verification and synthesis of compatible CBF and CLF independent from any nominal controllers. We presented sufficient and necessary conditions for compatible CBF and CLF via Farkas’ Lemma and algebraic-geometric Positivstellensatz, and demonstrated that these conditions can be checked by solving an SOS program. In order to reduce the number of SOS polynomials in the SOS program, we further simplified the necessary and sufficient condition using S-procedure and formulated a more tractable SOS program for compatibility verification. We next proposed an alternating method to synthesize compatible CLF and CBFs based on the verification framework. In each iteration, the algorithm first takes the CLF and CBF from the previous iteration and computes the Lagrangian polynomials by solving the verification SOS program. Then, it takes the Lagrangian polynomials and updates the CLF and CBF to obtain a larger compatible region. Finally, we evaluated our proposed approach with a linear system, a nonlinear system and nonlinear power converter. In our future work, we will extend the verification and synthesis framework to high-relative degree and non-convex scenarios.

References

[1] Department of Homeland Security, Department of Homeland Security Cyber-Physical Systems Page, Jan 2022. [Online] Available: https://www.dhs.gov/science-and-technology/cpssec [Accessed: Jan 2022].
[2] B. Li, S. Wen, Z. Yan, G. Wen, and T. Huang, “A survey on the control Lyapunov function and control barrier function for nonlinear-affine control systems,” IEEE/CAA Journal of Automatica Sinica, vol. 10, no. 3, pp. 584–602, 2023.
[3] R. K. Fachri, M. Z. Romdlony, and M. R. Rosa, “Multiple waypoint navigation for mobile robot using control Lyapunov-barrier function (CLBF),” in 2022 IEEE International Conference on Cybernetics and Computational Intelligence (CyberneticsCom), pp. 230–235, IEEE, 2022.
[4] M. H. Cohen, T. G. Molnar, and A. D. Ames, “Safety-critical control for autonomous systems: Control barrier functions via reduced-order models,” Annual Reviews in Control, vol. 57, p. 100947, 2024.
[5] A. D. Ames, J. W. Grizzle, and P. Tabuada, “Control barrier function based quadratic programs with application to adaptive cruise control,” in 53rd IEEE Conference on Decision and Control, pp. 6271–6278, IEEE, 2014.
[6] X. Fan, Y. Guo, H. Liu, B. Wei, and W. Lyu, “Improved artificial potential field method applied for AUV path planning,” Mathematical Problems in Engineering, vol. 2020, pp. 1–21, 2020.
[7] X. Chen and S. Sankaranarayanan, “Reachability analysis for cyber-physical systems: Are we there yet?,” in NASA Formal Methods Symposium, pp. 109–130, Springer, 2022.
[8] D. Lee and C. J. Tomlin, “A Hopf-Lax formula in hamilton–jacobi analysis of reach-avoid problems,” IEEE Control Systems Letters, vol. 5, no. 3, pp. 1055–1060, 2020.
[9] M. Schwenzer, M. Ay, T. Bergs, and D. Abel, “Review on model predictive control: An engineering perspective,” The International Journal of Advanced Manufacturing Technology, vol. 117, no. 5, pp. 1327–1349, 2021.
[10] A. D. Ames, S. Coogan, M. Egerstedt, G. Notomista, K. Sreenath, and P. Tabuada, “Control barrier functions: Theory and applications,” in 2019 18th European control conference (ECC), pp. 3420–3431, IEEE, 2019.
[11] S. Prajna, A. Jadbabaie, and G. J. Pappas, “A framework for worst-case and stochastic safety verification using barrier certificates,” IEEE Transactions on Automatic Control, vol. 52, no. 8, pp. 1415–1428, 2007.
[12] A. M. Lyapunov, “The general problem of the stability of motion,” International journal of control, vol. 55, no. 3, pp. 531–534, 1892.
[13] E. D. Sontag, “A Lyapunov-like characterization of asymptotic controllability,” SIAM journal on control and optimization, vol. 21, no. 3, pp. 462–471, 1983.
[14] J. Zeng, B. Zhang, and K. Sreenath, “Safety-critical model predictive control with discrete-time control barrier function,” in 2021 American Control Conference (ACC), pp. 3882–3889, IEEE, 2021.
[15] M. H. Cohen and C. Belta, “High order robust adaptive control barrier functions and exponentially stabilizing adaptive control Lyapunov functions,” in 2022 American Control Conference (ACC), pp. 2233–2238, IEEE, 2022.
[16] J. Choi, F. Castaneda, C. J. Tomlin, and K. Sreenath, “Reinforcement learning for safety-critical control under model uncertainty, using control Lyapunov functions and control barrier functions,” arXiv preprint arXiv:2004.07584, 2020.
[17] C. Dawson, S. Gao, and C. Fan, “Safe control with learned certificates: A survey of neural Lyapunov, barrier, and contraction methods for robotics and control,” IEEE Transactions on Robotics, 2023.
[18] S. Liu, C. Liu, and J. Dolan, “Safe control under input limits with neural control barrier functions,” in Conference on Robot Learning, pp. 1970–1980, PMLR, 2023.
[19] H. Wang, K. Margellos, and A. Papachristodoulou, “Safety verification and controller synthesis for systems with input constraints,” IFAC-PapersOnLine, vol. 56, no. 2, pp. 1698–1703, 2023.
[20] S. Kang, Y. Chen, H. Yang, and M. Pavone, “Verification and synthesis of robust control barrier functions: Multilevel polynomial optimization and semidefinite relaxation,” arXiv preprint arXiv:2303.10081, 2023.
[21] H. Dai and F. Permenter, “Convex synthesis and verification of control-Lyapunov and barrier functions with input constraints,” in 2023 American Control Conference (ACC), pp. 4116–4123, IEEE, 2023.
[22] A. Clark, “A semi-algebraic framework for verification and synthesis of control barrier functions,” arXiv preprint arXiv:2209.00081, 2022.
[23] W. Zhao, T. He, T. Wei, S. Liu, and C. Liu, “Safety index synthesis via sum-of-squares programming,” in 2023 American Control Conference (ACC), pp. 732–737, IEEE, 2023.
[24] S. Chen and M. Fazlyab, “Learning performance-oriented control barrier functions under complex safety constraints and limited actuation,” arXiv preprint arXiv:2401.05629, 2024.
[25] H. Zhang, Z. Li, H. Dai, and A. Clark, “Efficient sum of squares-based verification and construction of control barrier functions by sampling on algebraic varieties,” in 2023 62nd IEEE Conference on Decision and Control (CDC), pp. 5384–5391, 2023.
[26] S. Yang, Y. Chen, X. Yin, and R. Mangharam, “Learning local control barrier functions for safety control of hybrid systems,” arXiv preprint arXiv:2401.14907, 2024.
[27] B. Dai, P. Krishnamurthy, and F. Khorrami, “Learning a better control barrier function,” in 2022 IEEE 61st Conference on Decision and Control (CDC), pp. 945–950, IEEE, 2022.
[28] W. **, Z. Wang, Z. Yang, and S. Mou, “Neural certificates for safe control policies,” arXiv preprint arXiv:2006.08465, 2020.
[29] P. Zhao, R. Ghabcheloo, Y. Cheng, H. Abdi, and N. Hovakimyan, “Convex synthesis of control barrier functions under input constraints,” IEEE Control Systems Letters, 2023.
[30] A. Isaly, M. Ghanbarpour, R. G. Sanfelice, and W. E. Dixon, “On the feasibility and continuity of feedback controllers defined by multiple control barrier functions,” IEEE Transactions on Automatic Control, pp. 1–15, 2024.
[31] H. Wang, K. Margellos, and A. Papachristodoulou, “Relaxed compatibility between control barrier and lyapunov functions,” in 2024 UKACC 14th International Conference on Control (CONTROL), pp. 125–126, 2024.
[32] M. F. Reis, A. P. Aguiar, and P. Tabuada, “Control barrier function-based quadratic programs introduce undesirable asymptotically stable equilibria,” IEEE Control Systems Letters, vol. 5, no. 2, pp. 731–736, 2020.
[33] M. Schneeberger, S. Mastellone, and F. Dörfler, “Advanced safety filter based on SOS control barrier and Lyapunov functions,” arXiv preprint arXiv:2401.06901, 2024.
[34] M. Schneeberger, F. Dörfler, and S. Mastellone, “SOS construction of compatible control Lyapunov and barrier functions,” arXiv preprint arXiv:2305.01222, 2023.
[35] A. Papachristodoulou, J. Anderson, G. Valmorbida, S. Prajna, P. Seiler, P. Parrilo, M. M. Peet, and D. Jagt, “SOSTOOLS version 4.00 sum of squares optimization toolbox for matlab,” arXiv preprint arXiv:1310.4716, 2013.
[36] P. A. Parrilo, Structured Semidefinite Programs and Semialgebraic Geometry Methods in Robustness and Optimization. California Institute of Technology, 2000.
[37] M. Li and Z. Sun, “A graphical interpretation and universal formula for safe stabilization,” in 2023 American Control Conference (ACC), pp. 3012–3017, IEEE, 2023.
[38] G. Blekherman, P. A. Parrilo, and R. R. Thomas, Semidefinite Optimization and Convex Algebraic Geometry. SIAM, 2012.
[39] J. Matousek and B. Gärtner, Understanding and Using Linear Programming. Springer Science & Business Media, 2006.
[40] E. D. Sontag, “A ‘universal’construction of artstein’s theorem on nonlinear stabilization,” Systems & control letters, vol. 13, no. 2, pp. 117–123, 1989.
[41] R. Tedrake, I. R. Manchester, M. Tobenkin, and J. W. Roberts, “LQR-trees: Feedback motion planning via sums-of-squares verification,” The International Journal of Robotics Research, vol. 29, no. 8, pp. 1038–1052, 2010.
[42] D. Henrion, J. B. Lasserre, and C. Savorgnan, “Approximate volume and integration for basic semialgebraic sets,” SIAM review, vol. 51, no. 4, pp. 722–743, 2009.
[43] R. Tedrake and the Drake Development Team, “Drake: Model-based design and verification for robotics,” 2019.
[44] M. ApS, MOSEK Optimization Software Python API Documentation, 2024.
[45] W. Tan and A. Packard, “Searching for control Lyapunov functions using sums of squares programming,” sibi, vol. 1, no. 1, 2004.

VII Appendix

VII-A Solving optimization problem (14)

The optimization problem (14) aims at maximizing the volume of the compatible region $\mathcal{C}\cap\mathcal{D}$ , which is a complicated basic semi-algebraic set. It is challenging to maximize the volume of the basic semi-algebraic set while searching for its defining polynomials. To remedy this, we consider an alternative approach which doesn’t compute the volume directly.

In Algorithm 1 we iteratively search for the new CLF/CBF (together with the new compatible region). Our intuition is to enlarge the compatible region, such that the new one contains the old compatible region in the previous iteration. Formally, in iteration $i$ , given the CLF/CBF in the previous iteration as $V^{(i)}(\mathbf{x}),b^{(i)}(\mathbf{x})$ (whose compatible region is $\mathcal{C}^{(i)}\cap\mathcal{D}^{(i)}$ ), together with the Lagrangian multiplier $p^{(i)}(\mathbf{x}),q^{(i)}(\mathbf{x}),s^{(i)}(\mathbf{x},\mathbf{y})$ , our goal is to find a new CLF $V^{(i+1)}$ and CBF $b^{(i+1)}(\mathbf{x})$ . The new compatible region $\mathcal{C}^{(i+1)}\cap\mathcal{D}^{(i+1)}$ will contain the old compatible region, namely

\displaystyle\begin{split}\forall\mathbf{x}\in\{\mathbf{x}\;|\;b^{(i)}(\mathbf% {x})\geq 0,1-V^{(i)}(\mathbf{x})\geq 0\}\\ \qquad\Rightarrow b^{(i+1)}(\mathbf{x})\geq t_{b}\text{ and }1-V^{(i+1)}(% \mathbf{x})\geq t_{V}\end{split}.

(23)

where we use the positive scalar $t_{b}$ and $t_{V}$ to measure the “margin” between the old and new compatible regions, and our goal is to maximize this margin. Similar to the (16), to avoid arbitrary scaling of $b(\mathbf{x})$ , we introduce the constraint $b(\mathbf{0})\leq 1$ to avoid the infinite scaling.

We can convert the condition (23) to a SOS constraint through the S-procedure as


$\displaystyle\begin{split}b^{(t+1)}(\mathbf{x})-t_{b}-\phi_{1}(\mathbf{x})b^{(% i)}(\mathbf{x})-\\ \;\phi_{2}(\mathbf{x})(1-V^{(i)}(\mathbf{x}))\in\text{ SOS}\end{split}$		(24a)
$\displaystyle\begin{split}1-V^{(i+1)}(\mathbf{x}-t_{V}-\psi_{1}(\mathbf{x})b^{% (i)}(\mathbf{x})-\\ \psi_{2}(\mathbf{x})(1-V^{(i)}(\mathbf{x}))\in\text{ SOS}\end{split}$		(24b)
	$\displaystyle\phi_{1}(\mathbf{x}),\phi_{2}(\mathbf{x}),\psi_{1}(\mathbf{x}),% \psi_{2}(\mathbf{x})\in\text{ SOS},$	(24c)

and obtain the following optimization problem


	$\displaystyle\max_{\begin{subarray}{c}V^{(i+1)}(\mathbf{x}),b^{(i+1)}(\mathbf{% x}),\\ t_{b},t_{V},\\ \phi_{1}(\mathbf{x}),\phi_{2}(\mathbf{x}),\\ \psi_{1}(\mathbf{x}),\psi_{2}(\mathbf{x})\end{subarray}}t_{b}+t_{V}$	(25a)
s.t	$\displaystyle\;V^{(i+1)}(\mathbf{0})=0,V^{(i+1)}(\mathbf{x})\in\text{ SOS}$	(25b)
	$\displaystyle\text{Constraint }\eqref{eq:verify_S-procedure_constraint},\eqref% {eq:cbf_safe_constraint}$	(25c)
	$\displaystyle\text{Constraint }\eqref{eq:compatible_region_containment_sos}$	(25d)
	$\displaystyle t_{b}\geq 0,t_{V}\geq 0$	(25e)
	$\displaystyle b^{(i+1)}(\mathbf{0})\leq 1,$	(25f)

where we add the constraint $b^{(i+1)}(\mathbf{0})\leq 1$ to avoid arbitrary scaling of $b^{(i+1)}(\mathbf{x})$ , which would make the optimization problem unbounded with infinite scaling. The optimization problem (25) is a SOS program.