Data-Driven Safe Control Framework

Updated 27 January 2026

Data-driven safe control is a framework that uses trajectory data to synthesize controllers ensuring safety with certificates like control barrier functions.
The methodology integrates machine learning, convex optimization, and probabilistic techniques to enforce safety without relying on complete system models.
Applications in robotics, autonomous vehicles, and distributed networks demonstrate robust, real-world performance with guaranteed constraint satisfaction.

A data-driven safe control framework is a formalized set of principles, algorithms, and theoretical tools that leverage trajectory data, rather than a priori physics-based modeling, to synthesize controllers that guarantee safety—typically ensuring state and input constraints are satisfied despite uncertainties, modeling errors, and environmental perturbations. Recent developments have integrated machine learning, convex optimization, behavior-based system representations, and statistical learning theory to deliver rigorous guarantees on constraint satisfaction, invariance, and performance, all from data alone or in conjunction with minimal structure. Such frameworks have demonstrated success across robotics, autonomous vehicles, energy systems, and distributed networked control.

1. Fundamental Principles of Data-Driven Safe Control

Modern data-driven safe control frameworks address the challenge of enforcing safety—that is, ensuring system trajectories remain within prescribed safe regions—without access to complete, accurate system models. Core principles include:

Safety certificates from data: Instead of requiring detailed physics-based models, these frameworks infer safety certificates such as control barrier functions (CBFs), invariant sets, or robust Lyapunov functions directly from experimental trajectory data (Shen et al., 7 Jun 2025).
Model-free and model-agnostic approaches: Algorithms such as model-free CBF synthesis (Shen et al., 7 Jun 2025), input-output safety filters (Bajelani et al., 2023), or directly data-driven safety filters based on learned state-action barrier functions (He et al., 21 May 2025), decouple controller design from explicit model identification, emphasizing learning or certifying only the information needed for safety.
Statistical and probabilistic safety: Safety guarantees are increasingly expressed in terms of probabilistic bounds—e.g., with quantified violation probabilities via Chernoff or conformal prediction bounds (Shen et al., 7 Jun 2025, Liang et al., 1 Apr 2025, Hsu et al., 6 Jun 2025), extending from deterministic invariance to high-confidence out-of-sample safety.

These principles facilitate safe controller synthesis under extreme model uncertainty, adaptivity to new data, and real-world robustness without extensive manual modeling or tuning.

2. Core Methodologies: Safety Certification and Learning

Data-driven safe control frameworks synthesize and certify control policies via a spectrum of methodologies:

2.1 Model-Free Control Barrier Functions and Lyapunov Certificates

In settings where only closed-loop trajectories under an (unknown) baseline controller are available, neural networks are trained to approximate Lyapunov functions from trajectory data, providing a data-driven estimate of the system's exponential decay rate. This estimate (e.g., $\lambda^\star$ ) is then integrated into a model-free CBF constraint: $\nabla h(x)^\top(f(x) + g(x)u) + \lambda^\star h(x) \ge 0$ The decay rate $\lambda^\star$ is chosen via binary search to be the largest value for which neural-network Lyapunov training converges, after which probabilistic uncertainty is absorbed into the barrier constraint through statistical bounds (e.g., Chernoff) (Shen et al., 7 Jun 2025).

2.2 Data-Driven Safety Filters in Input-Output Space

Instead of modeling dynamics explicitly, frameworks like the Data-Driven Safety Filter (DDSF) utilize Behavioral System Theory to reconstruct input-output trajectories using Hankel matrices constructed from a single persistently exciting data record. Safety is enforced by solving a QP that matches recent measurements, predicts feasible safeness over the horizon, and ensures constraint satisfaction without state estimation or dynamics identification (Bajelani et al., 2023).

2.3 Probabilistic and Robust Conformal Certificates

Many frameworks leverage conformal prediction to quantify model uncertainty. After learning a surrogate dynamic model (e.g., using a Koopman operator approximation or neural regression), a calibration dataset is used to extract a data-driven upper quantile on the prediction error (nonconformity score). Safety constraints are then “tightened” via this uncertainty margin, yielding probabilistic guarantees of state constraint satisfaction at the specified confidence level (Liang et al., 1 Apr 2025, Hsu et al., 6 Jun 2025).

2.4 Direct Data-Driven Safety Filters and State-Action CBFs

The 3DSF methodology employs state-action control barrier functions (SACBFs), $Q^B(x, u)$ , learned directly from data via various mechanisms—supervised regression from CBF labels, expert demonstrations, or Bellman consistency for optimal reachability. The policy is filtered step-wise by solving: $\pi(x) = \arg\min_{u \in U} Q(x, u) \quad \text{s.t.} \quad Q^B(x, u) \leq 0$ Thus, safety enforcement is fully decoupled from underlying model knowledge, with recursive feasibility and error-to-state safety formally certified even under learning inaccuracies (He et al., 21 May 2025).

3. Safety Guarantees: Deterministic, Robust, and Statistical

Data-driven frameworks provide varying guarantees:

Deterministic safety: Certain approaches (e.g., DDSF, invariance-based filters) provide strong guarantees—the system will never violate constraints if initial feasibility holds and the data is sufficiently exciting (Bajelani et al., 2023, Carron et al., 2020).
Robust convex certificates: For polynomial dynamical systems, convex optimization over sum-of-squares constraints allows rational state feedback laws to be synthesized, certifying robust safety with respect to all models compatible with noisy data and bounded process disturbances (Zheng et al., 2023).
Statistical (high-probability) guarantees: Probabilistic safety is offered using conformal quantiles or concentration inequalities. For instance, the true probability of violating the learned CBF constraint is upper bounded as: $c_D \leq \bar c_D = \frac{\hat c_S}{m} + \sqrt{\frac{\ln(1/\delta)}{2m}}$ yielding explicit confidence intervals for constraint violation rates (Shen et al., 7 Jun 2025, Hsu et al., 6 Jun 2025).
Stochastic safety under diffusion uncertainty: For stochastic systems with unknown diffusion terms, data-driven stochastic CBFs (DDSCBFs) use supervised learning to approximate the Itô generator and enforce a robustified constraint, providing the same probabilistic safety guarantee as if the diffusion were known (Wang et al., 2022).

4. Optimization-Based Controller Synthesis

Controller computation in data-driven safe frameworks typically involves online convex optimization, most commonly quadratic programs (QPs):

CBF-QP for safety filtering: At each time, the safe action $u^*$ is selected by solving a QP minimizing deviation from the desired action while satisfying the (statistically adjusted) CBF constraint (Shen et al., 7 Jun 2025).
Backup and learning-integrated filters: When a learning-based or exploratory action cannot be certified safe, the safety framework falls back to a precomputed stabilizing law. In distributed settings, each agent evaluates local ellipsoidal invariants and feedbacks, ensuring online complexity remains modest (Carron et al., 2020).
Data-driven horizon-based prediction: Model-free safety filters in the IO domain or in receding-horizon NMPC settings solve a QP where dynamics are enforced using Hankel (data) equations, with constraints retrofitted for robustness and terminal invariance (Bajelani et al., 2023, Vahidi-Moghaddam et al., 11 Apr 2025).

This synthesis leverages only data and convexity, avoiding model identification or heavy nonlinear programming.

5. Experimental Demonstrations and Practical Applications

Comprehensive experimental and numerical validation exists:

Robotics: Safe velocity control of a UR5e manipulator with model-free CBFs, ensuring joint-limit and obstacle avoidance with high-confidence probabilistic safety, low online QP computation time, and confirmed trade-off between conservatism and agility (Shen et al., 7 Jun 2025).
Aerial and vehicular systems: Guaranteeing box constraints and safety under unknown time delays for high-order quadrotors and adaptive cruise control systems without dynamics identification (Bajelani et al., 2023).
Networked and distributed systems: Multi-agent motion planning with learned invariant ellipsoids and space-time safety certificates allowing collision-avoidance and synchronization without online re-optimization (Esmaeili et al., 4 Sep 2025).
Stochastic and nonlinear systems: Data-driven stochastic CBF (DDSCBF) methods enable safety-critical control for stochastic diffusions with unknown noise, matching full-information solutions empirically (Wang et al., 2022).
Multi-domain: Distributed safe learning with invariance-based safety filters supports large-scale systems and aggressive (unsafe) exploration by model-free RL with zero constraint violations (Carron et al., 2020).

Performance metrics reported include: tracking error, minimum safety margin, number/rate of safety violations, QP solve time, and convergence rates of violation probabilities to their theoretical bounds.

6. Limitations, Extensions, and Future Directions

Several open directions and limitations have been identified:

Conservatism of statistical bounds: Chernoff and conformal prediction can be conservative with limited data, prompting interest in tighter concentration inequalities or adaptive bounds (Shen et al., 7 Jun 2025, Liang et al., 1 Apr 2025).
Data requirement and generalization: The size and informativeness of the trajectory dataset critically affect generalization error. Sufficiently rich data are needed to ensure small violation probabilities and safe set volumes (Shen et al., 7 Jun 2025, Hsu et al., 6 Jun 2025, Lee et al., 2023).
Extensions to complex systems: Future extensions involve: (i) state-dependent decay rate estimation, (ii) integration with adaptive or learning-based dynamics models beyond simple velocity controllers, (iii) underactuated and time-delay systems, and (iv) nonlinear, distributed, or networked architectures (Shen et al., 7 Jun 2025, Bajelani et al., 2023, Modares et al., 12 May 2025, Carron et al., 2020).
Scalability and online feasibility: As set sizes grow, QP/SDP sizes or number of backup certificates may impact real-time applicability. Distributed and modular approaches mitigate this, but high-dimensional nonlinear systems remain a challenge.

A plausible implication is that continued advances in data-driven safe control will require synergistic development of statistical learning for robustness, scalable optimization for control policy computation, and integrated frameworks for modular and distributed implementation.

Key references:

“Towards Data-Driven Model-Free Safety-Critical Control” (Shen et al., 7 Jun 2025)
“Data-Driven Safety Filter: An Input-Output Perspective” (Bajelani et al., 2023)
“Safe Navigation in Dynamic Environments Using Data-Driven Koopman Operators and Conformal Prediction” (Liang et al., 1 Apr 2025)
“Distributed Safe Learning using an Invariance-based Safety Framework” (Carron et al., 2020)
“Data-Driven Learning of Safety-Critical Control with Stochastic Control Barrier Functions” (Wang et al., 2022)
“Non-Conservative Data-driven Safe Control Design for Nonlinear Systems with Polyhedral Safe Sets” (Modares et al., 12 May 2025)
“From learning to safety: A Direct Data-Driven Framework for Constrained Control” (He et al., 21 May 2025)
“Robust Data-Driven Safe Control using Density Functions” (Zheng et al., 2023)
“Statistical Guarantees in Data-Driven Nonlinear Control: Conformal Robustness for Stability and Safety” (Hsu et al., 6 Jun 2025)
“A Data-driven Method for Safety-critical Control: Designing Control Barrier Functions from State Constraints” (Lee et al., 2023)