Graph-Based Controller Synthesis for Safety-Constrained, Resilient Systems

Resilience to damage, component degradation, and adversarial action is a critical consideration in design of autonomous systems. In addition to designing strategies that seek to prevent such negative events, it is vital that an autonomous system remains able to achieve its control objective even if the system partially loses control authority. While loss of authority limits the system's control capabilities, it may be possible to use the remaining authority in such a way that the system's control objectives remain achievable. In this paper, we consider the problem of optimal design for an autonomous system with discrete-time linear dynamics where the available control actions depend on adversarial input produced as a result of loss of authority. The central question is how to partition the set of control inputs that the system can apply in such a way that the system state remains within a safe set regardless of an adversarial input limiting the available control inputs to a single partition elements. We interpret such a problem first as a variant of a safety game, and then as a problem of existence of an appropriate edge labeling on a graph. We obtain conditions for existence and a computationally efficient algorithm for determining a system design and a control policy that preserve system safety. We illustrate our results on two examples: a damaged autonomous vehicle and a method of communication over a channel that ensures a minimal running digital sum.