Data-Driven Safety Certificates of Infinite Networks with Unknown Models and Interconnection Topologies

Abolfazl Lavaei; Amy Nejati; Mahdieh Zaker

arxiv: 2507.10979 · v2 · pith:RDTMWVYXnew · submitted 2025-07-15 · 📡 eess.SY · cs.SY

Data-Driven Safety Certificates of Infinite Networks with Unknown Models and Interconnection Topologies

Mahdieh Zaker , Amy Nejati , Abolfazl Lavaei This is my paper

Pith reviewed 2026-05-22 00:45 UTC · model grok-4.3

classification 📡 eess.SY cs.SY

keywords data-driven safetyinfinite networksbarrier certificatescompositional analysisstorage certificatesunknown modelsinterconnection topologiesdissipativity properties

0 comments

The pith

Data from unknown subsystems yields compositional conditions that build barrier certificates certifying safety for infinite networks without knowing their interconnection topology.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper develops a data-driven compositional method to certify safety in infinite networks whose subsystem models and interconnection topologies are both unknown. It learns storage certificates from data for the individual subsystems and combines them through new conditions to produce a barrier certificate for the whole network. The approach removes the need to verify the traditional dissipativity condition that normally requires exact topology knowledge. If the conditions hold, formal safety guarantees follow directly from the data. Readers care because standard tools for finite networks break down when the number of subsystems can grow or shrink without bound, as in traffic systems or large-scale agent networks.

Core claim

The authors show that innovative compositional data-driven conditions, constructed from storage certificates learned from data for the unknown subsystems, suffice to build a barrier certificate for the infinite network. These conditions supply correctness guarantees for network safety and eliminate the requirement to check the classical dissipativity condition that demands precise knowledge of the interconnection topology. The results are demonstrated on two physical infinite networks whose models and topologies remain unknown throughout the process.

What carries the argument

Compositional data-driven conditions that link data-derived storage certificates of subsystems to a network-level barrier certificate while bypassing explicit topology verification.

If this is right

Safety certification becomes possible using only input-output data from the subsystems without any mathematical model.
The method applies directly to networks in which the number of subsystems changes over time as agents join or leave.
Correctness guarantees hold for the constructed barrier certificate whenever the joint dissipativity properties are present.
Explicit verification of the interconnection topology is no longer required for safety certification.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

The same data-driven storage certificates could support certification of other properties such as stability or reachability in infinite networks.
Practical use would benefit from data-collection strategies that specifically target the joint dissipativity relations needed for the compositional conditions.
The framework could serve as an approximation technique for very large but finite networks where full topology information is unavailable or expensive to obtain.
Ongoing data updates might allow the certificates to adapt when the network topology evolves.

Load-bearing premise

Subsystems must possess joint dissipativity-type properties that can be captured by storage certificates learned from data, and these properties must suffice to establish network safety via the compositional conditions without any topology check.

What would settle it

A concrete counter-example in which the learned storage certificates satisfy the proposed compositional conditions yet direct simulation or analysis of the actual infinite network reveals a reachable unsafe state would falsify the safety claim.

Figures

Figures reproduced from arXiv: 2507.10979 by Abolfazl Lavaei, Amy Nejati, Mahdieh Zaker.

**Figure 1.** Figure 1: Room temperature network: Fig. (a) depicts the storage certificate Bi(xi) with its corresponding colorbar, with initial and unsafe level sets Bi(xi) = σi ( ) and Bi(xi) = ϕi ( ), ensuring the fulfillment of conditions (3.1a) and (3.1b). Fig. (b) demonstrates the satisfaction of condition (3.1c) as the heatmap is negative for the whole range of Xi and Di when shifting the supply rate to the left-hand sid… view at source ↗

**Figure 3.** Figure 3: Demonstration of the StC surface over the state space [PITH_FULL_IMAGE:figures/full_fig_p011_3.png] view at source ↗

**Figure 2.** Figure 2: Vehicle platooning network: Fig. (a) depicts that no trajectory ( ) originating from the initial set X0i ( ) enters the unsafe set Xai ( ). As can be seen, the initial and unsafe level sets Bi(xi) = σi ( ) and Bi(xi) = ϕi ( ) satisfy conditions (3.1a) and (3.1b), i.e., they separate the initial set X0i from the unsafe set Xai . Fig. (b) illustrates the satisfaction of condition (3.1c) as the heatmap is neg… view at source ↗

read the original abstract

Infinite networks are complex interconnected systems comprising a countably infinite number of subsystems, for which no fixed upper bound on the number of participating subsystems is specified a priori since it may vary over time as agents join or leave (e.g., vehicles in traffic). In such scenarios, the presence of infinitely many subsystems within the network renders the existing analysis frameworks tailored for finite networks inapplicable to infinite ones. This paper is concerned with offering a data-driven approach, within a compositional framework, for the safety certification of infinite networks with both unknown mathematical models and unknown interconnection topologies. Given the immense computational complexity stemming from the extensive dimension of infinite networks, our approach capitalizes on the joint dissipativity-type properties of subsystems, characterized by storage certificates. We introduce innovative compositional data-driven conditions to construct a barrier certificate for the infinite network leveraging storage certificates of its unknown subsystems derived from data, while offering correctness guarantees for network safety. We demonstrate that our compositional data-driven reasoning eliminates the requirement for checking the traditional dissipativity condition, which typically mandates precise knowledge of the interconnection topology. We illustrate our data-driven results on two physical infinite networks with unknown models and interconnection topologies.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper gives a data-driven way to build barrier certificates for infinite networks by learning storage functions from data and composing them without explicit topology checks.

read the letter

This paper shows how to certify safety for countably infinite networks when both subsystem models and interconnection topologies are unknown and can change over time. The approach learns storage certificates from data for the subsystems and then applies new compositional conditions to assemble them into a network-level barrier certificate, while claiming to skip the usual dissipativity check that needs topology details. That combination is the main advance over standard finite-network data-driven methods. The two physical examples help show the idea in action for things like traffic or infrastructure networks. The work is grounded enough in the compositional framework to be worth following up on, especially since it targets a setting where fixed-size assumptions break down. One soft spot is the reliance on joint dissipativity-type properties holding across the unknown subsystems; if the collected data does not cover the range of possible interconnections well, the guarantees could weaken in practice when the network size varies. The abstract states correctness results, but the strength of those results hinges on how data sufficiency and uniformity over infinite cases are handled in the derivations. This is for researchers in compositional control and data-driven safety verification who already work with barrier certificates or dissipativity. A reader focused on large-scale or time-varying networks would get concrete value from the construction. It deserves a serious referee because it tackles an extension that matters for unbounded systems and supplies an alternative to topology-dependent checks.

Referee Report

0 major / 3 minor

Summary. The manuscript proposes a data-driven compositional framework for safety certification of countably infinite networks whose subsystem models and interconnection topologies are both unknown and potentially time-varying. Storage certificates are learned from data for the individual subsystems; these are then assembled via novel compositional conditions into a network-level barrier certificate that certifies safety while bypassing explicit dissipativity checks that would require topology knowledge. Correctness guarantees are claimed under the joint dissipativity-type properties of the subsystems, and the method is illustrated on two physical infinite-network examples.

Significance. If the central claims hold, the work would meaningfully extend compositional barrier-certificate techniques from finite to infinite, open networks. The data-driven route and explicit avoidance of topology-dependent dissipativity conditions address a practical gap in applications such as traffic or large-scale sensor networks where models and interconnection structure cannot be assumed known a priori. The provision of correctness guarantees under the stated assumptions is a positive feature.

minor comments (3)

[Abstract] The abstract and introduction would benefit from an explicit statement of the minimal data requirements (e.g., number of samples, excitation conditions) needed to certify the storage functions with the claimed probability.
[Section II] Notation for the infinite interconnection operator and the time-varying participation of subsystems should be introduced earlier and used consistently in the main theorems.
[Section V] The two numerical examples would be strengthened by reporting the empirical success rate over multiple random data sets and by including a brief comparison with a topology-aware baseline when the topology is artificially revealed.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the positive assessment of our manuscript, the accurate summary of our data-driven compositional framework, and the recommendation for minor revision. We are pleased that the significance for extending barrier-certificate methods to infinite open networks with unknown models and topologies is recognized.

read point-by-point responses

Referee: No major comments were provided in the report (section ends after 'MAJOR COMMENTS:').

Authors: With no specific major comments raised, we have no individual points to address or rebut. The referee's overall summary aligns with our claims regarding joint dissipativity-type properties, storage certificates learned from data, and the avoidance of explicit topology-dependent dissipativity checks. We will incorporate any minor editorial suggestions in the revised version. revision: no

Circularity Check

0 steps flagged

No significant circularity; derivation remains self-contained

full rationale

The paper presents a data-driven compositional method that learns storage certificates for unknown subsystems from data and assembles them into a network-level barrier certificate for infinite networks. The central steps rely on joint dissipativity properties characterized directly from data, with explicit claims that the approach bypasses topology-dependent checks. No equation or step reduces by construction to a fitted parameter renamed as a prediction, nor does any load-bearing premise collapse to a self-citation chain or imported uniqueness theorem. The derivation chain is independent of the target safety result and does not exhibit self-definitional or renaming patterns.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The central claim rests on the domain assumption that data can characterize dissipativity properties of subsystems sufficiently for compositional safety certification, without additional free parameters or invented entities explicitly stated in the abstract.

axioms (1)

domain assumption Subsystems possess joint dissipativity-type properties characterizable by storage certificates derived from data.
This is invoked to enable the compositional construction of the network barrier certificate.

pith-pipeline@v0.9.0 · 5739 in / 1167 out tokens · 43139 ms · 2026-05-22T00:45:01.680578+00:00 · methodology

discussion (0)

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

IndisputableMonolith/Cost/FunctionalEquation.lean washburn_uniqueness_aczel unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

We introduce innovative compositional data-driven conditions to construct a barrier certificate for the infinite network leveraging storage certificates of its unknown subsystems derived from data
IndisputableMonolith/Foundation/BranchSelection.lean branch_selection unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

our compositional data-driven reasoning eliminates the requirement for checking the traditional dissipativity condition, which typically mandates precise knowledge of the interconnection topology

What do these tags mean?

matches: The paper's claim is directly supported by a theorem in the formal canon.
supports: The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends: The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses: The paper appears to rely on the theorem as machinery.
contradicts: The paper's claim conflicts with a theorem or certificate in the canon.
unclear: Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

3 extracted references · 3 canonical work pages

[1]

Bibitem after note You are using a bibitem after a note in a subbibitems environment; note should the last item in a subbibitems environment \@itemnote @bb@error [] @noitemnote \@tempa \@noitemnote \@noitemnote \@itemnote @bibitem\@bibitem @lbibitem\@lbibitem \@bibitem#1 \@itemnote @bibitem #1 \@tempa @noitemnote \@lbibitem[#1]#2 \@itemnote @lbibitem[#1] ...

work page
[2]

) W M宜 eL=׮_.n 2D?O>0 uxT 90WIDD_ j7y7@@ ۋqi 2_ F ?xD J iS T0dZ), 48) ޮen

@stdbsttrue @ctr \@lbibitem [ @ctr] \@bibitem##1 @ctr \@lbibitem[ @ctr] ##1 @bb@error\@mkbberr @filesw @natbibloaded \@auxout \@itemslabel @bibnum a-- @ctr \@auxout \@itemslabel :s @bibnum \@auxout \@itemslabel @bibnum a-- @ctr \@auxout \@itemslabel :s @bibnum @ctr @bibnum @citex\@citex \@tempcntc @citex[#1]#2 @filesw \@auxout #2 \@tempcnta @\@tempcntb @n...

work page 1991
[3]

write newline

" write newline "" initialize.prev.this.status FUNCTION begin.bib " write newline preamble empty 'skip preamble write newline if " thebibliography " longest.label * " " * write newline " [1] #1 " write newline " url@samestyle " write newline " " write newline " [2] #2 " write newline " =0pt " write newline " " ALTinterwordstretchfactor * " " * write newli...

work page

[1] [1]

Bibitem after note You are using a bibitem after a note in a subbibitems environment; note should the last item in a subbibitems environment \@itemnote @bb@error [] @noitemnote \@tempa \@noitemnote \@noitemnote \@itemnote @bibitem\@bibitem @lbibitem\@lbibitem \@bibitem#1 \@itemnote @bibitem #1 \@tempa @noitemnote \@lbibitem[#1]#2 \@itemnote @lbibitem[#1] ...

work page

[2] [2]

) W M宜 eL=׮_.n 2D?O>0 uxT 90WIDD_ j7y7@@ ۋqi 2_ F ?xD J iS T0dZ), 48) ޮen

@stdbsttrue @ctr \@lbibitem [ @ctr] \@bibitem##1 @ctr \@lbibitem[ @ctr] ##1 @bb@error\@mkbberr @filesw @natbibloaded \@auxout \@itemslabel @bibnum a-- @ctr \@auxout \@itemslabel :s @bibnum \@auxout \@itemslabel @bibnum a-- @ctr \@auxout \@itemslabel :s @bibnum @ctr @bibnum @citex\@citex \@tempcntc @citex[#1]#2 @filesw \@auxout #2 \@tempcnta @\@tempcntb @n...

work page 1991

[3] [3]

write newline

" write newline "" initialize.prev.this.status FUNCTION begin.bib " write newline preamble empty 'skip preamble write newline if " thebibliography " longest.label * " " * write newline " [1] #1 " write newline " url@samestyle " write newline " " write newline " [2] #2 " write newline " =0pt " write newline " " ALTinterwordstretchfactor * " " * write newli...

work page