Rules of the Road: Safety and Liveness Guarantees for Autonomous Vehicles

The ability to guarantee safety and progress for all vehicles is vital to the success of the autonomous vehicle industry. We present a framework for designing autonomous vehicle behavior in a way that is safe and guarantees progress for all agents. In this paper, we first introduce a new game paradigm which we term the quasi-simultaneous game. We then define an agent protocol that all agents must use to make decisions in this quasi-simultaneous game setting. According to the protocol, agents first select an intended action using a behavioral profile. Then, the protocol defines whether an agent has precedence to take its intended action or must take a sub-optimal action. The protocol ensures safety under all traffic conditions and liveness for all agents under `sparse’ traffic conditions. We provide proofs of correctness of the protocol and validate our results in simulation.

💡 Research Summary

This paper presents a formal framework for guaranteeing safety and liveness (progress) in multi-agent autonomous vehicle interactions. The core challenge addressed is designing agent behaviors that are not only safe individually but also ensure system-wide properties without exponential computational complexity.

The authors introduce a novel interaction model called the “quasi-simultaneous discrete-time game.” In this model, every agent gets to act in each time step, but the effective order of execution is determined locally based on the agents’ states relative to the road network. This captures the real-world intuition that a following vehicle naturally reacts to the actions of a leading vehicle, moving beyond traditional simultaneous or arbitrary turn-based game models.

Within this game paradigm, the paper defines a precise “agent protocol” that all vehicles must follow. The protocol consists of three key components:

1. Precedence Assignment: Using local rules (e.g., a vehicle ahead in the same lane has higher precedence), each agent establishes a precedence relation with nearby agents within its “bubble” of perception. The paper proves that these local assignments yield a globally consistent partial ordering of all agents.
2. Behavioral Profile: Agents select an “intended action” using an assume-guarantee behavioral profile. This profile hierarchically orders ten different specifications (e.g., dynamic safety, traffic laws, goal progress). An agent evaluates all permissible actions and chooses the one that best satisfies the highest-priority specifications.
3. Conflict Cluster Resolution: When the intended actions of multiple agents would lead to a spatial conflict (e.g., occupying the same grid point), a decentralized “token”-based algorithm, inspired by the Drinking Philosophers problem, resolves which agent gets “permission” to execute its intended action. Agents denied permission must fall back to a sub-optimal “best straight action” or a default “backup plan” (maximum deceleration to a stop).

The paper’s primary theoretical contributions are formal proofs that, provided all agents adhere to this protocol, two crucial guarantees hold:

• Safety: Under all traffic conditions, no collisions will occur. This is fundamentally ensured by requiring each agent to always maintain the ability to execute its “backup plan” (emergency stop) safely, regardless of other agents’ actions.
• Liveness: Under “sparse” traffic conditions (formally defined using a road network dependency graph), all agents are guaranteed to eventually make progress toward their goals. The proof demonstrates that deadlock scenarios cannot persist indefinitely.

The framework is designed to be scalable (decisions are local), interpretable (based on explicit rules), and formally verifiable. The assumptions include a single class of agents with identical dynamics and perception capabilities, operating on a structured grid-based road network with traffic lights. The results are validated in a conceptual grid-world simulation.

In summary, this work provides a rule-based, top-down foundation for coordinating autonomous vehicle interactions, offering strong safety guarantees and conditional liveness guarantees through a novel game-theoretic model and a decentralized agent protocol. It lays the groundwork for formally verifiable autonomous driving systems.