FEARL framework splits a robot's policy into two pieces: a big neural Controller for perception and task reasoning, and a tiny Safety module that can be formally verified with existing tools.
Why Full-Stack Verification of VLAs Is Intractable
Foundation models give robots rich multimodal perception - they can parse images and language to decide what to do. That same expressive power makes them opaque to formal verification. Proving a collision-avoidance property on a 7B-parameter vision-language-action model is computationally hopeless. You cannot feed it into a model checker or a symbolic verifier.
But most safety requirements for robots don't need all that perceptual bandwidth. Collision avoidance, workspace boundary constraints, and other critical properties express directly over low-dimensional sensor observations: distances, joint angles, force readings. The high-dimensional camera frames and language prompts are irrelevant for those checks.
How FEARL's Architecture Makes Verification Practical
FEARL (Foundation-Enabled Assured Robot Learning) exploits that mismatch. The large Controller (C) processes high-dimensional inputs and outputs a small, bounded context embedding - not an action. That embedding feeds into the Safety module (S), which also receives raw low-dimensional safety sensor data. S produces the final motor command.
Now formal verification targets only S, a small neural net with known, bounded inputs. Tools like SMT solvers, abstract interpretation, or reachability analysis can handle it. The Controller stays large and unverified, but its outputs are constrained: it can only influence S through the bounded context embedding. If S provably enforces safety regardless of that embedding, the whole system is safe.
What the Evaluation Shows: Three Domains and a Real Robot
The authors evaluated FEARL on three simulated robotic domains using multiple Controller backbones, including pretrained off-the-shelf vision-language-action models. They also transferred one learned policy from simulation to a physical robot without retraining - the low-dimensional safety interface the authors designed makes sim-to-real transfer practical.
If FEARL's pattern generalizes, we may see safety-critical robotics adopt this split design as a standard pattern for deploying foundation models with formal guarantees against collision and workspace violations.
Source: Verifiable Foundation Models for Robot Safety
Domain: arxiv.org
Comments load interactively on the live page.