Defining Operational Conditions for Safety-Critical AI-Based Systems from Data

Artificial Intelligence (AI) has been on the rise in many domains, including numerous safety-critical applications. However, for complex systems found in the real world, or when data already exist, defining the underlying environmental conditions is extremely challenging. This often results in an incomplete description of the environment in which the AI-based system must operate. Nevertheless, this description, called the Operational Design Domain (ODD), is required in many domains for the certification of AI-based systems. Traditionally, the ODD is created in the early stages of the development process, drawing on sophisticated expert knowledge and related standards. This paper presents a novel Safety-by-Design method to a posteriori define the ODD from previously collected data using a multi-dimensional kernel-based representation. This approach is validated through both Monte Carlo methods and a real-world aviation use case for a future safety-critical collision-avoidance system. Moreover, by defining under what conditions two ODDs are equal, the paper shows that the data-driven ODD can equal the original, underlying hidden ODD of the data. Utilizing the novel, Safe-by-Design kernel-based ODD enables future certification of data-driven, safety-critical AI-based systems.

💡 Research Summary

The paper tackles a fundamental challenge in safety‑critical artificial‑intelligence (AI) systems: how to define the Operational Design Domain (ODD) when the environment is complex and data already exist. Traditional ODDs are handcrafted by experts early in development, specifying parameter ranges (taxonomy) and relationships among them (ontology). This approach becomes infeasible for real‑world systems where many dependencies are unknown or highly nonlinear.

To overcome this, the authors propose a deterministic, data‑driven method that constructs the ODD a posteriori from a finite dataset. They formalize an ODD as a pair (X, R) where X⊆ℝⁿ is the continuous parameter space and R={R₁,…,R_r} are binary relations defining the ontology. Two ODDs are considered equal if they generate the same observable data set Y, a data‑centric equivalence that abstracts away semantic differences not discernible from observations.

The core of the method is a kernel‑based affinity representation. All in‑distribution (ID) samples are treated as anchor points A. For each anchor xi a local affinity function α_i(x) is defined using a positive‑definite kernel; the paper focuses on the radial‑basis‑function (RBF) kernel:

 α_i(x)=exp