In this paper, we present a decentralized control framework for the coordination of connected vehicles and traffic lights in urban intersections. The framework uses gradient-based methods to dynamically coordinate, at every time-step, the planned intersection arrival times of vehicles and the planned switching times of traffic lights. Assuming no constraints, vehicles then use analytical optimal control methods to determine a nominal acceleration profile intended to place them at the intersection at the desired arrival time. Finally, using control barrier functions, the agents' accelerations and arrival times are modified to ensure safety and feasibility. The work in this paper builds on existing research on safe-set nonlinear control methods, multi-agent gradient-based methods, and optimal control methods used to tackle the intelligent intersection management problem. Here, we integrate the use of these different approaches to present a comprehensive control architecture that can flexibly coordinate the timing of both vehicles and traffic lights, while maintaining safety and feasibility. Simulations show that the method can save between 4% and 15% in fuel consumption and between 55% and 70% in delay for different traffic conditions.
As our vehicle fleet and traffic infrastructure become more autonomous and connected, opportunities to improve the efficiency of traffic networks through the use of planning, coordination, and control emerge. In urban networks specifically, the use of these technologies can change the way vehicles navigate traffic intersections, which are perhaps the most common areas where congestion occurs. Indeed, by assuming connectivity and automation, researchers propose multiple ways in which one can control vehicles, traffic lights, or both in order to reduce time and energy costs. This paper proposes an approach that combines ideas from gradient-based multi-agent control, optimal control, and nonlinear control to coordinate vehicles and traffic lights in a decentralized, computationally efficient manner.
A rich body of work explores the control of connected and autonomous vehicles approaching unsignalized intersections. In Refs.  and , comprehensive reviews of such approaches are presented. A common structure for the solution of this problem found across the literature consists of separating the problem into a timing coordination layer, and a tracking trajectory planning layer. Approaches of this type differ in how arrival times are negotiated and how speed trajectories are computed. Reservation-based approaches rely on a centralized controller that handles requests from incoming vehicles and decides on their arrival times through heuristic rules , optimization , or both . In Ref. , the intersection coordinators are connected across multiple junctions using multi-agent consensus to improve the performance of the strategy at a network-wide level. Decentralized approaches negotiate arrival times using different methods. For example, in Ref. , vehicles decide their arrival times through heuristic rules like maintaining first-in-first-out (FIFO) queue orders. In Refs.  and , arrival times are determined through a recursive decentralized minimization of intervehicles time gaps, also under a FIFO constraint. In Ref. , Kuramoto synchronization arranges arrival times so that vehicles cross the intersections in interweaving patterns.
A common issue encountered by the above work lies in the computational complexity and connectivity requirements of optimally tracking a given arrival time while considering other vehicles. Indeed, the work presented in Ref.  explores in detail the analytical solution to the arrival time tracking trajectory planning problem, and shows the difficulty of finding closed-form solutions when considering all safety constraints. An alternative approach of particular relevance to the work presented here consists of generating a controller based primarily on safety considerations. For example, in Ref. , control barrier functions (CBFs) are used to synthesize a safety-critical decentralized control strategy for the vehicle merging problem, which is similar to the intelligent intersection management problem. The work is further extended in Ref.  to include a reference velocity that is explicitly related to coordinated desired arrival times.
While the work on unsignalized intersection control of connected and autonomous vehicles is promising, there is benefit in formulating the problem considering actuated traffic lights that coordinate their timing along with the vehicles. This configuration is tackled in the literature with similar approaches to the unsignalized case, where timing optimization is performed by a central agent, and trajectory optimization is performed by the vehicles [14–19]. While the approaches differ in their chosen traffic light and vehicle models, they typically involve centralized optimization, especially for the timing coordination layer.
In this work, we consider the decentralized control of both vehicles and traffic lights. Moreover, we are interested in the predictive control of these agents through the use of a timing state that governs when vehicles plan to arrive at the intersection and when the lights plan to switch. Indeed, such a control strategy continuously modifies not only the acceleration of the vehicles but also the planned state trajectories into the future of both the vehicles and the lights. As we discussed in the previous paragraphs, considering safety and feasibility constraints over a planning time horizon becomes computationally prohibitive. To address this issue, in this paper, we make use of safe sets and CBFs to generate a safety regulator that modifies a nominal controller that negotiates arrival times and plans acceleration trajectories (without explicitly considering safety and feasibility constraints). The main differences between this and previous contributions that use CBFs (i.e., Refs.  and ) are the inclusion of traffic lights and the consideration of an explicit state variable that governs the arrival times of the vehicles.
In Ref. , we explore the coordinating and tracking control strategies that we use here as nominal controllers. There, coordination of arrival times is performed using gradient-based multi-agent methods, and arrival tracking is performed using analytical unconstrained optimal trajectory planning. In this previous work, car following safety constraints are implemented based on the Gipps model overriding the nominal acceleration commands, and actuation constraints are implemented by saturating the range of allowable arrival times of the vehicles. The interactions between different safety and feasibility constraints, and between traffic lights and vehicles were not formally analyzed. Thus, one of the main contributions of this works is the derivation of a safety regulating controller in conjunction with previously explored coordinating strategies.
The rest of the paper is organized as follows: In Sec. 2, we describe the system and its dynamics. In Sec. 3, we give an overview of the proposed strategy. In Sec. 4, we define our nominal controllers. In Sec. 5, we derive the safety regulator, which modifies the nominal control signals. Finally, in Sec. 6, we evaluate our controller in simulation.
2 System Model
The system consists of a multi-agent fleet of vehicles inside a control zone around a traffic intersection, plus the traffic light servicing the different flows at the intersection. The control zone is given by a maximum distance L from the intersection stop lines, along the lengths of the roads approaching it. In this section, we define the states, control inputs, and dynamics of these agents, as well as assumptions about their connectivity, autonomy, and allowed behavior.
We assume that once the vehicles enter the control zone, they can no longer change lanes. With regard to connectivity, we assume that all agents exchange their current state information with each other according to the following network topology. Vehicles in the same road can communicate with each other and with the upcoming traffic light. The traffic light, in turn, can exchange information with all vehicles approaching from all roads. As such, we can represent the network of interconnected agents as nodes in a bidirectional graph, and their connections as edges. We call the set of neighbors of agent i, where a neighbor refers to another agent that agent i exchanges information with. To illustrate this network topology, we show in Fig. 1 an example set of agents and their interconnections. We note that this connectivity topology avoids communication between agents in different roads in the interest of reducing communication burden and finding a simple solution to the coordination control problem.
2.1 Vehicle Dynamics.
The DTTA of a vehicle is a virtual state variable that encodes when the vehicle is planning to reach the intersection, and it evolves in time according to the coordinating input ui. The underlying assumption of using the above longitudinal vehicle dynamics model is that lane keeping and powertrain controllers can keep the vehicle in its lane and meet the acceleration command used in Eq. (1). We show the state of three vehicles approaching a three-way intersection in Fig. 2. The set here contains agents 1, 2, and 3. In the spatial representation, we can see the current distance to the intersection for each car s1, s2, and s3. In the timing domain, we can see their planned arrival times τ1, τ2, and τ3.
2.2 Traffic Light Dynamics.
We assume here that the actuated light follows a predetermined sequence of phases. If the intersection is organized around compatible movements grouped into P phases, we can index each phase from 1 to P, and assume that transitions happen in ascending order. Furthermore, we define a minimum fixed yellow time that separates the transition between phases. When the leading DTTS reaches , the light switches from green to yellow for the current phase. When it reaches 0, the light switches from yellow to red for the current phase, and from red to green for the next phase in the sequence. We assume that the traffic light plans some time horizon into the future, and that new planned traffic light switching events only spawn at .
We illustrate the state of a traffic light controlling three flows in Fig. 2. In this example, agents 4, 5, and 6 belong to . In the spatial domain, we can only see the current state of the light, which is servicing phase 1 at this time. In the timing domain, we can see the planned switches of the light τ4, τ5, and τ6 over the coming seconds.
3 Proposed Approach Overview
Given the above system of interconnected vehicle and traffic light agents, our objective is to synthesize a decentralized control strategy that generates the inputs ai and ui for all agents. That is, in the decentralized strategy, each agent should decide its own control action based only on the information received by its neighbors. Compared to human-driven and fixed-time traffic light control strategies, the controller should reduce the energy and delay incurred by having to stop at the light, while maintaining safety and feasibility constraints.
The proposed approach consists of having the agents continuously negotiate their timing by changing their DTTA/S. Negotiation is done through decentralized multi-agent methods; here, we use a gradient-based strategy. Then, a decentralized safety regulator for each agent considers constraints on intervehicle spacing, vehicles arriving on green periods, and consistent traffic light timings.
For each vehicle agent, the proposed control strategy is illustrated in Fig. 3. A trajectory planning controller uses the current position, speed, and DTTA of the vehicle to compute the nominal acceleration that would place the vehicle at the intersection at the current DTTA, assuming the underlying safety constraints are satisfied. Simultaneously, a coordinating controller uses the communicated DTTA/S information from neighboring agents to determine the nominal change in timing , assuming feasibility of the current DTTA is satisfied. Finally, a quadratic program (QP) controller minimizes the deviation from the nominal control input under safety and feasibility barrier certificate constraints.
For the traffic light, the proposed control strategy is illustrated in Fig. 4. The approach is similar to that of the vehicles with a few key differences. The traffic light controller does not need a tracking algorithm, since there are no physical constraints on the rate at which it can change its DTTS. Furthermore, while each vehicle only controls its own DTTA, the traffic light controls all of its planned switching times together.
Remark 1. As shown in Figs. 3 and 4, and detailed in Secs. 4 and 5, the proposed strategy has attractive properties in terms of computational complexity. The nominal acceleration control is an algebraic function of the state of the vehicle. The nominal coordinating input is an algebraic function of the timing of the agent's neighbors. Finally, the safety regulator is a convex quadratic program with linear constraints.
4 Nominal Controller
The nominal controller aims to coordinate the vehicles and lights by modifying their timings, and tracking the desired arrival times through trajectory planning optimal control, assuming that the underlying safety regulator will handle the safety and feasibility constraints. We denote the nominal control signals as and .
4.1 Coordinating Controller.
As a function of τi, the above expression looks like a smooth step function centered at τj. The sign of the growth rate parameter κij determines whether the function goes from Kij to 0, or from 0 to Kij. The magnitude of κij determines how steep the transition is. The direction of the step defines whether agent j hastens or delays agent i; the steepness of the step defines how close the agents need to be for the interaction to be non-negligible, because for large values of the gradient of the function approaches 0. By defining the ETFs using this logistic function, we can think of agent j as pushing agent i to the left or to the right in the timing domain based on the sign of κij. The function, and sign of its parameters, is chosen by taking into consideration the desired interaction we can heuristically stipulate the agents should have. These are:
The DTTA of vehicles should be hastened by traffic light switches to red (to catch an earlier green window, or stay in the current one) and delayed by switches to green (to catch a later green window, or stay in the current one). This drives a vehicle's arrival time toward the closest green interval.
The DTTA of vehicles is delayed by preceding vehicles and hastened by following vehicles. This encourages vehicles to maintain appropriate headways with each other.
Traffic light switching times should repel each other. This encourages the switches to preserve their ordering.
In Table 1, we summarize the sign κij based on the relative timing, position, and type of agents i and j. The set used in Table 1 is defined for all vehicles as the set of traffic light DTTS such that if τj represents a switch to green for vehicle i.
To illustrate the workings of the timing coordination gradient-based controller, in Fig. 5, we show an example with three agents. We see in the timing domain (top plot) the DTTS of a light (black dot), the DTTA of two vehicles arriving in a given road (blue dots), and the DTTA of a third vehicle approaching from a different road. In the bottom, we show the total potential Vi of the traffic light's DTTS as a function of its planned timing. This total potential is the sum of the three ETFs Vij of the light with each of the three plotted agents. We can see that the ETFs we have defined using the logistic functions will delay the switching of the light through gradient descent so that all vehicles arrive in a green window.
4.2 Optimal Tracking Controller.
The cost functional of Eq. (5) is the square of acceleration. While minimizing acceleration is not the same as minimizing fuel consumption (or minimizing energy usage for electric and hybrid vehicles), it can serve as simpler proxy for these quantities. The constraints in Eq. (6) consider the vehicle dynamics and ensure that the vehicle reaches the intersection at the current DTTA, starting from the current position and speed. We do not consider other safety and feasibility constraints here so the optimization problem remains tractable; these constraints are considered in Sec. 5. Indeed, following the work presented in Ref. , the above optimization problem can be solved analytically by defining costates and , constructing the Hamiltonian, and imposing necessary conditions for optimality.
5 Control Barrier Function Safety Regulator
Given the nominal acceleration and coordinating input, the safety regulator will modify this input to maintain safety and feasibility constraints. Specifically, the vehicle's safety regulator simultaneously regulates acceleration and change in DTTA so that: (1) the safe intervehicle distance is maintained, (2) vehicles stop at red lights, (3) speed and acceleration bounds are satisfied, (4) the DDTA is such that the nominal trajectory solution respects speed and acceleration bounds. The light's safety regulator ensures the switching of phases maintains the correct order and that switches to red do not occur for vehicles that can longer stop the light. To do this, we make use of safety-critical control methods. Specifically, we seek the forward invariance of a safe set in the state space by the defining control barrier functions and enforcing their induced barrier certificates.
5.1 Background: Control Barrier Functions.
The control barrier function method has been recently developed for safety-critical control applications, and a comprehensive introduction to the method can be found in Ref. . Here, we recall the main definitions and theorems from Ref.  required in the formulation of our safety regulator.
Definition 1. A setis forward invariant if for every initial conditionfor all time t.
Definition 3. An extended classfunction is a strictly increasing function κ:with.
The above definition uses the Lie derivative formalism to express the time derivative of the function h. Indeed, for locally Lipschitz dynamics and CBFs:
Intuitively, the condition says that, if there exists some input and some extended class function κ such that , we call h a control barrier function. This is useful because applying any input that makes will render the super-level set of h forward invariant. In fact, this constitutes the main theorem involving control barrier functions.
renders the setforward invariant and asymptotically stable in D.
The solution to this problem is shown to be Lipschitz continuous in Ref. . When we have multiple constraints, or other constraints on the input, we can define candidate CBFs and formulate the above QP problem with one input constraint for each candidate CBF. In this case, the candidate CBFs would be valid CBFs if the QP problem has a solution for all .
5.2 Vehicle Safety and Feasibility Constraints.
In this section, we make use of the above theoretical framework to synthesize a safety regulator for the vehicles. To do this, we introduce constraints on the states of the vehicles so that they remain in a safe configuration. The constraints are then translated into candidate control barrier functions, which are in turn transformed into barrier certificate constraints on the inputs.
where Q is the total number of considered constraints.
In practice, the values of and can be derived from the limitations of the vehicle's powertrain and the road.
Constraint 3 (arrival time feasibility). The next constraints we consider limit the range of possible desired times till arrival (DTTAs) τi to those that are consistent with the vehicle's speed and acceleration limitations. In fact, we will limit the DTTAs to those whose nominal acceleration and speed trajectories (Eq. (10)) do not violate acceleration and speed constraints (Eqs. (21) and (23)).
Remark 2. This barrier function only needs to be considered when the speed of the vehicle is larger than its leader's. This is because in the domain where vi < vl constraint (40) will always be satisfied, and no certificate is needed. This is further explained in the Appendix.
Constraint 8 (safe crossing constraint). Finally, we introduce a constraint that guarantees that the vehicle only enters the intersection when it is planning to arrive on green.
The above constraint is only used when the vehicle is planning to arrive during a red period of time. Notice then that h8 can only become negative when the vehicle is planning to arrive on green. When h8 is negative, the vehicle will no longer delay its DTTA (i.e., ), and the traffic light will ensure that the light's planning does change in such a way that the vehicle is then forced to arrive on red. This is explained in Secs. 5.3 and 5.4.
Definition 5. Let G(i) be an indicator function that is 1 when vehicle i is planning to arrive on green, and 0 when it is planning to arrive on red.
5.3 Vehicle Quadratic Program Safety and Feasibility Regulator.
5.4 Traffic Light Safety Constraints.
For the traffic light, we also establish constraints on the allowable rate with which the planned switching times can be changed based on candidate CBFs. We then formulate a safety regulating QP controller that modifies the nominal change in timing generated by the coordinating gradient-based control strategy.
While we consider each DTTS of the light as separate agent for the purposes of gradient-based coordination, in this section, we derive a single QP safety regulator for all the DTTS of a single light. This is different from the regulator derived for the vehicles, which assumes only the acceleration and rate of change of τi are control variables. Here, ui for all are optimization variables of the QP regulator. We therefore define the vector state of the light and the vector input as a concatenation of all τi and ui for all .
5.5 Traffic Light Quadratic Program Safety Regulator.
Remark 3. The above QP controller for the traffic light simply attempts to preserve the order of the DTTS. When some vehicles can no longer stop at the intersection, it also attempts to preserve the order of the DTTA of these vehicles relative to the DTTS of the light. We can see that there exists at least one feasible solution by noting that satisfies all of the constraints. Indeed, if the agents start in a certain order, and they all set their inputs to 0, they should preserve that order, given their homogeneous affine dynamics.
5.6 Constraint Relaxations.
As we have discussed previously, the QP-CBF formulation has been derived using candidate CBFs, which are only valid CBFs in the presence of each other if the QP problem has a feasible solution () for all points inside the safe set (). In this section, we consider the possibility of the set Ui being empty for the vehicles, and we introduce appropriate constraint relaxations to ensure that the QP always has a solution. Remark 3 in the previous subsection discusses how this is not necessary for the traffic light.
In Fig. 6, we show an example of the vehicle's constrained input space , for a given value of and . Each line corresponds to one of the barrier certificates, and the adjacent shaded blue region corresponds to the inputs that the certificate does not allow. The remaining white space delineates then the inputs that satisfy all barrier certificates.
In Sec. 5.2, we derive constraints 7 and 8 to be explicitly compatible with constraints 0 and 1 using Theorem 2, and we can show their compatibility with constraint 2 as this constraint cannot become active when the vehicle is braking as long as . This implies that in Fig. 6, the vertical region between and (and ) will always be nonempty. In other words, (and ) will always be to the right of .
The relaxation weight R is chosen to be a very large number to heavily discourage the controller form violating the constraint.
Remark 4. In practice, there are other reasons to relax the constraints and heavily penalize their violation. First, in the field and in simulation, this strategy will be implemented as a discrete-time controller where, near the boundary of the safe set, the forward invariance of the set may not be guaranteed if the integration time step size is not small enough. Second, in real roads with human drivers, some of the assumptions about the behavior of the leading traffic could be violated, unwillingly placing the vehicle outside its safe set.
6 Simulation Results
In this section, we evaluate our control strategy in simulation, using our own matlab -based tool opentrafficlab . We consider a three-way intersection controlled by a traffic light, the same configuration as shown in Fig. 2.
We assume that vehicles arrive in each lane according to a Poisson arrival process, given by an input flow rate in vehicles per hour. Arrivals are delayed to the extent that they would have the vehicle enter outside of the safe set. For the “arrival” of traffic light switching events, if the light plans a time horizon into the future, a new DTTS is added at when the last DTTS is some minimum time into the planned timing domain.
Assuming a 2 s headway, the saturation flow rate (i.e., the maximum number of vehicles that can traverse the network at the nominal desired speed) of each lane is 1800 veh/hr. We simulate our proposed strategy and baseline at different ratios of the saturation flow rate using the parameters summarized in Table 2. For each saturation ratio, we generate 10 realizations of the arrival process, and we use the same generated arrival times for both the baseline and the proposed strategy.
The baseline strategy consists of human drivers and fixed time traffic lights at the intersection. The human drivers are modeled using the Gipps car following model , with a desired speed . To account for traffic lights, the baseline car following model acts as if a virtual vehicle is stopped at the intersection when the light is red. We note that other baselines models can be used to simulate the behavior of traditional traffic, like the intelligent driver model or the Wiedemann model . The timing of the traffic light is determined using Webster's method , based on the demand (i.e., arrival rate) at each road.
We can look at the savings in fuel and delay incurred if all the vehicles used our proposed strategy over the baseline. In Fig. 7, we show the average savings per vehicle in both delay and fuel, respectively. We can see that the coordination strategy reliably saves energy and time at all saturation ratios, and that in general, at higher volumes the savings are more substantial.
Remark 5. Fuel consumption calculations are based on the use of longitudinal vehicle dynamics to map both vehicle speed and acceleration to a net propulsion and/or braking torque/power demand. From engine power, we use a brake-specific fuel consumption (bsfc) map to compute vehicle fuel consumption with good accuracy. Delay is calculated as the difference between the ideal travel time, defined as the time it would have taken the vehicle to traverse the network at a desired speed , and the actual travel time. In this paper, we assume that the ideal travel time is always the free flow travel time at speed , independent of the current traffic demand level.
To understand these results, we can first look at the time–space diagrams for one lane in one of the simulations. In Fig. 8, we plot the trajectories of all vehicles that traverse one of the lanes for both the baseline and proposed strategy. This type of diagram is used in traffic engineering to quickly look at congestion patterns like queues and shock waves . Free flowing traffic would show up in the diagram as straight lines, while queues and shock waves can be seen as disturbances from this nominal behavior. We can look particularly at the right leaning triangular patterns of stopped traffic that correspond to the formation queues and the back propagation of the shock wave. Comparing the coordinated traffic (top plot) with the baseline (bottom plot), we can see that coordination reduces queue length and dissipates the shock waves. This reduction in congestion explains the improvements in delay and fuel consumption.
From the savings results, we can also see the strategy saves significantly more in delay than it does in fuel consumption. We believe this happens because the control strategy sometimes accelerates vehicles in order to catch a green light, a behavior that is not usually modeled by the Gipps car following model. We can see that this is the case in Fig. 9. Here, we plot the distribution of speeds for all vehicles at all time steps for the 0.7 saturation rate simulation. We can see the coordinating strategy not only has the vehicles stopped less often, but it also sometimes sees the vehicles traveling at speeds higher than the desired speed.
Finally, we can further characterize the behavior of our algorithm by looking at when and how often the regulator actually modifies the nominal input. In Fig. 10, we show 19 consecutive vehicle trajectories for one of the lanes in one of our simulations, and we have highlighted in bold (red) the portions of the trajectories where the regulator is active. There are different scenarios where regulation kicks in. Most notably, we can see the regulator is responsible for vehicles safely stopping for a red light and forming a queue (see seconds 420–460). Also, the regulator is active when vehicles speed up (see, for example, the fifth vehicle trajectory, or the first three vehicle trajectories near the intersection). This is probably an interplay between the coordinator attempting to accelerate the vehicles to reach an earlier green light, and the regulator maintaining speed and acceleration upper bounds.
In this paper, we present a decentralized coordination strategy for vehicles and traffic lights at urban intersections. We describe the vehicles by their distance to the intersection, their speed, and their desired time till arrival. Similarly, the lights are described by their planned time till switching. Using this common framework, the agents, whether they are lights or vehicles, negotiate their timing through gradient-based multi-agent control methods. The main objective of the work is to create a safety regulating controller that takes this negotiating strategy, and modifies it in order to ensure safe operation. The regulator is synthesized using control barrier certificates implemented through a quadratic program that aims to minimize deviations from the nominal coordinating control. The control strategy is tested in simulation and compared to traditional traffic light and human-driven behavior to showcase the improvement in fuel consumption and delay. In future work, more extensive simulation studies can be performed to: (1) validate our strategy against different baseline models like the Intelligent Driver model, or the Wiedeman driver model and (2) study the impact of other parameters like different types of powertrains and vehicle sizes. Additionally, the algorithm can be extended to include interactions between agents according to different connectivity topologies (i.e., considering communication between vehicles in different roads and across multiple intersections).
Advanced Research Projects Agency (Grant No. DE-AR-0000801; Funder ID: 10.13039/100009224).
However, at the boundary of , the above inequality reduces to . This means that the largest possible domain where ρ7 is a valid CBF will be . Intuitively, this makes sense: if the vehicle's leader is traveling faster than itself and it is more than distance away, the vehicle cannot possibly reduce its spacing without first overtaking its leader in terms of speed and entering a set where the function is no longer a valid CBF. Therefore, we need a different candidate CBF.
To synthesize this candidate CBF, we use another theorem that is specifically helpful in generating multiple CBFs that are valid in the presence of other input constraints, or on higher relative degree dynamics (both of which are the case here). The idea consists of synthesizing CBFs from an initial candidate that may not be a valid CBF in the desired domain, plus a nominal controller that satisfies other input constraints. In Ref. , the candidate function is called a performance function and is denoted by ρ. The nominal controller is denoted by . The state of the system for any time t > 0 is , when it is initialized at and input β is applied.
h is a CBF
Given the previous discussion, when , no barrier certificate is needed to ensure safe car following. For , we derive a barrier function by assuming a nominal controller that represents the maximum braking maneuvers for both vehicles. The maximum braking maneuver is given by the constraints on acceleration and the barrier certificate on minimum velocity, in Eq. (26). Assuming , this is given by the largest of two values: . We can then integrate the system forward in time under this control action, and compute the value of ρ7 into the future. We then define the new candidate barrier function as the infima in time of ρ7, as explained in Theorem 2.
where corresponds to the speed where the maximum deceleration switches from being to being . That is, .
Plainly, this CBF candidate is the original performance function ρ7, which is the current intervehicle spacing, plus each vehicle's maximum braking distance when they use their maximum deceleration profile. This maximum deceleration profile is itself the product of following the constraints on acceleration given by Eqs. (21) and (26). The maximum braking distance of each vehicle depends on its current velocity. It should be noted that the above CBF candidate is continuously differentiable with respect to the state; this can be verified by evaluating h7 and its gradient from both sides at each potential discontinuity point.
In deriving the above barrier certificate, we make the conservative assumption that the lead vehicle uses its maximum allowable deceleration. While looser assumptions can be made, this approach guarantees safety even in the worst-case scenarios.
Remark 6. To get this constraint, we need to assume that the deceleration parameters of the leader and are known.