The Safe Paralysis

Safety-critical control systems use barrier functions to keep trajectories inside acceptable regions. The barrier acts as a repulsive force that grows without bound as the trajectory approaches the boundary of the safe set, guaranteeing it never crosses. This works. The trajectory stays safe.

But it can stay too safe. Han, Wang, and Wang (arXiv:2603.16074) identify the problem: trajectories can become trapped sliding along the boundary, technically inside the safe set but functionally paralyzed. The barrier function guarantees safety but not progress. The system sits at the edge of its constraint, unable to move inward, unable to cross outward, spending infinite time in a region that is simultaneously safe and useless.

The solution is a Matrosov-type auxiliary function: a secondary Lyapunov-like construct that is inert in the interior of the safe set but becomes active near the boundary. It proves that trajectories can only linger near the boundary for finite time before being pushed back toward the interior. Safety remains guaranteed, but now with a built-in expiry on boundary residence.

The structural principle: the safety mechanism itself creates the paralysis it was supposed to prevent. A wall that stops catastrophe also stops motion when a trajectory gets trapped against it. The auxiliary function does not weaken the wall — it makes the wall uncomfortable to lean on. Safety is preserved as a transient state, not a permanent one.

This is the institutional version of risk aversion. Regulations designed to prevent harm can trap organizations at the boundary between action and inaction — technically compliant, functionally stuck. The fix is not less safety but a mechanism that makes lingering at the boundary costly, ensuring that safety is a constraint to satisfy, not a state to inhabit.