Search papers, labs, and topics across Lattice.
The paper introduces BarrierSteer, a framework for enhancing LLM safety by learning and embedding non-linear safety constraints within the model's latent space. It uses Control Barrier Functions (CBFs) to steer LLM response trajectories away from unsafe regions during inference, without modifying the original LLM parameters. Experiments demonstrate that BarrierSteer effectively reduces adversarial success rates and unsafe generations, outperforming existing safety methods while preserving model performance.
LLMs can be made significantly safer by steering their latent space trajectories with Control Barrier Functions, preventing unsafe outputs without retraining.
Despite the state-of-the-art performance of large language models (LLMs) across diverse tasks, their susceptibility to adversarial attacks and unsafe content generation remains a major obstacle to deployment, particularly in high-stakes settings. Addressing this challenge requires safety mechanisms that are both practically effective and supported by rigorous theory. We introduce BarrierSteer, a novel framework that formalizes response safety by embedding learned non-linear safety constraints directly into the model's latent representation space. BarrierSteer employs a steering mechanism based on Control Barrier Functions (CBFs) to efficiently detect and prevent unsafe response trajectories during inference with high precision. By enforcing multiple safety constraints through efficient constraint merging, without modifying the underlying LLM parameters, BarrierSteer preserves the model's original capabilities and performance. We provide theoretical results establishing that applying CBFs in latent space offers a principled and computationally efficient approach to enforcing safety. Our experiments across multiple models and datasets show that BarrierSteer substantially reduces adversarial success rates, decreases unsafe generations, and outperforms existing methods.
MIT CSAIL
NUS