Data-Efficient RoA Verification of Black-box Controllers
via Flow Matching and Conformal Inference

Our framework estimates the Region of Attraction (RoA) of a black-box controller through three integrated components. Each initial state is classified into one of three labels:

• <Succ> – the state lies within the RoA and the controller succeeds
• <Fail> – the state lies outside the RoA and the controller fails
• <Unc> – the model cannot confidently commit to an outcome

These labels are assigned through three integrated components:

1. Generative Final-State Prediction: A Conditional Flow Matching (CFM) model learns the distribution of terminal states from initial conditions. By capturing multi-modal outcomes, the model naturally expresses uncertainty near the boundary between <Succ> and <Fail> regions.
2. Probabilistic Classification with Optimized Thresholds: Monte Carlo samples from the learned distribution are evaluated against success criteria to estimate outcome probabilities. A dual-threshold decision rule classifies each state as <Succ>, <Fail>, or <Unc>, with thresholds optimized to balance accuracy and the size of the <Unc> region.
3. Uncertainty-Guided Adaptive Sampling: The <Unc> region guides data collection, concentrating costly trajectory rollouts on boundary states where the classifier cannot commit, progressively refining the RoA characterization.

Finally, a conformal inference layer certifies all predictions with finite-sample coverage guarantees.

Given the three probability estimates $\hat{p}_s(x)$, $\hat{p}_f(x)$, and $\hat{p}_\text{inv}(x)$, a threshold-based decision rule maps each state to one of three labels. The rule is parameterized by a center $\lambda$ and a margin $\delta$, which define decision boundaries $\theta_s = \lambda + \delta$ and $\theta_f = 1 - (\lambda - \delta)$. Classification proceeds in three stages:

1. Model error filter: If $\hat{p}_\text{inv}(x) \geq \lambda - \delta$, the state is classified as <Unc>—too many generated samples are invalid, indicating the model has not learned this region well.
2. Confident predictions: Among remaining states, if $\hat{p}_s(x) \geq \theta_s$ the state is classified as <Succ>; if $\hat{p}_f(x) \geq \theta_f$ it is classified as <Fail>.
3. Outcome uncertainty: If neither threshold is met, the model generates valid but mixed outcomes and cannot confidently resolve the state, so it is classified as <Unc>.

The parameters $\lambda^*$ and $\delta^*$ are jointly optimized on a validation set to minimize a weighted combination of classification error (fraction of confident predictions that disagree with ground truth) and the size of the <Unc> region. This balances two competing goals: reducing misclassifications while keeping the uncertain region as small as possible.

A split conformal prediction layer certifies the framework's outputs with provable, finite-sample coverage guarantees. A held-out calibration set $\mathcal{D}_\text{cal}$ with ground-truth labels is used to compute nonconformity scores that measure how inconsistent the model's probability estimates are with each candidate label. States flagged as model error ($\hat{p}_\text{inv} \geq \lambda^* - \delta^*$) are filtered from the calibration set to avoid inflating the conformal quantile with modeling artifacts. For a user-specified confidence level $1-\alpha$, the conformal procedure produces prediction sets guaranteed to contain the true outcome with probability at least $1-\alpha$. Singleton prediction sets ({<Succ>} or {<Fail>}) indicate high-confidence classifications, while non-singleton sets containing <Unc> serve as certificates of abstention. Empirically, coverage exceeds 0.98 across all four benchmark systems at $\alpha = 0.1$, with nearly all predictions being confident singletons.