Neural network dynamic models (NNDMs) pose significant challenges for safety verification due to their nonlinearity, stochasticity, and lack of provable probabilistic safety guarantees. Method: This paper introduces a theoretical framework based on stochastic barrier functions (SBFs), the first application of SBFs to NNDM analysis. It integrates convex neural network approximations with piecewise-linear bounding techniques to enable automated synthesis of barrier functions, and designs a minimally invasive linear programming controller to tighten the lower bound on system safety probability. The approach unifies sum-of-squares (SOS) optimization with robust control synthesis, supporting high-dimensional, deep NNDMs (e.g., up to hundreds of neurons per layer). Results: Experiments demonstrate substantial improvements in certified safety probability, achieving efficient and formally verifiable safety guarantees. The method establishes the first safety verification paradigm for noisy iterative-prediction neural dynamic systems that simultaneously ensures theoretical rigor and computational tractability.

Neural Networks (NNs) have been successfully employed to represent the state evolution of complex dynamical systems. Such models, referred to as NN dynamic models (NNDMs), use iterative noisy predictions of NN to estimate a distribution of system trajectories over time. Despite their accuracy, safety analysis of NNDMs is known to be a challenging problem and remains largely unexplored. To address this issue, in this paper, we introduce a method of providing safety guarantees for NNDMs. Our approach is based on stochastic barrier functions, whose relation with safety are analogous to that of Lyapunov functions with stability. We first show a method of synthesizing stochastic barrier functions for NNDMs via a convex optimization problem, which in turn provides a lower bound on the system's safety probability. A key step in our method is the employment of the recent convex approximation results for NNs to find piece-wise linear bounds, which allow the formulation of the barrier function synthesis problem as a sum-of-squares optimization program. If the obtained safety probability is above the desired threshold, the system is certified. Otherwise, we introduce a method of generating controls for the system that robustly maximizes the safety probability in a minimally-invasive manner. We exploit the convexity property of the barrier function to formulate the optimal control synthesis problem as a linear program. Experimental results illustrate the efficacy of the method. Namely, they show that the method can scale to multi-dimensional NNDMs with multiple layers and hundreds of neurons per layer, and that the controller can significantly improve the safety probability.