One mitigation class that feels under-discussed for physical systems is actuator-boundary enforcement: even if upstream software is compromised or misbehaves, the command path can still deterministically clamp out-of-bounds velocity/effort/position. What I’d really like to see here is reproducible evidence standards (conformance tests + wedge counts + latency distributions) so “this mitigation works” is checkable rather than narrative.

One angle I haven’t seen much in red teaming writeups is “hardware-in-the-loop” failure evidence for embodied systems: not just whether the agent produces bad plans, but whether actuator-boundary constraints actually prevent out-of-bounds commands under malformed traffic / fuzzing. Curious if you’ve seen good frameworks for making those claims reproducible.

This really resonates. A missing “Y-axis” for embodied systems is actuation-boundary safety evidence (not just capability). E.g., can we standardize artifacts like enforcement outcomes, wedge counts, and latency distributions under a declared envelope so third parties can reproduce “this safety layer worked” claims?