Notes:
Available from: https://dl.acm.org/doi/10.1145/3324884.3418901
|
Abstract.
Computing systems are becoming ever more complex, with decisions
increasingly often based on deep learning components. A wide variety of applications are being developed, many of them safety-critical, such as self-driving cars and medical diagnosis. Since deep learning is unstable with respect to adversarial perturbations, there is a need for rigorous software development methodologies that encompass machine learning components. This lecture will describe progress with developing automated verification and testing techniques for deep neural networks to ensure safety and robustness of their decisions with respect to bounded input perturbations.
The techniques exploit Lipschitz continuity of the networks and
aim to approximate, for a given set of inputs, the reachable set of
network outputs in terms of lower and upper bounds, in anytime manner, with provable guarantees. We develop novel algorithms based on feature-guided search, games, global optimisation and Bayesian methods, and evaluate them on state-of-the-art networks. The lecture will conclude with an overview of the challenges in this field.
|