Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
119 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Towards a Framework for Deep Learning Certification in Safety-Critical Applications Using Inherently Safe Design and Run-Time Error Detection (2403.14678v1)

Published 12 Mar 2024 in cs.LG

Abstract: Although an ever-growing number of applications employ deep learning based systems for prediction, decision-making, or state estimation, almost no certification processes have been established that would allow such systems to be deployed in safety-critical applications. In this work we consider real-world problems arising in aviation and other safety-critical areas, and investigate their requirements for a certified model. To this end, we investigate methodologies from the machine learning research community aimed towards verifying robustness and reliability of deep learning systems, and evaluate these methodologies with regard to their applicability to real-world problems. Then, we establish a new framework towards deep learning certification based on (i) inherently safe design, and (ii) run-time error detection. Using a concrete use case from aviation, we show how deep learning models can recover disentangled variables through the use of weakly-supervised representation learning. We argue that such a system design is inherently less prone to common model failures, and can be verified to encode underlying mechanisms governing the data. Then, we investigate four techniques related to the run-time safety of a model, namely (i) uncertainty quantification, (ii) out-of-distribution detection, (iii) feature collapse, and (iv) adversarial attacks. We evaluate each for their applicability and formulate a set of desiderata that a certified model should fulfill. Finally, we propose a novel model structure that exhibits all desired properties discussed in this work, and is able to make regression and uncertainty predictions, as well as detect out-of-distribution inputs, while requiring no regression labels to train. We conclude with a discussion of the current state and expected future progress of deep learning certification, and its industrial and social implications.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (121)
  1. “Pivotal Trial of an Autonomous AI-based Diagnostic System for Detection of Diabetic Retinopathy in Primary Care Offices” In npj Digital Medicine Nature Publishing Group, 2018 DOI: 10.1038/s41746-018-0040-6
  2. “Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey” In IEEE Access, 2018 DOI: 10.1109/ACCESS.2018.2807385
  3. Anastasios N. Angelopoulos and Stephen Bates “A Gentle Introduction to Conformal Prediction and Distribution-Free Uncertainty Quantification”, 2022 arXiv:2107.07511
  4. “Synthesizing Robust Adversarial Examples” In Proceedings of the 35th International Conference on Machine Learning PMLR, 2018
  5. Stanley Bak, Changliu Liu and Taylor Johnson “The Second International Verification of Neural Networks Competition (VNN-COMP 2021): Summary and Results” arXiv, 2021 arXiv:2109.00498
  6. “Certifying Geometric Robustness of Neural Networks” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2019
  7. Adrien Bardes, Jean Ponce and Yann LeCun “VICReg: Variance-Invariance-Covariance Regularization for Self-Supervised Learning”, 2022
  8. “Explainable Artificial Intelligence (XAI): Concepts, Taxonomies, Opportunities and Challenges toward Responsible AI” In Information Fusion, 2020 DOI: 10.1016/j.inffus.2019.12.012
  9. “Invertible Residual Networks” In Proceedings of the 36th International Conference on Machine Learning PMLR, 2019
  10. Yoshua Bengio, Aaron Courville and Pascal Vincent “Representation Learning: A Review and New Perspectives” In IEEE Transactions on Pattern Analysis and Machine Intelligence, 2013 DOI: 10.1109/TPAMI.2013.50
  11. Jeremy Berkowitz “Testing Density Forecasts, With Applications to Risk Management” In Journal of Business & Economic Statistics Taylor & Francis, 2001 DOI: 10.1198/07350010152596718
  12. Christopher M. Bishop “Bayesian Neural Networks” In Journal of the Brazilian Computer Society Sociedade Brasileira de Computação, 1997 DOI: 10.1590/S0104-65001997000200006
  13. Olivier Bousquet, Stéphane Boucheron and Gábor Lugosi “Introduction to Statistical Learning Theory” In Advanced Lectures on Machine Learning: ML Summer Schools 2003, Canberra, Australia., Lecture Notes in Computer Science Springer, 2004 DOI: 10.1007/978-3-540-28650-9˙8
  14. Wieland Brendel, Jonas Rauber and Matthias Bethge “Decision-Based Adversarial Attacks: Reliable Attacks against Black-Box Machine Learning Models” In International Conference on Learning Representations, 2018
  15. “Signature Verification Using a ”Siamese” Time Delay Neural Network” In Advances in Neural Information Processing Systems Morgan-Kaufmann, 1993
  16. “Language Models Are Few-Shot Learners” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2020
  17. “Adversarial Patch” arXiv, 2018 DOI: 10.48550/arXiv.1712.09665
  18. “The Need to Separate the Wheat from the Chaff in Medical Informatics: Introducing a Comprehensive Checklist for the (Self)-Assessment of Medical AI Studies” In International Journal of Medical Informatics, 2021 DOI: 10.1016/j.ijmedinf.2021.104510
  19. “Towards Evaluating the Robustness of Neural Networks” In 2017 IEEE Symposium on Security and Privacy (SP), 2017 DOI: 10.1109/SP.2017.49
  20. Center for Devices and Radiological Health “Artificial Intelligence and Machine Learning in Software as a Medical Device”, 2021
  21. Krzysztof Chalupka, Frederick Eberhardt and Pietro Perona “Multi-Level Cause-Effect Systems” In Proceedings of the 19th International Conference on Artificial Intelligence and Statistics PMLR, 2016
  22. “Isolating Sources of Disentanglement in Variational Autoencoders” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2018
  23. “Implicit Bias of Gradient Descent for Wide Two-layer Neural Networks Trained with the Logistic Loss” In Proceedings of Thirty Third Conference on Learning Theory PMLR, 2020
  24. S. Chopra, R. Hadsell and Y. LeCun “Learning a Similarity Metric Discriminatively, with Application to Face Verification” In 2005 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR’05), 2005 DOI: 10.1109/CVPR.2005.202
  25. Chris Cundy, Aditya Grover and Stefano Ermon “BCD Nets: Scalable Variational Approaches for Bayesian Causal Discovery” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2021
  26. “Safety First for Automated Driving”, 2019
  27. “On the Transfer of Disentangled Representations in Realistic Settings”, 2021 arXiv:2010.14407
  28. EASA “EASA Artificial Intelligence Roadmap 1.0”, 2020
  29. EASA “EASA Concept Paper: First Usable Guidance for Level 1 Machine Learning Applications”, 2021
  30. EASA and Daedalean AG “Concepts of Design Assurance for Neural Networks (CoDANN)”, 2020
  31. EASA and Daedalean AG “Concepts of Design Assurance for Neural Networks (CoDANN) II”, 2021
  32. Cian Eastwood and Christopher K.I. Williams “A Framework for the Quantitative Evaluation of Disentangled Representations”, 2018
  33. “Robust Physical-World Attacks on Deep Learning Visual Classification” In 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition IEEE, 2018 DOI: 10.1109/CVPR.2018.00175
  34. FAA “Neural Network Based Runway Landing Guidance for General Aviation Autoland”, 2022
  35. “Dropout as a Bayesian Approximation: Representing Model Uncertainty in Deep Learning” In Proceedings of The 33rd International Conference on Machine Learning PMLR, 2016
  36. “The Need for a System View to Regulate Artificial Intelligence/Machine Learning-Based Software as Medical Device” In NPJ digital medicine Nature Publishing Group, 2020 DOI: 10.1038/s41746-020-0262-2
  37. Tilmann Gneiting, Fadoua Balabdaoui and Adrian E. Raftery “Probabilistic Forecasts, Calibration and Sharpness” In Journal of the Royal Statistical Society: Series B (Statistical Methodology), 2007 DOI: 10.1111/j.1467-9868.2007.00587.x
  38. “Probabilistic Forecasting” In Annual Review of Statistics and Its Application, 2014 DOI: 10.1146/annurev-statistics-062713-085831
  39. “Generative Adversarial Nets” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2014
  40. Ian Goodfellow, Jonathon Shlens and Christian Szegedy “Explaining and Harnessing Adversarial Examples” In International Conference on Learning Representations, 2015
  41. “Regularisation of Neural Networks by Enforcing Lipschitz Continuity” In Machine Language, 2021 DOI: 10.1007/s10994-020-05929-w
  42. “Bootstrap Your Own Latent - A New Approach to Self-Supervised Learning” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2020
  43. Benjamin Guedj “A Primer on PAC-Bayesian Learning” arXiv, 2019 DOI: 10.48550/arXiv.1901.05353
  44. “Improved Training of Wasserstein GANs” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2017
  45. Thomas M. Hamill “Interpretation of Rank Histograms for Verifying Ensemble Forecasts” In Monthly Weather Review American Meteorological Society, 2001 DOI: 10.1175/1520-0493(2001)129¡0550:IORHFV¿2.0.CO;2
  46. “How the FDA Regulates AI” In Academic Radiology, Special Issue: Artificial Intelligence 1, 2020 DOI: 10.1016/j.acra.2019.09.017
  47. “Deep Residual Learning for Image Recognition”, 2015 arXiv:1512.03385
  48. “Using Self-Supervised Learning Can Improve Model Robustness and Uncertainty” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2019
  49. “Beta-VAE: Learning Basic Visual Concepts with a Constrained Variational Framework” In ICLR, 2017
  50. Kurt Hornik, Maxwell Stinchcombe and Halbert White “Multilayer Feedforward Networks Are Universal Approximators” In Neural Networks, 1989 DOI: 10.1016/0893-6080(89)90020-8
  51. Haruo Hosoya “Group-Based Learning of Disentangled Representations with Generalizability for Novel Contents” In Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence, 2019 DOI: 10.24963/ijcai.2019/348
  52. “Adversarial Examples Are Not Bugs, They Are Features” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2019
  53. Jörn-Henrik Jacobsen, Arnold W.M. Smeulders and Edouard Oyallon “I-RevNet: Deep Invertible Networks” In International Conference on Learning Representations, 2018
  54. “Black-Box Adversarial Attacks on Video Recognition Models” In Proceedings of the 27th ACM International Conference on Multimedia, MM ’19 Association for Computing Machinery, 2019 DOI: 10.1145/3343031.3351088
  55. “Analysing Impact of Adversarial Attacks on Autonomous Driving and Effectiveness of Defences”, 2022
  56. Niki Kilbertus, Giambattista Parascandolo and Bernhard Schölkopf “Generalization in Anti-Causal Learning”, 2018 arXiv:1812.00524
  57. “Avoiding Discrimination through Causal Reasoning” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2017
  58. “Disentangling by Factorising” In Proceedings of the 35th International Conference on Machine Learning PMLR, 2018
  59. Diederik P. Kingma and Max Welling “Auto-Encoding Variational Bayes”, 2014 arXiv:1312.6114
  60. “Semi-Supervised Learning with Deep Generative Models” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2014
  61. Frank H. Knight “Risk, Uncertainty and Profit” Boston, New York, Houghton Mifflin Company, 1921
  62. “Learning Multiple Layers of Features from Tiny Images” In Master’s thesis, Department of Computer Science, University of Toronto Citeseer, 2009
  63. “Counterfactual Fairness” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2017
  64. Balaji Lakshminarayanan, Alexander Pritzel and Charles Blundell “Simple and Scalable Predictive Uncertainty Estimation Using Deep Ensembles” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2017
  65. “Regulatory Frameworks for Development and Evaluation of Artificial Intelligence–Based Diagnostic Imaging Algorithms: Summary and Recommendations” In Journal of the American College of Radiology, 2021 DOI: 10.1016/j.jacr.2020.09.060
  66. “Gradient-Based Learning Applied to Document Recognition” In Proceedings of the IEEE Ieee, 1998
  67. “Adversarial Perturbations Against Real-Time Video Classification Systems” In Proceedings 2019 Network and Distributed System Security Symposium, 2019 DOI: 10.14722/ndss.2019.23202
  68. Shiyu Liang, Yixuan Li and R. Srikant “Enhancing The Reliability of Out-of-distribution Image Detection in Neural Networks”, 2020 arXiv:1706.02690
  69. “Simple and Principled Uncertainty Estimation with Deterministic Deep Learning via Distance Awareness” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2020
  70. “Delving into Transferable Adversarial Examples and Black-Box Attacks” In Proceedings of 5th International Conference on Learning Representations, 2017
  71. “Challenging Common Assumptions in the Unsupervised Learning of Disentangled Representations” In Proceedings of the 36th International Conference on Machine Learning PMLR, 2019
  72. “Weakly-Supervised Disentanglement Without Compromises” In Proceedings of the 37th International Conference on Machine Learning PMLR, 2020
  73. “Towards a Learning Theory of Cause-Effect Inference” In Proceedings of the 32nd International Conference on Machine Learning PMLR, 2015
  74. “Discovering Causal Signals in Images” In 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2017 DOI: 10.1109/CVPR.2017.14
  75. “NO Need to Worry about Adversarial Examples in Object Detection in Autonomous Vehicles” arXiv, 2017 DOI: 10.48550/arXiv.1707.03501
  76. “Towards Deep Learning Models Resistant to Adversarial Attacks” In International Conference on Learning Representations, 2018
  77. David A. McAllester “Some PAC-Bayesian Theorems” In Proceedings of the Eleventh Annual Conference on Computational Learning Theory, COLT’ 98 Association for Computing Machinery, 1998 DOI: 10.1145/279943.279989
  78. “Robustness Certification with Generative Models” In Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation Association for Computing Machinery, 2021
  79. “Spectral Normalization for Generative Adversarial Networks”, 2018
  80. “Taxonomy of Machine Learning Safety: A Survey and Primer”, 2022 arXiv:2106.04823
  81. Sina Mohseni, Niloofar Zarei and Eric D. Ragan “A Multidisciplinary Survey and Framework for Design and Evaluation of Explainable AI Systems” In ACM Transactions on Interactive Intelligent Systems, 2021 DOI: 10.1145/3387166
  82. “Deep Deterministic Uncertainty: A Simple Baseline”, 2022 arXiv:2102.11582
  83. “Practical Black-Box Attacks against Machine Learning” In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, ASIA CCS ’17 Association for Computing Machinery, 2017 DOI: 10.1145/3052973.3053009
  84. “Learning Independent Causal Mechanisms” In Proceedings of the 35th International Conference on Machine Learning PMLR, 2018
  85. Judea Pearl “Causality” Cambridge University Press, 2009 DOI: 10.1017/CBO9780511803161
  86. “Causal Discovery with Continuous Additive Noise Models” In Journal of Machine Learning Research, 2014
  87. “Adversarial Training Can Hurt Generalization” arXiv, 2019 arXiv:1906.06032
  88. Karl Ridgeway and Michael C Mozer “Learning Deep Disentangled Embeddings With the F-Statistic Loss” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2018
  89. “Causal Consistency of Structural Equation Models” In Proceedings of the 33rd Conference on Uncertainty in Artificial Intelligence, 2017
  90. “A Convex Relaxation Barrier to Tight Robustness Verification of Neural Networks” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2019
  91. “Counterfactual Generative Networks” arXiv, 2021 arXiv:2101.06046
  92. “On Causal and Anticausal Learning” In Proceedings of the 29th International Conference on Machine Learning Omnipress, 2012
  93. “Toward Causal Representation Learning” In Proceedings of the IEEE, 2021 DOI: 10.1109/JPROC.2021.3058954
  94. “Towards Causal Representation Learning”, 2021 arXiv:2102.11107
  95. “Semi-Supervised Learning”, Adaptive Computation and Machine Learning MIT Press, 2006
  96. Sanjit A. Seshia, Dorsa Sadigh and S.Shankar Sastry “Towards Verified Artificial Intelligence” arXiv, 2020 arXiv:1606.08514
  97. Ben Shneiderman “Human-Centered Artificial Intelligence: Reliable, Safe & Trustworthy” In International Journal of Human–Computer Interaction, 2020 DOI: 10.1080/10447318.2020.1741118
  98. “Weakly Supervised Disentanglement with Guarantees”, 2019
  99. “An Abstract Domain for Certifying Neural Networks” In Proceedings of the ACM on Programming Languages, 2019 DOI: 10.1145/3290354
  100. Adarsh Subbaswamy, Roy Adams and Suchi Saria “Evaluating Model Robustness and Stability to Dataset Shift” In Proceedings of The 24th International Conference on Artificial Intelligence and Statistics PMLR, 2021
  101. “Intriguing Properties of Neural Networks” In International Conference on Learning Representations, 2014
  102. Simen Thys, Wiebe Van Ranst and Toon Goedemé “Fooling Automated Surveillance Cameras: Adversarial Patches to Attack Person Detection” In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, 2019
  103. Vincent Tjeng, Kai Y. Xiao and Russ Tedrake “Evaluating Robustness of Neural Networks with Mixed Integer Programming” In International Conference on Learning Representations, 2019
  104. “Robustness May Be at Odds with Accuracy” In International Conference on Learning Representations, 2019
  105. “On Feature Collapse and Deep Kernel Learning for Single Forward Pass Uncertainty” arXiv, 2022 DOI: 10.48550/arXiv.2102.11409
  106. V.N. Vapnik “An Overview of Statistical Learning Theory” In IEEE Transactions on Neural Networks, 1999 DOI: 10.1109/72.788640
  107. Krishnapriya Vishnubhotla, Graeme Hirst and Frank Rudzicz “An Evaluation of Disentangled Representation Learning for Texts” In Findings of the Association for Computational Linguistics: ACL-IJCNLP 2021 Association for Computational Linguistics, 2021 DOI: 10.18653/v1/2021.findings-acl.170
  108. “Efficient Formal Safety Analysis of Neural Networks” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2018
  109. “Beta-CROWN: Efficient Bound Propagation with per-Neuron Split Constraints for Complete and Incomplete Neural Network Verification” In Advances in Neural Information Processing Systems, 2021
  110. “Transferable Adversarial Attacks for Image and Video Object Detection” In Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence, IJCAI-19, 2019 DOI: 10.24963/ijcai.2019/134
  111. “Hyperparameter Ensembles for Robustness and Uncertainty Quantification” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2020
  112. “Provable Defenses against Adversarial Examples via the Convex Outer Adversarial Polytope” In International Conference on Machine Learning PMLR, 2018
  113. “Fast and Complete: Enabling Complete Neural Network Verification with Rapid and Massively Parallel Incomplete Verifiers” In International Conference on Learning Representations, 2021
  114. Chulhee Yun, Shankar Krishnan and Hossein Mobahi “A Unifying View on Implicit Bias in Training Linear Neural Networks”, 2021
  115. “Neural Ensemble Search for Uncertainty Estimation and Dataset Shift” In Advances in Neural Information Processing Systems Curran Associates, Inc., 2021
  116. “Barlow Twins: Self-Supervised Learning via Redundancy Reduction” In Proceedings of the 38th International Conference on Machine Learning PMLR, 2021
  117. “Adversarial Attacks Beyond the Image Space” In 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2019 DOI: 10.1109/CVPR.2019.00443
  118. “Efficient Neural Network Robustness Certification with General Activation Functions” In Advances in Neural Information Processing Systems, 2018
  119. “Fairness in Decision-Making — The Causal Explanation Formula” In Proceedings of the AAAI Conference on Artificial Intelligence, 2018 DOI: 10.1609/aaai.v32i1.11564
  120. Xiaojin Zhu and Andrew B. Goldberg “Introduction to Semi-Supervised Learning” In Synthesis Lectures on Artificial Intelligence and Machine Learning Morgan & Claypool Publishers, 2009 DOI: 10.2200/S00196ED1V01Y200906AIM006
  121. Xiaojin (Jerry) Zhu “Semi-Supervised Learning Literature Survey”, 2005
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (1)
  1. Romeo Valentin (5 papers)
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets