Papers
Topics
Authors
Recent
Search
2000 character limit reached

Risk Verifier: Framework for Risk-Aware Verification

Updated 9 July 2026
  • Risk Verifier is a family of risk-aware verification frameworks that certify predictions and actions under uncertainty using explicit risk functionals like Value-at-Risk.
  • It employs ensemble quantile models with rolling calibration and real-time quality flags to conservatively adjust outputs in dynamic environments.
  • The framework extends to formal verification in safety-critical systems, LLM constraint checking, and smart contract analysis through sample-based and probabilistic methods.

Risk Verifier denotes a family of risk-aware verification frameworks that assess whether predictions, actions, policies, or designs remain acceptable under uncertainty, tail events, data degradation, or adversarial conditions. In its most explicit financial formulation, it is a reliability-aware daily ETF tail-risk monitoring service for next-day tail-risk surveillance, combining a calibrated 5% quantile ensemble, service-time quality checks, uncertainty scoring, and conservative risk adjustment (Zhong, 9 Apr 2026). Closely related uses of the term or its operational role appear in black-box safety verification via Value-at-Risk, certifiable risk-based engineering design, stochastic-system verification with neural-network controllers, selective LLM prediction, deterministic LLM constraint verification, noisy quantum reinforcement learning, and automated financial-security analysis of smart contracts (Akella et al., 2022, Chaudhuri et al., 2021, Cleaveland et al., 2022, Sedoc et al., 24 May 2026, Suresh et al., 5 Dec 2025, Gross, 1 Dec 2025, Wang et al., 2022).

1. Scope and recurring structure

In the cited literature, a Risk Verifier is not a single algorithm but a verification layer attached to a risk-bearing system. The verification target varies by domain: tomorrow’s ETF return tail, the robustness of a stochastic closed-loop system, the safety of self-modifying parameter updates, the factuality of generated claims, the probability that an LLM satisfies a semantic constraint, the satisfaction of PCTL properties by a noisy quantum policy, or the financial security of a smart contract (Zhong, 9 Apr 2026, Akella et al., 2022, Scrivens, 30 Mar 2026, Hassan et al., 21 Jun 2026, Suresh et al., 5 Dec 2025, Gross, 1 Dec 2025, Wang et al., 2022).

Setting Verified object Primary mechanism
Daily ETF monitoring next-day tail-risk surveillance quality checks, uncertainty scoring, conservative adjustment
Safety-critical black-box verification states and parameters that could potentially yield unsafe phenomena scenario-based VaR estimation
Long-form LLM generation claim-level factuality uncertainty estimation, adaptive language inference verification, candidate re-ranking
LLM constraint verification probability of constraint satisfaction deterministic lower and upper bounds
Noisy QRL safety properties under specific noise conditions probabilistic model checking

This suggests a recurring architecture: a risk functional, an evidence source observable at service time or by sampling, a diagnostic or uncertainty layer, and a verification rule that either certifies, adjusts conservatively, abstains, or escalates. The exact formalism changes, but the operational aim is similar: convert uncertain model outputs into risk statements that can be checked or bounded.

2. Reliability-aware ETF tail-risk verification

The ETF Risk Verifier is formulated as a lower-tail prediction problem for tomorrow’s return rt+1r_{t+1}, with target qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05). The predictive core is an ensemble of BB bootstrap gradient-boosting quantile models at level α=0.05\alpha=0.05, with raw ensemble mean

q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).

A rolling calibration window Ct\mathcal C_t of the past 63 trading days is used to remove small systematic biases through the residual-quantile shift

ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.

Each bootstrap model is trained by minimizing the tilted pinball loss

Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),

and no parametric return distribution is imposed on the machine-learning quantile model. Baselines are 252-day historical VaR, EWMA-normal VaR, and GJR-GARCH(1,1) with Student-t innovations (Zhong, 9 Apr 2026).

A distinctive feature of the service is its service-time quality layer. Five observable flags are computed each day: the fraction of missing critical fields {O,H,L,C,Vol,Ret}\{O,H,L,C,Vol,Ret\}, an invalid OHLC indicator, a jump score based on 1rt>0.151_{|r_t|>0.15} and a 60-day return qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)0-score, a 20-day volume qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)1-score, and a repeated close-price indicator. They are aggregated into

qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)2

The resulting input-quality states are green for qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)3, yellow for qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)4, and red for qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)5; any red-state day automatically triggers an orange/red alert downstream.

Uncertainty is scored from three components: model dispersion across the qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)6 bootstrap predictions, an out-of-distribution Mahalanobis distance in PCA space, and a recent drift term based on the empirical 5% breach rate over the last 60 evaluable days post-adjustment. The aggregate score is

qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)7

Conservative adjustment then combines the calibrated quantile, a 63-day historical fallback, and the quality and uncertainty scores: qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)8 with fallback intensity ratio

qt+1VaRt+1(α=0.05)q_{t+1}^{*}\equiv \mathrm{VaR}_{t+1}(\alpha=0.05)9

This construction makes the output more conservative when BB0 or BB1 is high.

Evaluation uses a rolling walk-forward protocol from 2023-01-03 to 2025-12-29, retraining the quantile ensemble every 63 trading days on a 756-day rolling window. Metrics include unconditional breach rate, pinball loss, the Kupiec LR test for coverage, stress reliability on high-VIX days, and robustness under synthetic input corruption. The principal empirical findings are summarized below.

Variant Overall breach rate High-VIX breach rate
Raw model VaR 5.80% BB2
Safe service VaR 4.35% BB3
GJR-GARCH-t VaR 5.31% 5.78%
Uncertainty-only fallback 4.47% 5.00%
Quality-only fallback 4.55% 5.33%

Pinball loss is reported as virtually unchanged for the safe service VaR relative to the raw model. Under synthetic corruption, the full service achieves 4.24% overall and 4.67% stress breach rates, versus 4.44% overall and 4.89% stress without the quality service layer. Across six ETFs, safe VaR breach rates are all BB4, more stable than per-asset GJR-GARCH, which reaches up to 7.60%. The service maintains 100% evaluable coverage, while macro inputs are missing on fewer than 11% of days.

3. Statistical and risk-measure foundations

The financial and control-oriented Risk Verifier literature is anchored in explicit risk functionals and sequential verification criteria. In the prequential formulation of internal risk-measure verification, a procedure produces a forecast BB5 at time BB6 and then observes the realized loss BB7; verification depends only on the realized sequence BB8, in the sense of Dawid’s weak and strong prequential principles (Davis, 2014). For VaR at level BB9, with exceedance indicator

α=0.05\alpha=0.050

calibration requires the long-run exceedance frequency to converge to the nominal level: α=0.05\alpha=0.051 The same work emphasizes that VaR has special properties not shared by any other risk measure, whereas CVaR has a main deficiency in the unquantifiable tail dependence of estimators and is not elicitable by itself.

A second foundation is scenario-based VaR estimation without apriori distributional knowledge. For a scalar random variable α=0.05\alpha=0.052,

α=0.05\alpha=0.053

and with α=0.05\alpha=0.054 i.i.d. samples the scenario estimator α=0.05\alpha=0.055 satisfies

α=0.05\alpha=0.056

This yields the explicit sample requirement

α=0.05\alpha=0.057

for confidence α=0.05\alpha=0.058, and it underlies a reformulation of black-box uncertain verification as a VaR problem for the robustness random variable (Akella et al., 2022).

Risk-aware verification is also expressed in the language of coherent risk measures. A coherent risk measure satisfies translation invariance, sub-additivity, monotonicity, and positive homogeneity, and the cited work develops sample-based upper bounds for α=0.05\alpha=0.059-entropic measures, including CVaR and EVaR, from i.i.d. trajectories when the distribution is unknown (Akella et al., 2022). In engineering design, certifiability is defined through two properties: data-informed conservativeness, which accounts for the magnitude of failure, and convexity preservation, which guarantees globally optimal convex programs when the underlying functions are convex (Chaudhuri et al., 2021). The principal risk measures are

q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).0

and

q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).1

These measures are contrasted with ordinary probability of failure, which counts exceedances but ignores how far the response extends past the threshold.

4. Formal and certifiable verification under uncertainty

Several Risk Verifier implementations replace empirical monitoring with formal or semidefinite certification. In distributionally robust neural-network verification, the input distribution is allowed to vary over the moment-based ambiguity set

q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).2

and safety is enforced through worst-case CVaR over this set. The resulting conditions remain SDP-checkable and preserve the computational structure of prior quadratic-constraint and semidefinite-programming methods (Kishida, 22 Sep 2025). The paper emphasizes that the risk level q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).3 trades conservatism for tolerance to tail events while covering ellipsoids, polytopes, and hyperplanes.

For stochastic systems with neural-network controllers, verification proceeds from sampled closed-loop trajectories and a trace-robustness score. If q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).4 denotes the robustness of a trajectory, the cost variable is q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).5, and the verifier estimates risk metrics such as q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).6, q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).7, and q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).8 with finite-sample bounds (Cleaveland et al., 2022). A further result upper-bounds perturbed-system risk by nominal-system risk plus a system-closeness term, with exact quantification for Lipschitz continuous and incrementally input-to-state stable systems and empirical estimation for more general systems.

QVerifier provides a formal verification method for trained quantum reinforcement-learning policies by building the induced DTMC

q^t+1raw=1Bb=1Bf(b)(Xt).\hat q_{t+1}^{\mathrm{raw}}=\frac{1}{B}\sum_{b=1}^B f^{(b)}(X_t).9

and then checking PCTL properties with the Storm model checker (Gross, 1 Dec 2025). The framework models bit-flip, phase-flip, depolarizing, and amplitude-damping noise directly through Kraus operators. The reported experiments show monotonic degradation under bit-flip and depolarizing noise, a slight improvement from phase-flip noise in Ski at moderate error rate, and a more pronounced “noise as regularizer” effect in which low levels of amplitude damping, Ct\mathcal C_t0, raise Ski goal reachability from 0.45 to approximately 0.57.

In smart-contract analysis, FASVERIF automatically generates both the multiset-rewriting model and the security properties to be verified, using a Tamarin+Z3 back end (Wang et al., 2022). The generated properties are invariant properties such as

Ct\mathcal C_t1

and equivalence properties comparing adversarial balances across traces with the same multiset of calls. On a vulnerability dataset of 549 contracts, it reports 100% accuracy and F1 of 1.00 on TOD-eth, TOD-token, gasless-send, and transferMint, 95.1% accuracy and 0.97 F1 on TD, 90.5% accuracy and 0.94 F1 on reentrancy, and 99.3% accuracy and 0.99 F1 on overflow/underflow.

5. Risk verification for LLMs and selective prediction

In long-form generation, FACTOR treats verification as claim-adaptive rather than uniform. It computes token-level entropy

Ct\mathcal C_t2

and a semantic-consistency score from two additional continuations, then combines them as

Ct\mathcal C_t3

Claims are routed into three uncertainty tiers with distinct NLI thresholds: low if Ct\mathcal C_t4 with Ct\mathcal C_t5, mid if Ct\mathcal C_t6 with Ct\mathcal C_t7, and high if Ct\mathcal C_t8 with Ct\mathcal C_t9; high-tier claims also require support from at least two distinct retrieved passages (Hassan et al., 21 Jun 2026). FACTOR samples ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.0 candidate outputs and re-ranks them by

ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.1

ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.2

On a 50-entity subset of FactScore biographies, FACTOR reports FactScore 42.3, hallucination rate 57.7%, average NLI entailment 41.1, and 41.9 average NLI calls, compared with 36.8, 63.2%, 38.2, and 194.0 for static verification.

Prover-Verifier Deliberation uses a structured interactive proof motif for selective prediction. A prover proposes an answer with atomic subclaims, a verifier returns ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.3, ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.4, or ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.5, and an accepted answer with no answer revision is labeled Accept + No Change (ANC) (Sedoc et al., 24 May 2026). ANC is treated as a binary classifier with

ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.6

On GPQA Diamond, five configurations achieve HC-Prec between 84% and 98% at HC-Cov between 43% and 77%, with Gap from +6.6 pp to +34.8 pp over the non-ANC complement, at 3–6 LLM calls per question. On Humanity’s Last Exam, the strongest pairing yields HC-Prec of 59.0% at HC-Cov of 52%, while weaker pairings can collapse or invert the ANC signal.

BEAVER addresses a different problem: deterministic, sound probability bounds for LLM constraint satisfaction under any prefix-closed semantic constraint. It constructs a token trie and frontier, maintaining

ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.7

for the exact satisfaction probability

ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.8

Under identical computational budgets, it achieves 6 to 8 times tighter probability bounds and identifies 3 to 4 times more high risk instances than rejection sampling on correctness, privacy, and secure-code tasks (Suresh et al., 5 Dec 2025). The formal role of the verifier here is not claim adjudication but exhaustive probability accounting over the generation space.

6. Limits, failure modes, and trade-offs

The Risk Verifier literature also states strong negative results. For self-improving systems, bounded cumulative risk and unbounded cumulative utility are formalized as the dual conditions

ct=Quantileα{rs+1q^s+1raw:sCt},q^t+1=q^t+1raw+ct.c_t=\mathrm{Quantile}_{\alpha}\{r_{s+1}-\hat q_{s+1}^{\mathrm{raw}}: s\in\mathcal C_t\}, \qquad \hat q_{t+1}=\hat q_{t+1}^{\mathrm{raw}}+c_t.9

Under overlapping safe and unsafe distributions, any classifier-based gate with a power-law risk schedule Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),0 and Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),1 satisfies

Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),2

which forces Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),3 (Scrivens, 30 Mar 2026). A second proof via the Neyman–Pearson counting method yields a 13% tighter bound without Hölder’s inequality. The same paper gives a finite-horizon ceiling

Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),4

and contrasts it with a verification escape: a Lipschitz-ball verifier can achieve Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),5 with Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),6. On GPT-2 with LoRA dimension Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),7, the reported empirical validation gives conditional Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),8 with Lα(u)={αu,u0, (α1)u,u<0,u=yf(X),L_{\alpha}(u)= \begin{cases} \alpha u,& u\ge 0,\ (\alpha-1)u,& u<0, \end{cases} \qquad u=y-f(X),9.

Agentic LLM studies identify a different limitation: the verifier tax. In tool-using agents on tau-bench, runtime safety mediation can intercept up to 94 percent of non-compliant actions, yet it rarely translates into strictly safe goal attainment, with safe success rate below 5 percent in most settings (Sah et al., 18 Mar 2026). Recovery rates after blocked actions range from 21 percent for GPT-OSS-20B in simpler procedural tasks to near zero in complex Retail scenarios, and unsafe success is largely driven by Integrity Leaks, in which models hallucinate user identifiers to bypass authentication. A related failure mode appears in selective prediction: if the verifier operates outside its effective region, the ANC signal can collapse or invert (Sedoc et al., 24 May 2026).

Financial verification papers emphasize that not every risk functional is equally verifiable from sequential data. VaR admits calibration through exceedance frequencies and independence tests, while CVaR’s main deficiency is the unquantifiable tail dependence of estimators, and no purely internal procedure can guarantee robust CVaR calibration (Davis, 2014). Other domain-specific systems also state explicit scope limits: QVerifier is restricted to discrete, finite state/action spaces and excludes non-Markovian noise, while FASVERIF remains slower than lightweight analyzers, at approximately 830 seconds per contract, and does not cover all language features or vulnerability classes (Gross, 1 Dec 2025, Wang et al., 2022).

Taken together, these works present the Risk Verifier as a verification layer that is strongest when it combines explicit risk semantics with either calibration, conservative fallback, or sound bounds. The literature therefore treats reliability not as a by-product of raw prediction accuracy, but as a property that must itself be monitored, certified, or bounded.

Topic to Video (Beta)

No one has generated a video about this topic yet.

Whiteboard

No one has generated a whiteboard explanation for this topic yet.

Follow Topic

Get notified by email when new papers are published related to Risk Verifier.