SlideShare ist ein Scribd-Unternehmen logo

Formal Methods Dependable Neural Networks

Chih-Hong Cheng
Chih-Hong Cheng

This document discusses how formal methods can help certify dependable neural networks and ensure safety. It summarizes three in-house projects at fortiss GmbH aimed at using formal methods: 1) nn-verifier, a tool that uses constraint programming to formally verify properties of neural networks, 2) Formal synthesis of runtime monitors from specifications to constrain neural network outputs, and 3) Research towards understanding neural networks through formal verification and certification approaches analogous to standards like DO-178C. The goal is applying formal methods to analyze neural networks and guarantee properties like safety.

Technologie
1 von 21
fortiss GmbH An- Formal Methods for Dependable Neural Networks Towards Certifying Dependable Neural Networks and the role of Formal Methods ACM Chapters Computer Science in Cars Symposium (CSCS 2017), Munich Chih-Hong Cheng, Georg Content of this work is based on a project contributed also by other researchers within fortiss: Federik Diehl, Gereon Hinz, Michale Troung Le, Markus Rickert, Harald Ruess
Landesinstitut des Freistaats Bayern 2 • Non-profit academic research institute • Associated with TU Munich fortiss - An-Institut Technische
Data-driven engineering Classical approach from specification to implementation • Costly to execute process-based certification (ISO 26262, DO-178C, IEC 61508) fortiss GmbH3 Artificial Neural Network (ANN) approach learning from data • Fast to develop (quick win) • • Implementation behaves like a black box • No certification method exists to deal with ANN Shall we just completely drop off existing assurance approaches (ISO-26262) and embrace the new era? ISO-26262 DO-178C Requirement-to-code traceability Architecture deign Testing and verification
Maybe not! Dependable neural networks are crucial for safe and secure autonomous and decision systems 4
Towards dependable ANN from a certification perspective • Goal of process-based certification as in DO-178C, ISO 26262, IEC 61508: – Specification • Assume that specification is correct, or • Provide evidence that specification is correct – Provide evidence that implementation realizes specification • Via providing understandability guarantees (e.g., code block X realizes specification Y) • Via testing and coverage criteria, or static analysis (e.g., DO-333) 5 Deep / Convolutional / Recurrent Neural Network for control policy decision
Towards dependable Neural Networks From a certification perspective, we need to have • Understandability: associate each substructure of an ANN with a partial specification/functionality – E.g., research works regarding deconvolution or heat-maps are approaches towards this direction • Correctness: provide (best effort) correctness claims over partial classical specification (e.g., road safety, traffic rules) • Accountability: the infrastructure allows to, whenever an undesired behavior occurs in run-time, to backtrack and understand if – modern specification is correct and complete – implementation realizes modern specification (due to limitation of best effort approaches)6
Can formal methods help? fortiss GmbH7 might bring benefit [1] [1] http://spectrum.ieee.org/cars-that-think/transportation/self- driving/toyota-gill-pratt-on-the-reality-of-full-autonomy https://www.mathworks.com/products/sldesignverifier.html https://shemesh.larc.nasa.gov/people/bld/ftp/NASA-CR- 2014-218244.pdf http://fbinfer.com/ http://www.astree.ens.fr/ Success stories!
Formal methods for dependable neural networks fortiss in-house projects Dependable Neural Network Understandability AccountabilityCorrectness 8
Formal methods for dependable neural networks In-house projects Dependable Neural Network Understandability AccountabilityCorrectness 9 nn-verifier: formal verification of neural networks
Formal verification via constraint programming • Neural networks with piece-wise linear activation functions can be modeled as mixed-integer- linear constraints. • By presenting the property of the network to be constraints or objectives, we reduce the verification problem to a MILP problem. – By solving the optimization problem we compute the robustness or prove a property of the neural network. Examples of using this technique? 10
Example 1 Resilience bound for neural networks 11 Neural Network Neural Network good can your neural network resist sensor A formal, computable, and comparable measure can act as an indicator or as a differentiator
Defining Resilience • We define a resilience metric that can be computed precisely – F maximal allowed perturbation • we go beyond a single image and noise • Equivalently, we ask what is the minimal perturbation to lead to bad behavior • The tricky part is about the output layer – into MILP – softmax: a function that involves the computation of exponentials e^{x} fortiss GmbH12 Preprint available at https://arxiv.org/abs/1705.01040 95 % : 3 5 % : 8 21 % : 2 21 % : 3 57 % : 8 image Mininumly perturbed image Neural Network description formal reasoning engine (nn-verifier) outputs input
Example 2 Safety of highway motion predictor Properties under consideration: • [Problematic decision] Is it possible for the controller to suggest go left, while there is already car in the left? • [Strange speed range] Is it possible, for all cars to be between 100~110 km/h, that the controller suggests to run 200 km/h? • [Effect of output difference] By introducing sensor imprecision, what can be the maximal speed difference suggested by the neural network? 13 Highway motion predictior, being trained under the NGSim dataset SlideShare users: Move to the next page for accessing the Youtube Video! https://www.youtube.com/watch?v=C_Z2s-fauKY
Demonstration nn-verifier (research prototype from fortiss) 14 The verification technique is implemented in a tool called nn-verifier, using IBM CPLEX as its underlying MILP solver. SlideShare users: Move to the next page for accessing the Youtube Video! http://www.youtube.com/watch?v=BK825-_ScCU
Formal methods for dependable neural networks In-house projects Dependable Neural Network Understandability AccountabilityCorrectness 15 Formal synthesis for pervasive controllers for run-time monitoring/enforcement
Overlaying a neural network by a monitor / regulator You may not always want to trust neural network • This design of monitor/regulator is fine to take partial specifications, such as safety rules – It constrains some output values created by the neural network fortiss GmbH16 Controller being trained using neural network Sensor input Prohibit some actions Actuation Controller (synthesized) from formal, classical specification Allowed: {speed-up, go-right} speed-up: 0% go-right: 45% go-left: 47% go-right The action with 2nd largest prob is selected!e
Run-time monitors / enforcement • Create components from formal specifications – Runtime monitoring units • For examining if current output is has high confidence • For examining if current output is consistent with actions regulated by the partial specification – Runtime enforcement units • Perform corrective actions • We want to use formal specification, formal synthesis, and model checking to guarantee highest safety requirement such as SIL-4 or ASIL-D 17
Synthesizing monitors = finding maximal pervasive controller • The basic concept is about maximum pervasive controller in a safety game • It is more complicated when numeric is involved, i.e., to have specification that goes beyond Boolean variables risk attractors (states which eventually leads to risk) Risk C8 C2 b a c a c Maximum pervasive controller
Demonstration Formal synthesis of pervasive controllers (research prototype from fortiss) 19 SlideShare users: Please YouTube video to see the explanation! http://www.youtube.com/watch?v=p26rfsl-ohk The gamified simulator is modified from the highway overtaking simulator from the MIT 6.S094 course http://selfdrivingcars.mit.edu/deeptrafficjs/
Outlook • Formal methods can help introducing neural networks in critical environments – From formal verification to run-time verification/enforcement • Further research directions – A certification roadmap, as well as formal method complements • Analogous to DO-178C (safety for civil avionics) and DO-333 (formal method complement) – Understandablity of neural networks by formal methods – Scalability of verification by combining approaches (e.g., by taking knowledge of de-convolution) – 20
Dr. Chih-Hong Cheng, Georg fortiss GmbH An- tel +49 89 3603522 11 fax +49 89 3603522 50 info@fortiss.org www.fortiss.org 21

Empfohlen

On the verification of configurable nocs in simulation and hardware emulation...
On the verification of configurable nocs in simulation and hardware emulation...On the verification of configurable nocs in simulation and hardware emulation...
On the verification of configurable nocs in simulation and hardware emulation...Sameh El-Ashry
 
Model based design-Hardware in loop-software in loop
Model based design-Hardware in loop-software in loopModel based design-Hardware in loop-software in loop
Model based design-Hardware in loop-software in loopMahmoud Hussein
 
A reusable verification environment for NoC platforms using UVM
A reusable verification environment for NoC platforms using UVMA reusable verification environment for NoC platforms using UVM
A reusable verification environment for NoC platforms using UVMSameh El-Ashry
 
What is HIL (HardWare In The Loop)
What is HIL (HardWare In The Loop)What is HIL (HardWare In The Loop)
What is HIL (HardWare In The Loop)Tbrad
 
Hardware in Loop System Design
Hardware in Loop System DesignHardware in Loop System Design
Hardware in Loop System Designparulo123
 
On Error Injection for NoC Platforms: A UVM-based Practical Case Study
On Error Injection for NoC Platforms: A UVM-based Practical Case StudyOn Error Injection for NoC Platforms: A UVM-based Practical Case Study
On Error Injection for NoC Platforms: A UVM-based Practical Case StudySameh El-Ashry
 
Patching the gap in collaborating on models
Patching the gap in collaborating on modelsPatching the gap in collaborating on models
Patching the gap in collaborating on modelsÁbel Hegedüs
 
Case study of DCS upgrade how to reduce stress during execution
Case study of DCS upgrade how to reduce stress during executionCase study of DCS upgrade how to reduce stress during execution
Case study of DCS upgrade how to reduce stress during executioniFluidsEng
 

Empfohlen

On the verification of configurable nocs in simulation and hardware emulation...
On the verification of configurable nocs in simulation and hardware emulation...On the verification of configurable nocs in simulation and hardware emulation...
On the verification of configurable nocs in simulation and hardware emulation...Sameh El-Ashry
 
Model based design-Hardware in loop-software in loop
Model based design-Hardware in loop-software in loopModel based design-Hardware in loop-software in loop
Model based design-Hardware in loop-software in loopMahmoud Hussein
 
A reusable verification environment for NoC platforms using UVM
A reusable verification environment for NoC platforms using UVMA reusable verification environment for NoC platforms using UVM
A reusable verification environment for NoC platforms using UVMSameh El-Ashry
 
What is HIL (HardWare In The Loop)
What is HIL (HardWare In The Loop)What is HIL (HardWare In The Loop)
What is HIL (HardWare In The Loop)Tbrad
 
Hardware in Loop System Design
Hardware in Loop System DesignHardware in Loop System Design
Hardware in Loop System Designparulo123
 
On Error Injection for NoC Platforms: A UVM-based Practical Case Study
On Error Injection for NoC Platforms: A UVM-based Practical Case StudyOn Error Injection for NoC Platforms: A UVM-based Practical Case Study
On Error Injection for NoC Platforms: A UVM-based Practical Case StudySameh El-Ashry
 
Patching the gap in collaborating on models
Patching the gap in collaborating on modelsPatching the gap in collaborating on models
Patching the gap in collaborating on modelsÁbel Hegedüs
 
Case study of DCS upgrade how to reduce stress during execution
Case study of DCS upgrade how to reduce stress during executionCase study of DCS upgrade how to reduce stress during execution
Case study of DCS upgrade how to reduce stress during executioniFluidsEng
 
Case study of dcs upgrade how to reduce stress during execution
Case study of dcs upgrade how to reduce stress during executionCase study of dcs upgrade how to reduce stress during execution
Case study of dcs upgrade how to reduce stress during executionJohn Kingsley
 
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...Obeo
 
Asset Utilization Metrics Propel a Revival in Safety Solutions
Asset Utilization Metrics Propel a Revival in Safety SolutionsAsset Utilization Metrics Propel a Revival in Safety Solutions
Asset Utilization Metrics Propel a Revival in Safety SolutionsARC Advisory Group
 
It‘s Math That Drives Things – Simulink as Simulation and Modeling Environment
It‘s Math That Drives Things – Simulink as Simulation and Modeling EnvironmentIt‘s Math That Drives Things – Simulink as Simulation and Modeling Environment
It‘s Math That Drives Things – Simulink as Simulation and Modeling EnvironmentJoachim Schlosser
 
Automatized testing hil system for agile product-design environment
Automatized testing hil system for agile product-design environmentAutomatized testing hil system for agile product-design environment
Automatized testing hil system for agile product-design environmentTritem
 
Model-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptModel-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptRajuRaju183149
 
wp-01070-hardware-software-coverification-fpga
wp-01070-hardware-software-coverification-fpgawp-01070-hardware-software-coverification-fpga
wp-01070-hardware-software-coverification-fpgaGautam Kavipurapu
 
Innovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded AlgorithmsInnovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded AlgorithmsJoachim Schlosser
 
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentation
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentationHiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentation
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentationVEDLIoT Project
 
5 Thomas Magedanz
5 Thomas Magedanz5 Thomas Magedanz
5 Thomas MagedanzFire Conference 2010
 
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...Daniel Fernando Pigatto
 
SourceWarp AST 2023.pdf
SourceWarp AST 2023.pdfSourceWarp AST 2023.pdf
SourceWarp AST 2023.pdfJulian Thome
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryAshley Zupkus
 
Profile tulasi v1.1
Profile tulasi v1.1Profile tulasi v1.1
Profile tulasi v1.1Sivanesan Tulasidas
 
Face detection on_embedded_systems
Face detection on_embedded_systemsFace detection on_embedded_systems
Face detection on_embedded_systemsr_sadoun
 
Industrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologiesIndustrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologiesStephane Potier
 
Time is ready for the Civil Infrastructure Platform
Time is ready for the Civil Infrastructure PlatformTime is ready for the Civil Infrastructure Platform
Time is ready for the Civil Infrastructure PlatformYoshitake Kobayashi
 
Real-Time Engineering Simulators
Real-Time Engineering SimulatorsReal-Time Engineering Simulators
Real-Time Engineering SimulatorsGSE Systems, Inc.
 
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...Formal Verification Of An Intellectual Property In a Field Programmable Gate ...
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...IRJET Journal
 
DO-254 for dummies 7
DO-254 for dummies 7DO-254 for dummies 7
DO-254 for dummies 7DMAP
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Weitere ähnliche Inhalte

Ähnlich wie Formal Methods Dependable Neural Networks

Case study of dcs upgrade how to reduce stress during execution
Case study of dcs upgrade how to reduce stress during executionCase study of dcs upgrade how to reduce stress during execution
Case study of dcs upgrade how to reduce stress during executionJohn Kingsley
 
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...Obeo
 
Asset Utilization Metrics Propel a Revival in Safety Solutions
Asset Utilization Metrics Propel a Revival in Safety SolutionsAsset Utilization Metrics Propel a Revival in Safety Solutions
Asset Utilization Metrics Propel a Revival in Safety SolutionsARC Advisory Group
 
It‘s Math That Drives Things – Simulink as Simulation and Modeling Environment
It‘s Math That Drives Things – Simulink as Simulation and Modeling EnvironmentIt‘s Math That Drives Things – Simulink as Simulation and Modeling Environment
It‘s Math That Drives Things – Simulink as Simulation and Modeling EnvironmentJoachim Schlosser
 
Automatized testing hil system for agile product-design environment
Automatized testing hil system for agile product-design environmentAutomatized testing hil system for agile product-design environment
Automatized testing hil system for agile product-design environmentTritem
 
Model-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptModel-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptRajuRaju183149
 
wp-01070-hardware-software-coverification-fpga
wp-01070-hardware-software-coverification-fpgawp-01070-hardware-software-coverification-fpga
wp-01070-hardware-software-coverification-fpgaGautam Kavipurapu
 
Innovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded AlgorithmsInnovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded AlgorithmsJoachim Schlosser
 
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentation
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentationHiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentation
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentationVEDLIoT Project
 
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...Daniel Fernando Pigatto
 
SourceWarp AST 2023.pdf
SourceWarp AST 2023.pdfSourceWarp AST 2023.pdf
SourceWarp AST 2023.pdfJulian Thome
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryAshley Zupkus
 
Face detection on_embedded_systems
Face detection on_embedded_systemsFace detection on_embedded_systems
Face detection on_embedded_systemsr_sadoun
 
Industrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologiesIndustrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologiesStephane Potier
 
Time is ready for the Civil Infrastructure Platform
Time is ready for the Civil Infrastructure PlatformTime is ready for the Civil Infrastructure Platform
Time is ready for the Civil Infrastructure PlatformYoshitake Kobayashi
 
Real-Time Engineering Simulators
Real-Time Engineering SimulatorsReal-Time Engineering Simulators
Real-Time Engineering SimulatorsGSE Systems, Inc.
 
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...Formal Verification Of An Intellectual Property In a Field Programmable Gate ...
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...IRJET Journal
 
DO-254 for dummies 7
DO-254 for dummies 7DO-254 for dummies 7
DO-254 for dummies 7DMAP
 

Ähnlich wie Formal Methods Dependable Neural Networks (20)

Case study of dcs upgrade how to reduce stress during execution
Case study of dcs upgrade how to reduce stress during executionCase study of dcs upgrade how to reduce stress during execution
Case study of dcs upgrade how to reduce stress during execution
 
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...
[SiriusCon 2020] Realization of Model-Based Safety Analysis and Integration w...
 
Asset Utilization Metrics Propel a Revival in Safety Solutions
Asset Utilization Metrics Propel a Revival in Safety SolutionsAsset Utilization Metrics Propel a Revival in Safety Solutions
Asset Utilization Metrics Propel a Revival in Safety Solutions
 
It‘s Math That Drives Things – Simulink as Simulation and Modeling Environment
It‘s Math That Drives Things – Simulink as Simulation and Modeling EnvironmentIt‘s Math That Drives Things – Simulink as Simulation and Modeling Environment
It‘s Math That Drives Things – Simulink as Simulation and Modeling Environment
 
Automatized testing hil system for agile product-design environment
Automatized testing hil system for agile product-design environmentAutomatized testing hil system for agile product-design environment
Automatized testing hil system for agile product-design environment
 
Model-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptModel-Based Design & Analysis.ppt
Model-Based Design & Analysis.ppt
 
wp-01070-hardware-software-coverification-fpga
wp-01070-hardware-software-coverification-fpgawp-01070-hardware-software-coverification-fpga
wp-01070-hardware-software-coverification-fpga
 
Innovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded AlgorithmsInnovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded Algorithms
 
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentation
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentationHiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentation
HiPEAC2023-DL4IoT Workshop_Jean Hagemeyer presentation
 
5 Thomas Magedanz
5 Thomas Magedanz5 Thomas Magedanz
5 Thomas Magedanz
 
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...
Defesa de Doutorado: HAMSTER - healthy, mobility and security-based data comm...
 
SourceWarp AST 2023.pdf
SourceWarp AST 2023.pdfSourceWarp AST 2023.pdf
SourceWarp AST 2023.pdf
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
 
Profile tulasi v1.1
Profile tulasi v1.1Profile tulasi v1.1
Profile tulasi v1.1
 
Face detection on_embedded_systems
Face detection on_embedded_systemsFace detection on_embedded_systems
Face detection on_embedded_systems
 
Industrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologiesIndustrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologies
 
Time is ready for the Civil Infrastructure Platform
Time is ready for the Civil Infrastructure PlatformTime is ready for the Civil Infrastructure Platform
Time is ready for the Civil Infrastructure Platform
 
Real-Time Engineering Simulators
Real-Time Engineering SimulatorsReal-Time Engineering Simulators
Real-Time Engineering Simulators
 
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...Formal Verification Of An Intellectual Property In a Field Programmable Gate ...
Formal Verification Of An Intellectual Property In a Field Programmable Gate ...
 
DO-254 for dummies 7
DO-254 for dummies 7DO-254 for dummies 7
DO-254 for dummies 7
 

Kürzlich hochgeladen

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Kürzlich hochgeladen (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Formal Methods Dependable Neural Networks

  • 1. fortiss GmbH An- Formal Methods for Dependable Neural Networks Towards Certifying Dependable Neural Networks and the role of Formal Methods ACM Chapters Computer Science in Cars Symposium (CSCS 2017), Munich Chih-Hong Cheng, Georg Content of this work is based on a project contributed also by other researchers within fortiss: Federik Diehl, Gereon Hinz, Michale Troung Le, Markus Rickert, Harald Ruess
  • 2. Landesinstitut des Freistaats Bayern 2 • Non-profit academic research institute • Associated with TU Munich fortiss - An-Institut Technische
  • 3. Data-driven engineering Classical approach from specification to implementation • Costly to execute process-based certification (ISO 26262, DO-178C, IEC 61508) fortiss GmbH3 Artificial Neural Network (ANN) approach learning from data • Fast to develop (quick win) • • Implementation behaves like a black box • No certification method exists to deal with ANN Shall we just completely drop off existing assurance approaches (ISO-26262) and embrace the new era? ISO-26262 DO-178C Requirement-to-code traceability Architecture deign Testing and verification
  • 4. Maybe not! Dependable neural networks are crucial for safe and secure autonomous and decision systems 4
  • 5. Towards dependable ANN from a certification perspective • Goal of process-based certification as in DO-178C, ISO 26262, IEC 61508: – Specification • Assume that specification is correct, or • Provide evidence that specification is correct – Provide evidence that implementation realizes specification • Via providing understandability guarantees (e.g., code block X realizes specification Y) • Via testing and coverage criteria, or static analysis (e.g., DO-333) 5 Deep / Convolutional / Recurrent Neural Network for control policy decision
  • 6. Towards dependable Neural Networks From a certification perspective, we need to have • Understandability: associate each substructure of an ANN with a partial specification/functionality – E.g., research works regarding deconvolution or heat-maps are approaches towards this direction • Correctness: provide (best effort) correctness claims over partial classical specification (e.g., road safety, traffic rules) • Accountability: the infrastructure allows to, whenever an undesired behavior occurs in run-time, to backtrack and understand if – modern specification is correct and complete – implementation realizes modern specification (due to limitation of best effort approaches)6
  • 7. Can formal methods help? fortiss GmbH7 might bring benefit [1] [1] http://spectrum.ieee.org/cars-that-think/transportation/self- driving/toyota-gill-pratt-on-the-reality-of-full-autonomy https://www.mathworks.com/products/sldesignverifier.html https://shemesh.larc.nasa.gov/people/bld/ftp/NASA-CR- 2014-218244.pdf http://fbinfer.com/ http://www.astree.ens.fr/ Success stories!
  • 8. Formal methods for dependable neural networks fortiss in-house projects Dependable Neural Network Understandability AccountabilityCorrectness 8
  • 9. Formal methods for dependable neural networks In-house projects Dependable Neural Network Understandability AccountabilityCorrectness 9 nn-verifier: formal verification of neural networks
  • 10. Formal verification via constraint programming • Neural networks with piece-wise linear activation functions can be modeled as mixed-integer- linear constraints. • By presenting the property of the network to be constraints or objectives, we reduce the verification problem to a MILP problem. – By solving the optimization problem we compute the robustness or prove a property of the neural network. Examples of using this technique? 10
  • 11. Example 1 Resilience bound for neural networks 11 Neural Network Neural Network good can your neural network resist sensor A formal, computable, and comparable measure can act as an indicator or as a differentiator
  • 12. Defining Resilience • We define a resilience metric that can be computed precisely – F maximal allowed perturbation • we go beyond a single image and noise • Equivalently, we ask what is the minimal perturbation to lead to bad behavior • The tricky part is about the output layer – into MILP – softmax: a function that involves the computation of exponentials e^{x} fortiss GmbH12 Preprint available at https://arxiv.org/abs/1705.01040 95 % : 3 5 % : 8 21 % : 2 21 % : 3 57 % : 8 image Mininumly perturbed image Neural Network description formal reasoning engine (nn-verifier) outputs input
  • 13. Example 2 Safety of highway motion predictor Properties under consideration: • [Problematic decision] Is it possible for the controller to suggest go left, while there is already car in the left? • [Strange speed range] Is it possible, for all cars to be between 100~110 km/h, that the controller suggests to run 200 km/h? • [Effect of output difference] By introducing sensor imprecision, what can be the maximal speed difference suggested by the neural network? 13 Highway motion predictior, being trained under the NGSim dataset SlideShare users: Move to the next page for accessing the Youtube Video! https://www.youtube.com/watch?v=C_Z2s-fauKY
  • 14. Demonstration nn-verifier (research prototype from fortiss) 14 The verification technique is implemented in a tool called nn-verifier, using IBM CPLEX as its underlying MILP solver. SlideShare users: Move to the next page for accessing the Youtube Video! http://www.youtube.com/watch?v=BK825-_ScCU
  • 15. Formal methods for dependable neural networks In-house projects Dependable Neural Network Understandability AccountabilityCorrectness 15 Formal synthesis for pervasive controllers for run-time monitoring/enforcement
  • 16. Overlaying a neural network by a monitor / regulator You may not always want to trust neural network • This design of monitor/regulator is fine to take partial specifications, such as safety rules – It constrains some output values created by the neural network fortiss GmbH16 Controller being trained using neural network Sensor input Prohibit some actions Actuation Controller (synthesized) from formal, classical specification Allowed: {speed-up, go-right} speed-up: 0% go-right: 45% go-left: 47% go-right The action with 2nd largest prob is selected!e
  • 17. Run-time monitors / enforcement • Create components from formal specifications – Runtime monitoring units • For examining if current output is has high confidence • For examining if current output is consistent with actions regulated by the partial specification – Runtime enforcement units • Perform corrective actions • We want to use formal specification, formal synthesis, and model checking to guarantee highest safety requirement such as SIL-4 or ASIL-D 17
  • 18. Synthesizing monitors = finding maximal pervasive controller • The basic concept is about maximum pervasive controller in a safety game • It is more complicated when numeric is involved, i.e., to have specification that goes beyond Boolean variables risk attractors (states which eventually leads to risk) Risk C8 C2 b a c a c Maximum pervasive controller
  • 19. Demonstration Formal synthesis of pervasive controllers (research prototype from fortiss) 19 SlideShare users: Please YouTube video to see the explanation! http://www.youtube.com/watch?v=p26rfsl-ohk The gamified simulator is modified from the highway overtaking simulator from the MIT 6.S094 course http://selfdrivingcars.mit.edu/deeptrafficjs/
  • 20. Outlook • Formal methods can help introducing neural networks in critical environments – From formal verification to run-time verification/enforcement • Further research directions – A certification roadmap, as well as formal method complements • Analogous to DO-178C (safety for civil avionics) and DO-333 (formal method complement) – Understandablity of neural networks by formal methods – Scalability of verification by combining approaches (e.g., by taking knowledge of de-convolution) – 20
  • 21. Dr. Chih-Hong Cheng, Georg fortiss GmbH An- tel +49 89 3603522 11 fax +49 89 3603522 50 info@fortiss.org www.fortiss.org 21