DeepCert: Verification of Contextually Relevant Robustness for Neural Network Image Classifiers

DeepCert: Verification of Contextually Relevant Robustness for Neural Network Image Classifiers” by Colin Paterson, Haoze Wu, John Grese, Radu Calinescu, Corina S. P{\u{a}}s{\u{a}}reanu, and Clark Barrett. In Computer Safety, Reliability, and Security (SAFECOMP '21), (Ibrahim Habli, Mark Sujan, and Friedemann Bitsch, eds.), Sep. 2021, pp. 3-17.

Abstract

We introduce DeepCert, a tool-supported method for verifying the robustness of deep neural network (DNN) image classifiers to contextually relevant perturbations such as blur, haze, and changes in image contrast. While the robustness of DNN classifiers has been the subject of intense research in recent years, the solutions delivered by this research focus on verifying DNN robustness to small perturbations in the images being classified, with perturbation magnitude measured using established L_p norms. This is useful for identifying potential adversarial attacks on DNN image classifiers, but cannot verify DNN robustness to contextually relevant image perturbations, which are typically not small when expressed with L_p norms. DeepCert addresses this underexplored verification problem by supporting: (1) the encoding of real-world image perturbations; (2) the systematic evaluation of contextually relevant DNN robustness, using both testing and formal verification; (3) the generation of contextually relevant counterexamples; and, through these, (4) the selection of DNN image classifiers suitable for the operational context (i) envisaged when a potentially safety-critical system is designed, or (ii) observed by a deployed system. We demonstrate the effectiveness of DeepCert by showing how it can be used to verify the robustness of DNN image classifiers build for two benchmark datasets (`German Traffic Sign' and `CIFAR-10') to multiple contextually relevant perturbations.

BibTeX entry:

@inproceedings{PWG+21,
   author = {Colin Paterson and Haoze Wu and John Grese and Radu Calinescu
	and Corina S. P{\u{a}}s{\u{a}}reanu and Clark Barrett},
   editor = {Ibrahim Habli and Mark Sujan and Friedemann Bitsch},
   title = {DeepCert: Verification of Contextually Relevant Robustness for
	Neural Network Image Classifiers},
   booktitle = {Computer Safety, Reliability, and Security (SAFECOMP '21)},
   series = {Lecture Notes in Computer Science},
   volume = {12852},
   pages = {3--17},
   publisher = {Springer International Publishing},
   month = sep,
   year = {2021},
   doi = {10.1007/978-3-030-83903-1_5},
   url = {http://theory.stanford.edu/~barrett/pubs/PWG+21.pdf}
}

(This webpage was created with bibtex2web.)