With the increasing integration of neural networks as components in mission-critical systems, there is an increasing need to ensure that they satisfy various safety and liveness requirements. In recent years, numerous sound and complete verification methods have been proposed towards that end, but these typically suffer from severe scalability limitations. Recent work has proposed enhancing such verification techniques with abstraction-refinement capabilities, which have been shown to boost scalability: instead of verifying a large and complex network, the verifier constructs and then verifies a much smaller network, whose correctness implies the correctness of the original network. A shortcoming of such a scheme is that if verifying the smaller network fails, the verifier needs to perform a refinement step that increases the size of the network being verified, and then start verifying the new network from scratch - effectively "wasting" its earlier work on verifying the smaller network. In this paper, we present an enhancement to abstraction-based verification of neural networks, by using residual reasoning: the process of utilizing information acquired when verifying an abstract network, in order to expedite the verification of a refined network. In essence, the method allows the verifier to store information about parts of the search space in which the refined network is guaranteed to behave correctly, and allows it to focus on areas where bugs might be discovered. We implemented our approach as an extension to the Marabou verifier, and obtained promising results.
翻译:随着神经网络作为飞行任务关键系统组成部分的一体化程度不断提高,越来越需要确保它们满足各种安全和生命要求;近年来,为此目的提出了许多健全和完整的核查方法,但这些方法通常都有严重的可缩放性限制;最近的工作提议用抽象精炼能力加强这种核查技术,这些能力已证明可以提高可缩放性:核查者不核查一个庞大和复杂的网络,而是建造一个小得多的网络,然后核查者核查这个网络,其正确性意味着原始网络的正确性;这种机制的缺点是,如果核查小网络失败,核查者就需要采取改进步骤,增加所核查的网络的规模,然后开始从零开始核查新的网络——实际上“停止”其早先关于核查小网络的工作。在本文件中,我们提出加强基于抽象的神经网络核查,采用残余推理:利用在核查抽象网络时获得的信息,以加快网络的准确性;从本质上说,这一方法使核查者能够将信息储存在所发现的网络中进行改进的部分,从而保证在空间搜索时能够正确地进行空间搜索。
相关内容
微信扫码咨询专知VIP会员