TY - GEN
T1 - Neural Network Verification with Proof Production
AU - Isac, Omri
AU - Barrett, Clark
AU - Zhang, Min
AU - Katz, Guy
N1 - Publisher Copyright:
© 2022 FMCAD Association and authors.
PY - 2022
Y1 - 2022
N2 - Deep neural networks (DNNs) are increasingly being employed in safety-critical systems, and there is an urgent need to guarantee their correctness. Consequently, the verification community has devised multiple techniques and tools for verifying DNNs. When DNN verifiers discover an input that triggers an error, that is easy to confirm; but when they report that no error exists, there is no way to ensure that the verification tool itself is not flawed. As multiple errors have already been observed in DNN verification tools, this calls the applicability of DNN verification into question. In this work, we present a novel mechanism for enhancing Simplex-based DNN verifiers with proof production capabilities: the generation of an easy-to-check witness of unsatisfiability, which attests to the absence of errors. Our proof production is based on an efficient adaptation of the well-known Farkas' lemma, combined with mechanisms for handling piecewise-linear functions and numerical precision errors. As a proof of concept, we implemented our technique on top of the Marabou DNN verifier. Our evaluation on a safety-critical system for airborne collision avoidance shows that proof production succeeds in almost all cases and requires only minimal overhead.
AB - Deep neural networks (DNNs) are increasingly being employed in safety-critical systems, and there is an urgent need to guarantee their correctness. Consequently, the verification community has devised multiple techniques and tools for verifying DNNs. When DNN verifiers discover an input that triggers an error, that is easy to confirm; but when they report that no error exists, there is no way to ensure that the verification tool itself is not flawed. As multiple errors have already been observed in DNN verification tools, this calls the applicability of DNN verification into question. In this work, we present a novel mechanism for enhancing Simplex-based DNN verifiers with proof production capabilities: the generation of an easy-to-check witness of unsatisfiability, which attests to the absence of errors. Our proof production is based on an efficient adaptation of the well-known Farkas' lemma, combined with mechanisms for handling piecewise-linear functions and numerical precision errors. As a proof of concept, we implemented our technique on top of the Marabou DNN verifier. Our evaluation on a safety-critical system for airborne collision avoidance shows that proof production succeeds in almost all cases and requires only minimal overhead.
UR - https://www.scopus.com/pages/publications/85135807284
U2 - 10.34727/2022/isbn.978-3-85448-053-2-9
DO - 10.34727/2022/isbn.978-3-85448-053-2-9
M3 - 会议稿件
AN - SCOPUS:85135807284
T3 - Proceedings of the 22nd Conference on Formal Methods in Computer-Aided Design, FMCAD 2022
SP - 38
EP - 48
BT - Proceedings of the 22nd Conference on Formal Methods in Computer-Aided Design, FMCAD 2022
A2 - Griggio, Alberto
A2 - Rungta, Neha
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 22nd International Conference on Formal Methods in Computer-Aided Design, FMCAD 2022
Y2 - 17 October 2022 through 21 October 2022
ER -