8,119 research outputs found
Formal Verification of Input-Output Mappings of Tree Ensembles
Recent advances in machine learning and artificial intelligence are now being
considered in safety-critical autonomous systems where software defects may
cause severe harm to humans and the environment. Design organizations in these
domains are currently unable to provide convincing arguments that their systems
are safe to operate when machine learning algorithms are used to implement
their software.
In this paper, we present an efficient method to extract equivalence classes
from decision trees and tree ensembles, and to formally verify that their
input-output mappings comply with requirements. The idea is that, given that
safety requirements can be traced to desirable properties on system
input-output patterns, we can use positive verification outcomes in safety
arguments. This paper presents the implementation of the method in the tool
VoTE (Verifier of Tree Ensembles), and evaluates its scalability on two case
studies presented in current literature.
We demonstrate that our method is practical for tree ensembles trained on
low-dimensional data with up to 25 decision trees and tree depths of up to 20.
Our work also studies the limitations of the method with high-dimensional data
and preliminarily investigates the trade-off between large number of trees and
time taken for verification
On the Automated Synthesis of Enterprise Integration Patterns to Adapt Choreography-based Distributed Systems
The Future Internet is becoming a reality, providing a large-scale computing
environments where a virtually infinite number of available services can be
composed so to fit users' needs. Modern service-oriented applications will be
more and more often built by reusing and assembling distributed services. A key
enabler for this vision is then the ability to automatically compose and
dynamically coordinate software services. Service choreographies are an
emergent Service Engineering (SE) approach to compose together and coordinate
services in a distributed way. When mismatching third-party services are to be
composed, obtaining the distributed coordination and adaptation logic required
to suitably realize a choreography is a non-trivial and error prone task.
Automatic support is then needed. In this direction, this paper leverages
previous work on the automatic synthesis of choreography-based systems, and
describes our preliminary steps towards exploiting Enterprise Integration
Patterns to deal with a form of choreography adaptation.Comment: In Proceedings FOCLASA 2015, arXiv:1512.0694
Succinct progress measures for solving parity games
The recent breakthrough paper by Calude et al. has given the first algorithm
for solving parity games in quasi-polynomial time, where previously the best
algorithms were mildly subexponential. We devise an alternative
quasi-polynomial time algorithm based on progress measures, which allows us to
reduce the space required from quasi-polynomial to nearly linear. Our key
technical tools are a novel concept of ordered tree coding, and a succinct tree
coding result that we prove using bounded adaptive multi-counters, both of
which are interesting in their own right
Invariant Generation through Strategy Iteration in Succinctly Represented Control Flow Graphs
We consider the problem of computing numerical invariants of programs, for
instance bounds on the values of numerical program variables. More
specifically, we study the problem of performing static analysis by abstract
interpretation using template linear constraint domains. Such invariants can be
obtained by Kleene iterations that are, in order to guarantee termination,
accelerated by widening operators. In many cases, however, applying this form
of extrapolation leads to invariants that are weaker than the strongest
inductive invariant that can be expressed within the abstract domain in use.
Another well-known source of imprecision of traditional abstract interpretation
techniques stems from their use of join operators at merge nodes in the control
flow graph. The mentioned weaknesses may prevent these methods from proving
safety properties. The technique we develop in this article addresses both of
these issues: contrary to Kleene iterations accelerated by widening operators,
it is guaranteed to yield the strongest inductive invariant that can be
expressed within the template linear constraint domain in use. It also eschews
join operators by distinguishing all paths of loop-free code segments. Formally
speaking, our technique computes the least fixpoint within a given template
linear constraint domain of a transition relation that is succinctly expressed
as an existentially quantified linear real arithmetic formula. In contrast to
previously published techniques that rely on quantifier elimination, our
algorithm is proved to have optimal complexity: we prove that the decision
problem associated with our fixpoint problem is in the second level of the
polynomial-time hierarchy.Comment: 35 pages, conference version published at ESOP 2011, this version is
a CoRR version of our submission to Logical Methods in Computer Scienc
Robust Linear Temporal Logic
Although it is widely accepted that every system should be robust, in the
sense that "small" violations of environment assumptions should lead to "small"
violations of system guarantees, it is less clear how to make this intuitive
notion of robustness mathematically precise. In this paper, we address this
problem by developing a robust version of Linear Temporal Logic (LTL), which we
call robust LTL and denote by rLTL. Formulas in rLTL are syntactically
identical to LTL formulas but are endowed with a many-valued semantics that
encodes robustness. In particular, the semantics of the rLTL formula is such that a "small" violation of the environment
assumption is guaranteed to only produce a "small" violation of the
system guarantee . In addition to introducing rLTL, we study the
verification and synthesis problems for this logic: similarly to LTL, we show
that both problems are decidable, that the verification problem can be solved
in time exponential in the number of subformulas of the rLTL formula at hand,
and that the synthesis problem can be solved in doubly exponential time
Link Prediction by De-anonymization: How We Won the Kaggle Social Network Challenge
This paper describes the winning entry to the IJCNN 2011 Social Network
Challenge run by Kaggle.com. The goal of the contest was to promote research on
real-world link prediction, and the dataset was a graph obtained by crawling
the popular Flickr social photo sharing website, with user identities scrubbed.
By de-anonymizing much of the competition test set using our own Flickr crawl,
we were able to effectively game the competition. Our attack represents a new
application of de-anonymization to gaming machine learning contests, suggesting
changes in how future competitions should be run.
We introduce a new simulated annealing-based weighted graph matching
algorithm for the seeding step of de-anonymization. We also show how to combine
de-anonymization with link prediction---the latter is required to achieve good
performance on the portion of the test set not de-anonymized---for example by
training the predictor on the de-anonymized portion of the test set, and
combining probabilistic predictions from de-anonymization and link prediction.Comment: 11 pages, 13 figures; submitted to IJCNN'201
- …