Conformal Prediction with Large Language Models for Multi-Choice Question Answering

As large language models continue to be widely developed, robust uncertainty quantification techniques will become crucial for their safe deployment in high-stakes scenarios. In this work, we explore how conformal prediction can be used to provide uncertainty quantification in language models for the specific task of multiple-choice question-answering. We find that the uncertainty estimates from conformal prediction are tightly correlated with prediction accuracy. This observation can be useful for downstream applications such as selective classification and filtering out low-quality predictions. We also investigate the exchangeability assumption required by conformal prediction to out-of-subject questions, which may be a more realistic scenario for many practical applications. Our work contributes towards more trustworthy and reliable usage of large language models in safety-critical situations, where robust guarantees of error rate are required.Comment: 10 page

Automatic Optimizations for Stream-based Monitoring Languages

Runtime monitors that are specified in a stream-based monitoring language tend to be easier to understand, maintain, and reuse than those written in a standard programming language. Because of their formal semantics, such specification languages are also a natural choice for safety-critical applications. Unlike for standard programming languages, there is, however, so far very little support for automatic code optimization. In this paper, we present the first collection of code transformations for the stream-based monitoring language RTLola. We show that classic compiler optimizations, such as Sparse Conditional Constant Propagation and Common Subexpression Elimination, can be adapted to monitoring specifications. We also develop new transformations -- Pacing Type Refinement and Filter Refinement -- which exploit the specific modular structure of RTLola as well as the implementation freedom afforded by a declarative specification language. We demonstrate the significant impact of the code transformations on benchmarks from the monitoring of unmanned aircraft systems (UAS).Comment: 20th International Conference on Runtime Verification (2020

CESEC Chair – Training Embedded System Architects for the Critical Systems Domain

Increasing complexity and interactions across scientific and tech- nological domains in the engineering of critical systems calls for new pedagogical approach. In this paper, we introduce the CESEC teaching chair. This chair aims at supporting new integrative ap- proach for the initial training of engineer and master curriculum to three engineering school in Toulouse: ISAE, INSA Toulouse and INP ENSEEIHT. It is supported by the EADS Corporate Foundation. In this paper, we highlight the rationale for this chair: need for sys- tem architect with strong foundations on technical domains appli- cable to the aerospace industry. We then introduce the ideal profile for this architect and the various pedagogical approaches imple- mented to reach this objective

Formalization and Validation of Safety-Critical Requirements

The validation of requirements is a fundamental step in the development process of safety-critical systems. In safety critical applications such as aerospace, avionics and railways, the use of formal methods is of paramount importance both for requirements and for design validation. Nevertheless, while for the verification of the design, many formal techniques have been conceived and applied, the research on formal methods for requirements validation is not yet mature. The main obstacles are that, on the one hand, the correctness of requirements is not formally defined; on the other hand that the formalization and the validation of the requirements usually demands a strong involvement of domain experts. We report on a methodology and a series of techniques that we developed for the formalization and validation of high-level requirements for safety-critical applications. The main ingredients are a very expressive formal language and automatic satisfiability procedures. The language combines first-order, temporal, and hybrid logic. The satisfiability procedures are based on model checking and satisfiability modulo theory. We applied this technology within an industrial project to the validation of railways requirements

MISRA C, for Security's Sake!

A third of United States new cellular subscriptions in Q1 2016 were for cars. There are now more than 112 million vehicles connected around the world. The percentage of new cars shipped with Internet connectivity is expected to rise from 13% in 2015 to 75% in 2020, and 98% of all vehicles will likely be connected by 2025. Moreover, the news continuously report about "white hat" hackers intruding on car software. For these reasons, security concerns in automotive and other industries have skyrocketed. MISRA C, which is widely respected as a safety-related coding standard, is equally applicable as a security-related coding standard. In this presentation, we will show that security-critical and safety-critical software have the same requirements. We will then introduce the new documents MISRA C:2012 Amendment 1 (Additional security guidelines for MISRA C:2012) and MISRA C:2012 Addendum 2 (Coverage of MISRA C:2012 against ISO/IEC TS 17961:2013 "C Secure Coding Rules"). We will illustrate the relationship between MISRA C, CERT C and ISO/IEC TS 17961, with a particular focus on the objective of preventing security vulnerabilities (and of course safety hazards) as opposed to trying to eradicate them once they have been inserted in the code.Comment: 4 pages, 2 tables, presented at the "14th Workshop on Automotive Software & Systems", Milan, November 10, 201

Applying formal methods to standard development: the open distributed processing experience

Since their introduction, formal methods have been applied in various ways to different standards. This paper gives an account of these applications, focusing on one application in particular: the development of a framework for creating standards for Open Distributed Processing (ODP). Following an introduction to ODP, the paper gives an insight into the current work on formalising the architecture of the Reference Model of ODP (RM-ODP), highlighting the advantages to be gained. The different approaches currently being taken are shown, together with their associated advantages and disadvantages. The paper concludes that there is no one all-purpose approach which can be used in preference to all others, but that a combination of approaches is desirable to best fulfil the potential of formal methods in developing an architectural semantics for OD