AN INTRODUCTION TO FRAMEWORK ADAPTATIONS FOR ADDITIONAL ASSURANCE OF A DEEP NEURAL NETWORK WITHIN NAVAL TEST AND EVALUATION

The complexity of modern warfare has rapidly outmatched the capacity of a human brain to accomplish the required tasks of a defined mission set. Task-shedding mundane tasks would prove immensely beneficial, freeing the warfighter to solve more complex issues; however, most tasks that a human might find menial, and shed-worthy, prove vastly abstract for a computer to solve. Advances in Deep Neural Network technology have demonstrated extensive applications as of late. As DNNs become more capable of accomplishing increasingly complex tasks, and the processors to run those neural nets continue to decrease in size, incorporation of DNN technology into legacy and next-generation aerial Department of Defense platforms has become eminently useful and advantageous. The assimilation of DNN-based systems using traditional testing methods and frameworks to produce artifacts in support of platform certification within Naval Airworthiness, however, proves prohibitive from a cost and time perspective, is not factored for agile development, and would provide an incomplete understanding of the capabilities and limitations of a neural network. The framework presented in this paper provides updated methodologies and considerations for the testing and evaluation and assurance of neural networks in support of the Naval Test and Evaluation process.Commander, United States NavyApproved for public release; distribution is unlimited

Dash+: Extending Alloy with Replicated Processes for Modelling Transition Systems

Modelling systems abstractly shows great promise to uncover bugs early in system development. The formal language Alloy provides the means of writing constraints abstractly but lacks explicit constructs for describing transition systems. Extensions to Alloy, such as Electrum, DynAlloy, and Dash, provide such constructs. However, still missing are language constructs to describe easily multiple processes with the same behavior (replicated processes) running in parallel as is found in languages such as PlusCal and Promela. We propose extensions to Dash for replicated processes. The result is Dash+: an Alloy language extension for describing transition systems that include both concurrent and hierarchical states and replicated concurrent processes. The processes can communicate via buffers or exchange information through variables and events. The key contributions of our novel approach are: 1) Replicated and non-replicated components can be nested arbitrarily at any level in the state hierarchy 2) Replicated components can exchange information directly without resorting to global variables as is the case in PlusCal and Promela 3) A modeller can abstractly model the topology of the processes (ring, list, etc.) through constraints on the set indexing the processes 4) Buffers can be used to facilitate communication between replicated components Dash+ stays consistent with the semantics of Dash and uses the notion of big steps and small steps to describe changes in the system. The semantics are implemented in a translation to Alloy in a way that accommodates the following model checking options: traces-based model checking, transitive closure-based model checking (TCMC), and Electrum. Our implementation is fully integrated into the Alloy Analyzer. This thesis presents case studies to demonstrate the features of Dash+ in modelling systems with concurrent processes and the benefits that Dash+ offers over existing languages. We check for properties in each of the models in the case studies to demonstrate how different model checking options can be used

Smart Contract Analysis Through Communication Abstractions

Smart contracts are programs that manage interactions between many users. Recently, Solidity smart contract have become a popular way to enforce financial agreements between untrusting users. However, such agreements do not eliminate trust, but rather redirects trust into the correctness of the smart contract. This means that each user must verify that a smart contract behaves correctly, regardless of how other users interact with it. Verifying a smart contract relative to all possible users is intractable due to state explosion. This thesis studies how local symmetry can be used to analyze smart contracts from a few representative users. This thesis builds on the novel notion of participation, that gives explicit semantics to user interactions. From participation, a topology is obtained for how users interact during each transaction of a smart contract. Local symmetry analysis shows that most users are interchangeable within a topology, and therefore, most users are locally symmetric. This motivates local bundle abstractions that reduce contracts with arbitrarily many users to sequential programs with a few representative users. It is shown that local bundle abstractions can be used to ameliorate state explosion in smart contract verification, and to accelerate counterexample search in bounded analysis (e.g., fuzzing and bounded model checking). We implement local bundle abstraction in SmartACE, and show order-of-magnitude improvements in time when compared to a state-of-the-art smart contract verification tool