-
Emergence in Multi-Agent Systems: A Safety Perspective
Authors:
Philipp Altmann,
Julian Schönberger,
Steffen Illium,
Maximilian Zorn,
Fabian Ritz,
Tom Haider,
Simon Burton,
Thomas Gabor
Abstract:
Emergent effects can arise in multi-agent systems (MAS) where execution is decentralized and reliant on local information. These effects may range from minor deviations in behavior to catastrophic system failures. To formally define these effects, we identify misalignments between the global inherent specification (the true specification) and its local approximation (such as the configuration of d…
▽ More
Emergent effects can arise in multi-agent systems (MAS) where execution is decentralized and reliant on local information. These effects may range from minor deviations in behavior to catastrophic system failures. To formally define these effects, we identify misalignments between the global inherent specification (the true specification) and its local approximation (such as the configuration of different reward components or observations). Using established safety terminology, we develop a framework to understand these emergent effects. To showcase the resulting implications, we use two broadly configurable exemplary gridworld scenarios, where insufficient specification leads to unintended behavior deviations when derived independently. Recognizing that a global adaptation might not always be feasible, we propose adjusting the underlying parameterizations to mitigate these issues, thereby improving the system's alignment and reducing the risk of emergent failures.
△ Less
Submitted 8 August, 2024;
originally announced August 2024.
-
Safety Analysis of Autonomous Railway Systems: An Introduction to the SACRED Methodology
Authors:
Josh Hunter,
John McDermid,
Simon Burton
Abstract:
As the railway industry increasingly seeks to introduce autonomy and machine learning (ML), several questions arise. How can safety be assured for such systems and technologies? What is the applicability of current safety standards within this new technological landscape? What are the key metrics to classify a system as safe? Currently, safety analysis for the railway reflects the failure modes of…
▽ More
As the railway industry increasingly seeks to introduce autonomy and machine learning (ML), several questions arise. How can safety be assured for such systems and technologies? What is the applicability of current safety standards within this new technological landscape? What are the key metrics to classify a system as safe? Currently, safety analysis for the railway reflects the failure modes of existing technology; in contrast, the primary concern of analysis of automation is typically average performance. Such purely statistical approaches to measuring ML performance are limited, as they may overlook classes of situations that may occur rarely but in which the function performs consistently poorly. To combat these difficulties we introduce SACRED, a safety methodology for producing an initial safety case and determining important safety metrics for autonomous systems. The development of SACRED is motivated by the proposed GoA-4 light-rail system in Berlin.
△ Less
Submitted 18 March, 2024;
originally announced March 2024.
-
Safeguarding Learning-based Control for Smart Energy Systems with Sampling Specifications
Authors:
Chih-Hong Cheng,
Venkatesh Prasad Venkataramanan,
Pragya Kirti Gupta,
Yun-Fei Hsu,
Simon Burton
Abstract:
We study challenges using reinforcement learning in controlling energy systems, where apart from performance requirements, one has additional safety requirements such as avoiding blackouts. We detail how these safety requirements in real-time temporal logic can be strengthened via discretization into linear temporal logic (LTL), such that the satisfaction of the LTL formulae implies the satisfacti…
▽ More
We study challenges using reinforcement learning in controlling energy systems, where apart from performance requirements, one has additional safety requirements such as avoiding blackouts. We detail how these safety requirements in real-time temporal logic can be strengthened via discretization into linear temporal logic (LTL), such that the satisfaction of the LTL formulae implies the satisfaction of the original safety requirements. The discretization enables advanced engineering methods such as synthesizing shields for safe reinforcement learning as well as formal verification, where for statistical model checking, the probabilistic guarantee acquired by LTL model checking forms a lower bound for the satisfaction of the original real-time safety requirements.
△ Less
Submitted 11 August, 2023;
originally announced August 2023.
-
Facilitating Change Implementation for Continuous ML-Safety Assurance
Authors:
Chih-Hong Cheng,
Nguyen Anh Vu Doan,
Balahari Balu,
Franziska Schwaiger,
Emmanouil Seferis,
Simon Burton,
Yassine Qamsane,
Ankit Shukla,
Yinchong Yang,
Zhiliang Wu,
Andreas Hapfelmeier,
Ingo Thon
Abstract:
We propose a method for deploying a safety-critical machine-learning component into continuously evolving environments where an increased degree of automation in the engineering process is desired. We associate semantic tags with the safety case argumentation and turn each piece of evidence into a quantitative metric or a logic formula. With proper tool support, the impact can be characterized by…
▽ More
We propose a method for deploying a safety-critical machine-learning component into continuously evolving environments where an increased degree of automation in the engineering process is desired. We associate semantic tags with the safety case argumentation and turn each piece of evidence into a quantitative metric or a logic formula. With proper tool support, the impact can be characterized by a query over the safety argumentation tree to highlight evidence turning invalid. The concept is exemplified using a vision-based emergency braking system of an autonomous guided vehicle for factory automation.
△ Less
Submitted 23 September, 2022;
originally announced September 2022.
-
Unaligned but Safe -- Formally Compensating Performance Limitations for Imprecise 2D Object Detection
Authors:
Tobias Schuster,
Emmanouil Seferis,
Simon Burton,
Chih-Hong Cheng
Abstract:
In this paper, we consider the imperfection within machine learning-based 2D object detection and its impact on safety. We address a special sub-type of performance limitations: the prediction bounding box cannot be perfectly aligned with the ground truth, but the computed Intersection-over-Union metric is always larger than a given threshold. Under such type of performance limitation, we formally…
▽ More
In this paper, we consider the imperfection within machine learning-based 2D object detection and its impact on safety. We address a special sub-type of performance limitations: the prediction bounding box cannot be perfectly aligned with the ground truth, but the computed Intersection-over-Union metric is always larger than a given threshold. Under such type of performance limitation, we formally prove the minimum required bounding box enlargement factor to cover the ground truth. We then demonstrate that the factor can be mathematically adjusted to a smaller value, provided that the motion planner takes a fixed-length buffer in making its decisions. Finally, observing the difference between an empirically measured enlargement factor and our formally derived worst-case enlargement factor offers an interesting connection between the quantitative evidence (demonstrated by statistics) and the qualitative evidence (demonstrated by worst-case analysis).
△ Less
Submitted 10 February, 2022;
originally announced February 2022.
-
Safe AI -- How is this Possible?
Authors:
Harald Rueß,
Simon Burton
Abstract:
Ttraditional safety engineering is coming to a turning point moving from deterministic, non-evolving systems operating in well-defined contexts to increasingly autonomous and learning-enabled AI systems which are acting in largely unpredictable operating contexts. We outline some of underlying challenges of safe AI and suggest a rigorous engineering framework for minimizing uncertainty, thereby in…
▽ More
Ttraditional safety engineering is coming to a turning point moving from deterministic, non-evolving systems operating in well-defined contexts to increasingly autonomous and learning-enabled AI systems which are acting in largely unpredictable operating contexts. We outline some of underlying challenges of safe AI and suggest a rigorous engineering framework for minimizing uncertainty, thereby increasing confidence, up to tolerable levels, in the safe behavior of AI systems.
△ Less
Submitted 11 May, 2022; v1 submitted 25 January, 2022;
originally announced January 2022.
-
A causal model of safety assurance for machine learning
Authors:
Simon Burton
Abstract:
This paper proposes a framework based on a causal model of safety upon which effective safety assurance cases for ML-based applications can be built. In doing so, we build upon established principles of safety engineering as well as previous work on structuring assurance arguments for ML. The paper defines four categories of safety case evidence and a structured analysis approach within which thes…
▽ More
This paper proposes a framework based on a causal model of safety upon which effective safety assurance cases for ML-based applications can be built. In doing so, we build upon established principles of safety engineering as well as previous work on structuring assurance arguments for ML. The paper defines four categories of safety case evidence and a structured analysis approach within which these evidences can be effectively combined. Where appropriate, abstract formalisations of these contributions are used to illustrate the causalities they evaluate, their contributions to the safety argument and desirable properties of the evidences. Based on the proposed framework, progress in this area is re-evaluated and a set of future research directions proposed in order for tangible progress in this field to be made.
△ Less
Submitted 9 August, 2022; v1 submitted 14 January, 2022;
originally announced January 2022.
-
Logically Sound Arguments for the Effectiveness of ML Safety Measures
Authors:
Chih-Hong Cheng,
Tobias Schuster,
Simon Burton
Abstract:
We investigate the issues of achieving sufficient rigor in the arguments for the safety of machine learning functions. By considering the known weaknesses of DNN-based 2D bounding box detection algorithms, we sharpen the metric of imprecise pedestrian localization by associating it with the safety goal. The sharpening leads to introducing a conservative post-processor after the standard non-max-su…
▽ More
We investigate the issues of achieving sufficient rigor in the arguments for the safety of machine learning functions. By considering the known weaknesses of DNN-based 2D bounding box detection algorithms, we sharpen the metric of imprecise pedestrian localization by associating it with the safety goal. The sharpening leads to introducing a conservative post-processor after the standard non-max-suppression as a counter-measure. We then propose a semi-formal assurance case for arguing the effectiveness of the post-processor, which is further translated into formal proof obligations for demonstrating the soundness of the arguments. Applying theorem proving not only discovers the need to introduce missing claims and mathematical concepts but also reveals the limitation of Dempster-Shafer's rules used in semi-formal argumentation.
△ Less
Submitted 10 January, 2022; v1 submitted 4 November, 2021;
originally announced November 2021.
-
Entropy, Derivation Operators and Huffman Trees
Authors:
Simon Burton
Abstract:
We build a theory of binary trees on finite multisets that categorifies, or operationalizes, the entropy of a finite probability distribution. Multisets operationalize probabilities as the event outcomes of an experiment. Huffman trees operationalize the entropy of the distribution of these events. We show how the derivation property of the entropy of a joint distribution lifts to Huffman trees.
We build a theory of binary trees on finite multisets that categorifies, or operationalizes, the entropy of a finite probability distribution. Multisets operationalize probabilities as the event outcomes of an experiment. Huffman trees operationalize the entropy of the distribution of these events. We show how the derivation property of the entropy of a joint distribution lifts to Huffman trees.
△ Less
Submitted 23 July, 2021;
originally announced July 2021.