MINDS Symposium on the Foundations of Data Science
Mahyar Fazlyab
Title: Safe Deep Learning: A Robust Control Approach
Abstract: Despite their tremendous performance in various decision-making and classification tasks, Deep Neural Networks (DNNs) are vulnerable to adversarial attacks and input perturbations, raising serious concerns about their adoption in safety-critical domains. This issue becomes even more pressing when DNNs are used in closed-loop systems, where a small perturbation in the loop (caused by, for example, noisy measurements, uncertain initial conditions, or disturbances) may cause significant changes in control actions, which could destabilize or damage the system or drive it to an unsafe region. Therefore, it is of utmost importance to develop tools that can provide useful certificates of stability, safety, and robustness for DNN-driven systems.
In this talk, I will present a new framework, rooted in convex optimization and robust control, for safety verification and robustness analysis of DNNs based on semidefinite programming. The main idea is to abstract the original, nonlinear, hard-to-analyze neural network by a Quadratically-Constrained Linear Network (QCLN), in which the nonlinear components (e.g., the activation functions) are described by the quadratic constraints that all their input-output instances satisfy. This abstraction allows us to analyze various properties of DNNs (safety, local and global robustness, etc.) using semidefinite programming. Finally, I will discuss the scalability aspects of the proposed approach, and how we can use tools from graph theory and operator splitting to devise modular and scalable methods for verification of DNNs.
Biography: Mahyar Fazlyab received the Bachelor’s and Master’s degrees in mechanical engineering from Sharif University of Technology, Tehran, Iran, in 2010 and 2013, respectively. He earned a Master’s degree in statistics and a Ph.D. degree in Electrical and Systems Engineering (ESE) from the University of Pennsylvania (UPenn), Philadelphia, PA, USA, in 2018. Currently, he is a Postdoctoral Researcher at UPenn. His research interests are at the intersection of optimization, control, and machine learning. His current work focuses on developing optimization-based methods for safety verification of learning-enabled control systems. Dr. Fazlyab won the Joseph and Rosaline Wolf Best Doctoral Dissertation Award in 2019, awarded by the ESE Department at UPenn.