论文标题
NNV:深层神经网络和支持学习的网络物理系统的神经网络验证工具
NNV: The Neural Network Verification Tool for Deep Neural Networks and Learning-Enabled Cyber-Physical Systems
论文作者
论文摘要
本文介绍了神经网络验证(NNV)软件工具,该工具是针对深神经网络(DNN)和支持学习的网络物理系统(CPS)的基于集合的验证框架。 NNV的关键是可及性算法的集合,可利用多种设定表示形式,例如polyhedra,star sets,zonotopes和抽象域表示。 NNV支持精确(声音和完整)和过度值得注意的(声音)可达算法,以验证具有各种激活功能的前馈神经网络(FFNN)的安全性和鲁棒性特性。对于支持学习的CP,例如结合了神经网络的闭环控制系统,NNV为线性植物模型和具有分段线性激活功能的线性植物模型和FFNN控制器提供了精确且过于容易的可及性分析方案,例如Relus。对于具有非线性植物模型的类似神经网络控制系统(NNC),NNV通过将用于FFNN控制器的Star Set分析与基于扎诺对的基于扎科的分析来支持过度抗变的分析,用于CORA上的非线性植物动力学。我们使用两个现实世界的案例研究评估NNV:第一个是ACAS XU网络的安全验证,第二个涉及基于深度学习的自适应巡航控制系统的安全验证。
This paper presents the Neural Network Verification (NNV) software tool, a set-based verification framework for deep neural networks (DNNs) and learning-enabled cyber-physical systems (CPS). The crux of NNV is a collection of reachability algorithms that make use of a variety of set representations, such as polyhedra, star sets, zonotopes, and abstract-domain representations. NNV supports both exact (sound and complete) and over-approximate (sound) reachability algorithms for verifying safety and robustness properties of feed-forward neural networks (FFNNs) with various activation functions. For learning-enabled CPS, such as closed-loop control systems incorporating neural networks, NNV provides exact and over-approximate reachability analysis schemes for linear plant models and FFNN controllers with piecewise-linear activation functions, such as ReLUs. For similar neural network control systems (NNCS) that instead have nonlinear plant models, NNV supports over-approximate analysis by combining the star set analysis used for FFNN controllers with zonotope-based analysis for nonlinear plant dynamics building on CORA. We evaluate NNV using two real-world case studies: the first is safety verification of ACAS Xu networks and the second deals with the safety verification of a deep learning-based adaptive cruise control system.
