Abstract
Deep neural networks have emerged as a widely used and effective means for tackling complex, real-world problems. However, a major obstacle in applying them to safety-critical systems is the great difficulty in providing formal guarantees about their behavior. We present a novel, scalable, and efficient technique for verifying properties of deep neural networks (or providing counter-examples). The technique is based on the simplex method, extended to handle the non-convex Rectified Linear Unit (ReLU) activation function, which is a crucial ingredient in many modern neural networks. The verification procedure tackles neural networks as a whole, without making any simplifying assumptions. We evaluated our technique on a prototype deep neural network implementation of the next-generation airborne collision avoidance system for unmanned aircraft (ACAS Xu). Results show that our technique can successfully prove properties of networks that are an order of magnitude larger than the largest networks that could be verified previously.
Original language | English |
---|---|
Pages (from-to) | 87-116 |
Number of pages | 30 |
Journal | Formal Methods in System Design |
Volume | 60 |
Issue number | 1 |
DOIs | |
State | Published - Feb 2022 |
Bibliographical note
Publisher Copyright:© 2021, The Author(s), under exclusive licence to Springer Science+Business Media, LLC part of Springer Nature.
Keywords
- Neural networks
- Satisfiability modulo theories
- Verification