Search for: All records

Fueled by massive amounts of data, models produced bymachine-learning (ML) algorithms, especially deep neural networks, arebeing used in diverse domains where trustworthiness is a concern, includ-ing automotive systems, finance, health care, natural language process-ing, and malware detection. Of particular concern is the use of ML algo-rithms in cyber-physical systems (CPS), such as self-driving cars andaviation, where an adversary can cause serious consequences.However, existing approaches to generating adversarial examples anddevising robust ML algorithms mostly ignore thesemanticsandcon-textof the overall system containing the ML component. For example,in an autonomous vehicle using deep learning for perception, not everyadversarial example for the neural network might lead to a harmful con-sequence. Moreover, one may want to prioritize the search for adversarialexamples towards those that significantly modify the desired semanticsof the overall system. Along the same lines, existing algorithms for con-structing robust ML algorithms ignore the specification of the overallsystem. In this paper, we argue that the semantics and specification ofthe overall system has a crucial role to play in this line of research. Wepresent preliminary research results that support this claim.