Towards Certifying Trustworthy Machine Learning Systems

Yap, Roland H. C.

doi:10.1007/978-3-030-73959-1_7

Roland H. C. Yap¹¹

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 12641))

Included in the following conference series:

International Workshop on the Foundations of Trustworthy AI Integrating Learning, Optimization and Reasoning

966 Accesses
2 Citations

Abstract

Machine Learning (ML) is increasingly deployed in complex application domains replacing human-decision making. While ML has been surprisingly successful, there are fundamental concerns in wide scale deployment without humans in the loop. A critical question is the trustworthiness of such ML systems. Although there is research towards making ML systems more trustworthy, there remain many challenges. In this position paper, we discuss the challenges and limitations of current proposals. We focus on a more adversarial approach, borrowing ideas from certification of security software with the Common Criteria. While it is unclear how to get strong trustworthy assurances for ML systems, we believe this approach can further increase the level of trust.

This research was supported by Google under the “Democratizing AI and Building Trust In the Technology” project and grant R-726-000-006-646.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
The Common Criteria is a well defined process and standard (ISO/IEC 15408) for evaluation of the functional and assurance requirements of IT/security software.
2.
The U.S. House Committee investigation into the Boeing 737 Max flight control system found weaknesses given compliance processes were delegated to Boeing [1].
3.
In CC, there is further step, the evaluator’s work is sent to another trusted third party, the certification body, to give an official certificate for the evaluator’s work.
4.
An attack model is needed to capture potential malicious users of the ML system who try to exploit the system.

References

https://transportation.house.gov/committee-activity/boeing-737-max-investigation (2020)
Arnold, M., et al.: FactSheets: increasing trust in AI services through supplier’s declarations of conformity. IBM J. Res. Dev. 63(4/5), 1–13 (2019)
Article Google Scholar
Athalye, A., Carlini, N., Wagner, D.A.: Obfuscated gradients give a false sense of security: circumventing defenses to adversarial examples. In: International Conference on Machine Learning (2018)
Google Scholar
Bender, E.M., Friedman, B.: Data statements for natural language processing: toward mitigating system bias and enabling better science. Trans. Assoc. Comput. Linguist. 6, 587–604 (2018)
Article Google Scholar
Carlini, N., et al.: On evaluating adversarial robustness. https://arxiv.org/abs/1902.06705 (2019)
Dwork, C., Roth, A.: The algorithmic foundations of differential privacy. Found. Trends Theor. Comput. Sci. 9(3–4), 211–407 (2014)
MathSciNet MATH Google Scholar
Friedler, S.A., Scheidegger, C., Venkatasubramanian, S.: On the (im)possibility of fairness (2016). http://arxiv.org/abs/1609.07236
Gebru, T., et al.: Datasheets for datasets. In: Workshop on Fairness, Accountability, and Transparency in Machine Learning (2018)
Google Scholar
Holland, S., Hosny, A., Newman, S., Joseph, J., Chmielinski, K.: The dataset nutrition label: a framework to drive higher data quality standards. https://arxiv.org/abs/1805.03677 (2018)
Kifer, D., Machanavajjhala, A.: No free lunch in data privacy. In: ACM SIGMOD International Conference on Management of Data (2011)
Google Scholar
Klein, G., et al.: Comprehensive formal verification of an OS microkernel. ACM Trans. Comput. Syst. 32(1), 1–70 (2014)
Article Google Scholar
Kumar, V.: Irrational Exuberance and the ‘FATE’ of Technology. BLOG@CACM, 20 August (2018)
Google Scholar
Mitchell, M., et al.: Model cards for model reporting. In: Conference on Fairness, Accountability, and Transparency (2019)
Google Scholar
Obermeyer, Z., Powers, B., Vogeli, C., Mullainathan, S.: Dissecting racial bias in an algorithm used to manage the health of populations. Science 366(6464), 447–453 (2019)
Article Google Scholar
Silver, D., et al.: Mastering the game of go without human knowledge. Nature 550, 354–359 (2017)
Article Google Scholar

Download references

Author information

Authors and Affiliations

School of Computing, National University of Singapore, Singapore, Singapore
Roland H. C. Yap

Authors

Roland H. C. Yap
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Roland H. C. Yap .

Editor information

Editors and Affiliations

Department of Computer and Information Science, Linköping University, Linköping, Sweden
Fredrik Heintz
ALMA-AI Research Institute on Human-Centered AI, University of Bologna, Bologna, Italy
Michela Milano
Department of Computer Science, University College Cork, Cork, Ireland
Barry O'Sullivan

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Yap, R.H.C. (2021). Towards Certifying Trustworthy Machine Learning Systems. In: Heintz, F., Milano, M., O'Sullivan, B. (eds) Trustworthy AI - Integrating Learning, Optimization and Reasoning. TAILOR 2020. Lecture Notes in Computer Science(), vol 12641. Springer, Cham. https://doi.org/10.1007/978-3-030-73959-1_7

Download citation

DOI: https://doi.org/10.1007/978-3-030-73959-1_7
Published: 13 April 2021
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-73958-4
Online ISBN: 978-3-030-73959-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics