Certified Robust Control under Adversarial Perturbations

TL;DR

This paper introduces a novel method to integrate robustness certification of machine learning predictions with control systems, ensuring end-to-end certified robustness against adversarial input perturbations in autonomous vehicle control.

Contribution

It presents the first approach to combine robustness certification of raw input predictions with control systems, enabling end-to-end certified robustness in autonomous systems.

Findings

Successfully applied to adaptive vehicle control case study

Demonstrated improved robustness against adversarial perturbations

Provided extensive experimental validation of the approach

Abstract

Autonomous systems increasingly rely on machine learning techniques to transform high-dimensional raw inputs into predictions that are then used for decision-making and control. However, it is often easy to maliciously manipulate such inputs and, as a result, predictions. While effective techniques have been proposed to certify the robustness of predictions to adversarial input perturbations, such techniques have been disembodied from control systems that make downstream use of the predictions. We propose the first approach for composing robustness certification of predictions with respect to raw input perturbations with robust control to obtain certified robustness of control to adversarial input perturbations. We use a case study of adaptive vehicle control to illustrate our approach and show the value of the resulting end-to-end certificates through extensive experiments.