On Assessing ML Model Robustness: A Methodological Framework (Academic Track)

Abstract

Due to their uncertainty and vulnerability to adversarial attacks, machine learning (ML) models can lead to severe consequences, including the loss of human life, when embedded in safety-critical systems such as autonomous vehicles. Therefore, it is crucial to assess the empirical robustness of such models before integrating them into these systems. ML model robustness refers to the ability of an ML model to be insensitive to input perturbations and maintain its performance. Against this background, the Confiance.ai research program proposes a methodological framework for assessing the empirical robustness of ML models. The framework encompasses methodological processes (guidelines) captured in Capella models, along with a set of supporting tools. This paper aims to provide an overview of this framework and its application in an industrial setting.

Keywords

Adversarial systemAdversaryMNIST databaseComputer scienceRobustness (evolution)Artificial intelligenceDeep neural networksDeep learningArtificial neural networkMachine learningThreat modelThrough-the-lens meteringComputer securityEngineeringLens (geology)

Related Publications

A survey on Image Data Augmentation for Deep Learning

Connor Shorten , Taghi M. Khoshgoftaar

Abstract Deep convolutional neural networks have performed remarkably well on many Computer Vision tasks. However, these networks are heavily reliant on big data to avoid overfi...

2019 Journal Of Big Data 11041 citations

Batch Normalization: Accelerating Deep Network Training by Reducing Internal Covariate Shift

Sergey Ioffe , Christian Szegedy

Training Deep Neural Networks is complicated by the fact that the distribution of each layer's inputs changes during training, as the parameters of the previous layers change. T...

2024 arXiv (Cornell University) 15635 citations

Network In Network

Min Lin , Qiang Chen , Shuicheng Yan

Abstract: We propose a novel deep network structure called In Network (NIN) to enhance model discriminability for local patches within the receptive field. The conventional con...

2014 arXiv (Cornell University) 1037 citations

Inception-v4, Inception-ResNet and the Impact of Residual Connections on Learning

Christian Szegedy , Sergey Ioffe , Vincent Vanhoucke +1 more

Very deep convolutional networks have been central to the largest advances in image recognition performance in recent years. One example is the Inception architecture that has b...

2017 Proceedings of the AAAI Conference on... 4483 citations

Generative adversarial networks

Ian Goodfellow , Jean Pouget-Abadie , Mehdi Mirza +5 more

Generative adversarial networks are a kind of artificial intelligence algorithm designed to solve the generative modeling problem. The goal of a generative model is to study a c...

2020 Communications of the ACM 11829 citations

Publication Info

Year: 2025
Type: preprint
Citations: 4319
Access: Closed

External Links

View on DOI.org

Social Impact

Altmetric

On Assessing ML Model Robustness: A Methodological Framework (Academic Track)

PlumX Metrics

Social media, news, blog, policy document mentions

Citation Metrics

4319

OpenAlex

Cite This

APA Style

                            
                                    Aleksander Ma̧dry, 
                                
                                    Aleksandar Makelov, 
                                
                                    Ludwig Schmidt
                                
                                et al.
                            
                            (2025). 
                            On Assessing ML Model Robustness: A Methodological Framework (Academic Track). 
                            Dagstuhl Research Online Publication Server
                            
                            .
                            https://doi.org/10.4230/oasics.saia.2024.1

Identifiers

DOI: 10.4230/oasics.saia.2024.1