Overview
Creating reliable and explainable probabilistic models is a fundamental challenge to solving the artificial intelligence problem. This course covers some of the latest and most exciting advances that bring us closer to constructing such models. The main objective of this course is to expose students to the latest and most exciting research in the area of explainable and interpretable artificial intelligence, a topic of fundamental and increasing importance. Upon completion of the course, the students should have mastered the underlying methods and be able to apply them to a variety of problems. To facilitate deeper understanding, an important part of the course will be a group hands-on programming project where students will build a system based on the learned material.
The course covers some of the latest research (over the last 2-3 years) underlying the creation of safe, trustworthy, and reliable AI:
- Adversarial Attacks on Deep Learning (noise-based, geometry attacks, sound attacks, physical attacks, autonomous driving, out-ofppt-distribution)
- Defenses against attacks
- Combining gradient-based optimization with logic for encoding background knowledge
- Complete Certification of deep neural networks via automated reasoning (e.g., via numerical abstractions, mixed-integer solvers)
- Probabilistic certification of deep neural networks
- Training deep neural networks to be provably robust via automated reasoning
- Understanding and Interpreting Deep Networks
- Probabilistic Programming
Lectures
We are also keeping a full list of all lecture recordings in a Youtube playlist.
| Date | Content | Recording | Slides | Exercises | Solutions |
|---|---|---|---|---|---|
| Sept 16 | Introduction |  |
 |
|
- |
| Sept 23 | Adversarial attacks I | |
|
|
|
| Sept 30 | Adversarial attacks II | |
|
|
|
| Oct 7 | Adversarial Defenses and Certification of Neural Networks |
|
|
|
|
| Oct 14 | Certification with complete methods |
|
|
|
|
| Oct 21 | The Zonotope convex relaxation |
|
|
|
|
| Oct 28 | DeepPoly Relaxation |
|
|
|
|
| Nov 4 | Project introduction |
|
|
(Q&A) | (Q&A) |
| Nov 11 | Certified Defenses |
|
|
|
|
| Nov 18 | Geometric Robustness |
|
|
|
|
| Nov 25 | Network Interpretability and Visualization |
|
|
|
|
| Dec 2 | Combining Logic and Deep Learning |
|
|
|
|
| Dec 9 | Randomized Smoothing for Robustness |
|
|
|
|
| Dec 16 | Summary and future directions |
|
- | - |
Course project
Details on the course project will be added here.
Project introduction
The project was presented on November 4, in a live zoom session (recording is available here, password can be found in Moodle announcement). The project description is uploaded here. Code, networks and example test cases are available here.Previous Exams
Previous exams are available in the exam collection of the student association (VIS).
Course Organization (Tentative)
Some aspects of the course organization are new due to COVID-19.
Lectures
- The lectures will be pre-recorded and uploaded by Tuesday evening on a YouTube playlist. We recommend to watch the lectures during normal lecture hours (Wednesday 14-16).
- Every Wednesday at 3.40pm, there will be a virtual Q&A with Prof. Martin Vechev, on the topics of that week's lecture (Zoom link to join, you must be logged in with a *.ethz.ch account which you can create here).
- For additional questions, we have prepared a Moodle forum.
Exercises
- Every week, we will publish an exercise sheet and its solutions here, by Thursday evening.
- We strongly recommend to solve the exercises before next week's exercise session, and before looking at the solutions. The style of the exam will be similar to the exercises, so first-hand experience solving exercises is critical.
- The exercise sessions (Wednesday 12-14) will be in a virtual Q&A format, where you can ask questions about the exercise sheet (and its solutions) from the previous week (Zoom link to join, you must be logged in with a *.ethz.ch account). Attending the exercise sessions is optional.
- For additional questions, we have prepared a Moodle forum.
- In case there are not enough questions for the full exercise session, we will stop it early.
- The first exercise sessions (September 21 and September 23) will be a general introduction to some prerequisites for the course, and will not involve an exercise sheet. The covered material should be familiar to most students, and the slides discussed in the session will be available online.
Communication
All communication (like special announcements) will be sent out by e-mail.
Literature
For students who would like to brush up on the basics of machine learning used in this course, we recommend
- Section 3 (Background) of the publication An Abstract Domain for Certifying Neural Networks by Gagandeep Singh, Timon Gehr, Markus Püschel, and Martin Vechev
- Neural Networks and Deep Learning by Michael Nielsen
- Deep Learning book by Ian Goodfellow, Yoshua Bengio, and Aaron Courville