Publications

2024

1. arXiv

   Defending Against Unforeseen Failure Modes with Latent Adversarial Training

   Stephen Casper*, Lennart Schulze*, Oam Patel, and Dylan Hadfield-Menell

   arXiv preprint arXiv:2403.05030, 2024

   Abs Bib PDF

   AI systems sometimes exhibit harmful unintended behaviors post-deployment. This is often despite extensive diagnostics and debugging by developers. Minimizing risks from models is challenging because the attack surface is so large. It is not tractable to exhaustively search for inputs that may cause a model to fail. Red- teaming and adversarial training (AT) are commonly used to make AI systems more robust. However, they have not been sufficient to avoid many real-world failure modes that differ from the ones adversarially trained on. In this work, we utilize latent adversarial training (LAT) to defend against vulnerabilities without generating inputs that elicit them. LAT leverages the compressed, abstract, and structured latent representations of concepts that the network actually uses for prediction. We use LAT to remove trojans and defend against held-out classes of adversarial attacks. We show in image classification, text classification, and text generation tasks that LAT usually improves both robustness and performance on clean data relative to AT. This suggests that LAT can be a promising tool for defending against failure modes that are not explicitly identified by developers.

   @article{casper2024defending,
     title = {Defending Against Unforeseen Failure Modes with Latent Adversarial Training},
     author = {Casper*, Stephen and Schulze*, Lennart and Patel, Oam and Hadfield-Menell, Dylan},
     journal = {arXiv preprint arXiv:2403.05030},
     year = {2024},
   }

2023

1. ICRA; ICCV NeRF

   High-Degrees-of-Freedom Dynamic Neural Fields for Robot Self-Modeling and Motion Planning

   Lennart Schulze, and Hod Lipson

   In International Conference on Robotics and Automation (ICRA) 2024;
   ICCV Workshop on Neural Fields for Autonomous Driving and Robotics, 2023

   (Oral Presentation)

   Abs Bib HTML PDF

   A robot self-model is a task-agnostic representation of the robot’s physical morphology that can be used for motion planning tasks in absence of classical geometric kinematic models. In particular, when the latter are hard to engineer or the robot’s kinematics change unexpectedly, human-free self-modeling is a necessary feature of truly autonomous agents. In this work, we leverage neural fields to allow a robot to self-model its kinematics as a neural-implicit query model learned only from 2D images annotated with camera poses and configurations. This enables significantly greater applicability than existing approaches which have been dependent on depth images or geometry knowledge. To this end, alongside a curricular data sampling strategy, we propose a new encoder-based neural density field architecture for dynamic object-centric scenes conditioned on high numbers of degrees of freedom (DOFs). In a 7-DOF robot test setup, the learned self-model achieves a Chamfer-L2 distance of 2% of the robot’s workspace dimension. We demonstrate the capabilities of this model on a motion planning task as an exemplary downstream application.

   @inproceedings{schulze2023high,
     title = {High-Degrees-of-Freedom Dynamic Neural Fields for Robot Self-Modeling and Motion Planning},
     author = {Schulze, Lennart and Lipson, Hod},
     year = {2023},
     booktitle = {International Conference on Robotics and Automation (ICRA) 2024;<br/> ICCV Workshop on Neural Fields for Autonomous Driving and Robotics},
     other = {(Oral Presentation)},
   }

2. NeurIPS XAIA

   ObEy: Quantifiable Object-based Explainability without Ground-Truth Annotations

   Lennart Schulze*, William Ho*, and Richard Zemel

   In NeurIPS Workshop on Explainable AI in Action: Past, Present, and Future Applications, 2023

   Abs Bib HTML PDF

   Neural networks are at the core of AI systems recently observing accelerated adoption in high-stakes environments. Consequently, understanding their black-box predictive behavior is paramount. Current explainable AI techniques, however, are limited to explaining a single prediction, rather than characterizing the inherent ability of the model to be explained, reducing their usefulness to manual inspection of samples. In this work, we offer a conceptual distinction between explanation methods and explainability. We use this motivation to propose Object-based Explainability (ObEy), a novel model explainability metric that collectively assesses model-produced saliency maps relative to objects in images, inspired by humans’ perception of scenes. To render ObEy independent of the prediction task, we use full-image instance segmentations obtained from a foundation model, making the metric applicable on existing models in any setting. We demonstrate ObEy’s immediate applicability to use cases in model inspection and comparison. As a result, we present new insights into the explainability of adversarially trained models from a quantitative perspective.

   @inproceedings{schulze2023obey,
     title = {{ObEy}: Quantifiable Object-based Explainability without Ground-Truth Annotations},
     author = {Schulze*, Lennart and Ho*, William and Zemel, Richard},
     booktitle = {{NeurIPS} Workshop on Explainable {AI} in Action: Past, Present, and Future Applications},
     year = {2023},
   }

2021

1. INFO

   Evaluating Error Mitigation Strategies for Entangled Quantum States on Near-Term Quantum Computers

   Lennart Schulze, and Jan-Rainer Lahmann

   In INFORMATIK 2021, 2021

   Abs Bib

   Entanglement is one of the quantum mechanical properties to which recently emerging quantum computers attribute an exponential increase in computing power. however, these systems are subject to a set of noise-inducing physical processes and hardware-level imperfections that render the results from quantum circuits erroneous. Bridging the time until sufficient qubits are available to compensate for these effects, quantum error mitigation algorithms aim at improving the result accuracy on near-term quantum devices. This empirical investigation describes and compares customary fundamental approaches to error mitigation for quantum states in condition of entanglement on real quantum computers. It is demonstrated that two readily implementable techniques regarding circuit design and measurement error mitigation may lead to a considerable increase in the quality of results.

   @inproceedings{schulze2021evaluating,
     author = {Schulze, Lennart and Lahmann, Jan-Rainer},
     title = {Evaluating Error Mitigation Strategies for Entangled Quantum States on Near-Term Quantum Computers},
     year = {2021},
     doi = {10.18420/informatik2021-079},
     booktitle = {INFORMATIK 2021},
     publisher = {German Informatics Society},
     pages = {943--960},
   }