Share

Verification of neural networks: a challenge to overcome

#artificial intelligence #safe AI #trustworthy
© Adobe Stock / immimagery
The formal verification of neural networks presents many challenges. Although there are languages to describe how a neural network is expected to behave, current validation tools do not consider the full richness of these languages. CEA-List is investigating practices from the field of programming languages to expand the scope of what can be formally verified.

Critical software systems are essential to our society. They help ensure the safety of everything from railway networks to nuclear power plants. Software malfunctions can have grave consequences for our infrastructures, the environment, and individuals. Software can only be implemented in these critical environments if there is a high degree of trust that it will run as intended. The study of programming languages—a branch of computer science—focuses on developing new ways of designing and coding software to make it safer.

Neural networks are now making inroads into critical software, and the rules of the game have changed. The way neural networks are designed makes them difficult to describe formally and, therefore, to verify. Python, the most widely used programming language for neural network design, is very difficult to analyze. To further complicate matters, neural networks are made up of series of very large algebraic calculations with no obvious link to the result produced. What this means is that, in terms of their characteristics, neural networks are very different from the conventional software the verification community is accustomed to working with.

Our research began with a description of the effects of neural network verification on program verification tools. We made two crucial observations:

  • First, the test benches currently used to verify neural networks are biased toward a very specific class of problems, which appear to us to be far removed from the needs of industrial end-users.
  • Second, these verification tools work with very-low-level inputs (close to machine language). This creates a very wide and unaddressed gap between the formal description of a program and what it is possible to verify (Figure 1).

 


Figure 1: The distance between a program’s formal specification and its actual behavior.


Based on these observations, we decided to adapt practices already known in programming language research to neural networks:

  • Describing the expected safety and security; properties
    directly in the programming language and;
  • A more realistic approach of looking at the literature on specification languages to formally describe existing systems. Part of this formal description, more readily usable by existing formal verification tools, was added to the program itself.

 
This enabled us to propose description languages suitable for this approach.

The specification of neural networks is an important research topic that must be addressed at the fundamental level of the programming language.

Rebecca Cabean

Julien Girard-Satabin

Research Engineer — CEA-List

Learn more

Major projects/partnerships

  • Projet SAIF du PEPR Intelligence Artificielle,
  • Projet DeepGreen

Flagship publication

  • « Neural Network Verification is a Programming Language Challenge ». L. C. Corneiro, M. L. Daggitt,
    J. Girard-Satabin, O. Isac, T. T. Johnson, G. Katz, E. Komendantskaya, A. Lemesle, E. Manino, A. Sinkarovs, H. Wu, In European Symposium on Programming (ESOP), 2025. https://doi.org/10.48550/arXiv.2501.05867 CAISAR software platform