The recent release of the ChatGPT conversational agent has been a surprise to me, and to many of my colleagues from the software engineering community. Progress goes extremely fast, while it appears to be a true “game-changing” technology that can even generate programs and fix bugs. Machine Learning (ML) provides engineers with the prospect of producing data-driven software, with little manual code writing. These ML-enabled software bring us to a new era where systems’ logic is automatically produced from data, with a small amount of human-written code. Would we trust such software mixing ML and regular code, would you rely on it and under which conditions? This is still too early to answer these questions, and a challenging direction to explore.

This radical change questions the way software are engineered, validated, secured, deployed and maintained. The overall challenge is thus to automate these activities accounting for the statistical nature of ML-enabled software.

Taking a software engineering perspective, and starting from a concrete case from the finance industry, the presentation will focus on testing and robustifying a ML model which is integrated in a larger software system that takes as input domain objects (e.g. financial transaction, malware, network traffic). One traditional way to robustify a ML model consists in generating adversarial inputs, e.g. leading to a misclassification, and retraining the model. Indeed, despite their impressive performance, ML models are sensitive to small perturbations in the input. The resulting adversarial inputs raise multiple questions about the robustness of such systems, especially in safety- and business-critical domains. However, the generation of feasible, exploitable adversarial test examples is challenging, as they must satisfy the business logic constraints over the feature space. We analyse the limitations of current adversarial approaches and explore new algorithms that combine multi-objective search with constraint-solving techniques. While the attack part is the offensive weapon, we also consider the challenge to efficiently shield (e.g. repair) the systems against such threats, and finally end the seminar by mentioning other research directions to deploy robust ML-enabled systems.

Yves Le Traon is professor in software engineering at University of Luxembourg, with a focus on software testing, software security, data-intensive and machine-learning (ML) enabled systems. He is currently head of the SnT SerVal group (SEcurity, Reasoning and VALidation) and vice director of the Interdisciplinary Centre for Security, Reliability and Trust (SnT center) in Luxembourg. Most of his initial research has focussed on software testing, software security and model-driven engineering with applications to business-critical software in the domains of Smart Grid, Fintech, IoT/Industry 4.0. His research interests also cover several related areas such as real-world empirical studies, search-based software engineering, code static analysis, automated-program repair, machine learning applied to industry and robustness of machine-learning enabled systems.

Prof. Le Traon, IEEE Fellow member, has been General Chair of major conferences in the domain, such as ICSME 2021, IEEE ICST 2013, IEEE ISSRE 2004, and Program Chair of IEEE QRS 2016. He serves at the editorial boards of international journals in his domains of expertise (STVR, SoSym, IEEE Transactions on Reliability). He has served in more than 60 program and organizing committees of conferences, including the flagship ones in software engineering and software testing (ICSE, FSE, ICST, ISSTA). He has co authored (CORE ranking): 90+ Rank A/A* conference papers, 30+ Rank A/A* journal papers, and 150+ peer-reviewed conference papers, 40+ journal papers and 12+ book chapters and magazines.