 Welcome everyone to this presentation with the title Trust Worthy AI on Network Operations. We are Alexanos Niko and Svarup Mohali researchers from Ericsson Research. Ericsson Research is an organization within Ericsson. We are working towards bringing new technologies in our networks. Here you can take a brief look to the technologies we are working with. 6G journey has just started where we are also continuing with all the 5G standards. 5G and beyond innovations on the telecom platform will happen in gaming, autonomous driving and manufacturing. Everything from the data center to the smallest of devices will become one universal compute fabric. As networks become intelligent platforms for innovation, future network security will become a key to establishing trustworthiness across future societies. Future autonomous networks will deliver the speed, the scalability and the zero human touch. In the future, billion of devices will connect intelligent societies and industry simultaneously. Within Ericsson Research we are a team that we are working towards trustworthy AI for network operations. Me and Svarup belong to this team. A small introduction for this technology area to make sure that we are all aligned. The three main objectives that our team has is to build AI systems that are trustworthy by design. By design we mean to be safe, robust, reliable, explainable and sustainable. We would like to demonstrate trustworthy AI technologies in multiple networks and use cases such as run control, core network, transport network and orchestration and management layers. And finally, we would like to develop trustworthy AI solutions that leverage both machine learning and machine reasoning techniques. Within trustworthy AI we have different activities we are working on and we contribute both in theoretical as well as applied research. Some of the activities are depicted here, symbolic reinforcement learning, formal verification of neural networks and explainable AI. For the rest of the session we will take a deeper dive on these three activities. A disclaimer here is that some of the views of these topics of this presentation is the presenter's views and they are not the company's views, so they are not Ericsson's views. Symbolic reinforcement learning. We know that reinforcement learning is the branch of machine learning that deals with the problem of controlling a dynamical system over uncertainty over time. And we would like to control the system in order to optimize the performance usually given by reward functions. But sometimes in different applications we want to impose the dynamical system with more complex specifications, which is generally difficult to be done just by reward engineering. So the question that arises here is how this complex specification can be unsigned or imposed to the system in an automatic way. Symbolic reinforcement learning is the field that bridges these two words, the world of reinforcement learning and the world of formal methods in order to provide guarantees and explanations of how can we control the dynamical system for satisfaction or not of the high level task. Some background material in order to understand the framework. We start with the modeling of the system, which is a transition system, is a compact mathematical formalism that has states, actions, transition relation, atomic proposition and labeling function. This is a general model that can model all the dynamical systems. If we don't have exactly the model in the transition system, we can perform abstraction techniques. Then in order to be able to express properties on the transition system, we have linear temporal logic, which is also a compact way of defining properties over dynamical systems. The grammar of linear temporal logic is negation, conjunction, disjunction operators, next operator and until operator. With these modules, we can express any possible task over state and time constraints. Then the property is translated into an equivalent automaton. So by having the model of the system as a transition system and by having also the input formula, then we can perform model checking and graph techniques and we can derive a plan that satisfies the system and we can also block traces that violate the property. That was the background in dynamical systems and formal methods. So now, reinforcement learning, as we know, it's a powerful technique for dealing with optimal decision of dynamic agents that interact in uncertain environments. A compact representation of it is this modeling where an agent is applying an action to the environment, receives a reward and transits to the next state. The idea is how can we design optimal sequence of actions such that the cumulative reward is maximized over time. A bit deeper rigorous form of reinforcement learning model is the Markov Decision Process, which is a table that has state actions, transition probability matrix, which is unknown and reward factions. Formally, the goal is to design a policy that states which actions should be taken in order to maximize this expected value. We have many algorithms in practice for solving this problem such as Q-learning, DQM, A3C, etc. So here comes the framework of symbolic reinforcement learning. By training a reinforcement learning agent and having some experience replay memory, we can start learning the probabilities of the Markov Decision Process. Then we have the model of the system. But this is trained only for a reward maximization. If we want also to impose complex tasks, then we translate the LDL formula to an automaton and then we perform model checking on the product of the LDL and the MTP. We max these two and then we can have a plan of the system so we can learn a policy that satisfies the task. Or we can use safety shield approaches in order to block actions that violate the property. This is the theoretical framework and we can proceed to see how this can be applied in a practical scenario which arises in the telecom setting. Seed Telecom is the basic product of our company. So we have a wireless mobile network which typically looks like this. We have a geographical area that is partitioned over cells. Then we have some radio bench stations you can think as the antennas that we know which are towers with antennas. These antennas can provide connectivity to any devices. If we zoom to each of the antennas of the base station we can see that the antenna can be tilted with an angle at a time distance t. This is required because according to how the traffic evolves we need to control the tip in order to optimize a set of key performance indicators such as capacity, signal quality coverage and some others. Optimizing these parameters typically leads to better quality of experience. So the problem here is how to control these antennas and make a plan in order to keep the KPI in predefined bounds. We can have a modeling of the system as a Markov decision process with state actions and rewards. And then by applying symbolic reference learning we can have a framework that we can optimize over time and we can have actions that leads to the satisfaction of the task. So quality of experience is improved and we can also block actions that violate any degradation of the KPIs. A deeper dive on this approach. We start with some offline datasets. We have network simulators that we can model the reality. We also have online data through operators and then we have experience replay tablets in the form of state action rewards next state. Then we can build the Markov decision process which is an abstracted MDP. And then what we do is we take the input intent which is translated to an automaton and then we construct the product automaton between the MDP and the LTL automaton. And then we can have big graph which is the product construction in which we perform graph techniques and we can have traces that satisfy or violate the task. It might be the case that all traces are unsatisfied. So then we can modify and relax the input specification. Then we have a sealed approach in which one we choose which of the actions we want to be applied to the network. This was the technical presentation of this part. We have some reference here. It's material that we used to create these slides and also it's our personal work that it has been submitted and accepted to both AI, top AI and telecom conferences. So if you have more questions regarding to this idea, feel free to bring us or take a look in these papers that we have published. Now over to Sparrow for the next part which is the formal verification of neural networks. Hi, I will now talk about the need and techniques for testing the robustness of ML models. The large and complex telecom systems are expected to be a mix of classical and AI based software. This could be including ML models for detection, prediction of events and recommendation of corrective actions. However, at the end of the development phase, AI based software is just software and hence must be subjected to rigorous testing and verification. You can see that because of the nature of the AI based models, there are different challenges and hence they need different techniques to be applied. Apart from the standard black box techniques that can be leveraged from classical software engineering, new techniques have been proposed in the lines of adversarial testing, coverage based testing and formal verification. A very readable blog from DeepMind gives an introduction to some of these topics. For adversarial test generation, one tries to break the system by exploring changes to the input that may result in unexpected outputs. The line of research on generative adversarial networks or GANs propounded by Ian Goodfellow and team is the basis of this. On the other hand, one can use derivative free methods to generate and guide inputs in a property driven way to highlight the specifications. While these do not guarantee the absence of bugs, they can give very good statistical guarantees on the goodness of the models. The architecture and development paradigm of neural network models has given way to a number of new coverage definitions. To the extent these definitions are being considered for standardization of any testing. There are a number of tools available to address this coverage based test generation. While testing gives certain quality guarantees for safety critical applications, the ML models must have stronger guarantees of correctness. Formal verification can fill this gap. In formal verification, the ML model and formal specification is input to a model checker, which either outputs yes when the specification holds for all inputs or it outputs no when the specification is violated for certain input. In this case, the culprit input and the corresponding output are produced as counter examples to help in debugging. One can look at formal verification as existing testing, but done very cleverly. One critical input for formal verification is formal specification of desired properties, examples, output range analysis, robustness in general, local and global. Billion combination of arithmetic relational formula over inputs and outputs, etc. Formal verification of neural networks is seeing many different approaches such as MILP based, SAT model theory based and manipulation of geometric region propagations. The main challenges are the scale, the number of neurons and of course the handling of nonlinear activation functions. So the research in formal verification is picking very rapidly. It is evident from the conferences and workshops in this area and also the large number of tools that are already available. For a list of these tools, you can refer to the web pages of VNN COMP, the competition of verification of neural networks. I will now talk about explainability of AI based models, which is essentially essential to build trust in these models that seems to have been materialized magically from data. The trust issue is really critical because of the perfectly valid regions coming from negative examples such as the Tesla accident, but also from the very well known relation between model quality and data bias. Actually, even for machine reasoning models that are symbolic in nature, there is a need for extracting the right and relevant artifacts to explain the decisions of the models and then act accordingly. Maybe that is useful for debugging the models, data or change the specifications, etc. Explanations in explainability in ML is very well known. Tools like LIME, SHARP, LE5, etc. they produce the relative contribution of input features towards the outputs globally or locally, which can serve as an explanation for the outputs. Many natural problems analogous to resource allocation problems can be formulated using SAT SMT constraints and solved using efficient SMT or SAT solvers. One can then ask for various kinds of explanations regarding the solution. The query may be attributive like what is the set of relevant facts and rules that lead to the solution or contrastive questions like what is the solution and why not some other solution, why the object fact is different from the expected one. All this could be cast as analysis of inconsistencies and producing the onset core as the explanation artifact. In knowledge-based reasoning supporting reasoning with inconsistency, one nice formalism is based on argumentation frameworks. In the simplest formulation, it is represented as a graph with arguments as nodes and an attack relation joining some nodes denoting a counterargument. For example, in the graph shown here, the node A stands for the latency SLA or the service level agreement met. This is attacked by predicted violation. That is if the violation is predicted, then latency SLA cannot be met. There are two solutions that can address violation, but one of them D is not approved by the operator. The methods then collect an acceptable set of nodes which show how the final decision or node is supported by the other nodes. Argumentation framework can be used to give a supporting argument for a decision. However, it can also be used to contrast other arguments traversing through the other paths that were overridden or even finding possible changes to the graph to make another decision possible. In many automatic control to set the right configuration to the system to take care of changing environments and conditions of the network, reinforcement learning is emerging as an approach of choice. Because of the complexity of the underlying algorithms and in many cases because of the approximation through the DNNs, stakeholders need explanations to queries such as what does the policy seek to achieve. In which states an action is recommended, why was an action A and not an action B that was recommended in a given state, etc. Depending upon the queries the artifacts produced for explanation may be very different. For example, for attributive queries, some type of summarization techniques are used. Whereas for contrastive queries or unsalvability, one needs to produce the elements that prevent the policy to achieve certain expected level of rewards or to stay within safe boundaries, etc. Explanable RL or XRL is very, very hard to fill now. Looking at the challenges and the possible solutions, the natural question is what are the new challenges to implement the solutions in telecom networks. One must notice two major differences in the classical versus AI ML based software. Classical software development is mostly manual starting from the specifications, but ML models are generated from data or knowledge. Moreover, when online update is allowed, ML models change due to deployment, which is not the case with classical software. Beyond this deployment wise, there is no difference between ML models and classical software. Hence the same life cycle steps that are applied to classical software are also applicable to ML model software, though the techniques will be very different and specific to the models. From the safety and explainability point of view, it is expected that there will be standardization of languages and interfaces so that the deployment customization can be avoided. This can be done using either logical languages, constraints, specification languages or templates and control natural languages with well-defined formal semantics. Since the safety specifications act as constraints and hence additional requirements, it is not unreasonable to provide classes of safety constraints through SLH. Similar consideration can be given to expose different levels of explanations through SLH, which will require extension to the SLH languages. The last point I want to make is that in case of ML models supporting online updates, monitoring mechanisms should be in place to detect or predict violation of intents. Concept drift due to changing distribution of data or changing knowledge may result in different decisions by the models and there may be business rules to curtail the model updates that can lead to unexpected changes to the model itself. These require specifications about the models and about the different steps that can be there in the model life-cycle management process itself. To summarize, we saw the importance of trustworthy AI due to different deployment scenarios, techniques that can address the challenges of safety and explainability and some architectural requirements to implement and integrate these techniques. We have not covered the many other dimensions of trustworthy AI. However, the overall framework should be applicable to address them similarly. Thank you very much for your attention. We can now take the questions.