Amel Bennaceur

Dhaminda B. Abeywickrama, Amel Bennaceur, Greg Chance et al.

As autonomous systems (AS) increasingly become part of our daily lives, ensuring their trustworthiness is crucial. In order to demonstrate the trustworthiness of an AS, we first need to specify what is required for an AS to be considered trustworthy. This roadmap paper identifies key challenges for specifying for trustworthiness in AS, as identified during the "Specifying for Trustworthiness" workshop held as part of the UK Research and Innovation (UKRI) Trustworthy Autonomous Systems (TAS) programme. We look across a range of AS domains with consideration of the resilience, trust, functionality, verifiability, security, and governance and regulation of AS and identify some of the key specification challenges in these domains. We then highlight the intellectual challenges that are involved with specifying for trustworthiness in AS that cut across domains and are exacerbated by the inherent uncertainty involved with the environments in which AS need to operate.

Dmytro Humeniuk, Mohammad Hamdaqa, Houssem Ben Braiek et al.

Extensive simulation-based testing is important for assuring the safety of autonomous driving systems (ADS). However, generating safety-critical traffic scenarios remains challenging because failures often arise from rare, complex interactions with surrounding vehicles. Existing automatic scenario-generation approaches frequently fail to distinguish genuine ADS faults from collisions caused by implausible or invalid adversarial behaviors, and they typically optimize either scenario initialization or agent behavior in isolation. We propose Dynasto, a two-step testing approach that jointly optimizes initial scenario parameters and dynamic adversarial behaviors to uncover realistic safety-critical failures. First, we train an adversarial agent using reinforcement learning (RL) with temporal-logic-based validity criteria and a safe-distance model inspired by ISO 34502 to promote behaviorally plausible failures. Second, a genetic algorithm (GA) searches over initial conditions while replaying the adversary's failure-inducing behaviors to reveal additional failures that the RL agent alone does not uncover. Finally, a graph-based clustering pipeline groups failures into representative modes based on semantic event sequences. Our evaluation experiments in HighwayEnv across two ADS controllers show that Dynasto finds 60%-70% more valid failures than an RL-only adversary under the same evaluation budget. With clustering, we obtain about 12 interpretable failure modes per system under test, revealing valid failures driven by weaknesses in ego-controller behavior. These results indicate that coordinated dynamic-static optimization with explicit validity constraints is effective for exposing safety-relevant failures in ADS testing.

Ali Farahani, Liliana Pasquale, Amel Bennaceur et al.

Software systems are increasingly making decisions on behalf of humans, raising concerns about the fairness of such decisions. Such concerns are usually attributed to flaws in algorithmic design or biased data, but we argue that they are often the result of a lack of explicit specification of fairness requirements. However, such requirements are challenging to elicit, a problem exacerbated by increasingly dynamic environments in which software systems operate, as well as stakeholders' changing needs. Therefore, capturing all fairness requirements during the production of software is challenging, and is insufficient for addressing software changes post deployment. In this paper, we propose adaptive fairness as a means for maintaining the satisfaction of changing fairness requirements. We demonstrate how to combine requirements-driven and resource-driven adaptation in order to address variabilities in both fairness requirements and their associated resources. Using models for fairness requirements, resources, and their relations, we show how the approach can be used to provide systems owners and end-users with capabilities that reflect adaptive fairness behaviours at runtime. We demonstrate our approach using an example drawn from shopping experiences of citizens. We conclude with a discussion of open research challenges in the engineering of adaptive fairness in human-facing software systems.