Can a Bayesian Oracle Prevent Harm from an Agent?
This work addresses safety concerns for AI systems by providing theoretical foundations for probabilistic guardrails, though it is incremental as it builds on existing Bayesian methods and focuses on open problems for practical implementation.
The paper tackles the problem of designing AI systems with probabilistic safety guarantees by deriving context-dependent bounds on the probability of violating safety specifications, which could be used at run-time to reject dangerous actions. It presents results involving cautious hypotheses based on Bayesian posteriors, applied to both i.i.d. and non-i.i.d. cases.
Is there a way to design powerful AI systems based on machine learning methods that would satisfy probabilistic safety guarantees? With the long-term goal of obtaining a probabilistic guarantee that would apply in every context, we consider estimating a context-dependent bound on the probability of violating a given safety specification. Such a risk evaluation would need to be performed at run-time to provide a guardrail against dangerous actions of an AI. Noting that different plausible hypotheses about the world could produce very different outcomes, and because we do not know which one is right, we derive bounds on the safety violation probability predicted under the true but unknown hypothesis. Such bounds could be used to reject potentially dangerous actions. Our main results involve searching for cautious but plausible hypotheses, obtained by a maximization that involves Bayesian posteriors over hypotheses. We consider two forms of this result, in the i.i.d. case and in the non-i.i.d. case, and conclude with open problems towards turning such theoretical results into practical AI guardrails.