Hi VerifAI maintainers,
URML (urml.dev) is a small, Apache-2.0 language for describing robot intent: it validates a request statically against a capability manifest and a safety envelope, then dispatches. The envelope is a declared, structured set of safety properties, which is exactly the kind of thing a falsification loop wants as its specification.
Nothing here asks VerifAI to change or maintain anything. This is a request for comment.
The pairing: URML declares the properties and provides a validated system-under-test; VerifAI searches for scenarios (often via Scenic, which I am also reaching) that falsify those properties; a counterexample feeds back as a tightened envelope or a corrected capability. Two real questions. First, is a URML safety-envelope property usable as a VerifAI specification or monitor as-is, or does it need a transformation? Second, what would a URML-governed system need to expose to act as a VerifAI system-under-test, and what should a falsifying counterexample map back to in URML terms (an envelope change, a capability correction)?
Full write-up: https://github.com/URML-MARS/URML/blob/main/docs/rfcs/0367-verifai-outreach.md
Thanks for VerifAI; a usable falsification toolkit for systems with learned components is sorely needed.
Ido Yahalomi (URML, greenvh@gmail.com)
AI-assisted prose, maintainer-reviewed before posting (see VIBE.md). Human-only correspondence available on request.
Hi VerifAI maintainers,
URML (urml.dev) is a small, Apache-2.0 language for describing robot intent: it validates a request statically against a capability manifest and a safety envelope, then dispatches. The envelope is a declared, structured set of safety properties, which is exactly the kind of thing a falsification loop wants as its specification.
Nothing here asks VerifAI to change or maintain anything. This is a request for comment.
The pairing: URML declares the properties and provides a validated system-under-test; VerifAI searches for scenarios (often via Scenic, which I am also reaching) that falsify those properties; a counterexample feeds back as a tightened envelope or a corrected capability. Two real questions. First, is a URML safety-envelope property usable as a VerifAI specification or monitor as-is, or does it need a transformation? Second, what would a URML-governed system need to expose to act as a VerifAI system-under-test, and what should a falsifying counterexample map back to in URML terms (an envelope change, a capability correction)?
Full write-up: https://github.com/URML-MARS/URML/blob/main/docs/rfcs/0367-verifai-outreach.md
Thanks for VerifAI; a usable falsification toolkit for systems with learned components is sorely needed.
Ido Yahalomi (URML, greenvh@gmail.com)
AI-assisted prose, maintainer-reviewed before posting (see VIBE.md). Human-only correspondence available on request.